Overview
overview
7Static
static
7ARES_Indicator.exe
windows7-x64
7ARES_Indicator.exe
windows10-2004-x64
7ARES_Launcher.exe
windows7-x64
7ARES_Launcher.exe
windows10-2004-x64
7ARES_Shadow.exe
windows7-x64
7ARES_Shadow.exe
windows10-2004-x64
7CefSharp.B...re.dll
windows7-x64
3CefSharp.B...re.dll
windows10-2004-x64
3CefSharp.B...ss.exe
windows7-x64
1CefSharp.B...ss.exe
windows10-2004-x64
1CefSharp.C...me.dll
windows7-x64
3CefSharp.C...me.dll
windows10-2004-x64
3CefSharp.Core.dll
windows7-x64
1CefSharp.Core.dll
windows10-2004-x64
1CefSharp.W...st.dll
windows7-x64
1CefSharp.W...st.dll
windows10-2004-x64
1CefSharp.Wpf.dll
windows7-x64
1CefSharp.Wpf.dll
windows10-2004-x64
1CefSharp.dll
windows7-x64
1CefSharp.dll
windows10-2004-x64
1KakaoGame.dll
windows7-x64
7KakaoGame.dll
windows10-2004-x64
7RINK_Agent.exe
windows7-x64
7RINK_Agent.exe
windows10-2004-x64
1chrome_elf.dll
windows7-x64
1chrome_elf.dll
windows10-2004-x64
1d3dcompiler_47.dll
windows7-x64
3d3dcompiler_47.dll
windows10-2004-x64
3kg_browser.exe
windows7-x64
1kg_browser.exe
windows10-2004-x64
1libEGL.dll
windows7-x64
1libEGL.dll
windows10-2004-x64
1General
-
Target
39cdff6c5715ddf50fd2be798f948bf6a90e743a20c1d5fc0648269376af444b
-
Size
119.7MB
-
Sample
240110-blz6hsccc6
-
MD5
084925f24b914b78566691b7b7c8e120
-
SHA1
635270ed14fec9c7e673b3812c9ed7099bb055bf
-
SHA256
39cdff6c5715ddf50fd2be798f948bf6a90e743a20c1d5fc0648269376af444b
-
SHA512
c9a1c37511da4bd69a63db4c1668a3336061af9117c3891976d340fe5fbea82ef19527456eb36c8fe0ef6fbb1ea7582785e848087fc5ae136e318234af22b657
-
SSDEEP
3145728:HCdOKsiaWD3f10AONxZ8Pcb8zlNsTNliZ8+M85+78qEau65s:HCdOhWDv1e80bKlNqeDdau6C
Behavioral task
behavioral1
Sample
ARES_Indicator.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
ARES_Indicator.exe
Resource
win10v2004-20231215-en
Behavioral task
behavioral3
Sample
ARES_Launcher.exe
Resource
win7-20231129-en
Behavioral task
behavioral4
Sample
ARES_Launcher.exe
Resource
win10v2004-20231215-en
Behavioral task
behavioral5
Sample
ARES_Shadow.exe
Resource
win7-20231129-en
Behavioral task
behavioral6
Sample
ARES_Shadow.exe
Resource
win10v2004-20231215-en
Behavioral task
behavioral7
Sample
CefSharp.BrowserSubprocess.Core.dll
Resource
win7-20231215-en
Behavioral task
behavioral8
Sample
CefSharp.BrowserSubprocess.Core.dll
Resource
win10v2004-20231215-en
Behavioral task
behavioral9
Sample
CefSharp.BrowserSubprocess.exe
Resource
win7-20231129-en
Behavioral task
behavioral10
Sample
CefSharp.BrowserSubprocess.exe
Resource
win10v2004-20231215-en
Behavioral task
behavioral11
Sample
CefSharp.Core.Runtime.dll
Resource
win7-20231215-en
Behavioral task
behavioral12
Sample
CefSharp.Core.Runtime.dll
Resource
win10v2004-20231215-en
Behavioral task
behavioral13
Sample
CefSharp.Core.dll
Resource
win7-20231215-en
Behavioral task
behavioral14
Sample
CefSharp.Core.dll
Resource
win10v2004-20231222-en
