233e6321da27d2f3053f941d80072df870bd23a3951e27567097b2a4ce7f8b4e

Sharing

Copy URL Twitter E-mail

General

Target

Core-Keeper-SteamRIP.com.rar
Size

252.3MB
Sample

231114-jgkh9shf35
MD5

1c4ac5fada40df96c2facd9e082004eb
SHA1

72613fc817da2d7105510476bb039c95dfc92c52
SHA256

233e6321da27d2f3053f941d80072df870bd23a3951e27567097b2a4ce7f8b4e
SHA512

7b910c079a070bb516de66fd3d7ae21722a449958d31eb964a2e3c59d7f04221dbd5116bc908d420dff549f76be33ba2e68930313c12737d9552530eebe43b6f
SSDEEP

6291456:8vGBfObIgDn3p1wcjGrcXO2zUBblpVEOy00DKxRtMZ:8e9O8Qn7wcyrcNzUBXVEOyiO

Score

3^/10

Malware Config

Targets

- Target
  
  Core Keeper v0.6.3.3/CoreKeeper.exe
- Size
  
  638KB
- MD5
  
  84bfda3ff419c5bbde4ff2b98278d93b
- SHA1
  
  11cc6f8e16537f911ece30901a9ac53a5a987391
- SHA256
  
  fcd392972089a56880b427fe04dff2978ab64a9b5bfffabd09b5ca65d7b549c3
- SHA512
  
  73c19ffce677640721e9545f6759283e782351e559dc59c29fedea76ed9b99be63df672a7a7d6eaf92fa0f7c5cce6d31a5dab536097f06213de1fef262a1eb79
- SSDEEP
  
  12288:GoCCk4desxLxo3BPqh/pOyvR+876+0bA3XcYiwCAm8RmhWHkxg+ncWDGAOftwmgq:dsI09qh/pOyvR+876+n3XcYiwCAm8Rm4
Score

1^/10
behavioral1 behavioral2
- Target
  
  Core Keeper v0.6.3.3/CoreKeeper_Data/Managed/0Harmony.dll
- Size
  
  258KB
- MD5
  
  e1bb57402344f4e26a84e2fff2418e42
- SHA1
  
  4a3deb1398e794c5a2a5a3df1c5a78291fce7832
- SHA256
  
  01fc6fcb6408811b72e25bfc3628cca08b27473758966777254500d07d170b4e
- SHA512
  
  84c68d5ef79e6fe87a24dfe7a66d245673c8e418f7c32ffa8a3bb35e51bc7fe2708960657ebe5c743bbce212967715e26fa352674fabe90529094cd7e355cbb0
- SSDEEP
  
  3072:OlnJNBhqVKNAX82IuXJVVfubwt7wpTF0nn4VlY+w/ELRx73ZGqVCrnyEEDgRcWz:0JNobXh9uUt7cTmn4VlYcx73ZOzosuW
Score

1^/10
behavioral3 behavioral4
- Target
  
  Core Keeper v0.6.3.3/CoreKeeper_Data/Managed/Assembly-CSharp.dll
- Size
  
  12KB
- MD5
  
  d2a59344ac580dfe23768bbf953448e5
- SHA1
  
  25f30d11597e4fe5bb1ee07a32a4befadf76bdf6
- SHA256
  
  953cd902b1660aac1ab3e5fe9a5572ea736bddea96c28b5802c631f81f86f7cd
- SHA512
  
  0d412bc2b6d68b2559440edf9186eff990a12fac9b068e67507a55a55d59e755a81862032cee5e55cb411ab640eab83e91ef8ecf34fce463265a6e711717b708
- SSDEEP
  
  192:iBCSvWYnkj6tnvuYkXjrlnTMW6WFh2B9g1BBzUV8KOl8R8NbdycO6XpIRRpocVa:iBCPakj6tn2YkTr2WtFh2B9gNzU8KIAe
Score

