2339440a3eed274a54b3e213f46247887ea05fa4de28113bec40736f914fd5df

Sharing

Copy URL

Twitter E-mail

General

Target

Shadows.of.Doubt.v35.07.rar
Size

616.4MB
Sample

231122-xez3tseb42
MD5

3e43bc76a75604bbd6d9edffb53e4a2a
SHA1

77937e96a79a183b13ba1e997a082f518d38f67b
SHA256

2339440a3eed274a54b3e213f46247887ea05fa4de28113bec40736f914fd5df
SHA512

91d5003e642ef705e24cba4a9314d9d497b4505cd67738d6654bcf61391de6d54c2acccbf3b99fa8eb50adb768e12d862b9c17f45c5f5e4c5f30578daf474b06
SSDEEP

12582912:qxkU7K53d8NYJvVVOi2gToYCSMUhsfVz85ZFFfC:iU3Lp2OoYCSMkEVzyFFfC

Score

6^/10

evasion trojan

Malware Config

Targets

- Target
  
  Shadows.of.Doubt.v35.07/IGG-GAMES.COM.url
- Size
  
  196B
- MD5
  
  882e17d630d74b64a8176e38e2fadf7f
- SHA1
  
  d6652d568db451c03b73eede688e0124e2d54ebf
- SHA256
  
  6d905d76e7d807c5831231d791f2510160dd56018ae423a037e7ac88fd19412f
- SHA512
  
  2baac743dabdbf133583c4d500699673e0bb2b2ade89f0a660eb17bfb440f1d74814ade3b82eb07d776f6a7c1b1975f25c6c1c500edc589897bc304a9c9fb3b0
Score

6^/10

evasion trojan
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2
- Target
  
  Shadows.of.Doubt.v35.07/PCGAMESTORRENTS.COM.url
- Size
  
  202B
- MD5
  
  420715a04de8367bb8d37d57ce1d6d41
- SHA1
  
  710369a636391e43be7149416d8e9b390863babb
- SHA256
  
  c4d6ac03d1b51af3f4127bdd12f2317da8ebf4a7f20402f2139c61d5cf10ab23
- SHA512
  
  8737cec4730f412c18e508076d9fb7af2ab10b4b1637c70c2f76c1c6ca7bca27021cbe56dc3305a4ea7704f7ac2c6e005d02c605a4e7f9b0a709bb94cfc7f457
Score

6^/10

evasion trojan
- Checks whether UAC is enabled
  evasion trojan
behavioral3 behavioral4
- Target
  
  Shadows.of.Doubt.v35.07/Shadows.of.Doubt.v35.07/GameAssembly.dll
- Size
  
  57.0MB
- MD5
  
  429cc9e20ba785a2da65854ca5de874b
- SHA1
  
  2b0da4d25ae87ba95562a129a321ae80c3de6ead
- SHA256
  
  4731cf26af1477447bf83dbf2ea76982aac55eb96ccbe90e6689fc27cf27fa2b
- SHA512
  
  1b5b308d8cfa1511f636778569c250a79b06c4a271052d65a4214070a2943c98d348f1223c01e06e6495038a792d1d3f8fdaec6c200c4da8efd0f7ce041541f5
- SSDEEP
  
  393216:1t3lW2sb+toVfxeU45e1eCICniifvbmAf6P7OcQj+DhSMCRFwZpeirIA0HrLMOUK:YdytifxeUMelTI6dZQp9eKBDSv
Score

1^/10
behavioral5 behavioral6
- Target
  
  Shadows.of.Doubt.v35.07/Shadows.of.Doubt.v35.07/NVUnityPlugin.dll
- Size
  
  1.3MB
- MD5
  
  567732841c93c14ec5d8a68f2b3a3f91
- SHA1
  
  02af1d02bbfe9c28c442b52794f5f6c39c4cc15a
- SHA256
  
  6a7085f309373dfd0b3d2099a4eda51ce8fe0c9df00f6381a5724b638a8dcf46
- SHA512
  
  daba6f76a719d18b03caf0914d5ad21a6988fd95ff31459f362eb2196505cc0dff000d67b1905263c19017658ecadc87a5f0e7eb57485ac7e72e6c83003dcb15
- SSDEEP
  
