Overview

overview

7

Static

static

7

Changed.v0...21.rar

windows7-x64

3

Changed.v0...21.rar

windows10-2004-x64

3

Changed Sp...er.ini

windows7-x64

1

Changed Sp...er.ini

windows10-2004-x64

1

Changed Sp...ve.txt

windows7-x64

1

Changed Sp...ve.txt

windows10-2004-x64

1

Changed Sp...me.txt

windows7-x64

1

Changed Sp...me.txt

windows10-2004-x64

1

Changed Sp...ge.txt

windows7-x64

1

Changed Sp...ge.txt

windows10-2004-x64

1

Changed Sp...rt.txt

windows7-x64

1

Changed Sp...rt.txt

windows10-2004-x64

1

Changed Sp...id.txt

windows7-x64

1

Changed Sp...id.txt

windows10-2004-x64

1

Changed Sp...id.txt

windows7-x64

1

Changed Sp...id.txt

windows10-2004-x64

1

Changed Sp.../1.wav

windows7-x64

1

Changed Sp.../1.wav

windows10-2004-x64

6

Changed Sp...10.wav

windows7-x64

1

Changed Sp...10.wav

windows10-2004-x64

6

Changed Sp...11.wav

windows7-x64

1

Changed Sp...11.wav

windows10-2004-x64

6

Changed Sp...12.wav

windows7-x64

1

Changed Sp...12.wav

windows10-2004-x64

6

Changed Sp...13.wav

windows7-x64

1

Changed Sp...13.wav

windows10-2004-x64

6

Changed Sp...14.wav

windows7-x64

1

Changed Sp...14.wav

windows10-2004-x64

6

Changed Sp...15.wav

windows7-x64

1

Changed Sp...15.wav

windows10-2004-x64

6

Changed Sp...16.wav

windows7-x64

1

Changed Sp...16.wav

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Changed.v01.02.2021.rar

  • Size

    183.4MB

  • Sample

    230610-tlqwysga4w

  • MD5

    e4f3b9283f8972f8a8dbd4b06fd93445

  • SHA1

    ce30ee0e22061e79b6f7c3cba3636b6cc01e1cf3

  • SHA256

    3974aa507fed5303b0632c268cdb9ea82de4ca7ab4ab7184e361d58ebb912b4b

  • SHA512

    d316eee0fc355592e29facaba90d76963cb878e4179fa11aa8a30cbd75729764f4769b81abb078e65a3f041be125a7f06899d0773eeb596fbf158b090b0b7474

  • SSDEEP

    3145728:Phu1AIimzcbYxMKeFeJJPs7LJ+oQCOO1qf67cmKE19IiEz7bYmxM18FKEUKu5S:Zu1APrVefsHJ+5Df67cXE19PBfEK1KkS

Score
7/10
aspackv2

Malware Config

Targets

    • Target

      Changed.v01.02.2021.rar

    • Size

      183.4MB

    • MD5

      e4f3b9283f8972f8a8dbd4b06fd93445

    • SHA1

      ce30ee0e22061e79b6f7c3cba3636b6cc01e1cf3

    • SHA256

      3974aa507fed5303b0632c268cdb9ea82de4ca7ab4ab7184e361d58ebb912b4b

    • SHA512

      d316eee0fc355592e29facaba90d76963cb878e4179fa11aa8a30cbd75729764f4769b81abb078e65a3f041be125a7f06899d0773eeb596fbf158b090b0b7474

    • SSDEEP

      3145728:Phu1AIimzcbYxMKeFeJJPs7LJ+oQCOO1qf67cmKE19IiEz7bYmxM18FKEUKu5S:Zu1APrVefsHJ+5Df67cXE19PBfEK1KkS

    Score
    3/10
    behavioral1behavioral2

    • Target

      Changed Special/coldclientloader.ini

    • Size

      182B

    • MD5

      4b68c38ca9df1678fd3ff4af404be8e9

    • SHA1

      fc9d0c7ae6fa1b9ac8513f2a410e16332e6f1ad2

    • SHA256

      a1d43006091749f87c7981544672d2993e7c33057e0971b75f4782841e8c68ef

    • SHA512

      787abdc199437fefba40adab9808cab7ee5661d918749fe6838722dba0fd4e54b4467e6effdd68f7ed2fc7aa836b4783e7159c44bfb326bb3ea0711d7b59167c

    Score
    1/10
    behavioral3behavioral4

    • Target

      Changed Special/local_save.txt

    • Size

      14B

    • MD5

      b77b14e96c1ac9bf667c0ba3f2fafba2

    • SHA1

      a1e2a849ac90e6f2db6d3dee5e71273f1784bc7a

    • SHA256

      f9b90c494b4680361fb937a3d7cf2c7712b69637d81885f90bffd28825ff1ad2

    • SHA512

      e7f896ec25a4baaa5a7d2be1e960d0c248c45da3b8ea33a72aafaec7c85703e3066e74df032a9e536e169f0e990996dda9870008a013e20efe2f387a039aff17

    Score
    1/10
    behavioral5behavioral6

    • Target

      Changed Special/steam_settings/settings/account_name.txt

    • Size

      7B

    • MD5

      fc964faa4f01f73989ff4f4a649ed7be

    • SHA1

      51531e3fd6124847b09e429234b5fba892012656

    • SHA256

      e929eb14dda6dc481466fec08eda49836c0982a939b7e44a2fc5665013c5627a

    • SHA512

      6fbfa9af4c88cb0a97f781cf8314fcb2719a28b6f3eee251cda3f9f25a5f6d67879390f61eb98063a58dcbf1b7f773759ff4ecc9150716a033622da2add56b45

    Score
    1/10
    behavioral7behavioral8

    • Target

      Changed Special/steam_settings/settings/language.txt

    • Size

      7B

    • MD5

      ba0a6ddd94c73698a3658f92ac222f8a

    • SHA1

      1b669334dae8ebafa433f0175b5fd418a7bc0975

    • SHA256

      b6234d2ea0d6022be63db80d7b80e221097fe4a469dc44febcd2a9241effdeba

    • SHA512

      0882b702e0f4c1db1701789796ab1d12d72627811b67299bf36b9b25c29465cc24e72483d171c435368dc9f777837d2bd45ccff293de2207d32ba58a6ac01023

    Score
    1/10
    behavioral10behavioral9

    • Target

      Changed Special/steam_settings/settings/listen_port.txt

    • Size

      5B

    • MD5

      76bf79e9a0a4c128d97dbd6900773f4b

    • SHA1

      8abb38a924d5bf8a1ee12fe96aa2d2be942704d6

    • SHA256

      45095e3e3f29ea73ffab2e23158b7cd2afa6532004b5a9b6f06d4e5e068a89aa

    • SHA512

      8cd54c07d87c41103d963eb7dfd2642b07bb67ceb731b477fc9cd9b736ab03833dc2e2d0b2eb399002d76d405a20d5816d19d77ef760d7dac0c1a67d80662535

    Score
    1/10
    behavioral11behavioral12

    • Target

      Changed Special/steam_settings/settings/user_steam_id.txt

    • Size

      17B

    • MD5

      1aed0d76e4d2f9ccdbd5b0900654168f

    • SHA1

      31c3a6857d9fef8872d72e4662f717ee5d0ec13d

    • SHA256

      f5c07e54268e2cf2781f733853be6dd364a4dbaea4b2f0b79ff0d68a5f272d0d

    • SHA512

      60ea13324f5f5ee9e480beb2970ada528092b464dedb776152afe5b437a881d0e1247e9a2fe556bfae3877dda360089ade8bf920f9c152706d87f04a1d4f932e

    Score
    1/10
    behavioral13behavioral14

    • Target

      Changed Special/steam_settings/steam_appid.txt

    • Size

      7B

    • MD5

      0cffcea1c02329d8b55ee0c0ec118765

    • SHA1

      c0ba32e42145130712c53283170f62bb914611ac

    • SHA256

      9b6afb085e366178fe9c973795b04563dcb18b2c9fdfd913ea348a76c1c26f3b

    • SHA512

      bee14ed043bd9ed1bb015b2c1c6635311013112e97cbfdb43eed1929693d14aaeea7b48c8f8ac23ad9af41ceda591888f2db114b4200717b3a2b71eb88677354

    Score
    1/10
    behavioral15behavioral16

    • Target

      Changed Special/steamapps/common/Changed Special/Audio/BGM/1.wav

    • Size

      2.5MB

    • MD5

      1761a55c720c5ddeb03b1fc7efb37e43

    • SHA1

      53a43ec146302ebe8ee973519a06876a7723caa1

    • SHA256

      0b7aafade0f27cb0490ecf3213c13c51cdc440a8d925e6db82a99c65235576a7

    • SHA512

      0d8dc2e091c84cd3f151dd17382d83b73dd941d70944486e4c657aa40d002444747a06ff579f0be62ca1a1b0e9c970456da450233fa434b6f65bff73960b0ea4

    • SSDEEP

      49152:7Fb3RQyX1jQ8vQFNoQjkx+MPsAt+PjsgAT+r9QJhkoEq8TkgiJwSrKfHIm1brmtQ:J3RQc1jQRFrgx+Ks6ojhM+r9Q7Eq8TkF

    Score
    6/10

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral17behavioral18

    • Target

      Changed Special/steamapps/common/Changed Special/Audio/BGM/10.wav

    • Size

      2.7MB

    • MD5

      f1f7bcb38ffb876aa3d5f9f497998e73

    • SHA1

      ef093de97e5a526ae1b5b82a034ba27152b6c5bb

    • SHA256

      27c2db8e88100c68742d42c8402b74990256121add7f88d047623d687c67df56

    • SHA512

      7bf851c4fa5b8ea207a7b49750ad7cf57cfadcde1ba497b671619e570dae6e39fe7d3c5026cd4aeea91f84d4c6c531063138f19a9bb8e1b747d62a64b9cce426

    • SSDEEP

      49152:WhbWE+BY5K3M+ZOhYsu3diiYt1Wepl10uuUzff1u8zlTB5Jon:WhWE+BsSfsug1rpruaw8pvm

    Score
    6/10

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral19behavioral20

    • Target

      Changed Special/steamapps/common/Changed Special/Audio/BGM/11.wav

    • Size

      2.7MB

    • MD5

      1e20e5cb1b3d3bfd5939159dd53a53d7

    • SHA1

      43021ca542dee2f88116033989a6ba5e5c842bda

    • SHA256

      5fa7a87d00c3784abb9a43c2e097ab9b379b4e881ece992ac41c22b1b4b5b9b1

    • SHA512

      dea5d77e44f53d7edf143e6eab57b83c08a6ca96a5d69fa6d5deff53d10ef3546c5f7d565e705f99d2db73d4f027f8919f377849c4ad63cf7d95bdbc563e8eac

    • SSDEEP

      49152:bee9LVEUxT3iLP76gcaFVD9BOcRNLBTk7QPPWA6HvZ7bPgly+JNmb6z4+NjxeQU3:6gCgTiugTz54GNLOAgPgDoF3

    Score
    6/10

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral21behavioral22

    • Target

      Changed Special/steamapps/common/Changed Special/Audio/BGM/12.wav

    • Size

      3.8MB

    • MD5

      88dcefb7b311283841e8ff9ce8cdc8c9

    • SHA1

      658f9fd85b6de409f88af8a6837d2d2fee39097e

    • SHA256

      001cf450c4e35f0a4302f6b59af947993aa0894e90bdfe8939314f8361049ac3

    • SHA512

      cb3a5ff39b9afe1d75adae04f25ab543521d9e6b9f0abae9f4962d32bc07ff73228c12612cfef6259b6065298a8216f7cd962d9bcceff2687170ec23b1a22da4

