Overview

overview

7

Static

static

1

Papers Ple...up.exe

windows7-x64

7

Papers Ple...up.exe

windows10-2004-x64

7

Papers Ple...up.exe

windows7-x64

7

Papers Ple...up.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Papers Please De SmoggyBox7636.rar

  • Size

    21.5MB

  • Sample

    230319-c6ynvsgf4z

  • MD5

    f9c9eeb46b08371fbc2346b1e8c752e2

  • SHA1

    813ae53e3d7c8a09cabeceb1cc47b924f0312e94

  • SHA256

    b072cd5dfe9bcdb08250fac0647e5040ca03ebfde85bc0083c7766d1cf9930c5

  • SHA512

    501f507e49f9cbb92e0784e3880f69d4838fe598469b0db78a4f539a220f1af1eb748a042e671ed4cf562decc9ee734ac99c5526f4de208e0242e54c0cf946d9

  • SSDEEP

    393216:vWuB6xTHifx/ANeyqzu3ujBBsCX7BVicZ2841wY3qmgiISCeHo:+uB6BHifx/AQzwujBBdXzJKqmgRveHo

Score
7/10
persistence

Malware Config

Targets

    • Target

      Papers Please De SmoggyBox7636/Papers Please -Survarium100/redist/dx_setup.exe

    • Size

      281KB

    • MD5

      fd6057b33e15a553ddc5d9873723ce8f

    • SHA1

      f90efb623b5abea70af63c470daa8674444fb1df

    • SHA256

      111aeddc6a6dbf64b28cb565aa12af9ee3cc0a56ce31e4da0068cf6b474c3288

    • SHA512

      d894630c9a4bdb767e9f16d1b701acbdf011e721768ba0dc7a24e6d82a4d062a7ca253b1b334edba38c06187104351203a92c017838bdd9f13905cde30f7d94d

    • SSDEEP

      6144:pWK8EGMUjp5cGQ3Mek1B3B9h8Ins3i8AEYBSawz1YSc:JGvjp5cj35kDB9hrs3zARBSaJSc

    Score
    7/10
    persistence

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

    • Target

      Papers Please De SmoggyBox7636/Papers Please -Survarium100/setup.exe

    • Size

      828KB

    • MD5

      051be444bb912b68b005a03d165e5328

    • SHA1

      17d41f81d8bea23d43aab6830b852dd441a8e0ce

    • SHA256

      6148ded4c2efae5064b48b331fbc4684421afeeb89bce849ebeace952c46572b

    • SHA512

      d78a268e6e2db9b8c9d394dac1072bd001064e8c301a750fedf1a2e17df23bd4f1431de92c39e50e31dcd9bb0e1eba637d6b89d61ab7e68861767c43c91016c3

    • SSDEEP

      12288:sjxolfRJjrQ94OQ/Z2/QPy22ScjY6YCnJUsQOA0q6HRHazuaWtQLH5/yl:sjKVbr44tRXa22SEY6YCqHOEVJp8

    Score
    7/10

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral3behavioral4

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks