General

  • Target

    Rail.Route.v1.19.3.rar

  • Size

    359.6MB

  • Sample

    240222-wcnrcadf95

  • MD5

    282cf160904575bf0c929227b36f9bb6

  • SHA1

    1c414cceb7eee2b475c6533290d624a692a24f42

  • SHA256

    03a97d391d604fd9f5f5dc01e7cb24bf065e72ca2d15d804af81d92c6919758c

  • SHA512

    f33d77cdbb4aa5bf1bb2e7f7bbf7e9a667fbff3d9cdc63ec773c69464fe3bcacf3d15293207022b62c2017982807ba5563a70cda806191c586b746f19f35afcd

  • SSDEEP

    6291456:+YaHKCNyI12ku1gVOn3ak8BUrNgdF7/rNeTGqwZpQ4Ix54G7d74rnPZB9Wn4MTF:hUJfo3KkTgr7jATYy3x54G7CNWn4KF

Malware Config

Targets

    • Target

      Rail.Route.v1.19.3/Rail.Route.v1.19.3/Rail Route_Data/Managed/UnityEngine.UnityTestProtocolModule.dll

    • Size

      19KB

    • MD5

      56fb2d74e63c1cbbc8af752ad66a8baa

    • SHA1

      49ca29d05f4e201639dac24d4a42c9b6041e6f9b

    • SHA256

      4a68290a76c1c042cbf66b5fc73600f6180e4b5f3c8422f4f8f5abce27b797de

    • SHA512

      c86bcbc752d65ae5d9c632b3ea99b8ec6994beda0302b48e1c222c4fea599956ff654354b33a81e4325045cac4500d661bfae1faf5aef4f3be126faf5b7020d4

    • SSDEEP

      384:eYYUAEl8taz2hjMXecjO368Nyb8E9VF6IYiTPx3nklW+9/O:eYYUAEl8thjMXeh36cEpYiTPx3kX9W

    Score
    1/10
    • Target

      Rail.Route.v1.19.3/Rail.Route.v1.19.3/Rail Route_Data/Managed/UnityEngine.UnityWebRequestAssetBundleModule.dll

    • Size

      22KB

    • MD5

      bf7e36739ae49b9c45a358cc409f515a

    • SHA1

      50685ba977de1271b7a0dcbc3962938f0b8437ba

    • SHA256

      c97fcabe7321fd394cbb1f7c268b86c32d2c21987132986fcdac15a1aeb3ef0b

    • SHA512

      963a50aaac1a1f4d963708b5c1ee9c63f11ee72aa78b188bbfb21b4301fc8d3e239e79a1fddd29c79a6bda099f9ba734cd49821a2e731ce40041645101d9d6c8

    • SSDEEP

      384:4epYGzM13MUAEl8taz2hjMXecjOATNyb8E9VF6IYiTPx3nkzClo5b:VpYqM13MUAEl8thjMXehAPEpYiTPx3kp

    Score
    1/10
    • Target

      Rail.Route.v1.19.3/Rail.Route.v1.19.3/Rail Route_Data/Managed/UnityEngine.UnityWebRequestAudioModule.dll

    • Size

      22KB

    • MD5

      6c5c3cf752b9669e4d0454cc81835c9b

    • SHA1

      a4c10a2581f5db5548e9e688fba1fd3309ae778d

    • SHA256

      8fa79fae88dc00de6d1f348ac1c331afd3281cc41a5cc6ccfa5422c7e0841eb4

    • SHA512

      259e99c25f39929be2cb81d847a0895373e39934ae16e5bfdd66b38ec11e0189662a3f674fd0e6fc21e839b4cf24c3a186b65ad98e72da7ab6ed3dcfaff9eea7

    • SSDEEP

      384:8yo7F+sZ6cE5mNIMUAEl8taz2hjMXecjO5rNyb8E9VF6IYiTPx3nkzrHwvy3:8xF+sZ6DYNIMUAEl8thjMXeh5nEpYiTu

