4e7c224b406e6b9623bd4fe627215bcbf017d7c29244cf86536c702af23ba573 | Triage

Sharing

General

Target

Craftomation.101.rar
Size

208.0MB
Sample

240223-rhwlxsah43
MD5

73ab70fb3effbade01abb2b9fc7fb239
SHA1

9623a62c24a08c6b03e90601db349be7112813d6
SHA256

4e7c224b406e6b9623bd4fe627215bcbf017d7c29244cf86536c702af23ba573
SHA512

f4592f65731e3df5fa36244e68a633cb2d015b229f754c561eab0826245685b96222495b940335ccd993703fbfa3cfe2e68dd55de1176afe632a0feaed73ab31
SSDEEP

6291456:13nhKL7UaUKj2P2Odp3DKSIv+9uZ6wKW/t/u:p88aUYszp3WSIv9Z6b2t2

Score

6^/10

evasion trojan

Malware Config

Targets

- Target
  
  Craftomation.101/IGG-GAMES.COM.url
- Size
  
  196B
- MD5
  
  882e17d630d74b64a8176e38e2fadf7f
- SHA1
  
  d6652d568db451c03b73eede688e0124e2d54ebf
- SHA256
  
  6d905d76e7d807c5831231d791f2510160dd56018ae423a037e7ac88fd19412f
- SHA512
  
  2baac743dabdbf133583c4d500699673e0bb2b2ade89f0a660eb17bfb440f1d74814ade3b82eb07d776f6a7c1b1975f25c6c1c500edc589897bc304a9c9fb3b0
Score

6^/10

evasion trojan
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2
- Target
  
  Craftomation.101/PCGAMESTORRENTS.COM.url
- Size
  
  202B
- MD5
  
  420715a04de8367bb8d37d57ce1d6d41
- SHA1
  
  710369a636391e43be7149416d8e9b390863babb
- SHA256
  
  c4d6ac03d1b51af3f4127bdd12f2317da8ebf4a7f20402f2139c61d5cf10ab23
- SHA512
  
  8737cec4730f412c18e508076d9fb7af2ab10b4b1637c70c2f76c1c6ca7bca27021cbe56dc3305a4ea7704f7ac2c6e005d02c605a4e7f9b0a709bb94cfc7f457
Score

6^/10

evasion trojan
- Checks whether UAC is enabled
  evasion trojan
behavioral3 behavioral4
- Target
  
  Craftomation.101/game/Craftomation101.exe
- Size
  
  5.9MB
- MD5
  
  e58f767a05e7dd7720cd921dc338228b
- SHA1
  
  d956d926e993f65e0565cbcd5d8f2520556cd504
- SHA256
  
  5c1cde13931d60135925e9497734f730c0f6754a254ab3ce191bfbdbe1b7275a
- SHA512
  
  3a9280f26c832335003933cc7fd595185aea88c2124f5cad89ede5560cb8959628709491a8d10e69f00aa3daefd5ba06c89669e9c8943b6005ad065d04766706
- SSDEEP
  
  98304:97qcq7Bb8KoriMBwX5QDV3+GrP0SvOXeN8elo87s/G:xqcq7uKoriMOX5S/P0SvOXeOBD
Score

1^/10
behavioral5 behavioral6
- Target
  
  Craftomation.101/game/OpenAL32.dll
- Size
  
  120KB
- MD5
  
  2ad7b4f3c8d2bb686d231edff404b7a4
- SHA1
  
  f29676b96d04bd2765925a3834d9babfdce6a0b3
- SHA256
  
  87802322c8e63555c26fe473ce234ce7099745ccb28c02766c2224c726454039
- SHA512
  
  51a6c8cfe30e34c37437e6c5f8c602aa0759b65559a82521e2dbcf8a9865b826077854acb6497df6085d67b4c66083ae5f0f192b743a4b6f77ce7b18f01bf528
- SSDEEP
  
  3072:mQG3kfDcDKLIjVUl4ZjxNP7ZOqCA48gstZLsFusbdLakZ:ejsxlUVZ7ZOPstm1YkZ
Score

1^/10
behavioral7 behavioral8
- Target
  
  Craftomation.101/game/sdkencryptedappticket64.dll
- Size
  
  1008KB
- MD5
  
  76a1969f0dd5e1fd3a455679320a9405
- SHA1
  
  8a187ab8c604518f8fce1932aa72162df5593d96
- SHA256
  
  e385d0543e3c6d816164c4edcc54866ec40744282743b62ca6e450d0a9f92cc5
- SHA512
  
  2ab4cbcdfb5d6f978b8184b4e460f0222c5d7225472f6199db6c212c2b8b26cb5a04d54da2ea047c403bcb1338ecfb382b0cc24163d34c7f237b17a53e1db59c
- SSDEEP
  
  24576:bfGlrS6+xaTk+0/oB1Dv9nbbSKsyBnFvf/p7iTKtrDu:bGlrS6Yz+0/CDv9nbbSKsknFvp7iarq
Score

1^/10
behavioral10 behavioral9
- Target
  
  Craftomation.101/game/steam_api64.dll
- Size
  
  1.9MB
- MD5
  
  c7ce820020b0900eb44d2a72f2ab9294
- SHA1
  
  f057a14bf15864c83bc99809ee248034d55993f6
- SHA256
  
  0cfe547ea82071953cf99daffa3bd11bb468eec0e400961e7e33e4dc36674ea8
- SHA512
  
  61a99f16e162f7590e10d18577aadfdf8aad203d7539627318ffa0c6c06a0370ca56709dd6f07ea3406978cdea7afd7253a80aeba3c199a23ccb41af439c5933
- SSDEEP
  
  24576:XeaHJvXu6zYPY6+UYHAjnQGuJbySAN6onVZEpYKXtR6IyefCg+alA:XFpmwYVTXm+SANj6YKXtRxfCJa
Score

1^/10
behavioral11 behavioral12
- Target
  
  Craftomation.101/game/wrap_oal.dll
- Size
  
  455KB
- MD5
  
  549347bcd4aacd63243d78e8f869dbb1
- SHA1
  
  efc00d2a7c5acfe17b8a58023826e6840aef39a6
- SHA256
  
  5379373cf3eff41cdd8c912c65e27e1bd492bd84238d19a093aa846c9b1ce909
- SHA512
  
  c6789376d05deb8c5050225c37c023055c107a72b49afddfd3f91e7e7429d38db9346e2e5d38986c2000c3828389cfbe5d74d80423a79eebd0367bcc81137cd5
- SSDEEP
  
  6144:ING0FBd3thlYIhSJyYvb3ahwNDx/+IJcaxjCz0G5suFrtxZO+jTyWQqlMfhGy6We:ILVkoWTNV/Qz0vWtxRHQqlM/kb
Score

1^/10
behavioral13 behavioral14

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14