Behavioral task
behavioral15
Sample
CefSharp.Wpf.HwndHost.dll
Resource
win7-20231215-en
Behavioral task
behavioral16
Sample
CefSharp.Wpf.HwndHost.dll
Resource
win10v2004-20231222-en
Behavioral task
behavioral17
Sample
CefSharp.Wpf.dll
Resource
win7-20231215-en
Behavioral task
behavioral18
Sample
CefSharp.Wpf.dll
Resource
win10v2004-20231215-en
Behavioral task
behavioral19
Sample
CefSharp.dll
Resource
win7-20231215-en
Behavioral task
behavioral20
Sample
CefSharp.dll
Resource
win10v2004-20231215-en
Behavioral task
behavioral21
Sample
KakaoGame.dll
Resource
win7-20231129-en
Behavioral task
behavioral22
Sample
KakaoGame.dll
Resource
win10v2004-20231215-en
Behavioral task
behavioral23
Sample
RINK_Agent.exe
Resource
win7-20231215-en
Behavioral task
behavioral24
Sample
RINK_Agent.exe
Resource
win10v2004-20231222-en
Behavioral task
behavioral25
Sample
chrome_elf.dll
Resource
win7-20231129-en
Behavioral task
behavioral26
Sample
chrome_elf.dll
Resource
win10v2004-20231215-en
Behavioral task
behavioral27
Sample
d3dcompiler_47.dll
Resource
win7-20231215-en
Behavioral task
behavioral28
Sample
d3dcompiler_47.dll
Resource
win10v2004-20231215-en
Behavioral task
behavioral29
Sample
kg_browser.exe
Resource
win7-20231215-en
Behavioral task
behavioral30
Sample
kg_browser.exe
Resource
win10v2004-20231215-en
Behavioral task
behavioral31
Sample
libEGL.dll
Resource
win7-20231215-en
Behavioral task
behavioral32
Sample
libEGL.dll
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
ARES_Indicator.exe
-
Size
1.4MB
-
MD5
6b74c6a2ab338c0eed5e1bec03d2935e
-
SHA1
bbb8830b9325f6bde22efd463cb9d926f251e1f8
-
SHA256
e699ed13168255c67dbd49a3fe49e463572ab2d4169ad2a96323dfcba6178a9d
-
SHA512
0301af332a2d2e695a5cc6a3b6b6d73bcebfbfb3468fbbe6ea7ccc6d3fe82b1d4a009801190dae948dafa59b01bcc0668eb441e362a1073aec57a11652575b19
-
SSDEEP
24576:jOOTPoG1K+yLSyb6kEklvGg+TAaA6Y5MVZvbuhZUTdTk0FkH:aOTR4vC0vGg4AR6Yu1bLNm
Score7/10 -
-
-
Target
ARES_Launcher.exe
-
Size
5.1MB
-
MD5
0cac3edaabf437d967b1d695bfa9d135
-
SHA1
28a3b586c9e82711eacf391b524b063ded301257
-
SHA256
28846b3e1432fa895ce34212401e0b930e7fd84c3983651274475bb5f80d7d8b
-
SHA512
b21d8ebc82e18050fef906d14a2bc2a43feabc0a36e677262af41cec0c9e717897dc70a77a2ad8e3f6255cc22df715eb5dd4955de46d1c6b0d261083139b37e3
-
SSDEEP
98304:aBleUUGJCa7yh74DeXiEHI9gdZmvu23DWLWerF:aBlt0a707ASiENdQvu23DWTF
Score7/10-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
-
-
Target
ARES_Shadow.exe
-
Size
1.6MB
-
MD5
590cabb3a271db525d58b66cc98058cc
-
SHA1
53c58f0d77833de770a0f752d70329bdb43ca0bd
-
SHA256
9a0472078a34809717935745e1fb9f2304a1506d8225fc8df63771b7d7295485
-
SHA512
f941b66985b2f4087a98d75a4e3e856f31d45a2e98cf7658791b4cecf5d6ce50a204c35e6a9dfb568456e9e534d40646b2e9351513a7907fa236e5b4f93c289b
-
SSDEEP
24576:dsErKZr/G2EKoHJSbYttKbu0ZSKQxvDHtVVU6l1fPoGyO22J/jbuJYiDgGKyonq5:dGZzpoHJ9kQxbNVVPHywjiJYeCE
Score7/10 -
