2427c122897ee5dd465db796a62d9e00d2dac8d0812007334e14ec76ad7baf15

General

Target

XboxGamepad_2.1.rar
Size

718KB
Sample

231223-wb7g3adgf8
MD5

a7c37331cdc523c8ae43c7a1535fc8e8
SHA1

c2f628f8eddc7f72e4124898d5aaeb307c13ee49
SHA256

2427c122897ee5dd465db796a62d9e00d2dac8d0812007334e14ec76ad7baf15
SHA512

e8d6089a9c85c200e9a71ada2c8c9ef978f5e8eec9b9844315e71296fd372963330c61e354ac2fa750643c37458bc2f3dcecc8a008026cb20fb5ffe2ae5ae687
SSDEEP

12288:RTGEQA+mqq+Vm2Fs8JiB/HDazGJUqBVlWRhq8qHKXsYy68cmQ1ctJWjTgzM:kEQA+mqq+VTFs8oB/DPJUqXlWfvrcYp/

Score

8^/10

discovery

Malware Config

Targets

- Target
  
  2.1/XINPUT/LibUsbDotNet.dll
- Size
  
  146KB
- MD5
  
  e2f6b564cb161a24fbd82e93352d1c9b
- SHA1
  
  5872531549a5842c0255276f1eac63e1a14d4fc9
- SHA256
  
  b589af12fe5e014a73051df1c84124282ff7f63230b26b07b879bc9f47726ea2
- SHA512
  
  8c422975695b02597b32c91c5500d84f3d9aee1d02ebec8d6e3421abc734422d7a5888ceb3be15499fccca02b5109a24cb7f60b897a25aec9054eea2b62af6df
- SSDEEP
  
  3072:ApgRzrksxK/1H/8SvJc6gfeqG+QQ2Bn4T8AeuxNeMpqGk5s//sJVf7I/uTjA:Apqzxx8H1c6iPG+QQbxVqGZ/pG
Score

1^/10
behavioral1
- Target
  
  2.1/XINPUT/XboxOneDriver.dll
- Size
  
  12KB
- MD5
  
  0ce911537be1b9cd74a9112941cafc3a
- SHA1
  
  4611938206ef90c8ef77aa8d577cbadb77d5dd62
- SHA256
  
  c24a29e711c160ffc35bacd7ba7178f36dfd098236e319478f3887abed299df9
- SHA512
  
  65343fad677696284f83319d92832d4f4cff9e206249c5a951c0644522bbd9b799ae3e42e3ac5545b4bd7e271c2dab8d724418d66b13cc8d7fa734f2118852fa
- SSDEEP
  
  192:ClpoJWtexWXtL9x7s7fHNGkDdGDbeOosrFXoG2cINpph:ZJWthXItGAOHF/2rN9
Score

3^/10
behavioral2
- Target
  
  2.1/XINPUT/XboxOneDriver.exp
- Size
  
  1KB
- MD5
  
  97a35e72cdd8676c0aa3c0e87fe37133
- SHA1
  
  eddbc1a831630b1cf086f75ffc6290935e76a6e5
- SHA256
  
  35446b2d83c81358fb4ef2539691fca0d1f9bc9fac5d1c71c221ff1fd6e32082
- SHA512
  
  7fd26cacdc402b70b69f81eac9635f0000da4bd8042f6f4a1e678fdf0dcffdc8e873b884217150aa1e04fb9c9746633eba266388d0a6eca5173e2bd4deed8029
Score

3^/10
behavioral3
- Target
  
  2.1/XINPUT/XboxOneDriver.lib
- Size
  
  3KB
- MD5
  
  490a76d393d19efd9b515519596bb15e
- SHA1
  
  e9674947f59ba95393dd611e782811121aad1eea
- SHA256
  
  f86402235619dc1bdc2fd87996d69f4b882ec1143ac24209418926dbd5714c5a
- SHA512
  
  08557c55927fb473aec36a67dcdabe55b6ff3e64cc00000dda4e160926cfed183338f1e34d8edc22013879679592ed90c4fa85b52f9154f2ea4a8b0d652a3d2e
Score

3^/10
behavioral4
- Target
  
  2.1/XINPUT/xinput1_3.dll
- Size
  
  475KB
- MD5
  
  e61eae879bc6c5ca4e72f82304e85d7c
- SHA1
  
  a361a39aebee69555d7cd7ce1dba88fb15e29234
- SHA256
  
  b1e2ec4fc3651945306a12c3a15f7c879b48110963c346009937fea216861169
- SHA512
  
  4618e16690d18a573a47f112ac187caf0975009a12d6ebc66865c030d27c3aea0bb18e3d8fea9bb5d84639393c0c00a84c863d4f04b16fbe820c90c6de2ce5de
- SSDEEP
  
  12288:pKaECGTQPkYTpXX7IoP6SqfFvbKFiEquD+ou3w:p7EtQXTpXEm6QFiEquDg3w
Score

1^/10
behavioral5
- Target
  
  2.1/XboxOneGamePad.exe
- Size
  
  609KB
- MD5
  
  3096291e785c07eec28d751321ddb495
- SHA1
  
  4b7d83e826c129b5f98b4667f0584dddf5fd54af
- SHA256
  
  3eba90986be52f7f17d4be2630eec0dc6f2fc1f4c38e0ffa6db6ab39ee3d9278
- SHA512
  
  3351e8a17ef8daba756c7efff6fb9a8173e7637c064e00950c9dd821d78e9d93cbb737d69f7c8d2547207478ee3795c7b9a6392a4d477f0ea94a7a8b7d749c38
- SSDEEP
  
  12288:WZLwrTd+z4fGpbOfBofQ1iX/math/rgYdB4mklf3Ys6Mcw9L8dBfenw5bP/5tJBT:WZLqMVfh+AlBShf3R6E94dcng/5tJB73
Score

8^/10

discovery
- Manipulates Digital Signatures
  Attackers can apply techniques such as changing the registry keys of authenticode & Cryptography to obtain their binary as valid.
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Drops file in System32 directory
behavioral6