0f1900910d4027ceaa114e16581715ea51028fd152545c70f4f0b3205db1746b | Triage

Resubmissions

03/07/2023, 20:26

230703-y73j4aaa72 8

03/07/2023, 20:22

230703-y5s8msaa63 8

Sharing

General

Target

updated_spoofer_dark_ud_cheats.exe
Size

14KB
Sample

230703-y5s8msaa63
MD5

5d8d539246ca2b1d3839224aee60fceb
SHA1

f3350b02bb335b0ce74df23e6fa4087c408b5871
SHA256

0f1900910d4027ceaa114e16581715ea51028fd152545c70f4f0b3205db1746b
SHA512

29b2db3544ef43b95a61732da0c95db2e8fdc0904f47154002f55da49fe5b0fb1ff358f1bd9ad5fe4cc09daf800161d2940ec591bb9f2f9348aeefb3ecd20ab6
SSDEEP

192:DXnTXiZNIIPWXiIPhDF2d+lbltzJlltdO6XvvU5N8stYcFwVc03KY:QqDF2kblZJBdO6Xvv+NptYcFwVc03K

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  updated_spoofer_dark_ud_cheats.exe
- Size
  
  14KB
- MD5
  
  5d8d539246ca2b1d3839224aee60fceb
- SHA1
  
  f3350b02bb335b0ce74df23e6fa4087c408b5871
- SHA256
  
  0f1900910d4027ceaa114e16581715ea51028fd152545c70f4f0b3205db1746b
- SHA512
  
  29b2db3544ef43b95a61732da0c95db2e8fdc0904f47154002f55da49fe5b0fb1ff358f1bd9ad5fe4cc09daf800161d2940ec591bb9f2f9348aeefb3ecd20ab6
- SSDEEP
  
  192:DXnTXiZNIIPWXiIPhDF2d+lbltzJlltdO6XvvU5N8stYcFwVc03KY:QqDF2kblZJBdO6Xvv+NptYcFwVc03K
Score

8^/10

persistence
- Downloads MZ/PE file
- Sets service image path in registry
  persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1