0ed37e7d731a5ff34991b1196afd4eadf60f78735332b1b1584c98117780aa22

Sharing

Copy URL

Twitter E-mail

General

Target

e58133042348a305f286c721e4b56b36.bin
Size

253.4MB
Sample

231113-d8d8nsge91
MD5

e58133042348a305f286c721e4b56b36
SHA1

b4fdf0fa4fdb617997ed306ce1dfaf6abeeed3a1
SHA256

0ed37e7d731a5ff34991b1196afd4eadf60f78735332b1b1584c98117780aa22
SHA512

434a65c51bd365438656964cabc8cc45a849cb8cc4335d23b45216751fdeb7601522bbb7260ff24594e92c082a7e8417564c463a1280a27de542b7c0ef6d84c8
SSDEEP

6291456:6zFCsozHmCrLYIq/73+5ej3+TEKzf6MbC2pndwORnTf:iszGCr2ueLOdL6MbPwO1f

Score

7^/10

Malware Config

Targets

- Target
  
  Pokemon Flux EPISODE 1 v1.1.0/Audio/SE/flux_gui_cancel.WAV
- Size
  
  54KB
- MD5
  
  0ef6880213f72767bb3252231153d85e
- SHA1
  
  6c1800493ca1912c46f4af4c55af5378c4120de4
- SHA256
  
  8abf7098064b7767ad27d25217e979bcea30556be4c73d1c4b19f1bb9fd6e46c
- SHA512
  
  b4a2b5ca2c6e274c3992ce4b25b7515b0f771cf04010538f9caf7d945ee060e53881e05a5bf9ce64f0835fc67d473239a87a4e98a4dc08e47a9b6c53901a09d7
- SSDEEP
  
  768:eg57nPz87cXrM8chqtNX+X0Lq5Gf34SqM2h0ad4g9yx7X2t+n:eg57474M8EauX0wGf34pMXaRij0+n
Score

1^/10
behavioral1 behavioral2
- Target
  
  Pokemon Flux EPISODE 1 v1.1.0/Flux Discord.URL
- Size
  
  255B
- MD5
  
  6f880f7cd0aa0147e2fc3aeab190b9e5
- SHA1
  
  92451112291543a6bbb737b373422c384c51a779
- SHA256
  
  712b4a5dbdfe3032d59eda38a01db30792e7c77c01637ec2ec492868fe7c8dd1
- SHA512
  
  07d1cca5aae29e0e0d87a00d88a38bb2fa810c438e1110589b546ed24022e74cebae01bbb2969c0bea41910a78becb4a9aa329600b1f978577af99e15d7c2906
Score

1^/10
behavioral3 behavioral4
- Target
  
  Pokemon Flux EPISODE 1 v1.1.0/Flux.exe
- Size
  
  13.6MB
- MD5
  
  dd26d808fd6aba371f036f81b2500821
- SHA1
  
  36586efb474a9540179c07094f6bf0cb8ade005e
- SHA256
  
  4d14f290118a3cb80305f5b1cb3f6044c2aed8757d1e64d58bee03ef2dce1037
- SHA512
  
  e921e8ce050d07bbec8af4ac0f3dcb7c66555b9d8dd486ec2a11256a8d6be748869fd54c454e5776145829b0f867d14c7536d0910937c558c702f8df998c25d0
- SSDEEP
  
  196608:apc6fNCg9RohAYoVMMtzL7ZqINrdLxVVZFJ:aFfNCg9DYoaMt9qkJZFJ
Score

1^/10
behavioral5 behavioral6
- Target
  
  Pokemon Flux EPISODE 1 v1.1.0/RGSS104E.dll
- Size
  
  740KB
- MD5
  
  71354278675a4deea20fb3cbb5f77170
- SHA1
  
  073e9f1db6c1be847f186553e985e35e4de03c70
- SHA256
  
  7b6acb5e2c245b8cfda77fced2cc0e94108384cd1b9ffc8510e7304fcb9feb6c
- SHA512
  
  e664f02f2d2918c30a6fb75ab7dfe22ab0f2eea8e7ebbcd5b211463062744e51e3956d320127570db0b5dc9c12fb39c6b204bc2967bd4708bccab17d5c980915
- SSDEEP
  
  12288:NRJ6OytWOdpAFN0i2J+twkFFNQXNxE+VOvQ3tKDuztSVPXQdlO3BuOmuVbAA/IFv:ND7rO7qNp2gNQ9xqkYDWYPgiEdgAA/VS
Score

6^/10

bootkit persistence
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral7 behavioral8
- Target
  
  Pokemon Flux EPISODE 1 v1.1.0/Saves.lnk
- Size
  
  1KB
- MD5
  
  8fa574c3b05affcdd81224c0632f35d9
- SHA1
  
  cfc77637b1e57ec9cbc121e644beda6b7151d0cf
- SHA256
  
  5d5ec9537064128217bc08fd490d7e82bc71200012ba01ca04d80991098c53e7
- SHA512
  
  e4746a0a4c62dff8098529d6ed229d2f2ee5954c92996b6386088c785e2812dcc21aa128e2c5b4076512f0fd3e896d259c8d2607d6b5dc199c40bd05c2a65907
Score