1^/10
behavioral5 behavioral6
- Target
  
  Core Keeper v0.6.3.3/CoreKeeper_Data/Managed/CgSDK.dll
- Size
  
  12KB
- MD5
  
  cf7e31dd0850c5e223d53a96a681a2a0
- SHA1
  
  28856175798549b26f70183bdcec43f03eec5bc4
- SHA256
  
  80ebb1674f8febfcea3aa295c88edd6b0ea5d7bb07bc1d0a54b79e494e89984e
- SHA512
  
  f7391d5cb165a6faa6b84802dc13eb1811ee547e87fda3120ed2190ab2ba0e9fbbd1804a93a7eb3eb572686729f5df2fc3105ddf6435596565f89074543cd161
- SSDEEP
  
  384:eA8+ZUqnF/c1hf6ZriWz9ENksk/sMF2oCTnoZ7:BGqF/c1hf6ZriWz9ENksk/sMF2oCboZ7
Score

1^/10
behavioral7 behavioral8
- Target
  
  Core Keeper v0.6.3.3/CoreKeeper_Data/Managed/DomainReloadHelper.Runtime.dll
- Size
  
  3KB
- MD5
  
  c49cbbe01cffcfc14b8a13831c849a35
- SHA1
  
  c99fa4f83e5bf794b50404dde894c65438f01e85
- SHA256
  
  66fd90d619c02f96e933ce8dd4deddc62e87532681d2cff54f58ed8f6153cea3
- SHA512
  
  9a334c0215909d68b47923481d956b1981e26d9affa68fb68497ae1a117b3654a4b9877c8208a44fee6944bf0e966f3df66777aefca343c3c3146ef3354b00fa
Score

1^/10
behavioral10 behavioral9
- Target
  
  Core Keeper v0.6.3.3/CoreKeeper_Data/Managed/Facepunch.Steamworks.Win64.dll
- Size
  
  539KB
- MD5
  
  03b6e77c0785977e24f30605694bf57f
- SHA1
  
  4ddd7f15a71373650193976d43eb8609521370bc
- SHA256
  
  67cc11b672387c883f0cf07cb0c8e8325017b62b83a14e9efd76c175943bc418
- SHA512
  
  ea5693dee80c571eeb79fecfa34584c7491ac95bde94eb946a0e71a8582a00bfb1c5caf073be9526b467e6f28f5e4b33900aa51cf1539e8a81c3ec9134b042e3
- SSDEEP
  
  12288:crbQNOW6Ij7PfrKQfP3BbJ0A+642A6dS3:WONL33BbJ0A+642A6dS3
Score

1^/10
behavioral11 behavioral12
- Target
  
  Core Keeper v0.6.3.3/CoreKeeper_Data/Managed/FewesLight.dll
- Size
  
  6KB
- MD5
  
  8086044f7c3f8f13a7d7790a80c07af9
- SHA1
  
  f908eeaed333a41e6cb5d14d48935be16d2d2f9e
- SHA256
  
  fd4894b49783243efdcfab6007d5db07eeeffd9e6af58820eb07cfcb26076454
- SHA512
  
  43cb99e058642be178eff6f0ebb467f6473fd95b0aec782123f42245c1db4a5c9e27d386c93b49fc2d87e48139cc9b9ea5c302dbcadc259a9359f26b120f3f36
- SSDEEP
  
  96:XoWIDvMVxVRzPPXD3rif5Xxvxw1MXoK36:XwvKvpjbifO1qpq
Score

1^/10
behavioral13 behavioral14
- Target
  
  Core Keeper v0.6.3.3/CoreKeeper_Data/Managed/I2.dll
- Size
  
  141KB
- MD5
  
  564c17c826a483edc651b2380d2c2232
- SHA1
  
  e01474eb3f092fe7a3031e35ff5772627f569580
- SHA256
  
  7790f27d978ab85ce416abc139c7bce4fcb7ee0aae1616d7fd0c1a918a19f2f7
- SHA512
  
  fcdf5df0d1897e3d0e8c0208054ecead429f8d79b1ac564e0329f8b58c1462572a379d2191e94f41128cf1f3acee2c989281a431d6a8919097705b96edb8608b
- SSDEEP
  
