Overview

overview

10

Static

static

10

LoveSoul_v...rt.exe

windows7-x64

1

LoveSoul_v...rt.exe

windows10-2004-x64

1

LoveSoul_v...ul.exe

windows7-x64

8

LoveSoul_v...ul.exe

windows10-2004-x64

8

LoveSoul_v...de.dll

windows7-x64

1

LoveSoul_v...de.dll

windows10-2004-x64

1

�...�.html

windows7-x64

1

�...�.html

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f44f151106adaef5cc36e23185535c69fe959900b003d698c3444ffe13d75e7d

  • Size

    3.4MB

  • Sample

    221127-et3hdshc64

  • MD5

    89c1666b3792691d15e2fa4bf9594710

  • SHA1

    f52c5e7365313c2a30b443126aefabd2acfc1eb5

  • SHA256

    f44f151106adaef5cc36e23185535c69fe959900b003d698c3444ffe13d75e7d

  • SHA512

    5b25ef142907b8245e16b53aa51aa9a42e0e988cda2b1f9d0740775f8885d6159da1043f2526932f17dcb403e11a22f7c4f5132a66b0aa2a92d5630cf458b4c5

  • SSDEEP

    98304:naODEaHRNdn1YYp4fCJMjmKd7ac0sSg3xBMe:aOD3vdn+wwjNacH3xBMe

Score
10/10
blackmoonvmprotect

Malware Config

Targets

    • Target

      LoveSoul_ver.0.9.7.0/LoveSoul/BugReport.exe

    • Size

      728KB

    • MD5

      7400a1f96abadef68f842ed6106aa3a1

    • SHA1

      bb1a9fea8846b29d109223385c489749c97092e8

    • SHA256

      5c3c59258145700b3ad8c714b01b1252ae1d19af31fe674ac7a5d02993c685d1

    • SHA512

      5167fe3fc9fc9f7423bb169376e496ee2c393898f5ac75b2a1f8f5ce533432fe8e5f02b1e0752a617be3896b7fd8c3c7a2ebbcb188c4cb7507aa1dbde1b0ca2e

    • SSDEEP

      6144:+HMd9Iq7bP9jbd++S5cbQTPgzFBKbuCvjM/uUsJJmkmWwS3oV0ZBednhicyuKm6R:JZjbAgzeEYKyuV8yX+bbtME3uQT01

    Score
    1/10
    behavioral1behavioral2

    • Target

      LoveSoul_ver.0.9.7.0/LoveSoul/LoveSoul.exe

    • Size

      3.3MB

    • MD5

      12a09c84502ef66c4320bb837657f885

    • SHA1

      36f54c7d8db6552b6f1a81e4daf7314fabeac653

    • SHA256

      29e12d29bdf0a3b21e4edafa5af88b32ce8f68ee77ff73a5d06f6ed2ee5a0d03

    • SHA512

      355ade6831fd5718a6957b84c9baf59770e0c97824a734488a0d49715759da7d4d021b3725a99cc764526a00bba6678efdebadf05530d5f1552dcf00a150757a

    • SSDEEP

      98304:KTD8BPwep1xNe+r8PIGWX2nDH2Ccgugw9mS:VPDjxNVXmDzJw95

    Score
    8/10
    vmprotect

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

      vmprotect

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral3behavioral4

    • Target

      LoveSoul_ver.0.9.7.0/LoveSoul/Vcode.dll

    • Size

      244KB

    • MD5

      7f37f4a396683fcff0c6976bb63f372e

    • SHA1

      2714c65bba69edb01d63cd5d43519e662158a7b0

    • SHA256

      ed47531f08236a607c2190529b6477ad8494e6de39f6763a6c1c73d347e31b73

    • SHA512

      f02ff36e384d9f6b189fb173b156aeb9e3ae4d0f33136ababc81d6f32d7ebb656dbf5481befb7ce0679775c37d2891235151049265d588031eb15212a813814e

    • SSDEEP

      3072:Ko+YSKv4FMrrslIuP58z63y71yX8N5GPQUZE4BPMzN3hYlIuxU/l9yxFNfCp7pfz:KlkElLYdyxF65ytb

    Score
    1/10
    behavioral5behavioral6

    • Target

      ֮˵.html

    • Size

      3KB

    • MD5

      4d6ddc350cbcec59158fda3b97742608

    • SHA1

      d1004bf94f15d63b1f27d3a39083dabbebb2ad3f

    • SHA256

      b65ff09d6978ab78ca5574ac6c80f60f032cb9ff4aab59cee7bff0a9b036abbc

    • SHA512

      75ee04309102a3ecc2e8c1db24e77af8e882f9d301df14f4b6e834226958acfab536342a8c9e27dd4d70b27ad12302aa03e0a884ba8a4cfb0649a69058943418

    Score
    1/10
    behavioral7behavioral8

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks