d648a91c8b76bae3879681cbf39fa789977292fa949fa2d78acbbdcb0e18aad7

General

Target

debux-paintball.rar
Size

34.6MB
Sample

240220-ygwnvsee97
MD5

8d985f498c855ba34b49634e80ef6af8
SHA1

928443622379fb688cd55f4909e291ff7ea56a2f
SHA256

d648a91c8b76bae3879681cbf39fa789977292fa949fa2d78acbbdcb0e18aad7
SHA512

88a9b74f535e05f0f08485d083d4df8cc7aee0f2d1f1c66b254a536210039221881bb05291f128162f95f0bc71475340680cebfa73278d32cd2f255f89e9acbd
SSDEEP

786432:i98OudCfCiYKDf8s1vwD5lKgrUN+zME4SBj1DGobFoVZr:i98O5fCoBvw3KgC+4E9uobFe

Score

7^/10

Malware Config

Targets

- Target
  
  debux-paintball.rar
- Size
  
  34.6MB
- MD5
  
  8d985f498c855ba34b49634e80ef6af8
- SHA1
  
  928443622379fb688cd55f4909e291ff7ea56a2f
- SHA256
  
  d648a91c8b76bae3879681cbf39fa789977292fa949fa2d78acbbdcb0e18aad7
- SHA512
  
  88a9b74f535e05f0f08485d083d4df8cc7aee0f2d1f1c66b254a536210039221881bb05291f128162f95f0bc71475340680cebfa73278d32cd2f255f89e9acbd
- SSDEEP
  
  786432:i98OudCfCiYKDf8s1vwD5lKgrUN+zME4SBj1DGobFoVZr:i98O5fCoBvw3KgC+4E9uobFe
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1
- Target
  
  debux-paintball/client.lua
- Size
  
  20KB
- MD5
  
  b98f80503309c9bfd757706abab19b88
- SHA1
  
  fc22eef26920a485b20fba79c2a66e56c0eaf4a4
- SHA256
  
  af95eabf5758d732199acc5f7a19c2c7c73b8b4cd7ca4c877ab8edf56e91c0bc
- SHA512
  
  6f834fd87ceafbbbdc6afa84914226a7a0b6e38b754e119984cb8570386d11f9827b604e1c171cc3b2cac2cba7ed12eee255e812f3ba2b73cc7f30af95055e7e
- SSDEEP
  
  192:wItc1VICKtlM/dAefzkXFSnEMei+CBI1CQD7JLYrBEQFqMMzMVId6FMeAgnaG+JS:wICJmLJ3XZCyhUOnTZ13w7
Score

1^/10
behavioral2
- Target
  
  debux-paintball/html/ui.html
- Size
  
  10KB
- MD5
  
  ed2f56e5d42b45246314554a8223d0e1
- SHA1
  
  594d5c69bf9cb34f11c7c78dc756ef613662b17e
- SHA256
  
  eb0b4db3523959bc7afb3b98f7158d39135e07e8aa613057e89ef97c066489cd
- SHA512
  
  3c223c2cd73328d16938aee1d8ed0059d06ebe955f33beaf14f7f25fbc314aacb6d0047be94afbbe6943754c6a0d8c45ffc1f480713ac0247bb079eab36d91d8
- SSDEEP
  
  96:js94//mYZzPY00nwAnGSeQVY8LTPTLxTengCQlWTnT7TNTOqRUTNdxg:Y9mmYZjY00ZnGRq4gC8x/g
Score

1^/10
behavioral3

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

2

T1012

System Information Discovery

3

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Checks computer location settings

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3