    Score
    1/10
    • Target

      Rail.Route.v1.19.3/Rail.Route.v1.19.3/Rail Route_Data/Managed/UnityEngine.UnityWebRequestModule.dll

    • Size

      55KB

    • MD5

      5776a05a8aebd124346755e5d4c2c9d7

    • SHA1

      a1cbd33cabd4d76fcebd7408aecd3cb1f77053ba

    • SHA256

      090c888ef8e70aa201f377717ca6fdb0a66c92743aa80e62c764721d56953751

    • SHA512

      64b17dffb363c1d44aa19c7d6e779c0ca5d5df9783c8ffbb50238bb31f64d84e6a9e5c484d10d46c3bf21ec9fbc556e60ca00221974a76370203af23c44f6f64

    • SSDEEP

      1536:Gi9WN3ZpEtl9rOM/YEGwAFZfUAEl8thjMXeh+V7TPx3kCM:sul9rO6YEHAFZfUA6VfxBM

    Score
    1/10
    • Target

      Rail.Route.v1.19.3/Rail.Route.v1.19.3/Rail Route_Data/Managed/UnityEngine.UnityWebRequestTextureModule.dll

    • Size

      21KB

    • MD5

      292009ec0f06e438dd0a36e40fe0708b

    • SHA1

      c09767e3d598f6fd212624e60badc538935fe807

    • SHA256

      d0ae634f134e29a4025d0805cda891b05bebc5f9bbd0ce8e77df9ebccdfc56b7

    • SHA512

      46a176eb16c5a63f9a744a70981136ff20ec9ecea51c7f8a87944ac73350d85012308ab7e151e7734b579f4b90124b388e87e62e13ae0479ea87b72ad600cb53

    • SSDEEP

      384:RN7UmT1WwqUAEl8taz2hjMXecjOmoHbNyb8E9VF6IYiTPx3nkwwja:RdUO1WwqUAEl8thjMXeh1XEpYiTPx3ke

    Score
    1/10
    • Target

      Rail.Route.v1.19.3/Rail.Route.v1.19.3/Rail Route_Data/Managed/UnityEngine.UnityWebRequestWWWModule.dll

    • Size

      30KB

    • MD5

      cfa29285abf362a0bf6503e808aee200

    • SHA1

      a4b2f70cb4623c7ec5367563dcab31c04784870a

    • SHA256

      6314b2ec56a57eafc1937fc707b31b8fcfbcd7182ec8c52ed8215d6ac1720bb8

    • SHA512

      c535ca8cffda610abeafb8f470660ae9a1bb840917219013a3a9e45b535efc9cf95f6cdab5d0bd0bd2890573e028aacd9dbb44551f3b867029c30e3adf9dde71

    • SSDEEP

      768:N5VwZ2Xkzo8j0VPc1TbUAEl8thjMXehg1EpYiTPx3k9:NvwZ2Xk0o0dc1TbUAEl8thjMXehgu7Tg

    Score
    1/10
    • Target

      Rail.Route.v1.19.3/Rail.Route.v1.19.3/Rail Route_Data/Managed/UnityEngine.VFXModule.dll

    • Size

      53KB

    • MD5

      7aed64ade8287b5ebf9b5e28ededd49c

    • SHA1

      ea88a861169c5e545b08882b4a13b0d0aecf8443

    • SHA256

      a7fde49eca44a5a76673e3ca40ad53d7e26f4431b1b36400a2c63adeb0ac5f25

    • SHA512

      04303d5fab838358c1d4cd6d9d51a31b382544fa25fcbb9a1201a3d211a6a943003df276789bd3536caf1468d2a79eb130b96899cb8534d2ef498ef829e2fdca

    • SSDEEP

      1536:+KP1nufbn1wxyqFvC33+pdHUAEl8thjMXeh7n7TPx3ka:+i1nufbn1wxyOC33+pdHUAPnfxt

    Score
    1/10
    • Target

      Rail.Route.v1.19.3/Rail.Route.v1.19.3/Rail Route_Data/Managed/UnityEngine.VRModule.dll

    • Size

      25KB

    • MD5

      caee0a927ccd9c3ff2844371f4aa4e28

    • SHA1

      a34ff4c53d5899eba12b02155e8ef92b6f7ddf78

    • SHA256

      3522aea74452ce7800c6a631eb20e082d5ac677f5ae5dabcc1946da2ed325825

    • SHA512

      8dcfb7ee79761e5dd769ea4a31c7de392159681bb265ee7248974f83c47378ebe07765d2dd4cab5347b3f7009c196af741a0162900bdadd488f1b8ae8cc48998

    • SSDEEP

      768:cp0+ARJu4EphVRBK8wg4ODUAEl8thjMXehk2EpYiTPx3k/q3V:cjARJu4wVRBK8wg4ODUAEl8thjMXehkb

    Score
    1/10
    • Target

      Rail.Route.v1.19.3/Rail.Route.v1.19.3/Rail Route_Data/Managed/UnityEngine.VehiclesModule.dll

    • Size

      23KB

    • MD5

      6fb77bbffa9ff732c502107c39aa3d55

    • SHA1

      9826d66674aae8cb1be0128dad08faa3c1d26211

    • SHA256

      edf666c4825914b73936a6b5d772e6ddf554e3ebe53c74475dfcfdfac07d51f5

    • SHA512

      29a8d49ebb7a6c32900cf510fe7726db0ff33094187227da06160bdac256dbd499b19cda5ad42dcedc005607e41efcf8e56a1a75e82c76e3af485abd43e8ed26

    • SSDEEP

      384:gp/p8n4E2HV7UAEl8taz2hjMXecjOhSNyb8E9VF6IYiTPx3nknfJF0E:gxp8rYV7UAEl8thjMXehhyEpYiTPx3kT

    Score
    1/10
    • Target

      Rail.Route.v1.19.3/Rail.Route.v1.19.3/Rail Route_Data/Managed/UnityEngine.VideoModule.dll

    • Size

      39KB

    • MD5

      a1fa437b0a434bdc510b621d383caea6

    • SHA1

      bc8976dc87974e207058e3231dd0de684c57cc0a

    • SHA256

      3f88da85d656ac2042b3ebb6c656411ad7bd73afba7c0cb649ec5f451f082fc1

    • SHA512

      e5e9e3bf2202f4814cf4e71f49f0c5e828b05e7984ce0260784e192968312add81645aaa75c8100f006cb2be8c58ed4611317027c96df6c777e092fee5b9ad96

    • SSDEEP

      768:egL7fdTCCtB6B47Eb+oa87zDxNUAEl8thjMXehKlEpYiTPx3kAw:Lw47ExtNUAEl8thjMXehK+7TPx3k/

    Score
    1/10
    • Target

      Rail.Route.v1.19.3/Rail.Route.v1.19.3/Rail Route_Data/Managed/UnityEngine.VirtualTexturingModule.dll

    • Size

      34KB

    • MD5

      b984bddf8e1b7b1cbfb9c7670d2e2eb3

    • SHA1

      86bfdc4049f472d494983982078cb484eefe207c

    • SHA256

      046c40051d18963812358f11860f1d1c3d0534ea1ea9da2cd18cb6f93681305a

    • SHA512

      9c24d2e2dbe2e6126ed609d6af74c2deed5c5758403267bd85736b96af23b67921955f397c3537fbaa013298c0c283772a8f11cdb61d4c3c2d94ede67d497e7e

    • SSDEEP

      768:jz8Vfc/lXl9l9lQl7l7lhl7l7lnHp8pC1Gb8btRlcUAEl8thjMXeh5KEpYiTPx3P:f8Nvo0b2UAEl8thjMXeh5r7TPx3ke7J

    Score
    1/10
    • Target

      Rail.Route.v1.19.3/Rail.Route.v1.19.3/Rail Route_Data/Managed/UnityEngine.WindModule.dll

