437c8032e578d678d10379c25af38953c41821103fb2d7d25f6a229fdd2bec10

Target

Minecraft 64 Bits.rar
Size

2.7MB
Sample

230213-3l6rvahb62
MD5

c774c6824be0088a82cd33dfc1dfe603
SHA1

a052de1f4cabacf8de404e0c04af94c15061f536
SHA256

437c8032e578d678d10379c25af38953c41821103fb2d7d25f6a229fdd2bec10
SHA512

deb670f3bbe508add87f6485d8d2bf3944fd97dc40c5be704cbed61dc1770942091f87c917f415ab097f0130842e266b3f5cbb27ce7c65085b4ec701894e95ad
SSDEEP

49152:+i1hojgguX5w5QEP36lfrGMChjzpMerUFIFsko7VKZ25:+i17guAHP37dskaQw

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  Borrador/EULA.rtf
- Size
  
  14KB
- MD5
  
  ac34393940ce72d93f01d0cd111c2177
- SHA1
  
  113b075e7d2a2efa5b44b79dfae2375ab96b07ab
- SHA256
  
  9ca16423805ea56466d1e639d179ca9ec8fa0acc582664315c2382df8f88b632
- SHA512
  
  1b251b6c9f638aa1a7dfc6f972d5ffad6b71dd43e35a5c43f66ec8711d62900964b7fd49b3d65e791be44c8a2b372fae0c9d74198dab34e3f1a2f8078ccf0855
- SSDEEP
  
  192:/Io3FU35/lDg6GypcfpBzfAIYZesDZb3ahlI3VhZ2Rs:/Io3FU35tUUIA9b2IFhQs
Score

4^/10
behavioral1 behavioral2
- Target
  
  Borrador/IObitUnlocker.dll
- Size
  
  71KB
- MD5
  
  6dc47f0038dd44de1c3a854949572774
- SHA1
  
  a5b74648a3944ac1781c89d3f549715e31eb5c85
- SHA256
  
  9e93fbb7955710e50a1ef4a222253a349927a543b105bfe26d4803ddc54060a9
- SHA512
  
  52caeb12ff1a57362e0c80f22221311df453eaeec6ba4e39b67942ad0ae6f8fc39b17bfe951f04c3d1d0a6b455bf91e9b1c2df5ad284bf6c2c8b0dd671c37d96
- SSDEEP
  
  1536:0gr2Lr071OUKFOk12oilFHyKyXMuJwIzD:0grviGoiiKycuew
Score

1^/10
behavioral3 behavioral4
- Target
  
  Borrador/IObitUnlocker.exe
- Size
  
  2.3MB
- MD5
  
  ca7d229c1a8087836d2365fd736a09ed
- SHA1
  
  7b502e68692c108854a033eca371defcb9a64328
- SHA256
  
  d2b8c197c1ff337cc692c3f11e3cf8e263612212b8dac9c104a220ae7ce0c325
- SHA512
  
  8dc81e51a50035740cc529f45844d80f2f998bd6e862c3d0192a7a7a591d9d8c26d6c9674a6e0e99c76dc57174a0791b57e32a0a2b9014a5ecb83b012679bc96
- SSDEEP
  
  24576:5S/WgTT/eC4PwRXrAREEkyuCmLMAefac2mhPiT8b2DeXYJAmzQDFQEkXAFxZSD1j:QTT/eC2wpBBseA/FsZDW8nTeCPGXOy+
Score

6^/10

persistence
- Adds Run key to start application
  persistence
behavioral5 behavioral6
- Target
  
  Borrador/IObitUnlocker.sys
- Size
  
  35KB
- MD5
  
  d7b749051da5fb4604f4141f19c47660
- SHA1
  
  288daefd1ce65fb01011dc8a64491111207d3965
- SHA256
  
  2b33df9aff7cb99a782b252e8eb65ca49874a112986a1c49cd9971210597a8ae
- SHA512
  
  1d0ac1854eb6f2a5d2d90424bc5b9dd989ad61a2f3e87d6e9ca97a7f5f7c0d38b387cfd3e16b14992ea263b5d4194b0d38b8b8a6f5b1d0829a6932fde127c193
- SSDEEP
  
