Overview

overview

7

Static

static

7

FunGame.apk

android-9-x86

1

Android

windows7-x64

1

Android

windows10-2004-x64

1

Android.manifest

windows7-x64

3

Android.manifest

windows10-2004-x64

3

GameSkins.xml

windows7-x64

1

GameSkins.xml

windows10-2004-x64

1

LobbyData.xml

windows7-x64

1

LobbyData.xml

windows10-2004-x64

1

PokerNewFeatures.xml

windows7-x64

1

PokerNewFeatures.xml

windows10-2004-x64

1

RuntimeIni...s.json

windows7-x64

3

RuntimeIni...s.json

windows10-2004-x64

3

ScriptingA...s.json

windows7-x64

3

ScriptingA...s.json

windows10-2004-x64

3

Settings.xml

windows7-x64

1

Settings.xml

windows10-2004-x64

1

TeenPattiG...ns.xml

windows7-x64

1

TeenPattiG...ns.xml

windows10-2004-x64

1

TeenPattiN...es.xml

windows7-x64

1

TeenPattiN...es.xml

windows10-2004-x64

1

TeenPattiUserData.xml

windows7-x64

1

TeenPattiUserData.xml

windows10-2004-x64

1

UserData.xml

windows7-x64

1

UserData.xml

windows10-2004-x64

1

appbackgroundstheme2d

windows7-x64

1

appbackgroundstheme2d

windows10-2004-x64

1

appbackgro...nifest

windows7-x64

3

appbackgro...nifest

windows10-2004-x64

3

boot.config

windows7-x64

3

boot.config

windows10-2004-x64

3

data.unity3d

windows7-x64

3

Analysis

  • max time kernel
    155s
  • max time network
    149s
  • platform
    windows7_x64
  • resource
    win7-20231020-en
  • resource tags

    arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
  • submitted
    16/11/2023, 09:02

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    data.unity3d

  • Size

    79.3MB

  • MD5

    4b1a0297095b510598eee52a46aad239

  • SHA1

    afc9b07a06f7ae61b03a0af9166055106644219e

  • SHA256

    54bcfb17f1e1d1c57f00deda8a4a54b0ba9b461a939b35227cf8c97bd13f06d5

  • SHA512

    a1088ba92b6986ba2612042e6cdeb689aa9c83bc92f120d1a90baa329283f75fb42e4db1b1f54e90bb2ae8fc25e85416126f54b921a3c54bea4fa350d75a0099

  • SSDEEP

    1572864:ixkfst5mxqxiGEcP+M/EN3boVlQmwvdidKvOhmlktA40:ckfqgGEcP+Me3EVl8mKvemlkq40

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 9 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\data.unity3d
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2120
    • C:\Windows\system32\rundll32.exe
      "C:\Windows\system32\rundll32.exe" C:\Windows\system32\shell32.dll,OpenAs_RunDLL C:\Users\Admin\AppData\Local\Temp\data.unity3d
      2⤵
      • Modifies registry class
      • Suspicious use of WriteProcessMemory
      PID:2796
      • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
        "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\data.unity3d"
        3⤵
        • Suspicious behavior: GetForegroundWindowSpam
        • Suspicious use of SetWindowsHookEx
        PID:2104

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    4ab1f75c1f6d97d758a40396586663c0

    SHA1

    27d31afb7a907922cced57b5bc38eaf89d87ef46

    SHA256

    03435bd898842dbe486c730ae4977c3fb02d60eea37996ab56b070348a6bacec

    SHA512

    30c167f9fe185c483bdbd386075ec7d661d30e40576ff87c3efc654ce41dca337dcb1edb2535cb2d9c842a1c00ced6cd111fe597cfea3b18f85b14e10aeb75d1

    Download Submit