    • Size

      20KB

    • MD5

      82a493fd198d4b18d1f2fecfb07f35fc

    • SHA1

      d5aa8377349eda62ef5e525c7df09d91fdab368b

    • SHA256

      ad9cc45705259c33f2b4e36314c50ec32ca9873a7a5cf072c7fe68a694636d6a

    • SHA512

      28858196aa9cd7df96b883f7bb5abfb7219f6aa6805cfe6f450b480b96065b961206a1e4fd440b7dd35e4730b35ad9bed618270c27b212d4a0e21f28e6bad449

    • SSDEEP

      384:iWjgAQkvBUAEl8taz2hjMXecjOsrNyb8E9VF6IYiTPx3nkpBDKlL:iJAXJUAEl8thjMXehsnEpYiTPx3kL8

    Score
    1/10
    • Target

      Rail.Route.v1.19.3/Rail.Route.v1.19.3/Rail Route_Data/Managed/UnityEngine.XRModule.dll

    • Size

      68KB

    • MD5

      a58c704728261136481b0ee1f0492f6e

    • SHA1

      c01d583cb74c35aa3523eebd3a9f2256c5800a3a

    • SHA256

      b8a8fdf91cd0abe818c9ed9aff258ef9d17d74ce700fff48204b5dd137f9beca

    • SHA512

      81fabc46d3fa42438c439b0d9b2e74b42b0017c9eafae23f89983201216f255025ffff02cbb8894c59bc8a9c4006ee8ca756060c2e7b41932b6ec946113382c5

    • SSDEEP

      1536:Pq8YNJFlh3Pa2t5luISh54A0WUAEl8thjMXehFP7TPx3k2N:PzYNXPa8QIKUAxPfxjN

    Score
    1/10
    • Target

      Rail.Route.v1.19.3/Rail.Route.v1.19.3/Rail Route_Data/Managed/UnityEngine.dll

    • Size

      110KB

    • MD5

      844a74d1106d46eba2b69f9fbfcba522

    • SHA1

      3e09e60618daf301ef3d62e99005a873cbc0c8a0

    • SHA256

      1eadc1e19f8aa498953cbf5bd6a2dc37bc975ec90ba8d0ef775a87eb0027e511

    • SHA512

      4ea782a06b51f60a2e9ead95a9e03bc56fea8ce0f4a97d1a5f4e7f8b243874ed6d0bc8e5808d69fff99a76a523ffe6fb457bac1903fa4943b29dd86c4a67e436

    • SSDEEP

      1536:hYsqAJTg9+/SmAv0GsUqmcK5BSst+MAUhBOW7Zu55SEInBdselkQXcFp6k3Ea7Te:hY9e8+ev0GOo3+cO8SYafxk

    Score
    1/10
    • Target

      Rail.Route.v1.19.3/Rail.Route.v1.19.3/Rail Route_Data/Managed/modio.UnityPlugin.dll

    • Size

      490KB

    • MD5

      e8a7e045056eba40ca2ab81afb0890cc

    • SHA1

      7c3e47b0d65f8d5f2b8a7caf2a0ee8cf5f4650b1

    • SHA256

      2a44a1146cefd61345d58eb5e86d08da440ddc19d2307ebff0a34e79058cdc16

    • SHA512

      4244c5b7b4fa1ca5080912287274f214e0b73995adc9370464a3b1d7cdd75e3d4e2a6f5267e1559eec1948f10a3a7ef757ddf4010b58389e5e5c4592f9be8b19

    • SSDEEP

      6144:oW9nExSD740zCKm8GMpHVsWUavxOO7sx6Fva9+/SoI+XDdI2tzS7w:17tzC5CHvxOea9+/SsW2

    Score
    1/10
    • Target

      Rail.Route.v1.19.3/Rail.Route.v1.19.3/Rail Route_Data/Managed/mscorlib.dll

    • Size

      4.4MB

    • MD5

      06c93bc68f62e250f1faa65cd8b7e112

    • SHA1

      3db272876e7cbd89ee1c6d0edc8eda760e91bdda

    • SHA256

      af0cfa8241c1ef60c60b3ce06fdd901006f95966479ef5fff142cbd0968c45f9

    • SHA512

      fdfef615caea21bae51af0433918d174396e9dffdf035b7f3c0c802f76a20e01a845bb0acf89e3718b0aae4a5c601948f67d4e152dce3eb14e182ff25538caf0

