Overview

overview

6

Static

static

saints4tr2...13.exe

windows7-x64

5

saints4tr2...13.exe

windows10-2004-x64

6

saints4tr2...��.url

windows7-x64

1

saints4tr2...��.url

windows10-2004-x64

1

黑道圣�...��.url

windows7-x64

1

黑道圣�...��.url

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    159bd024c6c5e2ed3e9f7a8d0ff5b983742fc5e9707edc44baee99555c00faf8

  • Size

    2.1MB

  • Sample

    221125-x29ksahf76

  • MD5

    03d4cbc78aa816bbbd33cb1458d6ac5c

  • SHA1

    21dceebefd5b30f868dc6c12d2904ed5ef626ffd

  • SHA256

    159bd024c6c5e2ed3e9f7a8d0ff5b983742fc5e9707edc44baee99555c00faf8

  • SHA512

    68a614c2d8c69c4c16f7890e409e1a7521656a2acdf85422a3dc2c658a4729560b58f93f41ddd202759690a7e83fc1031b1668f60e729311c87c321d859f9118

  • SSDEEP

    49152:/KwXuKQ8rnRvjBT8zOULkN3D5K5L/57PaAp3Ru0APTN:dXuKQmnNBIzGd5K/71k0S

Score
6/10
discovery

Malware Config

Targets

    • Target

      saints4tr20/SaintsRIV+20Tr-LNG_UD-30_Aug_2013.exe

    • Size

      2.2MB

    • MD5

      dbe0dc406dd8c98265f9bb6c94e35611

    • SHA1

      c7915c861737c3ede574e99b01e976db6b927a2f

    • SHA256

      bb51ecbd53085321f69b24b999a9642bfde09dfc88ca214fc5d40eb0d97dce78

    • SHA512

      b6833f724ed1971a2b501ef5ebfc89fbbd393601c05f60b20cba16fa0eb1f9191468258a4da5cd70baaa76c0102dd2568c86f614532f235eb988917ef9c47251

    • SSDEEP

      49152:J/wvYtTSlvSH3S26xGSWdUiUw7MUiJJfnmU/S2UFXd++861JAem:JIKSc3SjxGc9w6nT/UFXUgZm

    Score
    6/10
    discovery

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

    • Target

      saints4tr20/.url

    • Size

      295B

    • MD5

      856871faecfb617a3794e46803e97c86

    • SHA1

      a2800abf6787c46983cd2ec70cc1512df5a2de20

    • SHA256

      7533b183706e09234e11098a18b02e309090a493a837dc34a7c2a79213622c7d

    • SHA512

      8647d6fcc0f96cadcd13f744be90fed0cd3ee6cdc7ebffd3100d23cacf21b998d89081455d6ade8940d85e442a66f88ca6e976539853063ceb192202455afab9

    Score
    1/10
    behavioral3behavioral4

    • Target

      黑道圣徒4修改器+20下载v1.03_ 西西软件下载.url

    • Size

      341B

    • MD5

      8cff8e1a1970a53644185d5eca8a62d6

    • SHA1

      4a80be242335b32f8c94335458a863ff328ffab7

    • SHA256

      031039471ae8c6928104033d8a2d0e7e3a5d9326e1a593d9a960f7b1d27a832a

    • SHA512

      07d6d759c5816f40da2382e3201316ce623705979c0e8033091c5bd51eab17e64df5caa559dc5f347d3de2c40f04b66edcefcfe0f81c29141f4dde65dd615ec2

    Score
    1/10
    behavioral5behavioral6

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks