General
-
Target
rgrg.zip
-
Size
3.6MB
-
Sample
230622-h89rssda88
-
MD5
965eec7a8ac7512548d0475883c08ca0
-
SHA1
bb6170508af53a9be704ffeeb805ce8d05e17858
-
SHA256
855c267049199087e181fe614656ae4aa2326be0dc43183a97428630bc680a9f
-
SHA512
adc1ee62c230a119553939abf42d98e9061343813e5db0e6a37cf38e1964a68da7d7c92c77090cf4f49a8cf158d3dc9f662c2c9c2969a3fd78952182b4542908
-
SSDEEP
98304:l5o48R7getr4oNSutdpznHUaldLdb5BN0EEB8g0D37U:7o/l1xbPdrFdVQBj0jg
Static task
static1
Behavioral task
behavioral1
Sample
CheatEngine75 (3).exe
Resource
win10-20230621-en
Behavioral task
behavioral2
Sample
MCXAuth_5_YT (1).jar
Resource
win10-20230621-en
Malware Config
Targets
-
-
Target
CheatEngine75 (3).exe
-
Size
3.1MB
-
MD5
609fea742d34dc1d53f0eeb4873b1a0a
-
SHA1
3232c52da3cb8f47a870162a35cdd75fcae60aea
-
SHA256
e2e15826b69778e381f25ac8f2b109a377b23f7cf79b5f482e81f4d28c30f95e
-
SHA512
27da89901268d153fd7158162fc8f2f3b99ec9a4aa24c281f93b500466552af776b00f0a33182386a62934c3e553561cbc23d3f5ebb0ea0366c04e046e1bcc90
-
SSDEEP
98304:wSiW4opH4opH4op4U9tNz9RGa/xlbLP/h4:ZDBDBD1t3Hbb+
-
CoreEntity .NET Packer
A .NET packer called CoreEntity where it has embedded the payload as a BitMap object which is later decrypted.
-
Creates new service(s)
-
Downloads MZ/PE file
-
Drops file in Drivers directory
-
Stops running service(s)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Modifies file permissions
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops file in System32 directory
-
-
-
Target
MCXAuth_5_YT (1).jar
-
Size
1.1MB
-
MD5
e889cace707fc62a9334cf5183a12811
-
SHA1
8dc0c96f4f0a4d25a79a421830ce09a384688ec5
-
SHA256
9aa46e7487e97ba018896ce08b14f46bbfd0953526dd1695ffd7da6c8f6c2339
-
SHA512
83546fc736acf67c93b430a880b59bd6c7af156f1e0245623f22ca4ec6304d2e0813de48356be8ec2610b6a2407d9c5de78678ae834f3dd298e961560e562f5f
-
SSDEEP
24576:K7YKA5vis0LlaPd2B/pNRdXi1qs1n+daBIeEiRMxRCwjZZ:K03hrYwF2B/3Rd2Jh0aBEi+xRJZZ
Score1/10 -
MITRE ATT&CK Matrix ATT&CK v6
Persistence
New Service
1Modify Existing Service
1Registry Run Keys / Startup Folder
2Defense Evasion
Impair Defenses
1File Permissions Modification
1Modify Registry
2Install Root Certificate
1