    • SSDEEP

      98304:kpNO+8ayR1rJaDqvLqPkCjQQTryTqUko2rFacx7kfLz7tqMHmcgc:BR1d2ty1J2rFez7tPGcgc

    Score
    6/10

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral23behavioral24

    • Target

      Changed Special/steamapps/common/Changed Special/Audio/BGM/13.wav

    • Size

      2.7MB

    • MD5

      a01e0a6a6c5001fe322d0eb1daf8c5f7

    • SHA1

      7438b43d137a36e97444b1d3c77d880da0e2ba7c

    • SHA256

      d4b48468833da7cd815b9f4b12d3dd19cf500f9d786168db568f16006237b66b

    • SHA512

      96ecc78df51c5270c867d6aa68c298d569bfb04a779b208ac21c88052ca458ca88659f7eef2ea9e9af68c176cecc9abc1780fc08b75e9f0b12fa6fb22b97f5be

    • SSDEEP

      49152:9maVK4y6ZDDUJtud5odaLHz0Yua/ryDPb7sXZsF8jooub4WLZoXM81YHhZO+DFYa:9mZ4hxo7+T0YrezPwc8UVxzJFYIN

    Score
    6/10

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral25behavioral26

    • Target

      Changed Special/steamapps/common/Changed Special/Audio/BGM/14.wav

    • Size

      5.4MB

    • MD5

      ffd6bebfebca8df2ba3b6945596ddb38

    • SHA1

      327e525561706c6327653dc0566d14a340b6e2bc

    • SHA256

      411ec37f9e2d73449f8ae9c28c416dabac18d53ba979162300cdac6a00abefbc

    • SHA512

      03576c80692f9fa9677c6aa2412368cd0d4b4811c55a76c00606676a2b6789205212f30face96fab1c9f725320537b6e33a42d395ce587691871203b75ca116c

    • SSDEEP

      98304:G05AnEL/oIKUj4zv48MYg+C9v7md01JtKpC18gU3a955AmKxttyTB9fRCYUzLMM3:GCjmYd1u4bYttyKO3A

    Score
    6/10

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral27behavioral28

    • Target

      Changed Special/steamapps/common/Changed Special/Audio/BGM/15.wav

    • Size

      1.4MB

    • MD5

      ac10ce269ea98653c1c1a9e136d52d22

    • SHA1

      52776799f3ccd9414113d8051e6e0edd2be3a12d

    • SHA256

      d8129ba0819290d122b2b028723c3a742701709ee431545a74c3825a659b9677

    • SHA512

      37112a2d3d988cb3f01d3d2b87e1f200c2bf06065a6b9cfbde9ecf7d74acfb155da5906f70bfa0ee37f520c19f2c8b14d0e6d51620d05644e3ad1b87742b3dbb

    • SSDEEP

      24576:gc/WiIpksTLj7EkQGBcpehegggo0biyUiSkcV+mJSE2Az0eEZKINbG8ya8b:gz1TnwrGGpehege0biyHSkuJl2q0exU6

    Score
    6/10

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral29behavioral30

    • Target

      Changed Special/steamapps/common/Changed Special/Audio/BGM/16.wav

    • Size

      3.5MB

    • MD5

      710db5047e515b9c56c9186de626c5e0

    • SHA1

      fb36829c65f4641a154b423077ef19270f7a85f8

    • SHA256

      0c1c48c5dfe129a37ad8d85323a4d1cf50d073c7b347ae79bce3583e300bb140

    • SHA512

      e960e7168723b356e0eea8ac464958b4b8294582ee97c8743ef7675e553f2b178875c544a64b583ea74dacdffe294fcc806b22897832eb17594e3d2cfa8b98ff

    • SSDEEP

      49152:CrsXqNncidQ4OTkgQj/gjO8cfQLLXM/xF+FbC6UA:CYXqaidWTfK/g6PQLLc/7+VCLA

    Score
    6/10

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral31behavioral32

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

9
T1082

Query Registry

8
T1012

Peripheral Device Discovery

8
T1120

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks