Overview

overview

7

Static

static

7

Geometry D...sh.exe

windows7-x64

7

Geometry D...sh.exe

windows10-2004-x64

7

Geometry D...ep.ps1

windows7-x64

1

Geometry D...ep.ps1

windows10-2004-x64

1

Geometry D...od.dll

windows7-x64

3

Geometry D...od.dll

windows10-2004-x64

3

Geometry D...32.dll

windows7-x64

3

Geometry D...32.dll

windows10-2004-x64

3

Geometry D...nv.dll

windows7-x64

3

Geometry D...nv.dll

windows10-2004-x64

3

Geometry D...ns.dll

windows7-x64

3

Geometry D...ns.dll

windows10-2004-x64

3

Geometry D...2d.dll

windows7-x64

3

Geometry D...2d.dll

windows10-2004-x64

3

Geometry D...rl.dll

windows7-x64

3

Geometry D...rl.dll

windows10-2004-x64

3

Geometry D...ff.dll

windows7-x64

1

Geometry D...ff.dll

windows10-2004-x64

1

Geometry D...E2.dll

windows7-x64

1

Geometry D...E2.dll

windows10-2004-x64

1

Geometry D...et.dll

windows7-x64

1

Geometry D...et.dll

windows10-2004-x64

1

Geometry D...e3.dll

windows7-x64

3

Geometry D...e3.dll

windows10-2004-x64

3

Geometry D...pi.dll

windows7-x64

7

Geometry D...pi.dll

windows10-2004-x64

7

Geometry D...ts.dll

windows7-x64

3

Geometry D...ts.dll

windows10-2004-x64

3

Geometry D...b1.dll

windows7-x64

3

Geometry D...b1.dll

windows10-2004-x64

3

Geometry D...64.exe

windows7-x64

7

Geometry D...64.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4cad2adcfc902f81d4e553b15404793a.bin

  • Size

    189.5MB

  • Sample

    231012-rfqynafe54

  • MD5

    4cad2adcfc902f81d4e553b15404793a

  • SHA1

    708d5a3296aee89b73f389e19738a90cfe84b1b2

  • SHA256

    2f2cbdd0bcac3cfd7618b516ea7f8c7d5dbb82f431c0505ff29ec8845f88b285

  • SHA512

    e7f04414f2e5844bbb3b6f05a1191f93b747b0554b1163bb15f0142f987de4a07e825ca72232a9f01e2aa0880a170eb0e5c5970fb5093249e1e015fcf9fae215

  • SSDEEP

    3145728:+1JNei3/P7IxqXlrfOl5u8NKFjV9kaYxqkyWkYtutgixTE5bhxKcdBlVHw7rA:eAi3sO9fi5+Fj3kFskyzua+V1d4A

Score
7/10
upx

Malware Config

Targets

    • Target

      Geometry Dash 2.113/Geometry Dash/GeometryDash.exe

    • Size

      6.5MB

    • MD5

      46ec62179269cb42610e1765e42bee56

    • SHA1

      5e8817dea570975266a8a73cdd0337b04bdcf44f

    • SHA256

      83fd16958d612a4e775183030a88184dd96ebc5c0eafa5e0874d77e9b0087d84

    • SHA512

      737b83a6307ba146bd220f3781df792a6d8cc79dc4eeed4335b193a3ab4dc85afffebbd340b93269b2506e3f514150569a005980133413af5926d379cc58501d

    • SSDEEP

      49152:Bug8dPHi2XXq8dWTHIuKO77ii+4fVoVNG+w6xfS+w6xfSExfSRaTQAYjzDTjE:QDnq8WLKO7ekGVNVVxfS+VxfSgfSR

    Score
    7/10
    upx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

    • Target

      Geometry Dash 2.113/Geometry Dash/Resources/xStep.mp3

    • Size

      1.3MB

    • MD5

      57390e094c37599a790095af692cc039

    • SHA1

      3d08f483e1a43f029164eb06d89693446f314f48

    • SHA256

      9164bf3594a2b0d2ce80e80927bab95d8cbc2e80f5a0198112c178957b0a1621

    • SHA512

      54ee65cb2965c89c54b85358e0769bd0d361f804a7c29183d11d89e6fffe2374016b68affcf7928f76e2c28c506103f6047f09883537607476c0b47062a07fd8