  768:eWspdre2ANTcdAbIheysJAzCbACWUKpS5eX3k5Jj:P2OICJJ/gS5eHkb
Score

1^/10
behavioral7 behavioral8
- Target
  
  Borrador/help/help.html
- Size
  
  3KB
- MD5
  
  dac512aaf0cb1da2f7158c615afffcc3
- SHA1
  
  d3d809f9b1632dfd12612e3de24c5e31bc890bba
- SHA256
  
  1d793560ca1741aec1d971d6a22ecff3f0b95dcafc94de9c2204d3fdadffe18e
- SHA512
  
  ca5ff988e9f13b2d8446383013cec9a5e2e945418f56da0dd7da42203087af03a1d7aae1837dcbd2829340818bd63ea11cdd8c2ed1f0a745af3820837aa96d7e
Score

1^/10
behavioral10 behavioral9
- Target
  
  Borrador/unins000.exe
- Size
  
  1.1MB
- MD5
  
  b21ac22720c79247a22f73ab5fe724ad
- SHA1
  
  f4b816ad1b0761cee8b5e502a49452b7193e338e
- SHA256
  
  2058ef47dd3430dab1e9af1ec7d4cbdc5f11e230c6f1dba1544eccb7ce447a86
- SHA512
  
  3ca6182bc4ebcde4ef64c921a368e6ede29c55aad600fff3e6d4516f82045ef9a6cd8f294276cc6c7ad8f28d5fbbf562a710bd1e6375a4cc4e367e0a92b7377b
- SSDEEP
  
  24576:4YwCLCUplZhgjXj8YcgoniqO3CBiO0jmS+Elzcy8ZNwNx9Nu:DGUhni7eSRzcZCK
Score

7^/10
- Executes dropped EXE
- Loads dropped DLL
behavioral11 behavioral12
- Target
  
  Minecraft 64 Bits/SysWOW64/Windows.ApplicationModel.Store.dll
- Size
  
  1.6MB
- MD5
  
  84b61da6030dbf811207951f69aa7263
- SHA1
  
  92f46f5e11d1635ad48fee5c3d1b1632fcb5f549
- SHA256
  
  ceae86e550dc1daa1b364be1ac195dd5dd9eaea8bfdf1875a4ae832c3e1a42a2
- SHA512
  
  50f54d90877e205ab96c0c2d81cee7a475dd03b0e9b3d6c5f2092170379d7d363b39b63c577e71d7b83216de11d60fe87673f5b9681804f1ed4dd29ea558b6d8
- SSDEEP
  
  24576:sVwwz/RBXZc0pFoj2JhzeOwbwHXvZ9kOvSTqWXXMhVf87JLZBCzdF:sVwwLLpFHwBbwHfZNAMhY07
Score

1^/10
behavioral13 behavioral14
- Target
  
  Minecraft 64 Bits/System32/Windows.ApplicationModel.Store.dll
- Size
  
  2.2MB
- MD5
  
  86f54a87a6260befbd8372fdd150b127
- SHA1
  
  8e92ff0b8ff2d1b0c2fbe59bcbb1705febadcbfd
- SHA256
  
  c1469dea551c95d2c68eb42ceb37f020cb5b75d777e7083f24bf2e54ae2e4f55
- SHA512
  
  101756ef73eb4d8cd85d3151fa20dfceed4773039bd1951bf685b913ea7fa0c36df992a98f6d12197befe7bfe2a57cd4115e76251190a33e84da62b9322d3cc1
- SSDEEP
  
  49152:Tl6ZnGC0xHw4Oan2YLqybPLLgv22SckY03ZXB6md1OI6EmT199zGl33Rq:Tl00kjGq
Score

1^/10
behavioral15 behavioral16

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

T1060

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Resubmissions

Sharing

General

Malware Config

Targets

Adds Run key to start application

Executes dropped EXE

Loads dropped DLL

MITRE ATT&CK Enterprise v6

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16