-
-
Target
CefSharp.BrowserSubprocess.Core.dll
-
Size
902KB
-
MD5
157f580c127db1e80a4eca85d2b49153
-
SHA1
34f44eb55c71c7282540d2161b121792c904ebac
-
SHA256
85579516863977128a7ca1fcbf3dcde4b583ce14ce7b4dcb2965f6ff07f1e74a
-
SHA512
892e0d9fc493e9869ac53cd9bfecb334e84e22991e627f503866fbb39214269079bfbfab6a12a3ac0287b8c17eec5f303385fbdb4254614604c96d797d2c5294
-
SSDEEP
24576:GDJ7i2GjleANO/Pz8ELXILZ5S0veVRCl2ZiVBhEDssQjPc8DnXoSiW+Yf3x5XrQi:q4LZ5S0veVRCl2ZiVBhEDssQjPc8DnX9
Score3/10 -
-
-
Target
CefSharp.BrowserSubprocess.exe
-
Size
7KB
-
MD5
c8d79d910d259c7b56a9b8f2efa46ac5
-
SHA1
7a8672840e2aa3c23ca06bc55dcc5420c026e43d
-
SHA256
0c623c6b66eaa32c4e564712607cfc343e09c87ae8139f5c6567cad8fedb2f99
-
SHA512
6fd97101385d0114a6b7949403cbf7e4a2a4fd2f7de2f37a65e1869a5bb2cf00dfc3a88e489d75bfeacf9803aa863f32c4e1f0e14f38da4c5d707fa3baef7c05
-
SSDEEP
96:ainwgwxJDVc/I7l2mQBDa046SpFZuetmASNt61OYcXei+U:a5puI8mQBt46SpFZesAYcXeU
Score1/10 -
-
-
Target
CefSharp.Core.Runtime.dll
-
Size
1.3MB
-
MD5
87426590611f9b09e5b6f3f280c08199
-
SHA1
87d7117608620e6505265fd554c3bd422ecc15ac
-
SHA256
de30bfaa3268edf6aa0f3bd3d558af1f8628cf3665c55d30c104866af25d0d44
-
SHA512
61e68c99c5d883dc16f8a4440dbf1f6ae798bd1a4a291156063b315dd79b830628609f0fd70a6e7505d2bd713d1d251fd904ae2b5e918c86cce4771f3737a615
-
SSDEEP
24576:YWh82808pb+yQwNfSF3rl8A2f948wvnK3xhJpaVSQ46TkM0Iqc4ChKZi5B9xh0u1:Z82808R+VBaQ46TkM0Iqc4ChKZi5B9x1
Score3/10 -
-
-
Target
CefSharp.Core.dll
-
Size
37KB
-
MD5
f7ecb20ba72c0aaba65e2325c4c3c553
-
SHA1
2a1897017caf40975f7016765351c0a62a79522e
-
SHA256
24fe0b4d02aef4be175903c7bee8fc5cde52d93ce9acc0744bff4dbb7d8584b6
-
SHA512
99f7ee5e1cc2b0fda8c56634e2f62277ed13acf1e79f351a58c4dbb44b75be4642bc2e7fbf1d4adf23ab83ca1a54083c2cc6216e10a9ea4e2387dafa5bb2c1ad
-
SSDEEP
768:kDFePWkSu3nwzdudXFhlF+CAhjOrGLMO6ClaZ1ussLmn9El9zLnNedW:kdVel+C71UlaZ1uTLm6TNoW
Score1/10 -
-
-
Target
CefSharp.Wpf.HwndHost.dll
-
Size
67KB
-
MD5
cbb5a399076e06f21026c9d1bac59103
-
SHA1
1935c7411f8be50ed4c9bf9f4f02d189093c45e6
-
SHA256
d2d7add127687198590f857ae1d3912817726b26280b8d8622763af44df9c6bb
-
SHA512
c3e80e99465c07ef304512ee0fd28cc56fbe1c346071558f93ed8e4dcbf2b0d92d2bce1dd6ae86795c193ea9eb7d73790f9694b90ca938d8b17557e1e20b923f
-
SSDEEP
1536:rdxvkgiVO0vtBwfUQ1yGZDXEfBWL/kjmS0:fktBK9XckS
Score1/10 -
-
-
Target
CefSharp.Wpf.dll
-
Size
109KB
-
MD5
6c269b087a40b41e1c04d05af4a1362e
-
SHA1
b213ff19224b80f1ad29afee7c0c4e21d0b7a048
-
SHA256
6dcf8d47800783c62cc0044c12d56e2bc465a62888f164bf34fd54e9d2ef2632
-
SHA512
dbf46f8dccba147dc770f066b32cb5edee74686577b2f0cc16681cd9fa3dd6b1895ad3a2c747e784d2942983ba2eed3f3d19859a877db9025b97683c584c061a
-
SSDEEP
3072:EUHbe43EzCkWOWQsEIRYnM506KxI4gGMwbOD5FgoH:EUH5EZvIdxJ4gGsn
Score1/10 -
-
-
Target
CefSharp.dll
-
Size
1.0MB
-
MD5
a251aa465bbea9498350333b0febe660
-
SHA1
727df1d13a1df123df4b77adcf94722c1804b692
-
SHA256
