b4eae4a432b105f53797fbd5fbcc2bf3989c23f90d779e49d4c3e44aae855930 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Gang.Beasts.Steamworks.Fix.V3-REVOLT.rar
Size

400KB
Sample

230628-pzvpvahe45
MD5

1ded834353cb153f86ac01fdca0d2fc1
SHA1

70944f7fc1bf69c091d9fcd44fa69fa9c447c9bf
SHA256

b4eae4a432b105f53797fbd5fbcc2bf3989c23f90d779e49d4c3e44aae855930
SHA512

cf583cff9941011c2016520d373b02a91e112130c2740d90e345044d008ff5b2ef371257cf78b989fea1638110770fe84288223c88955e105c2d1763144586bd
SSDEEP

12288:T2NIapEYJ7gPrCxTLB4v3xBpI3hHK/sIn:aN/J6uFLBG3RIxHK/Nn

Score

6^/10

persistence

Malware Config

Targets

- Target
  
  Gang Beasts_Data/Plugins/REVOLT.dll
- Size
  
  216KB
- MD5
  
  04c58bd2e83dd1aae1ab2bff988f5451
- SHA1
  
  39274dc210b3dd8c7f0bf2d18b51df3fd4242f60
- SHA256
  
  fe302b9cf000b5b56b8f48df9a6737fc43b1c225db91306e92c779cae0d2908d
- SHA512
  
  803c0bea494f4fbbb7c7ec57d38185966a668d282da82d41cb2ef18ef5432e77655dc5799b4ce6fd1b1782099d056591bf77130bd71675468660a83cebb2f390
- SSDEEP
  
  3072:Ol0fitglyHjj+QqRMD8r33pdT1zlJwnaVQqqf+EhpdylEICR6x2RacJsAj:Owitgl8mFd339bwJPdybCRG23eAj
Score

3^/10
behavioral1 behavioral2
- Target
  
  Gang Beasts_Data/Plugins/steam_api.dll
- Size
  
  1.2MB
- MD5
  
  7bafc10a24ba48df58ed17298b2f4afc
- SHA1
  
  71b0113bb08a3628870b31c4cc4374a4f2ec435f
- SHA256
  
  095e204994878e2276b9be5f1f6a3946071f920d98a4ae001aee44440fd55f83
- SHA512
  
  3b286e924da32b02db7d04adecd0f3cb127563f5eb66e7476fa5a3fef05788994b215c1d068ccb7a2587dd366728a4a250e14631ec6d6a3fb46a5826095298fc
- SSDEEP
  
  24576:cu1xpsPxJ6gjK/mIQbhYASmp2g0ul2rcyzCA6NUk:t1xY0gjKHASmQul2FCA6NUk
Score

6^/10

persistence
- Adds Run key to start application
  persistence
behavioral3 behavioral4
- Target
  
  The REVOLT Forum.url
- Size
  
  121B
- MD5
  
  ccf68641bacb8ec7f96d3892e15125f9
- SHA1
  
  e69afbd4916b77b7442da6e7e1f4250a6fd04c0b
- SHA256
  
  f90643d01a65638c0cb957efa44d94136c672c0b7dc1ed347743084acc945f39
- SHA512
  
  6326c0e1e3e9ef94058a3496f592a6ebccc7cc7579fbbec0d233db61cd1b03d1e4256fafd2318e773c067ae464fcff66d2ab14ce5a83723b28f8f972b0b8e414
Score

1^/10
behavioral5 behavioral6

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6