    • SSDEEP

      24576:C/QH9dD0uc1tKjUvoCcHvtui+CWoIADt4BqgepaI+lUlAOhYfe4gyAKNOR7rFUGM:C/M5ueUvodHvtuYWDAmBFeP+lIhYfvgY

    Score
    1/10
    behavioral3behavioral4

    • Target

      Geometry Dash 2.113/Geometry Dash/fmod.dll

    • Size

      1.4MB

    • MD5

      9a9fc4fea3bdd3f3fa09b0aa43dfee07

    • SHA1

      b2c3e267ac33a50c3c5b69208ca1fb76cb4fd658

    • SHA256

      9cefee362589ed05b571ad3b61a2b37c8bf593be0a6a560638c2b79986776368

    • SHA512

      53c56cc01e03f74d82b3acc4afb91044df10058643ba179d50a9b8b86f9f49770ff7eb8f804d42fb94096f7fa16a40ca7c3144103451cb1059a2156b3007a732

    • SSDEEP

      24576:QUumAPpnkv2jg91qDQXIq6paXK2oGCV0y8KZFpVMS6Xcyjj:QUuHyT91qU+pmKZjwKLmLj

    Score
    3/10
    behavioral5behavioral6

    • Target

      Geometry Dash 2.113/Geometry Dash/glew32.dll

    • Size

      324KB

    • MD5

      7399bc6fcbcfe81b6437d37d45d27e00

    • SHA1

      254ac4f5e56cd5ce14d31f824de7949b09597c78

    • SHA256

      1ea8aedc46418e08aeabcb91c16fb4a0ab669924dd0a6071d143f13cd932a022

    • SHA512

      bfffdd518b1a7a4890762e38861db465e187dc197aa6b02f2644ac798e0e03e6f6b2543e24e92e3a16a82ee3d9f795ff12845caf174b2d1b5f6800d7ae1941ea

    • SSDEEP

      6144:GzLQ5Ht2YVVlGSAkApyg8YifaTzaOAz7Du:6Q5HkUVzH

    Score
    3/10
    behavioral7behavioral8

    • Target

      Geometry Dash 2.113/Geometry Dash/iconv.dll

    • Size

      868KB

    • MD5

      73af5773bf5627fe771bf6809ec839f9

    • SHA1

      69d9597991dd0d1c6b478174aaa85b0e8175d0a7

    • SHA256

      6cd69191469bf13f0cea70837bac9b1e7871c116f5f6f18bef5a6a9575c020c9

    • SHA512

      64b631454d1d16709ae96cca95e8e3dd6049841c53ef6c4643b1a5b28a32fe6bfacb86337e93b5f9f2abf43d0233b094646b8065d3c1fafeaab7c3d6e371b864

    • SSDEEP

      24576:Vf2VfWlcKu6Gavkg3NydIbbbI4IBAUZLY:ZuscKu6GaXUT4IBAUZLY

    Score
    3/10
    behavioral10behavioral9

    • Target

      Geometry Dash 2.113/Geometry Dash/libExtensions.dll

    • Size

      280KB

    • MD5

      a4f4fce308de7f85fcddc7a35c8b3e0b

    • SHA1

      595928dceca7855b10b55c4579820fbd1e69845f

    • SHA256

      cde619c28e7ffbc7374bd2c5e62344ff0687d5922e721717c89ea56af3278b46

    • SHA512

      b3f884da642ba1af8a1c8e1838a1bae5f60bd64eba33c4467e8ae333a60d2b0809cda451c3dd9477077a39b331db298127784690cccd0af9c9794d4fef613350

    • SSDEEP

      6144:ujjeDzyKCMijQaErrHr5CG7D7gcGRCsJvsrK5QQMe2:BDzyBjZMHr5CG7DPgGK

    Score
    3/10
    behavioral11behavioral12

    • Target

      Geometry Dash 2.113/Geometry Dash/libcocos2d.dll

    • Size

      1.7MB

    • MD5

      29cfb52b30b2f487e30da873a4f20abf

    • SHA1

      385b53196dc5e2a1a009bde23551faf9ba1d380e

    • SHA256

      c17c4eddf891c3c1f2e24129e9d9dc49a027c5c7827f77e20cc8fd311be327a1

    • SHA512

      fd520051c48995e527fb57799f2e7f58d4a0b26eae820afe41e7e1c9dbe35b41772cd870ac92feb640ac23270ef46b789c157733c97d3bf8af04c1ad5dc09824