  12288:TukbHJcWUDvQP58N0K64sCM8Hm5hbqDyb38dO/B2sVCKVj2itoJu6jdF1nCObBpI:PHPJVOxF15bBpo8HqG1H6
Score

1^/10
behavioral7 behavioral8
- Target
  
  Shadows.of.Doubt.v35.07/Shadows.of.Doubt.v35.07/Shadows of Doubt.exe
- Size
  
  841KB
- MD5
  
  4001e9a5bcdfdea6a83a383170c25895
- SHA1
  
  ff49ffeb446d2079037d7209abf6e7384a539d07
- SHA256
  
  956025a06f02cc8f22869f88abbf32732734edf4a449b7e7f92adf25deefcb09
- SHA512
  
  87afc8b0dacccba978ba45fecb5a1e0b4ffd70ea9f0a805aa13a2e511ab9872eb095fa197510b4d355a1b3171128882d4eddbf3540e376f534833ac46c5df477
- SSDEEP
  
  12288:6oCCvT3WaRk8r/q99LmF/Z/N/cPfBWibVvv8jbuykA:Zn/kKSPAB/N/cPTbRvy
Score

1^/10
behavioral10 behavioral9
- Target
  
  Shadows.of.Doubt.v35.07/Shadows.of.Doubt.v35.07/Shadows of Doubt_Data/Plugins/x86_64/Rewired_DirectInput.dll
- Size
  
  12KB
- MD5
  
  0afaa40682693c887a168878a20848f7
- SHA1
  
  8145451c75c6264aaa58a6d89f01d734a96ea879
- SHA256
  
  9989b282d43621259160954f3c2191afc3e3a13adb0091c3f60be228831858ad
- SHA512
  
  6896f54b289249683e2c6471dfabb6c3437e2ac17a9bc848cebc0d1696701755007a7f306cb34eceff49ac51493e4387464ecc05acd21836dd65fb37899dfd51
- SSDEEP
  
  192:TH0LEDv1KAaMBah/F0BJWId1w0jBheChQlgJnd8:TUgDoAaZkJWIHN1BhQlgP
Score

1^/10
behavioral11 behavioral12
- Target
  
  Shadows.of.Doubt.v35.07/Shadows.of.Doubt.v35.07/Shadows of Doubt_Data/Plugins/x86_64/fmodstudio.dll
- Size
  
  3.0MB
- MD5
  
  76a9acc892e09cda8d46e0c9ed3e89ae
- SHA1
  
  f27b772433be3754da8c3824c792ed6de43b6b61
- SHA256
  
  ae773c7e082c642d3a529ad63f6776832360c0267fb3d5d04390282f38cbb39c
- SHA512
  
  ee75e4c0f843aea4dbba5643bfcc8f4aaa5eaacd2f25d7f96c30e04e9abf084d1e40912b15b3fb18a5f845ec6012fc4973066bbbf89756fd871e54650e528751
- SSDEEP
  
  49152:K+XzE9zZrWRjHbs3CS6XxdHePnMUlI85vgOnWiul8t/bEI944:TRvBxP+Ey44
Score

1^/10
behavioral13 behavioral14
- Target
  
  Shadows.of.Doubt.v35.07/Shadows.of.Doubt.v35.07/Shadows of Doubt_Data/Plugins/x86_64/gvraudio.dll
- Size
  
  969KB
- MD5
  
  9bc6345bae1c9e8b4719d1c8a5804833
- SHA1
  
  a8bb14e8ef593e2611dd46986414b4916340cd81
- SHA256
  
  96689f1e56f92584dd88f026d5dfd6fc6ce2d41b64f2bb31220d36912513cc9a
- SHA512
  
  98d70ba8c2dddb48008587fec97941da6941254033a8b3b281fcac4e4b0d2cb645a841c80f70b9bc5f8e93e59d729bb09eea3b2af79ae2f4c3551cf90f2601d7
- SSDEEP
  
  24576:AeaajiOAYUFXQOl3/Q0FXPzu9DVhXTg+2lr:cFNQ0FXPKDVhXE+Sr
Score

1^/10
behavioral15 behavioral16
- Target
  
  Shadows.of.Doubt.v35.07/Shadows.of.Doubt.v35.07/Shadows of Doubt_Data/Plugins/x86_64/lib_burst_generated.dll
- Size
  
  160KB
- MD5
  
  ce198558ba1d3918f051e46c39b9191f
- SHA1
  
  b3179cec5c8ea07af526b0129110bd62f741e186
- SHA256
  
  8c960e4bb7d36394ebd6befe82c620e86ff04e1e61e2248474a86ad4c882f1a9
- SHA512
  
  2e54c1b962b07819e83a1a23f8ae53cc9b33956fa745b5ec22151622237ebf5db3c9ece346ac7630d9c9a165b295bab2cb44f8c1715a2a7ce89cbce74f0fdd7f
- SSDEEP
  
  3072:lw3KgP8uP4PDyXoYX1x6rYdlX4VUofuGSKNI83CKVtYu88ZdY1L:9hGX7Xj68DFkuu3rYu88ZdYV
Score

1^/10
behavioral17 behavioral18
- Target
  
  Shadows.of.Doubt.v35.07/Shadows.of.Doubt.v35.07/Shadows of Doubt_Data/Plugins/x86_64/libbrotli.dll
- Size
  
  810KB
- MD5
  
  1d6ff6874f1526af9b54b9168397d1b3
- SHA1
  
  dcafd3de03230169a5d78be3d548e30cf0ffff11
- SHA256
  
  bd9b7ef882d9a9a2695f51e03a9fe6bc14b29bfe9ee65fc25ab6a24fa863fe66
- SHA512
  
  f98ba26798b1f4de3bc165544df7e7a244489cb2befa8262b7f44c000ce19accef0ca0520686293a9b7fa4b506778062f57ec429185cfa6e9f059bc16d662b2b
- SSDEEP
  
  12288:24ibnK9a9ys2xwQBuV96S+CrRx/MCAHhlyrAUXT35wMGZfH:24V2nmpk96SzrX/pA+OMGZfH
Score

1^/10
behavioral19 behavioral20
- Target
  
  Shadows.of.Doubt.v35.07/Shadows.of.Doubt.v35.07/Shadows of Doubt_Data/Plugins/x86_64/libfastlz.dll
- Size
  
  114KB
- MD5
  
  a849513963d1c15f63d806237143a262
- SHA1
  
  a8a3e1921503c776a7d205672906b4da0e905bdc
- SHA256
  
  313b703daaccb3c9435a81c44db5b5b0c76df323aa1e293cff95e758fa4fb93a
- SHA512
  
  27d68f6837e763f7e66c5a7af3e9232d9948663f6c191e3960097ba0bec3a5d7da982a3fbf6388af8d79ff157d7129ac9bdcd926429df66623cfa2587b5570f2
- SSDEEP
  
  3072:VCwDhTbW10BoSIkop6ePSJqzhrq1wsvKQvYQM:Vf/WOBoXkWPSqVgEQvzM
Score

1^/10
behavioral21 behavioral22
- Target
  
  Shadows.of.Doubt.v35.07/Shadows.of.Doubt.v35.07/Shadows of Doubt_Data/Plugins/x86_64/liblz4.dll
- Size
  
  155KB
- MD5
  
  7645b59356e9242ce5032ce14703419f
- SHA1
  
  918338ea0ec0b55c1bfc30401cec00b69500a883
- SHA256
  
  c828a0816748335ed92bc9ad0265060e3b87aaf147a9b5e1eed38610b216ed0c
- SHA512
  
  774c9ee7ec1d2710e90d82b94584cca3e48bee2125c79c8990e04ce2fedd0a09eb3d2f4dc38c68b23574648d19cf99e84a3e7bb156235c9ffb1e779131bf03af
- SSDEEP
  
  3072:2LLuPJ+VJn0/yNRs1cGzzM5yQKabMdW+M7Z+NuwW71Mus:2LF6YsiGcgGbMXM76v
Score

1^/10
behavioral23 behavioral24
- Target
  
  Shadows.of.Doubt.v35.07/Shadows.of.Doubt.v35.07/Shadows of Doubt_Data/Plugins/x86_64/liblzma.dll
- Size
  
  191KB
- MD5
  
  67fccc8cbd59379b519c4de8fe14c713
- SHA1
  
  d0382fabd615d40208f49a35d64b1c26e4aa5d96
- SHA256
  
  12239d54e4f917fc126b0fd565779ab7dd0508fb3042125b9f319ea9bf30c949
- SHA512
  
  edb37893cdd1484dbb22bdbbbfa6d412a32bc809e9ecef0be7e770fd801a8ac7bb8de12dda515d9a0c69ad0a8ae75af16e305fd21e90456d3d9b9d4ee567f664
- SSDEEP
  
  3072:epZZ3AlfDVwLcJPEbkmLylM+Np9VUkGdguyXf1NaaNEuDH0oxshvz/sdW:U3A9DWLwmCNH+kGdgfzaaN1AoOvzWW
Score

1^/10
behavioral25 behavioral26
- Target
  
  Shadows.of.Doubt.v35.07/Shadows.of.Doubt.v35.07/Shadows of Doubt_Data/Plugins/x86_64/libzipw.dll
- Size
  
  405KB
- MD5
  
  634a865110beb77af022b0c118652c5e
- SHA1
  
  a571c366c5c45b5be87f3401adba76ed78bd4fcc
- SHA256
  
  456dedfdc3f9554807140365bc8831f434e47feb1cea5747ee0109e21c0f3685
- SHA512
  
  a0e898d953dfd67a6e7f19ee116c74b81f04722d4f92e75f0227d6bed12600851a75ba28edd6c0307a58e51cf2a50a79617e3cc9ce35b71fefd76af8b7df0f0f
- SSDEEP
  
  12288:RNbqwgxPoggaEU68rr8RgfTnqzT0Y+uHFArwJc:RZqwQESrqgjsT+uHFLJc
Score

1^/10
behavioral27 behavioral28
- Target
  
  Shadows.of.Doubt.v35.07/Shadows.of.Doubt.v35.07/Shadows of Doubt_Data/Plugins/x86_64/resonanceaudio.dll
- Size
  
  797KB
- MD5
  
  ec140d6d301e44742a271a7eee92e213
- SHA1
  
  ed206f4365131f64ff140a393513806dfa5081bc
- SHA256
  
  e1667e5336ae067ab1d9aa04e7bcca9789ff5573ed4c7f6fa9305404d0485f99
- SHA512
  
  9ea039990be0c9579933ac0f6c43b83d2457652fb61d761850cb3644cf1842a419f85d0879238a11e93e82fc9c9483a306227e08f7acaff92ac50ead2649a526
- SSDEEP
  
  12288:oqzaaeCi6jAY5B7CehZhfEpEQulB/NCCS2X+pon8NGiV7m7o/t:oqzaajiOAY5jhgyL/NCCS2X6ySZ/
Score

1^/10
behavioral29 behavioral30
- Target
  
  Shadows.of.Doubt.v35.07/Shadows.of.Doubt.v35.07/Shadows of Doubt_Data/Plugins/x86_64/steam_api64.dll
- Size
  
  1.9MB
- MD5
  
  c7ce820020b0900eb44d2a72f2ab9294
- SHA1
  
  f057a14bf15864c83bc99809ee248034d55993f6
- SHA256
  
  0cfe547ea82071953cf99daffa3bd11bb468eec0e400961e7e33e4dc36674ea8
- SHA512
  
  61a99f16e162f7590e10d18577aadfdf8aad203d7539627318ffa0c6c06a0370ca56709dd6f07ea3406978cdea7afd7253a80aeba3c199a23ccb41af439c5933
- SSDEEP
  
  24576:XeaHJvXu6zYPY6+UYHAjnQGuJbySAN6onVZEpYKXtR6IyefCg+alA:XFpmwYVTXm+SANj6YKXtRxfCJa
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Checks whether UAC is enabled

Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32