3^/10
behavioral10 behavioral9
- Target
  
  Data/Scripts/001_Technical/002_Files/001_FileTests.rb
- Size
  
  15KB
- MD5
  
  7089d47c4ae41b3023c30f36c743ecdc
- SHA1
  
  536e620c0720f85d27fb551ed61f84b452a1cef0
- SHA256
  
  ada4e71c87d6d4dab6d364c7553d91e977f4a8bc23feb164e4c9dc47fd48e81c
- SHA512
  
  3312a21ca2273725dfb580eabe9f8dd6269284cea4432ee384bf9b79ff7f839b6b2802912934eb0cde5d3a83a2cf5e846d76c015f5a485ad20cf9ec9fa2c03bf
- SSDEEP
  
  192:kFQItgcAh+Hs4AEpBzHx/dB/x9aZ9BhykQIKf86Ht3nOBXODu5OC5zLbvHGlte95:p+gF4A2H/gcIKflOBZOCJrbOlznCR
Score

1^/10
behavioral11 behavioral12
- Target
  
  Data/Scripts/001_Technical/003_Intl_Messages.rb
- Size
  
  20KB
- MD5
  
  0625be185bafdf14ab7c7d628b1ced3a
- SHA1
  
  723e3c54d2404969c7b8409283e444966d56d8fe
- SHA256
  
  16de855caff69fe593778e15453024f36557a8208fd24194cdadede202979eb9
- SHA512
  
  56ab27abce6d415411c53b8033e268d8be837ab470a02dfc70adeda9f0a21ffaad444f09ad13f005b62db513a2d2762376d40dbc7aea26c682774f479f11a33e
- SSDEEP
  
  384:YkLH2JnsH253DmnH2JAVH2x5H2JzH2h4JH2J7H2J3DOj7f2+BWjCT01s9jPFnDJl:Y7z3DpAw8y4s63Sj7++BWGT02jNnDJso
Score

1^/10
behavioral13 behavioral14
- Target
  
  Data/Scripts/001_Technical/005_PluginManager.rb
- Size
  
  32KB
- MD5
  
  7001a268da249d24be68e36ea49f712b
- SHA1
  
  df699624ba3d5ed7935655845d6d9d41bae66e8e
- SHA256
  
  b4d3a21d6a68c14cd0e288d8ef2ccae80271c188db68738532a73fd06d88dc3f
- SHA512
  
  57dcec46afaef88199d46540c1e293f8264821802d748ea452fbe4dd5eda6cf38c57882e1f7ca8406617a3a4ea88901b4fe4ebbb16986f3989641a39f4da47fc
- SSDEEP
  
  768:KWNVHaQuyITkP7Hm1HQ5KkL7Rb/RATHCYmlbxQJM4/yED3Q:KGHaQuykkP7GBSpuZ/O
Score

1^/10
behavioral15 behavioral16
- Target
  
  Data/Scripts/001_Technical/006_RPG_Sprite.rb
- Size
  
  14KB
- MD5
  
  569e032aac6123184e642446edb0febd
- SHA1
  
  2aa9ab4f09bd69335bc7a7f09e3ab1d3846232b7
- SHA256
  
  8f29b94f71c14db65a503473c98377226f6df0e4930126f436413d44f4d31990
- SHA512
  
  a457de5d7bd058c2abd0cf26b64a25a05f5dbe7e9d6fe6da6d1ca324ea6de9067ee318df310e203e8936b09aff756721b8c446678e5b80bacc52a9416ada53b7
- SSDEEP
  
  384:QUiLL3aRDe7BHSo5BqaFvAOcdSDXjHRnxhTW2qcoSm:QUiLL3aRDe7BHSo5Mk4Oc0jHRH6co
Score

1^/10
behavioral17 behavioral18
- Target
  
  Data/Scripts/003_Game processing/003_Interpreter.rb
- Size
  
  14KB
- MD5
  
  2a8d0219861a80524f25238ccb29f6ec
- SHA1
  
  dcf1e89cef8bdde05103482b390643c8e4b9e7c8
- SHA256
  
  2218c6346267b20b2cfc0318dea69ba69926d5b4c69ba70b2df4f0975fd878cf
- SHA512
  
  33d8158461c8a61aa20f6d125ff7b7fdddb1c87abc7f61a18d1844118e5d19f8c89526f9da2863276532f8666356c3ad968557634771a24d66ebe3c2e44b8031
- SSDEEP
  
  192:zFkhCCt1jci66prXLf365UsXfPuxgppgoA0zmMVuPLbZ9wK6LdZqdGTwAAY4AVA0:zOhHtyifRu1VwVYxL
Score

1^/10
behavioral19 behavioral20
- Target
  
  Data/Scripts/003_Game processing/004_Interpreter_Commands.rb
- Size
  
  45KB
- MD5
  
  417d7b00e41471977accf325dea25dbf
- SHA1
  
  1521443fddfc24208bae58a918e144d9a3b646f2
- SHA256
  
  fc950a8203474c333ff2206a0f385fb82f72c5faef9e5714aa035d76f1365613
- SHA512
  
  6a106aa345f968df943e681be5548aa0e9d534a30865e8558bd7442ebac2db39e8f6e755c0f7bcf2c9279d30d43676e4d2b23199bb01a389777b9096068f9e14
- SSDEEP
  