    • SSDEEP

      98304:0vIAbYst0AH/NNAzzg/IwACSAkdE1awRUndZBlKj4Xl59xWIKWBCFzXjg1WUqSBV:050st0AH/NNAzzg/IwACSbEXq

    Score
    1/10
    • Target

      Rail.Route.v1.19.3/Rail.Route.v1.19.3/Rail Route_Data/Managed/netstandard.dll

    • Size

      88KB

    • MD5

      c61967ebe7f07f6a5a1b3f91842bbc3c

    • SHA1

      c2db6e7376977c5c7f17d816406ca70f95d8e1ef

    • SHA256

      6ae62e082dc494a2433984177f60ca4db5fae69b1f360a8b33754172b310b8c5

    • SHA512

      5e63289f67a2b5d436d192a6354444327c4939e854cdae82614950885265fcc76739219138f22c55171362b735169ed77e0699958b4960a909f6ec919ce3aa49

    • SSDEEP

      1536:zsYKt7WAMU9UYk5f4bJUHGPdghpuSX5qUE7cLh9z+:3K4AMaUYm4bJUiIBh1+

    Score
    1/10
    • Target

      Rail.Route.v1.19.3/Rail.Route.v1.19.3/Rail Route_Data/Plugins/x86_64/fmodstudio.dll

    • Size

      3.0MB

    • MD5

      c18f5eda26b620f86a2afd3a2daba925

    • SHA1

      06e78212d1a1558fc25dc2148bf6b5e27e180a7d

    • SHA256

      3cdd96d33012e8eb0190018f7b6e63cf9ad7e446616eceba1760a3fb1c56132c

    • SHA512

      3aedd4c5aa2a9443f3b8889fba7656fad2efa656e8e19126829c2ca9cee97bd7665ca093d8a7217597e2acec6fe012f14e166b37a7ffbc241a9613b9b90f5c8e

    • SSDEEP

      49152:M1RfkSzoOSf7OPXp/T5LJY48g8t+Nw0PPIZkb14eMB4W:R80B3

    Score
    1/10
    • Target

      Rail.Route.v1.19.3/Rail.Route.v1.19.3/Rail Route_Data/Plugins/x86_64/lib_burst_generated.dll

    • Size

      54KB

    • MD5

      7258172dbfc5301a84ba6a924426c9e7

    • SHA1

      a508dfbaabffd1ecd9aad508406d94cb723407dd

    • SHA256

      43553df6a9d8ded6842ea8e48fa3a269865f453d014e7fb57245e1a2e8294811

    • SHA512

      d69095bd3c2a55265139b3549ad081a1c2067692ff2451943755b66e65b121df80a3998809747b195a3146a89b8b8be2859ee6c93de5e23d0ab22bd0d8335139

    • SSDEEP

      768:jnFgQOYkGiwlzmoHk09lAYsZcU1Ybj4mDoUi7qO9k08103VWA9y/:j7JlzmoEdc0qoUaij103VWA94

    Score
    1/10
    • Target

      Rail.Route.v1.19.3/Rail.Route.v1.19.3/Rail Route_Data/Plugins/x86_64/resonanceaudio.dll

    • Size

      797KB

    • MD5

      ec140d6d301e44742a271a7eee92e213

    • SHA1

      ed206f4365131f64ff140a393513806dfa5081bc

    • SHA256

      e1667e5336ae067ab1d9aa04e7bcca9789ff5573ed4c7f6fa9305404d0485f99

    • SHA512

      9ea039990be0c9579933ac0f6c43b83d2457652fb61d761850cb3644cf1842a419f85d0879238a11e93e82fc9c9483a306227e08f7acaff92ac50ead2649a526

    • SSDEEP

      12288:oqzaaeCi6jAY5B7CehZhfEpEQulB/NCCS2X+pon8NGiV7m7o/t:oqzaajiOAY5jhgyL/NCCS2X6ySZ/

    Score
    1/10
    • Target

      Rail.Route.v1.19.3/Rail.Route.v1.19.3/Rail Route_Data/Plugins/x86_64/steam_api64.cr929

    • Size

      259KB

    • MD5

      cbc8b390e065c29572494901b151989e

    • SHA1

      238243867b2f2daf54ac0dd5f3b68f9d99f8abaf

    • SHA256

      ca1fa9a7609ab10b7926400559cf073e5888423cc156af72c6027d72a89eea73

    • SHA512

      e8deb190d9b00d9931f480754cd46b0fa16c4080bf12c25d024ee2c14e75e27a7ed9f9b357a456037c9123537910d5186b7361f359d44a25b175f55bfb9affa7

    • SSDEEP

      3072:WZz7iKHWadsCKUB6/KuBHlvdXGFcKLF65lhTbCNTnJvxfyN+ve2UhMBCcJo5gDst:+7i6ddsCKg6/KuBFFXyDyEBCcUb

    Score
    1/10
    • Target

      Rail.Route.v1.19.3/Rail.Route.v1.19.3/Rail Route_Data/Plugins/x86_64/steam_api64.dll

    • Size

      1.9MB

    • MD5

      c7ce820020b0900eb44d2a72f2ab9294

    • SHA1

      f057a14bf15864c83bc99809ee248034d55993f6

    • SHA256

      0cfe547ea82071953cf99daffa3bd11bb468eec0e400961e7e33e4dc36674ea8

    • SHA512

      61a99f16e162f7590e10d18577aadfdf8aad203d7539627318ffa0c6c06a0370ca56709dd6f07ea3406978cdea7afd7253a80aeba3c199a23ccb41af439c5933

    • SSDEEP

      24576:XeaHJvXu6zYPY6+UYHAjnQGuJbySAN6onVZEpYKXtR6IyefCg+alA:XFpmwYVTXm+SANj6YKXtRxfCJa

    Score
    1/10
    • Target

      Rail.Route.v1.19.3/Rail.Route.v1.19.3/Redist/vc_redist.x644.exe

    • Size

      13.9MB

    • MD5

      27b141aacc2777a82bb3fa9f6e5e5c1c

    • SHA1

      3155cb0f146b927fcc30647c1a904cd162548c8c

    • SHA256

      5eea714e1f22f1875c1cb7b1738b0c0b1f02aec5ecb95f0fdb1c5171c6cd93a3

    • SHA512

      7789eabb6dd4a159bb899d2e6d6df70addb3df239bda6f9ead8c1d2a2ac2062fce3a495814b48a3c2bec12f13800ad0703e2c61c35158b0912011b914f098011

    • SSDEEP

      393216:xTPq5dCsKSR65cX7Eyd/qnejOX3L8T8KYfU3j:VP5iw56oyleejcL8T8fc3

    Score
    7/10
    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Target

      Rail.Route.v1.19.3/Rail.Route.v1.19.3/Redist/vc_redist.x864.exe

    • Size

      13.1MB

    • MD5

      1a15e6606bac9647e7ad3caa543377cf

    • SHA1

      bfb74e498c44d3a103ca3aa2831763fb417134d1

    • SHA256

      fdd1e1f0dcae2d0aa0720895eff33b927d13076e64464bb7c7e5843b7667cd14

    • SHA512

      e8cb67fc8e0312da3cc98364b96dfa1a63150ab9de60069c4af60c1cf77d440b7dffe630b4784ba07ea9bf146bdbf6ad5282a900ffd6ab7d86433456a752b2fd

    • SSDEEP

      393216:S1RPq5dCsKSR65cX7Eyd/qnejOFxP7OEnl4L/Vvc:yP5iw56oyleej2OEnlwc

    Score
    7/10
    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Target

      Rail.Route.v1.19.3/Rail.Route.v1.19.3/Redist/vcredist_x64.exe

    • Size

      5.4MB

    • MD5

      cbe0b05c11d5d523c2af997d737c137b

    • SHA1

      027d0c2749ec5eb21b031f46aee14c905206f482

    • SHA256

      c6cd2d3f0b11dc2a604ffdc4dd97861a83b77e21709ba71b962a47759c93f4c8

    • SHA512

      75280d721550c2fa19b4f8d42b87d2fc6017f42709d84d2162c7330f7a0338bbd72cdc3f78626b10edcc602e2d22b174039254824334b3173d0ea48b3c06d1df

    • SSDEEP

      98304:hsPj6quMcylIpk4nM6tmMUrfvEP0hcKju9Z/lTPU8UBHBKNpr1w36ZyY:+PjzDJ4M6tmXDsPKi1lTPmHipJwqL

    Score
    7/10
    • Executes dropped EXE

    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Target

      Rail.Route.v1.19.3/Rail.Route.v1.19.3/Redist/vcredist_x642.exe

    • Size

      6.9MB

    • MD5

      e74f5ac8f39ff69dddce07c8e1f7f943

    • SHA1

      f283c6f14fea54441697f8d4d1d33cb5a180c20c

    • SHA256

      4542bf0e828d4428260b2bc975da5bc25d69c060e54176dac1d14b5567ea67d1

    • SHA512

      893ba3836e03dc14e0cb7e3da6af1cdb436dbed4beb948ec7118816e3483bc7c68ef87e5a4b200588a0f8ddedd3a79843c77a7b1ad0cd1d31df64b43066f6ca9

    • SSDEEP

      196608:E9OaQ54oYY7jLwXjZ41OON2uk3bQWgtyccMEL:rz5x7jLXkmkU4cFe

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Target

      Rail.Route.v1.19.3/Rail.Route.v1.19.3/Redist/vcredist_x643.exe

    • Size

      6.9MB

    • MD5

      53e6fd636573c63684b1a2aba4b1e19d

    • SHA1

      393932f2f2958b9fd8b597ea7db1d82e8dd01318

    • SHA256

      11cb1f23472e6636cc2532c82b5584f1a644b37210a8bf4c339d4f19482acf93

    • SHA512

      b221f433806cbcede0b57ccd1e75de6d650c7895fec96731bbeb562987b15ba6d629db71cb9cc1f064579ef8ed06ed15fc2bc2014f48e53a5715837cd6e2a8aa

    • SSDEEP

      196608:c5oyO3CCT/hBxtVtyUVnmSprzVIY7QKAV:qoywCCT/hXQQlrzF72

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Target

      Rail.Route.v1.19.3/Rail.Route.v1.19.3/Redist/vcredist_x86.exe

    • Size

      4.8MB

    • MD5

      cede02d7af62449a2c38c49abecc0cd3

    • SHA1

      b84b83a8a6741a17bfb5f3578b983c1de512589d

    • SHA256

      66b797b3b4f99488f53c2b676610dfe9868984c779536891a8d8f73ee214bc4b

    • SHA512

      d2d99e06d49a5990b449cf31d82a33104a6b45164e76fbeb34c43d10bcd25c3622af52e59a2d4b7f5f45f83c3ba4d23cf1a5fc0c03b3606f42426988e63a9770

    • SSDEEP

      98304:TsPj6quMBYyuSFOMKykvYgS/ylTpHufHMpPbOZ39c7T3eeom2vJtPShg:wPjzayuSgMKykQgSaTkvMxEYT3OfPShg

    Score
    7/10
    • Executes dropped EXE

    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Target

      Rail.Route.v1.19.3/Rail.Route.v1.19.3/Redist/vcredist_x862.exe

    • Size

      6.2MB

    • MD5

      f5a9debf301d714c39757965cad9ba9b

    • SHA1

      5765fb4e23900e528746d47ef32e205c3013e9da

    • SHA256

      4ee185ca12347324f684ae383692a880f749ae1385ba53c1b12dbd9ac3150f0d

    • SHA512

      63c01e8e47282e2dd3cbf7081033593b3976b378e59224817dcc20a906a518622adeaa0b405dca754f172706ce5c75a39afba692618a064216e458835ecc2689