d1aac59fdac50033bb0069bc9667517fbadb7699b71d93100ec9c4a88ede8615
-
SHA512
206e74fb531446ead5f066b49714bf8d1a103acc1395a381ed9dd9e13e18b780a735ee124a04ff2f1ed88253036381c89c1d0e7c206134f3a76d11446433e891
-
SSDEEP
12288:O4fzlANHP18RfefBfIuwS+pldbjQBMDwJlp8yHNyNzV4+0J:3fcHPeRfefBlFMDilpHwx4+0J
Score1/10 -
-
-
Target
KakaoGame.dll
-
Size
12.2MB
-
MD5
44a45646c007a8cafb97f3712466895e
-
SHA1
aa8aa267fd2c9beba5f2fee0da0c2dd7867f43f4
-
SHA256
4ebbb1ca76e9f3461d4345efa15914a6030d3fa4b49183602f8e15f3b0b12463
-
SHA512
c152c4e41df1907c9f073c096525415b4e96f7784dbb7a8b05b529d8c39077bbb699d677212dea8dd0957546623e5fe58fd5c101ef93f0871a60313e65b25da8
-
SSDEEP
393216:XKQfvYAido03SQ5V4eibLislvj5raodrE6ZVxSj:i9doBkDElZaodrEkVxSj
Score7/10 -
-
-
Target
RINK_Agent.exe
-
Size
1.5MB
-
MD5
e4a25a48df3fb101e98abc92f802d0e9
-
SHA1
631c8f1ab8a9e15d8c6b927ca378362ea45e95ab
-
SHA256
3e1458d98e9e412eb2ec913a146044710fd9f5e773ae04fbb4a466d1d4d24616
-
SHA512
198b7bc052c452c10c2c36e1a9a3e7689def52df1c93d0cb8e516b6814d161558a29358d7c198165e4fa4cd5c6ea9f725cf16eb606bedebf84a090d85252c777
-
SSDEEP
24576:DJPo2WKXiRJeTJcAU5D+EdeHkGAb7fw+Jwz/S/64FTOI:pFWjRwJRUrEkGAbjw+W7SC4FTn
Score7/10 -
-
-
Target
chrome_elf.dll
-
Size
1.0MB
-
MD5
51c38dff488e9bddd8ec65715e75abfc
-
SHA1
b0b648ee414b3f3f4ed607aa86decd053585e7bd
-
SHA256
cc12b0a4a0d50357df1dbe75c1725aff7d1a66e216170432f71f431ac7afeff9
-
SHA512
a7f0799f5aa7dd25cc4c6f8902708e17e1fce0a605af0390fa3c35c8aeb6f1a157382a510af791614623e3a51bd5a1a3f0ea2a4a5c1cd5f46098814c8689b085
-
SSDEEP
24576:nafNDI/rysUY+xP6Dz0a4UU/AofvZaQHb0CM+8e1:afZqgC0agvZalJe1
Score1/10 -
-
-
Target
d3dcompiler_47.dll
-
Size
3.9MB
-
MD5
e1677ec0e21e27405e65e31419980348
-
SHA1
666de481c46e2c21b8f0decc7e9115fc61d28acd
-
SHA256
c2c7ca6505ad10826e6b92319ce7aa355392b0cbd092a0fb8d4381c2d31268bf
-
SHA512
31ea9e22a2de873ad71c56386b45f510cc89b63eff5526f75a9de7987c65e91bff9ae141cb47b49b986992a53d9a6e73fa3199a04f0bde665d4928112fd13070
-
SSDEEP
98304:q4Xyn7IfxiYMzgom1mEU/AJC/vujMD9rw:809om1hU/Aavu4D9rw
Score3/10 -
-
-
Target
kg_browser.exe
-
Size
414KB
-
MD5
960225d94c67d3e215783eb5bac5a9ea
-
SHA1
fc67673d3cedb3e5eb697a55f297afa63573a694
-
SHA256
8d32b9e4ac7e467506e001101b3e3fc88ce9af4b4da56d390720a8df8e055997
-
SHA512
5090fa2e417f60964442d894cafd0eaf530f076d46d879f93572dfb84855fbdd41a70668e9fdc6e5c53bb99d21c466db27d32a1fbd79725bb044b1b85998574c
-
SSDEEP
12288:ktsN+YmL5jcp6ITvxQKZFOGDU9HiyS9KpHC/1o:ktsNcL5jcpTvxQKZF6Rifyi9o
Score1/10 -
-
-
Target
libEGL.dll
-
Size
358KB
-
MD5
4de8b75062e3615e2ed9f6f355a7f1fb
-
SHA1
395da0c5d5c8aa2493d733c4326c22f4c2e5b79a
-
SHA256
c3c1b3acfe150d91210bb914d9c45d1eae3aea85a4701e4b956f7570fe6c7eac
-
SHA512
fff54ce4aa86b25489c53455b5157025a201476f415605a6c3c2324253c9b3e55a3f31434551509d9d271af53103fa1755bdfd04c211362e0631455a3dfef4e7
-
SSDEEP
6144:E9+a9/zhtHT4/7n6JRERpY5W5SaFqThIp4YkZHrDaIcIGxVJ:E9+krhg70oYmFqTzNrDaIEVJ
Score1/10 -