  3072:cBW2KEmw5i1RMYfKfBUz3CK6HUJ+DuBQHU5+DY1yVi/MRG7QWuDuqwLZ0Ath1lzi:jlLCcM
Score

1^/10
behavioral15 behavioral16
- Target
  
  Core Keeper v0.6.3.3/CoreKeeper_Data/Managed/Microsoft.CodeAnalysis.CSharp.dll
- Size
  
  6.5MB
- MD5
  
  14f797ffbf968a61deb5fcfdd5323bd1
- SHA1
  
  3cb807e8c1ad35da90fcad5c06e6adc9acaa0dc3
- SHA256
  
  d8e70399ff5725728ba13373d4fc5f6b7b219fc78d520b68ddf01abb1389dc70
- SHA512
  
  a6818d226ad7978bfc0ec628c6edabb002df3d094478514ac22e87005096e4c71df7807a6676e28cded1c2b9907719b7ff077944a2c458da7bb52b90bd4576e0
- SSDEEP
  
  98304:zknExwx1t6kL+xaYN0ngWHKaushCTMAxV:wnExwosfnush6MAH
Score

1^/10
behavioral17 behavioral18
- Target
  
  Core Keeper v0.6.3.3/CoreKeeper_Data/Managed/Microsoft.CodeAnalysis.dll
- Size
  
  4.3MB
- MD5
  
  45425009ef78c7b1bdb84d3e9e9775c3
- SHA1
  
  d21c4eb93a2ba60f75fdd6262efa7eb60564376c
- SHA256
  
  233e5d17d266068a72d4f044d52d2ab06fdfd07c1816bb0cb5be5edf73179e35
- SHA512
  
  3b048eaff09030a6a60612fd326dc9c181d5ea745ced91d1c977e7c0719276c360abe2325d403f44b78c5c2b1877092e0a6b61c161df52852b65b6c823d6aa40
- SSDEEP
  
  98304:MIZqz5WLUW+PzDFWyjLU9ooobKy+LPwOyLpE:hy5WLKPzDRUeKhPw/L
Score

1^/10
behavioral19 behavioral20
- Target
  
  Core Keeper v0.6.3.3/CoreKeeper_Data/Managed/Mono.Cecil.Mdb.dll
- Size
  
  38KB
- MD5
  
  0c4ec4eb146bfe047755669c8060a967
- SHA1
  
  f663cc3bc174a98a49893e0cf334b479b05e453d
- SHA256
  
  61637f9940e5e336571cbf945be0f36d6d6050e06288df0f0232d93b26f0bde7
- SHA512
  
  478dba76de5b20906a31f2ff72a559779a262abe0265d475aa60d555d4f94f79887f237f393f256134be758d565aa46b30a39e81b23e1f3048fc80ab779405af
- SSDEEP
  
  768:WrF3HuZyOt78PeWSTlNeyJOgfGNOV/DVxPVxaCCrHpTFuYL4oWp:WrFecOt78PeWCLOgfGkVzmpTDL4oWp
Score

1^/10
behavioral21 behavioral22
- Target
  
  Core Keeper v0.6.3.3/CoreKeeper_Data/Managed/Mono.Cecil.Pdb.dll
- Size
  
  87KB
- MD5
  
  743102d277a8754dc74f7644e03a8956
- SHA1
  
  31971747d45f995bc8d05c26c728df293a074db6
- SHA256
  
  a5249a04ad8fd7dfd47e4d0a620aed0f7eb6051e1ddec102c541ca3e12f6e2a8
- SHA512
  
  00bb76043a3a147b570e0421f768a2f2238954922c45c611d10d8fd4a1f8ba56da8a7b7377facfe54ff6dbee2d81be87c0d6e3de9e884625697ae478a82677e9
- SSDEEP
  