    • SSDEEP

      98304:7hEKzHx15bWUuBrNatjJh2eNUrzKRL/RaIswn7aBOC5qZxVqFb2iExMc7FvxwGv6:7RDnuBotjJh2emr8L/YIsG7MOgqHG64/

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Target

      Rail.Route.v1.19.3/Rail.Route.v1.19.3/Redist/vcredist_x863.exe

    • Size

      6.3MB

    • MD5

      253773272d79cb515424e78547423948

    • SHA1

      6ec62445733107785ff6f4cac25bc3fee9e7bcd1

    • SHA256

      fd8f23c2ed640f7a4b18e55b10ef415febd83cbb8d58338ab71bee693f7e8d84

    • SHA512

      b1c93b1f7c6641f74279a746d3db2d9a6c25786ead56574fd42046c1f4134fddd84b55455158468a31a167d6a9ce07431ef4d6b07af2ac097e6ed9335594e58a

    • SSDEEP

      196608:ArKjLs+UIkzHlAv4X6zQRgiwHLD2LQIXG:UKjaxFFP1iLD2LnW

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Target

      Rail.Route.v1.19.3/Rail.Route.v1.19.3/UnityCrashHandler64.exe

    • Size

      1.1MB

    • MD5

      4dadd5519ff19846127572525adf9b13

    • SHA1

      c8ba2a8eaca200d90d99c6bbb25734f3c3afd940

    • SHA256

      e795f6d26e20db1279a925ea767d6d7699c46958bd0e42d3bdd347117e5eae8a

    • SHA512

      4abaeed1908399c39e24ba612707feb2c1020d2923e02353ac97a232810a123596e08310f5e9ab8e7f36d06c131ccc209e15c3e5f0145c532c5423e7dff8d348

    • SSDEEP

      12288:D1HNlcYyeraLLuLiT2SSYHdSbM+Fh6wk2AdgofZVQfz2fzA1Z:blcYK2WTBSYHdWFUbdg7z+zA7

    Score
    1/10
    • Target

      Rail.Route.v1.19.3/Rail.Route.v1.19.3/UnityPlayer.dll

    • Size

      28.0MB

    • MD5

      3efb0fce3c5c6b33d399172b6d366596

    • SHA1

      f533ffe6a197876244aed60fe1c2070def962c73

    • SHA256

      949052f9c4bf8979df51559b0f4339b55053c7d5d85b9aad927549b0189c0d4c

    • SHA512

      d2441789b1cd0454c63b98f30fe196a31e217f0e9a95d444d8279ee227e24331d7ec55bf5616e408405c2b61af88239866b9be68c15606e4cfb448709abcdfa9

    • SSDEEP

      393216:pZr83VsLHErlCssxw3U/4K5FuhVnJXDaGYNexh9PJOT07AnoTBiXoqdnerS1oQjn:pBkyNstAt7jn

    Score
    1/10

MITRE ATT&CK Enterprise v15

Tasks

static1

Score
3/10

behavioral1

Score
1/10

behavioral2

Score
1/10

behavioral3

Score
1/10

behavioral4

Score
1/10

behavioral5

Score
1/10

behavioral6

Score
1/10

behavioral7

Score
1/10

behavioral8

Score
1/10

behavioral9

Score
1/10

behavioral10

Score
1/10

behavioral11

Score
1/10

behavioral12

Score
1/10

behavioral13

Score
1/10

behavioral14

Score
1/10

behavioral15

Score
1/10

behavioral16

Score
1/10

behavioral17

Score
1/10

behavioral18

Score
1/10

behavioral19

Score
1/10

behavioral20

Score
1/10

behavioral21

Score
1/10

behavioral22

Score
1/10

behavioral23

discovery
Score
7/10

behavioral24

discovery
Score
7/10

behavioral25

Score
7/10

behavioral26

discoverypersistence
Score
7/10

behavioral27

discoverypersistence
Score
7/10

behavioral28

Score
7/10

behavioral29

discoverypersistence
Score
7/10

behavioral30

discoverypersistence
Score
7/10

behavioral31

Score
1/10

behavioral32

Score
1/10