a07a11f45e1c41fc434781c75d63a46ef671ddf17433998d49e707f1bf1844ee | Triage

Submit
Reports

Overview

overview

7

Static

static

1

CvSOTN.rar

windows10-2004-x64

7

Arte de jo...4k.txt

windows10-2004-x64

1

Castlevani...ht.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

Target

CvSOTN.rar
Size

390.3MB
Sample

230415-dxwnksed5w
MD5

cdd2a4d54a82cbe9673b3590a4470d67
SHA1

73ef74ece4fcac0077fbd6ec784b5db5c43971cd
SHA256

a07a11f45e1c41fc434781c75d63a46ef671ddf17433998d49e707f1bf1844ee
SHA512

4757abf1da4ebb75d31581f20c971f217cbc8bbfa81bfdfb2070c4a1c29b0fa82710f8528531e993ec8acd48268cde3dce6768d39f7436d51170f1065f0f4f23
SSDEEP

12582912:TX1IMf+8QMXTb7fdZeCkBaSvVvY9mtBLa:Zg2vLdZuakxBO

Score

7^/10

discovery persistence

Static task

static1

Behavioral task

behavioral1

Sample

CvSOTN.rar

Resource

win10v2004-20230220-en

discovery persistence

windows10-2004-x64

17 signatures

600 seconds

Behavioral task

behavioral2

Sample

Arte de jogar em 4k.txt

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

600 seconds

Behavioral task

behavioral3

Sample

Castlevania Symphony Of The Night.exe

Resource

win10v2004-20230220-en

windows10-2004-x64

16 signatures

600 seconds

Malware Config

Targets

- Target
  
  CvSOTN.rar
- Size
  
  390.3MB
- MD5
  
  cdd2a4d54a82cbe9673b3590a4470d67
- SHA1
  
  73ef74ece4fcac0077fbd6ec784b5db5c43971cd
- SHA256
  
  a07a11f45e1c41fc434781c75d63a46ef671ddf17433998d49e707f1bf1844ee
- SHA512
  
  4757abf1da4ebb75d31581f20c971f217cbc8bbfa81bfdfb2070c4a1c29b0fa82710f8528531e993ec8acd48268cde3dce6768d39f7436d51170f1065f0f4f23
- SSDEEP
  
  12582912:TX1IMf+8QMXTb7fdZeCkBaSvVvY9mtBLa:Zg2vLdZuakxBO
Score

7^/10

discovery persistence
- Executes dropped EXE
- Loads dropped DLL
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Legitimate hosting services abused for malware hosting/C2
behavioral1
- Target
  
  Arte de jogar em 4k.txt
- Size
  
  179B
- MD5
  
  14f8028201191d1c0790b55fac4197cc
- SHA1
  
  d795421f7c0c3aa6e4ef752f4c730a1e5d919077
- SHA256
  
  1c4f7733a9e520423ef59897612c57e4f2a128044b65f2e0a9cc57f210597ab2
- SHA512
  
  de00f8713f3a72cfb5a46ee77244adee1bb5430b2ef9c8082e089d16edd32060c0b20a3018010054d460a407b97ab83a4a72838370b95561a40bd62028e61f1a
Score

1^/10
behavioral2
- Target
  
  Castlevania Symphony Of The Night.exe
- Size
  
  390.3MB
- MD5
  
  d045029d9c0d3fcda1838b351437d5fa
- SHA1
  
  6198e10a023ddd898e3c482781b8c6489d5aab6b
- SHA256
  
  bfafa452310b7767fbb6cf4efe546043a1365579f082e341f75a90bf555d36d1
- SHA512
  
  87fbe3bbfd09953121542211b2253414fda1701bb87afb43bf3183c1e90b77c9df1976008941a614cafa8b803d38c6aa7be5527af5671096144c921c8175ede1
- SSDEEP
  
  12582912:DX1IMf+8QMXTb7fdZeCkBaSvVvY9mtBLF:Jg2vLdZuakxBB
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Drops desktop.ini file(s)
behavioral3

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Web Service

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

behavioral3

© 2018-2025

Terms | Privacy