  1536:QOTXdiVgzDKG2fNRck9FRcXRHr5vMALYKXNgJGsZ9ajr1vjCXev:TT0W2fjvm9uArWJGca31veXev
Score

1^/10
behavioral23 behavioral24
- Target
  
  Core Keeper v0.6.3.3/CoreKeeper_Data/Managed/Mono.Cecil.Rocks.dll
- Size
  
  24KB
- MD5
  
  fe8c2b2eef6e5e7284dc9b522a7be468
- SHA1
  
  8779911266ea9bfea924aad33a7e1c7855f41857
- SHA256
  
  273292babd45f9f34de5054bd9cdfe1d859a7dbf6f4ad5974fe4ead70698ed5b
- SHA512
  
  b78f759568fa5ce77f87db6f02688493877ced8c9b289934c6adc95db5581d3ebc858092c650a47d5d7eb44c2dd2ed01a8491930acd8173d45f777285d0990ab
- SSDEEP
  
  384:aWLOZBsQXmnFlPQnqc9H559krjuVXcVXD9PmROMLUBLMWG1UX8JvbrjEZ1O/pl+1:5aQHP+qcbkrjuROoUBBLXA/AS
Score

1^/10
behavioral25 behavioral26
- Target
  
  Core Keeper v0.6.3.3/CoreKeeper_Data/Managed/Mono.Cecil.dll
- Size
  
  348KB
- MD5
  
  7c40214d60b54749a1a7f79ea6f62bac
- SHA1
  
  a240d705b52fb1a78cceedab268db42cbeb47512
- SHA256
  
  769a59793d4b8885bbbfbc5aee8f57a0d4e34d275c56c60c03994309b87f67e9
- SHA512
  
  66a489988d15f1c651061656703b6fb03c4c6ebe82bcb0d48246c760e3764e4a7f2ad8d1653c90401fba6aa9974586d36256ad3a47e1112c1f38488a8818ab92
- SSDEEP
  
  6144:NimznQ2nMpRAX2diEIn5o4gcuomZSFrIb:XnB2EELcu0Fr
Score

1^/10
behavioral27 behavioral28
- Target
  
  Core Keeper v0.6.3.3/CoreKeeper_Data/Managed/Mono.Security.dll
- Size
  
  235KB
- MD5
  
  36be835f961d2f381ddabfca5e17d0ce
- SHA1
  
  15b2e80627679301ef60478425058ca21e55bf97
- SHA256
  
  240cbf363657862abda43a1fe55deb05d186e11e40e4dba77ce9019f8d7828de
- SHA512
  
  053715fe4c1bb6b8270ac548c98f24c2c759ad8392e841899557f1d37c47b325056cbd38c9def5b3b522082b0464221f33137d5b97fdce95a9fcfdd2aaa15164
- SSDEEP
  
  6144:BUjTQ70cnf8MoVRxS9iJdBF119RJXG2yu+Q:wEiH119RJXR3
Score

1^/10
behavioral29 behavioral30
- Target
  
  Core Keeper v0.6.3.3/CoreKeeper_Data/Managed/MonoMod.RuntimeDetour.dll
- Size
  
  109KB
- MD5
  
  9345e0a441f43e0c5c44b691706ed32b
- SHA1
  
  7fb9f8c943f199d6427d9460b1dc6256b090a4f1
- SHA256
  
  bcd1ae088dc9c66e20704e0cdae08e6b57607f8265dc2ebb4f393882f1458e3c
- SHA512
  
  4b0d6436ebb218359cec1421944fdf8375261e53c0671a91ae0f476afb21d314f7851f652ace6a44e7d10d164934f74f9e55422c644b1de035d02a0d23358225
- SSDEEP
  
  1536:02O/B32PhOlsIIRD00Cx+pYP57wzn74JaJzDMxS4E8y6Avzv0XNHvCKXOtA:wh2PpD0Rx+e7wz74Jq0tE8zAvzvb2
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32