Overview
overview
7Static
static
7The Bindin...ce.rar
windows7-x64
3The Bindin...ce.rar
windows10-2004-x64
3Lua5.3.3f.dll
windows7-x64
3Lua5.3.3f.dll
windows10-2004-x64
3Lua5.3.3r.dll
windows7-x64
3Lua5.3.3r.dll
windows10-2004-x64
3OpenAL32.dll
windows7-x64
1OpenAL32.dll
windows10-2004-x64
1changelog.txt
windows7-x64
1changelog.txt
windows10-2004-x64
1dbghelp.dll
windows7-x64
1dbghelp.dll
windows10-2004-x64
1isaac-ng.exe
windows7-x64
3isaac-ng.exe
windows10-2004-x64
3isaac-ng.exe
windows7-x64
3isaac-ng.exe
windows10-2004-x64
3isaac-ng.exe
windows7-x64
5isaac-ng.exe
windows10-2004-x64
6libogg.dll
windows7-x64
1libogg.dll
windows10-2004-x64
3libtheora.dll
windows7-x64
3libtheora.dll
windows10-2004-x64
3libtheoraplayer.dll
windows7-x64
3libtheoraplayer.dll
windows10-2004-x64
3libvorbis.dll
windows7-x64
3libvorbis.dll
windows10-2004-x64
3lua51.dll
windows7-x64
3lua51.dll
windows10-2004-x64
3msvcp100.dll
windows7-x64
3msvcp100.dll
windows10-2004-x64
3msvcp110.dll
windows7-x64
3msvcp110.dll
windows10-2004-x64
3Analysis
-
max time kernel
132s -
max time network
32s -
platform
windows7_x64 -
resource
win7-20230220-en -
resource tags
arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system -
submitted
15/03/2023, 19:24
Static task
static1
Behavioral task
behavioral1
Sample
The Binding of Isaac Rebirth Repentance.rar
Resource
win7-20230220-en
windows7-x64
Behavioral task
behavioral2
Sample
The Binding of Isaac Rebirth Repentance.rar
Resource
win10v2004-20230221-en
windows10-2004-x64
Behavioral task
behavioral3
Sample
Lua5.3.3f.dll
Resource
win7-20230220-en
windows7-x64
Behavioral task
behavioral4
Sample
Lua5.3.3f.dll
Resource
win10v2004-20230220-en
windows10-2004-x64
Behavioral task
behavioral5
Sample
Lua5.3.3r.dll
Resource
win7-20230220-en
windows7-x64
Behavioral task
behavioral6
Sample
Lua5.3.3r.dll
Resource
win10v2004-20230220-en
windows10-2004-x64
Behavioral task
behavioral7
Sample
OpenAL32.dll
Resource
win7-20230220-en
windows7-x64
Behavioral task
behavioral8
Sample
OpenAL32.dll
Resource
win10v2004-20230221-en
windows10-2004-x64
Behavioral task
behavioral9
Sample
changelog.txt
Resource
win7-20230220-en
windows7-x64
Behavioral task
behavioral10
Sample
changelog.txt
Resource
win10v2004-20230220-en
windows10-2004-x64
Behavioral task
behavioral11
Sample
dbghelp.dll
Resource
win7-20230220-en
windows7-x64
Behavioral task
behavioral12
Sample
dbghelp.dll
Resource
win10v2004-20230220-en
windows10-2004-x64
Behavioral task
behavioral13
Sample
isaac-ng.exe
Resource
win7-20230220-en
windows7-x64
Behavioral task
behavioral14
Sample
isaac-ng.exe
Resource
win10v2004-20230221-en
windows10-2004-x64
Behavioral task
behavioral15
Sample
isaac-ng.exe
Resource
win7-20230220-en
windows7-x64
Behavioral task
behavioral16
Sample
isaac-ng.exe
Resource
win10v2004-20230220-en
windows10-2004-x64
Behavioral task
behavioral17
Sample
isaac-ng.exe
Resource
win7-20230220-en
windows7-x64
Behavioral task
behavioral18
Sample
isaac-ng.exe
Resource
win10v2004-20230220-en
windows10-2004-x64
Behavioral task
behavioral19
Sample
libogg.dll
Resource
win7-20230220-en
windows7-x64
Behavioral task
behavioral20
Sample
libogg.dll
Resource
win10v2004-20230221-en
windows10-2004-x64
Behavioral task
behavioral21
Sample
libtheora.dll
Resource
win7-20230220-en
windows7-x64
Behavioral task
behavioral22
Sample
libtheora.dll
Resource
win10v2004-20230220-en
windows10-2004-x64
Behavioral task
behavioral23
Sample
libtheoraplayer.dll
Resource
win7-20230220-en
windows7-x64
Behavioral task
behavioral24
Sample
libtheoraplayer.dll
Resource
win10v2004-20230220-en
windows10-2004-x64
Behavioral task
behavioral25
Sample
libvorbis.dll
Resource
win7-20230220-en
windows7-x64
Behavioral task
behavioral26
Sample
libvorbis.dll
Resource
win10v2004-20230220-en
windows10-2004-x64
Behavioral task
behavioral27
Sample
lua51.dll
Resource
win7-20230220-en
windows7-x64
Behavioral task
behavioral28
Sample
lua51.dll
Resource
win10v2004-20230220-en
windows10-2004-x64
Behavioral task
behavioral29
Sample
msvcp100.dll
Resource
win7-20230220-en
windows7-x64
Behavioral task
behavioral30
Sample
msvcp100.dll
Resource
win10v2004-20230220-en
windows10-2004-x64
Behavioral task
behavioral31
Sample
msvcp110.dll
Resource
win7-20230220-en
windows7-x64
Behavioral task
behavioral32
Sample
msvcp110.dll
Resource
win10v2004-20230220-en
windows10-2004-x64
General
-
Target
isaac-ng.exe
-
Size
8.0MB
-
MD5
781b305af619c0d8dcbf47059fe4c749
-
SHA1
50bfe1dc8bd014e4dcec54a547e66c2b11dbb012
-
SHA256
ee4a8a5a2b13c1055f243b6bd7a83a35a5c14bf435ab52ed9bc394fcd6071f00
-
SHA512
3629c15121f3393f0833c5f39930a14c85ce438ce5800704bff728a92967dabd7872055e29844e418eb8e39f301f74824ace1d04cc7430cb498d067760016231
-
SSDEEP
196608:538+wXywskisiJhG2hJZf9ezzI14BM4weIzR5UOyZQj:a+wCwFr2hJZf9OI1CM4weIzR5OE
Malware Config
Signatures
-
Program crash 1 IoCs
pid pid_target Process procid_target 1148 1984 WerFault.exe 27 -
Suspicious behavior: EnumeratesProcesses 8 IoCs
pid Process 1984 isaac-ng.exe 1984 isaac-ng.exe 1984 isaac-ng.exe 1984 isaac-ng.exe 1984 isaac-ng.exe 1984 isaac-ng.exe 1984 isaac-ng.exe 1984 isaac-ng.exe -
Suspicious use of WriteProcessMemory 4 IoCs
description pid Process procid_target PID 1984 wrote to memory of 1148 1984 isaac-ng.exe 28 PID 1984 wrote to memory of 1148 1984 isaac-ng.exe 28 PID 1984 wrote to memory of 1148 1984 isaac-ng.exe 28 PID 1984 wrote to memory of 1148 1984 isaac-ng.exe 28