    • SSDEEP

      24576:cVtR9yxzz3nJYZl4ZbtMCeGg7dP6BXt/NKl9vl6Wm8y0vrJTQYOVPKRqicw0:cVtkFX2SgMdN69vlhyOJTQYOVPecw0

    Score
    3/10
    behavioral13behavioral14

    • Target

      Geometry Dash 2.113/Geometry Dash/libcurl.dll

    • Size

      1.1MB

    • MD5

      a629bf05e48171a7152b15c479727da3

    • SHA1

      b39c487c3a8ece83ef8bdecd2e37537c6617f9e6

    • SHA256

      db4e84c77b41bd0e40e3b29db518faa44d4a40df802299befc21f87c16ec1124

    • SHA512

      13596fc1f5be8de92177e7ee5e09a37e7f829ebc36678ff5233b627b7f798307270c69c9dec05407c1d758ff421484b66261a9e2c3abde7cf24fb0b5b15774b9

    • SSDEEP

      24576:LX/2J+LaOzIx2uPOAr1faOn4fv7oonBUzPnAbcmTEp/y9qQ1II:KmaO8DOwfwf+PucmTEp/8f1II

    Score
    3/10
    behavioral15behavioral16

    • Target

      Geometry Dash 2.113/Geometry Dash/libtiff.dll

    • Size

      513KB

    • MD5

      c741db91cddb32c0ccd1fab980b1a5a4

    • SHA1

      08f624cff407b25c6ecca087f763bd02e69231bb

    • SHA256

      2d7b7f76089829aac2fa043d712e3a908563bf77f4e7da6e82d86bb0467a9feb

    • SHA512

      7f92e7cdc0feb16ca42eb9f588a92a481b402ef00c0e02b8236f8925bd828507a4e6c1b576d9639184a15322107d0d3810817d1529ebf6f94ff18ea070c67e76

    • SSDEEP

      6144:SymBVjFxF2nv2aY+NUXgJWnjUz2XyGK77f4NJrzNfQv3vCJYiY2IGEBg6CD:cBVp2Y+W1jUzWY7f4X7JYiZH

    Score
    1/10
    behavioral17behavioral18

    • Target

      Geometry Dash 2.113/Geometry Dash/pthreadVCE2.dll

    • Size

      76KB

    • MD5

      ae4ae0ef65becf8684db223ceecbfba7

    • SHA1

      1826006ee9ca5090eacfdca63bcc370e2be701e6

    • SHA256

      27a8bd5814bf5e67858856f5090952e558c6e03fbebcbd66f7d8eb8fda2b369c

    • SHA512

      880b38c69a38c02923988ccafba630e8a5a12ec885d713fc863f69174b475e408427fb68acdf6a3415a3bbd6cb80a1eb81eb752b18ef03a4590cdb36c9f52e3e

    • SSDEEP

      768:o6J0QrqcRpxKyCqr/vb4ssGE9lICiH3Yays/:zJZxbf3stiH3Yays/

    Score
    1/10
    behavioral19behavioral20

    • Target

      Geometry Dash 2.113/Geometry Dash/sdkencryptedappticket.dll

    • Size

      558KB

    • MD5

      e1b5265b323b0a92baaec24bfaedfcf7

    • SHA1

      04e5b9dbc4697b215d7fdcdb742a5d208d175e53

    • SHA256

      361001272651c6c262e5bc95c323adc398f4bbc4333c1a578a55d5c39a0e5302

    • SHA512

      257fe355ed1ca0cdaa9583ce1760c660b32f3b17147142e1fa3a0ef5313958ff741043d2a3667f92d71160c09c51da8960f8a15475d6e0042790b584bbb61647

