Overview

overview

9

Static

static

9

Mod Instal...ab.exe

windows7-x64

3

Mod Instal...ab.exe

windows10-2004-x64

7

Mod Instal...rp.dll

windows7-x64

1

Mod Instal...rp.dll

windows10-2004-x64

3

Mod Instal...rp.dll

windows7-x64

1

Mod Instal...rp.dll

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Mod Installer.rar

  • Size

    33.2MB

  • Sample

    230613-wse45saa25

  • MD5

    9e037f09ecd657d39aeae5e064cb190f

  • SHA1

    7ade3a7ac5d8f2f1c0a4ebdfb768842bf2ccaf25

  • SHA256

    f445d3662222075755bcadd7e8aea13830679f14cf290126bc024fa636a0982b

  • SHA512

    b067866f685bec6b2be0157dbf32692a0e5b8a486c8e3477c5e853fe56bda231fefd286b03e16d9efdc01cadbe5bab68ce1250e4f7b380466cbf84a9ce2cc871

  • SSDEEP

    786432:bUgF2j7RrqH9oYTzPSC2qZCkJQURBXDdkHBbmvCJS8Fn3GolxB6+IGo1irNBJ:bUgF23RNE6ywkOIzoBSqJh3Ggo1irNBJ

Score
9/10
coreentity

Malware Config

Targets

    • Target

      Mod Installer/Scarab.exe

    • Size

      88.8MB

    • MD5

      a093c0d9c2392def8a9f8524f337b68f

    • SHA1

      69698aa863f12fae02d19fc033a52e4f904e900d

    • SHA256

      2ba106e57bacbce734de86ac9deab2a763087ca38291b5298130736b1474236f

    • SHA512

      7e3ae3120ae28ae3ce8691904d45017d561cd53459816fa94e6d4f0b9533b9d90d2c556e42cd2daf9faa43c46284e8193c9604855a73daa9c8441b70875483cd

    • SSDEEP

      786432:X2OYL67WBlefpvpqjTFK7TkLy/kkPZSaXnRPGyY6+:XiL6qiRvsjTFK7TyjoPG3

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

    • Target

      Mod Installer/libHarfBuzzSharp.dll

    • Size

      892KB

    • MD5

      4355a90609bebed74f5c80f5c095fe41

    • SHA1

      1b2d04746535da747596ba804b434f724f8f460a

    • SHA256

      3a32e4c372e26b245bb0012938d9a4c33b62a528e4eaf99a7388775f139f3e93

    • SHA512

      eaf5f75ecb95426d738a502f993e145ed32f4037679c3b829a4c3c9ca7ece8583db3d2415071edbbd21058642137e87f2f4e2cc03f7f053fa1203af4248906b4

    • SSDEEP

      12288:rVBDI1XP0OY0uHR8z1oyk+KO60qxrDcINQLEyoyFi0vMV:rzssOY0OR8z1oj+p+NcpLEyfFi0v

    Score
    3/10
    behavioral3behavioral4

    • Target

      Mod Installer/libSkiaSharp.dll

    • Size

      8.5MB

    • MD5

      91bba30eddce0ad1e50096c5f887e5df

    • SHA1

      3cb2c46d5ba2ec1af79d6572e16c184e62cb6c8e

    • SHA256

      b9880918418e96e979a5cac811700241af4fc24f4861475df0858840eb9ff130

    • SHA512

      d1484d9a693ffe13a91051d8f3c279d15c72d1756fef79d2f132f656ce26c4a19d4240fccb691a35d32e75e7a71fe5a4fe5bf67b47ef6654d6a6b5775e7bbdc8

    • SSDEEP

      98304:UShZ23vkdVGRJVNkGjs+Cia4yH/IKKTMa:5Z23vkdVIXy/jpa

    Score
    1/10
    behavioral5behavioral6

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

1
T1130

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

3
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks