Overview

overview

7

Static

static

3

RC 3 Retur... s].7z

windows10-2004-x64

3

Data-A.bin

windows10-2004-x64

7

Data-B.bin

windows10-2004-x64

3

setup.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    RC 3 Return of Alaska Reloaded [Other s].7z

  • Size

    399.9MB

  • Sample

    230919-a89g2adg6z

  • MD5

    ac72ef013767f2e86cc79245b821c4db

  • SHA1

    b6e32fa9e208c046e640488b87c05a20defbd3dd

  • SHA256

    ac141d90b8c87e3abee8e33473744cae18761af96f4c47b26fd82626fb47bab6

  • SHA512

    daaef4eff79c757e95ca41e2a32eb67037a2dfceabd05dcca08dfe78bbcc42386bd0127139f9f6f3f247b86bf217672cfa19baff0d913358ea39506ba78d574f

  • SSDEEP

    6291456:x7Az+2yEk2nk+XktU3FkeQt0NYbTGL+HyxuMrLszhXA+u06j75hQ0vXgPn:xkz+CXZ1kxbCL+nzbAP/u

Score
7/10
discoveryupx

Malware Config

Targets

    • Target

      RC 3 Return of Alaska Reloaded [Other s].7z

    • Size

      399.9MB

    • MD5

      ac72ef013767f2e86cc79245b821c4db

    • SHA1

      b6e32fa9e208c046e640488b87c05a20defbd3dd

    • SHA256

      ac141d90b8c87e3abee8e33473744cae18761af96f4c47b26fd82626fb47bab6

    • SHA512

      daaef4eff79c757e95ca41e2a32eb67037a2dfceabd05dcca08dfe78bbcc42386bd0127139f9f6f3f247b86bf217672cfa19baff0d913358ea39506ba78d574f

    • SSDEEP

      6291456:x7Az+2yEk2nk+XktU3FkeQt0NYbTGL+HyxuMrLszhXA+u06j75hQ0vXgPn:xkz+CXZ1kxbCL+nzbAP/u

    Score
    3/10
    behavioral1

    • Target

      Data-A.bin

    • Size

      9.4MB

    • MD5

      27da55a20e886100590b1b4b25a29119

    • SHA1

      c6c4243e3d916e5aed163e9d7d0d073d052a90ce

    • SHA256

      f06d398e20849599fe41d645aa48323a1f68f0718f9a689f30fe9508fefc7c97

    • SHA512

      6aa51b8d051e4e06b2f97245e8510b5e8967d61898e6e3e448aefd9c69fc329a009e83232e2c42871a6b6df110e4183b8b6e9c9739ae316f6c21e556f012f293

    • SSDEEP

      196608:cES58ZLbLIBCf3+GPt1GhCDmH/9ESKgAMus2WQV+OQDI:rTIBiuCGAafmSKgvQkW

    Score
    7/10
    discoveryupx

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral2

    • Target

      Data-B.bin

    • Size

      385.0MB

    • MD5

      8bbb58ae4f03e6c8ebea7d924ee8c5a7

    • SHA1

      38cceeaec87f5ca29650ef38868842b2d915df12

    • SHA256

      b5153d504764e347bf0663974f7a2685d292c60d8583c7e9b36c43680e872113

    • SHA512

      124db578d2b79cab5b15192047e0350366ef73d2cf894bf73af761162e02c8ea756fa055078961f4a78e34afb55a07a89a50be9b363f56daed5b5570f216bf21

    • SSDEEP

      6291456:FTjqwcfM2RMfH0WtoXODlF/9/2ZX1zRTYNC0OAP+Gq4Tiq/RaDyU3cLH:pjqUH3EOJ2Z1zSPLHJ0G

    Score
    3/10
    behavioral3

    • Target

      setup.exe

    • Size

      5.6MB

    • MD5

      42d86fc1745372f3fa422c96f971f0d9

    • SHA1

      a973dd4c101c7431db454a16089630107a20cddb

    • SHA256

      c691db6fc4a9c15152cab44d50d2b7c708caff6235f31c5f43b4da991754607f

    • SHA512

      14e33495532477a3b84b1460bef74a1d00c9725d4b022af2c72309c29003aa747a6c76d3136c6d66cf9290bc346a24978ccd70195efc2fcf35cb3a53f626e52f

    • SSDEEP

      98304:lchosW9bfA8CL5k5p8t1wyyAn9/kLJiF7aAR4XzL+v1nmuGubCGfBFRHesU288:m6ZCL65p8n6S9/SCuXzL+pDTCEJT

    Score
    7/10
    upx

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral4

MITRE ATT&CK Enterprise v15

Tasks