    • SSDEEP

      12288:DZ6VT5dCFQvtWt2wxad6utBpKO9bdUWHbCzd2Nc1zwtnJI/0:16VFZtoO9GWHOxyc1zunm/0

    Score
    1/10
    behavioral21behavioral22

    • Target

      Geometry Dash 2.113/Geometry Dash/sqlite3.dll

    • Size

      527KB

    • MD5

      0ec32327447976d439358bc1db47cd31

    • SHA1

      516e8df1b4cf92475b07131637b1f93cca27f077

    • SHA256

      34057639b01413314a1b67c56c5d81e2aaa965f4eef1b9e11f2aa2261a628a0b

    • SHA512

      448a81db8aebfd1907b039b14327948ae675683c704a86d8a9f38e2a2a91dcde7c99b6be04d97877bbc8d9405392b96e4e580d90a910243d9904943334a3ff6f

    • SSDEEP

      12288:ZKyZVQn8QoxwgBFn32Q7bomYRJMdwm5HE8V:ZzcQHb2o4fB

    Score
    3/10
    behavioral23behavioral24

    • Target

      Geometry Dash 2.113/Geometry Dash/steam_api.dll

    • Size

      854KB

    • MD5

      226d0e9d0383c34ae5021e70b3b029c9

    • SHA1

      e45defcc669479c365c9c2b1e888860cf57286a6

    • SHA256

      1cb212268170094dbb12147fa55a9c9688dd123046812e7f0182e072762ea400

    • SHA512

      fbbb54f34670a6924fe07b28086067d487fcfd4d912c9afb27a19247121e04848d727b5f7b7eaaedaa31cf1788f48b9acb7cbd2cb656836b8e17b9b2e7a46e38

    • SSDEEP

      24576:xWz6Mh4mCone+iIqSDgU0o7LoiqJYCuyUCP0:66MhCdIqSqOSJ7gCP

    Score
    7/10
    upx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral25behavioral26

    • Target

      Geometry Dash 2.113/Geometry Dash/websockets.dll

    • Size

      75KB

    • MD5

      e1db6e022098c0caec94c22cb81def3c

    • SHA1

      ddfe57fe157446348706644b6908602bb02e401d

    • SHA256

      528624dda7a00149c976268e1350cb884d825ed02afe52415299f55c65b7d346

    • SHA512

      21dbcc0082eb1119804efe3162089ccdbce7a60ea6082046a08a8acc6a32e29030a3314ba35625d6ad7d20f6e79bf033b7271e3865731842714fa6dac6d0bce9

    • SSDEEP

      1536:T8lzDqHQ7ZwUOfYZtZU5CYgEqRF09TQCIOBnToIfRAQhDx:T8lgqZwsPfKTQgpTBfRAQh

    Score
    3/10
    behavioral27behavioral28

    • Target

      Geometry Dash 2.113/Geometry Dash/zlib1.dll

    • Size

      76KB

    • MD5

      72e87ad407bb28f5b471c3396296b377

    • SHA1

      15cd01170ff8d8531fb16f4f7a1c5fbe810a1057

    • SHA256

      91ec6085e862e1eedc254bf88efecd4fa67f486216ab3b1473915d15462e71bb

    • SHA512

      1569939514c0e30e2fbf7d81586ada53931ac36b11f306b95b5e0741c6b32c45d88d33271223c99cd4fbd585f0675d5188557e5dfe6901f9fbb2e3e8ec98a698

    • SSDEEP

      768:bw6vENCUvhLcSCE/StC0KuFLRO5ZikoHBc1m7s4wixE+XwVY/nToIf18IOsIOIiy:bDvENBhA+WjPLAVY/nToIfCIOsIOIip

    Score
    3/10
    behavioral29behavioral30

    • Target

      Geometry Dash 2.113/_CommonRedist/vcredist/2010/vcredist_x64.exe

    • Size

      9.8MB

    • MD5

      c9d9eebccef20d637f193490cec05e79

    • SHA1

      15d032d669078aa6f0f7fd1cbf4115a070bd034d

    • SHA256

      cc7ec044218c72a9a15fca2363baed8fc51095ee3b2a7593476771f9eba3d223

    • SHA512

      24b56b5d9b48d75baf53a98e007ace3e7d68fbd5fa55b75ae1a2c08dd466d20b13041f80e84fdb64b825f070843f9247daba681eff16baf99a4b14ea99f5cfd6

    • SSDEEP

      196608:n9A3D5MBD0vwqMKgL29M2JWMWiKV/nPlnqIaAAVINqsAsbPnpCxmz7dU8:23D5MBwZMd0b4oSQ7VSrAs1gEdU8

    Score
    7/10

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral31behavioral32

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks