Overview

overview

10

Static

static

3

CS2 Bebra ...HM.exe

windows10-2004-x64

8

CS2 Bebra ...a_.dll

windows10-2004-x64

10

CS2 Bebra ...ov.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    CS2_Bebra_Changer.zip

  • Size

    840KB

  • Sample

    240125-v15t4aceep

  • MD5

    3595bbf7ef40ed96c51b900dd42ec934

  • SHA1

    7efb3ba316fc1d55701ad0e0b7a08eb3fa1f5b1d

  • SHA256

    73afdd7910d8e2a80cea30f63828a9ae3cb73f024af344608730baf5c43cecfa

  • SHA512

    a10425bb18f051cf88173d0052d92b26e6f72e42f18ea087302a32a9facf87023dec1deb94bcf29243cc84b43cdd4fd8d3ad4589ed17329b449a87161c58d6aa

  • SSDEEP

    12288:KQkkD66mZGvYFULJSj9P5YmKhpLA9DWtVCwXd84PYs17Kkehsi0MSXm/omPmb50V:PUkd7LiDWtvjJ1hPiCdmPmFX/6bi8

Score
10/10
kinsingloaderpersistence

Malware Config

Targets

    • Target

      CS2 Bebra Changer/PyuBCoF1HM.exe

    • Size

      42KB

    • MD5

      064f764fd8be73761b0f92e23752f0a9

    • SHA1

      ca2065549043b525987690d04b02ff414565a3c7

    • SHA256

      efb25224067d604503f33039b5867896793e7e3e88ca2d792593283837119687

    • SHA512

      080947f458bf01b00b4226a211b849dc1e1b839346bebc50ab84258fa18470172852e6557899f005611f64d25e3d6197ee0251b0a2184264c68d10ed6185d666

    • SSDEEP

      768:os3Tb75VkpYrhWoK8wJPJRlNhSP00oZTzvIffkRswMyJXXN2+tZGHZch37g/4:os/gPJ7NhSP00oZYffkRvMSPZdgg

    Score
    8/10
    persistence

    • Modifies Installed Components in the registry

      persistence

    • Drops desktop.ini file(s)

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1

    • Target

      CS2 Bebra Changer/bebra_.dll

    • Size

      925KB

    • MD5

      f60512cc22d66c5bd4fc24aa6ba878e5

    • SHA1

      488f5c212a09e85dc8d58f2efed6835ac828990d

    • SHA256

      51440644c037cc88192872f843216f542e7d1aeca5be77db728928b334f7708f

    • SHA512

      9bd2ea264770eff70108d7f8e578533f1a625ada8daa38e3d30cef69088f50a8b12dd0ed708fd5c2ad5826ed9522571e84cad10b2178b6df4c2172d74e074636

    • SSDEEP

      24576:W8mF5Yfw7o/4KYrj5R0ycFBIOEU05XZznq74:zmF5E/8rjHcF2Ospnq

    Score
    10/10
    kinsingloader
    behavioral2

    • Target

      CS2 Bebra Changer/frprov.dll

    • Size

      611KB

    • MD5

      d20153fd0a2e1c8a75665b284d286af6

    • SHA1

      0a8634dab54a994e09ec9e2f94fdde95215f893b

    • SHA256

      ec99d23143a01ed121960f40ba76730a077be27bd38980b0fcbccf59bdf701d1

    • SHA512

      9222e307f4b4e82d228948bc5365cc7ffa9136f24434e9567daaebbae2f2cfec841ccdd07e11de23c5f3956d27bda1eb5ba3d7e8fa37f0ff8cfe1f8d19653403

    • SSDEEP

      12288:IzzIc9ZyKJM7hGIM3gVEB0CR6xn9Ns4SJhSRdumgXbv:IzU/J7U73MEB7oxn9Ns4SESr

    Score
    10/10
    kinsingloader
    behavioral3

MITRE ATT&CK Enterprise v15

Tasks