79fd3ad8b40c7e1047b1ede1f903d46cf3a3cfed84a6ebbaed4ed7c7f4ebfe9d

Sharing

Copy URL Twitter E-mail

General

Target

PikminWin64.rar
Size

80.0MB
Sample

230823-21xxtahf41
MD5

9623cad7af901ee4ce034c303cdc8789
SHA1

1b289ffaa7a5a2b3048ecc4e15b29f3fd0dbe92d
SHA256

79fd3ad8b40c7e1047b1ede1f903d46cf3a3cfed84a6ebbaed4ed7c7f4ebfe9d
SHA512

a55db337c1a92ece191f3d44895d565a88e1f66ad6cf81251246ab3bc5fa8959ed2c02ce60de80b4446d66e22c30a7114db267cf161a557cd57efa6313907326
SSDEEP

1572864:JPz8OSdVL6GlMlBg/EbY/L5j/mZwSC6+OgaMISPdpCrGKRq0FU:JPz7L9SEbYNTmZwKSPdi9q0FU

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  win64/Pikmin 2D.exe
- Size
  
  2.1MB
- MD5
  
  6c323f239a0ffc4305fe51f7b8b7f669
- SHA1
  
  b2e6a7fcfbe08fa40eea216f019d27973fc68dba
- SHA256
  
  2d035553271a5b1c0e5a16943bc9adbd6b1bf7289bf6c679610c4af16eb66fe7
- SHA512
  
  430c5f573d913f11c3d63bfa78dc5927bda64dc4880fc38938a288c3386d8900f135dbb3ca69e9075b4bf581ff6211e32d6ae3b2177b5ce275a14ecbc65d0cfe
- SSDEEP
  
  49152:hfDODfDFnzD1Us+kMg7ZFZrr89UfT3MG:Wr8AMG
Score

3^/10
behavioral1 behavioral2
- Target
  
  win64/d3dcompiler_47.dll
- Size
  
  4.3MB
- MD5
  
  9b1148a147fc307a501e8c540048991c
- SHA1
  
  7bbdf247051937141121ae6132b0d4f2458ae7b1
- SHA256
  
  21df5696011156fe64f2dff47c8ed5e90817021f91f70b6d9707fd58cd1b0b81
- SHA512
  
  e06185401efcf84d2be23c0afefd241eef89414f68133c99cbc67d55d865ca9aec24f94b735afcbb5975fa2f2e56118a8a980f1473ebd248b265dee477111ee5
- SSDEEP
  
  49152:NYlc/2200PiMLKam+VMrLi21f4i3jn5ZO3KUDmOZQwGuHuQpN3WsGVUWd55i/jr1:3NKD2Mrda3xVNQSljrx
Score

3^/10
behavioral3 behavioral4
- Target
  
  win64/dxwebsetup.exe
- Size
  
  292KB
- MD5
  
  880a353dc9ab4202f2cfbec1cb37181d
- SHA1
  
  0bafee10ed68194fb332d3b46f7d92c8ad962843
- SHA256
  
  6b5c9cec68c7f3c0ba98b8d0b335f1be8ea4cd37fb02b4c81ecc1a95ef6d9578
- SHA512
  
  795db9946ac4bac6af4afcbd2e87671b45c488ea32d61daa821012f0213bde76af1d7ae395b9adfdc0fed5fd80367e232a6bc1d834e7dc9028b885fa908149d8
- SSDEEP
  
  6144:OWK8faaQMbjFtVNtHb7RGb/Mp7mgypysDVpU2drVxP:LaaQMXDFFfp7S5DbU2RP
Score

7^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral5 behavioral6
- Target
  
  win64/ffmpeg.dll
- Size
  
  1.7MB
- MD5
  
  1eea37304c7ba2193751f8738f1b1f89
- SHA1
  
  5a892d26053728ccdffeb2f4dda2648cd0841f43
- SHA256
  
  1f11b4c2dfff9d62591a93208198fae7baf72bc9d869440b292596930c94baaf
- SHA512
  
  109dbae482cf7083ab081e4fb3ca47339967484f18d2bf6655ef4ef22b879e4db23fb177a593804bdb347c17ced91f54a97048c2e7f8e9d5ad6a4e79e980ec96
- SSDEEP
  
  49152:PfHcmpz70mtAHNuqnR2pRucep6pbAiOwuYM:XHeHis6pYX
Score

1^/10
behavioral7 behavioral8
- Target
  
  win64/libEGL.dll
- Size
  
  394KB
- MD5
  
  b36fae1d4e1a60da144533585b8ed9ca
- SHA1
  
  b4bf1c748d550cbb356863ebe208294fede2a2ab
- SHA256
  
  eb22e72f30da38c80b5a0778ad1ffe98d664db0f81bfe9e46d6a903846ba3c35
- SHA512
  
  6612c92049165d4b6dac66fde8d9e3483010675fee0b68bc67b6a56d2abc1b52d6ba8683258ddac13c507f01bf93a15364c30fb4e10a7ca1ac4a92e945e9d89e
- SSDEEP
  
  6144:ln8qmGtPWj89xcXLGH24Hy6/qfpcRLg9UUGKsAem6:l8qFtuj89xeKH0kvfd
Score

1^/10
behavioral10 behavioral9
- Target
  
  win64/libGLESv2.dll
- Size
  
  6.5MB
- MD5
  
  687e7431633bd773052630bf2b9d0aa7
- SHA1
  
  3b4ae670cbcee36f773aa58189ec2780b6d3a9bb
- SHA256
  
  b07f16c91be8a52f76955fe74d007f182fdcd30c50efd5e861347c4d88de75c6
- SHA512
  
  138fa9e1dc90144d6029ed41613759c2affa9836fce796d9fea51f5a3059d93a32f62a58c82f4e351de88f3f049a40abd79a61f33649c650651145806d166cbc
- SSDEEP
  
  49152:i6cnYsIyQRvkLeoubPSLmKjHdHWX4LsZJFsflFdCdVxCYQNhrkE0iZ8bGbfJgBLH:7PbaC8ps7+79fv36Awn7M44DrW
Score

3^/10
behavioral11 behavioral12
- Target
  
  win64/node.dll
- Size
  
  12.8MB
- MD5
  
  c8b32d7edd27222cbd581bf11d3e6dc0
- SHA1
  
  d7b99a1bf776449436db2e84db36f4f1f9128449
- SHA256
  
  9145247c63a4a156781daa150b757419be51ea29889ff64ab3f3ed4e32ca897e
- SHA512
  
  a69b37410d535ac7489daa2847c860cc4a0582398c9d2e2a55918d5e4f7b76574556f6783ec752a561505049e6d4770b523f53914a7f53d382293782cce25eb9
- SSDEEP
  
  98304:jdUVHzgKILGIxiBhusO23CmlyBNzsV6f0ACDFoUkVWlGJJ:jd8Hz/ssUAV6fPCD+bVWlGJJ
Score

1^/10
behavioral13 behavioral14
- Target
  
  win64/notification_helper.exe
- Size
  
  968KB
- MD5
  
  458a2568aec7bf95a4313379eea6ddf9
- SHA1
  
  67c6756f5732e307c6441f55b43d8a8f2851319b
- SHA256
  
  399ea16a4256fb4966e5f1bc5d75a84eb9cfd7b3ee5ff34d8322f118d2f3956b
- SHA512
  
  64b85eed4989a8d31e05473336ca0321c717dd42e4139290a7a5ecc451dd7e5f2408aac4078ec46a190ca5c1c16462abdbc90d226ddb17541f020eaa690f6902
- SSDEEP
  
  12288:rGVmoJxA5g6Znwr8wBW2hcZHYbmwAX+xWDIsBg8oxtxTUAJe85+nG7oXhQ4UdIs5:rGVfJx+hm8wBG2bmwAXJB3oWAB7fdIA
Score

1^/10
behavioral15 behavioral16
- Target
  
  win64/nw.dll
- Size
  
  155.4MB
- MD5
  
  2bcea69cbdcbb37c6724968bef5ba6fb
- SHA1
  
  a1fea2076530f850abd16e4d680c8d742a697cce
- SHA256
  
  b890862a3dfa20eb5d0b4853d24d2d5f9e0e35ef6d6e18d6aa2399e78fc41994
- SHA512
  
  625de12ab80cedca9e708a5d78bd05a89ae91acd62550cfda49c955b51ea8b6e430fa68b76efb8ce990cf534d9b36d4f6b8f3365018710615014c81e1320ed8e
- SSDEEP
  
  1572864:morEyVhzyUltY/HZ1fD9VzZeHfYIhh16lJivPhoB9s3:3rKUI14HO
Score

3^/10
behavioral17 behavioral18
- Target
  
  win64/nw_elf.dll
- Size
  
  949KB
- MD5
  
  9f65d3d3cd5cd077cbbd2d33ae739dd2
- SHA1
  
  3c1471acaabe11ef4429a00241aa9e6a838445e3
- SHA256
  
  93be1583f58c2e15063f72d2eb7bd921040659eaac919ee0e0e428e54661a627
- SHA512
  
  b9103bd6769df7a44618eb1ac1dd0913672559ef260f798680dff678d2bd4c4b3462a7f202f51746a739fa090110d14b1c0b2a96c93fbb9679b2bfcc1c7f948f
- SSDEEP
  
  12288:SJ6LgEpGEF9JaHgrJXs0M199bUUb2I8R9VvAb0HE2lmlvKqre85+n2oBnzbNXJV:ScgEpGL2LOnUUbL8qbkBlcKqxAbN
Score

1^/10
behavioral19 behavioral20
- Target
  
  win64/swiftshader/libEGL.dll
- Size
  
  411KB
- MD5
  
  46edaa037f3df1668ac37d130081a1f5
- SHA1
  
  fbda1f961a5f0b8cf1f0ef22c6b2692d2aca518e
- SHA256
  
  95fcf98268a085b650a1de3fa7387f7794c7f7aca22a1ee4eeff3465d202951b
- SHA512
  
  b9066a11cc59cc5b02f5bd2f7b8d610a3c44d7fdbef043f292b9b844b6b1f464862ce107f9c93f3554bfdfe961c8d7a5c8bdcf3048b9f0fad777c93e6c1da366
- SSDEEP
  
  6144:jdwXfy8x3Y/BUffvI0qTzz3UJpS5WfeTxIw:Zw6w3WBUffvMkS5W2T7
Score

1^/10
behavioral21 behavioral22
- Target
  
  win64/swiftshader/libGLESv2.dll
- Size
  
  2.6MB
- MD5
  
  4b43556f4c81ea40a60508ebc7556a27
- SHA1
  
  a150dcf30a2c13efc837ea24e84cacda96147198
- SHA256
  
  9677118054f86587fb6190274f34897f10b90e64c33c8014c80068c765a74f04
- SHA512
  
  958186fdd7a2f6f0bc3c0be57c29516b4bbdc82a64b038e1b54e02fa04234ff83eab0d476e83c744b8d1ca10087c42fb1bcffe240d72abc9f18764565c9ed376
- SSDEEP
  
  49152:IZL6EkNWi+SlU6d2vw+Hl7eRJOybx0K3/Orl7Fw6efKHguStjex4cho9:QDcUT4cOwYjeS9
Score

1^/10
behavioral23 behavioral24

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Executes dropped EXE

Loads dropped DLL

Adds Run key to start application

Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24