  768:xY94prZzBh724ADvRKrPIVK0mUqaVZBuKek2p:mCprZzBh724hTlp
Score

1^/10
behavioral21 behavioral22
- Target
  
  Data/Scripts/004_Game classes/002_Game_System.rb
- Size
  
  7KB
- MD5
  
  a7e67e67cacb96528341f54c4c23ae12
- SHA1
  
  e18122b131e0ba407a16923fc80eda02e91c0fd4
- SHA256
  
  2d848f9bf47ce11923ba269ba00b3867c7160ba584f498b5328905db9ad67b53
- SHA512
  
  6ed1a9b553dbef2a883d995540663c9a6f2d0bee05905a8455d118682666a2a4bc25093765e189b06d3113b3bc71bfc328017f0a5f955a3289328f34c91fc7a4
- SSDEEP
  
  192:6pmCkM8tdCYNW0SJTuj8v9i126lcZA3u0mGidRjGvhXZQdWmKLM8YWKygN14JT:/8zbdRKrmk7
Score

1^/10
behavioral23 behavioral24
- Target
  
  Data/Scripts/004_Game classes/008_Game_Event.rb
- Size
  
  7KB
- MD5
  
  4510c0e0ce2f60a08b2d86206411c1b9
- SHA1
  
  1c1f2206ad743d050b65b697216db56837cad254
- SHA256
  
  8d7fffff12cd4250a6ef8dc0b079afde36d95699e029cdb32549b398ddd6d380
- SHA512
  
  8ba227fa2148df90015a8fa76f281812babb0835dc427495856ccde01b84bfb652590383b02974d9ceffd1c4242cc5fe725943ea306661c7ad8b904fc8272cef
- SSDEEP
  
  192:u7PZdWbJEpEHQ6y1yL/emyWC4diOlFKQbYB6ZyqLmyodlNm8G1bT4LX6cb4353B3:Lb3lV5+i3BoKi5B6
Score

1^/10
behavioral25 behavioral26
- Target
  
  Data/Scripts/004_Game classes/009_Game_Player.rb
- Size
  
  22KB
- MD5
  
  e8e2ada28f41d45e4bb7f9dd65f2abcf
- SHA1
  
  827df36b8e4786b5535e1758dbe110189f241a58
- SHA256
  
  95be8faf5af0346b10f42afdda4968f251c47d1e654f32fffd412c386b88f671
- SHA512
  
  686d18eb6215a07fb6f91b833e962213b5e9e13b53ed88f836893114ead5d63deb339bb244df8c5b97f8fa6e3434774c6f66d1e801e4726c7c9cbce8ff08d843
- SSDEEP
  
  192:Gg4/StFesRvm6VUy7vf5a28CLvqZi7vbHQvhYKq2U32ZecnGV1UfUfYdHWx+8/c2:GKtBaifQ5VJXZR4AYdut+u+dnZP
Score

1^/10
behavioral27 behavioral28
- Target
  
  Data/Scripts/004_Game classes/010_Game_CommonEvent.rb
- Size
  
  3KB
- MD5
  
  58e3d57db09fb792aff1500e7d3c9594
- SHA1
  
  5234598115530226f5d3741b6c9fe30b0b665d05
- SHA256
  
  a68f902b563ebc2d7e4c22079bc4fc34bf84d9e2f00956d5f7d409ece103cea2
- SHA512
  
  3b38d199720c6ad291de5eba7a2a487911e123f64e8cbe23f7bdf33af0dd8574a8869c7a623a16a84e98303ed43f9bc5b97bd85f41f6ea0206d788df143a433c
Score

1^/10
behavioral29 behavioral30
- Target
  
  Data/Scripts/005_Sprites/010_ParticleEngine.rb
- Size
  
  15KB
- MD5
  
  19bc96d4b6e10bf2c6aea13b2351fa52
- SHA1
  
  eff9cbac75072e6d31fe0b16ba5920635c6f8d25
- SHA256
  
  12b16672ed530977d7df25b21c755dcc860d77c136c6165ec3f13d0bb9e7f3c3
- SHA512
  
  c6589b411ac4906d258dc5041998150723d9c6a1a28aeb2645512da9eec9fbeaecb4702e0c1d34e80893a74f367f1e6cb81e4733ac49ca46c02ab1b488750403
- SSDEEP
  
  192:H7YFHFM7wbqrJJLpz3r2DSL0EFvG+6x0yCI0VIi+OkHSi0+9Oth/PBPBPwPs/7PJ:bKKy56f8qM+umrWJPTTORa6yWfN
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

T1542

Bootkit

T1542.003

Privilege Escalation

Defense Evasion

Pre-OS Boot

T1542

Bootkit

T1542.003

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Writes to the Master Boot Record (MBR)

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32

We care about your privacy.