de443c0a6487d565ee872a9981838de8491da11fed0a13410aea1f83b1c5a504

Sharing

Copy URL

Twitter E-mail

General

Target

FiveModsSetup.exe
Size

89.2MB
Sample

240224-phmynsbd64
MD5

8b6c5c3e09f12d985f06cc86ba5db1f7
SHA1

f5fbbcf293a0e1c0c41de1135b4b57e8c16f0bdc
SHA256

de443c0a6487d565ee872a9981838de8491da11fed0a13410aea1f83b1c5a504
SHA512

679e3737a547fecda7accdd6d88c039377d357ed45712ad6472d630ccc3c183b218ab6bacf065b2f563fc56a3e14d8c4073d614c65acb1102ade93a9c0d1c3f0
SSDEEP

1572864:DthipuuP5JnMgrhRj/mXXmJtZ4H0VVf1yNQlcoMohBabcgvQc:DHnuPnnMgPd51UNQlco/hB0jH

Score

4^/10

evasion macos

Malware Config

Targets

- Target
  
  FiveModsSetup.exe
- Size
  
  89.2MB
- MD5
  
  8b6c5c3e09f12d985f06cc86ba5db1f7
- SHA1
  
  f5fbbcf293a0e1c0c41de1135b4b57e8c16f0bdc
- SHA256
  
  de443c0a6487d565ee872a9981838de8491da11fed0a13410aea1f83b1c5a504
- SHA512
  
  679e3737a547fecda7accdd6d88c039377d357ed45712ad6472d630ccc3c183b218ab6bacf065b2f563fc56a3e14d8c4073d614c65acb1102ade93a9c0d1c3f0
- SSDEEP
  
  1572864:DthipuuP5JnMgrhRj/mXXmJtZ4H0VVf1yNQlcoMohBabcgvQc:DHnuPnnMgPd51UNQlco/hB0jH
Score

4^/10
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/SpiderBanner.dll
- Size
  
  9KB
- MD5
  
  17309e33b596ba3a5693b4d3e85cf8d7
- SHA1
  
  7d361836cf53df42021c7f2b148aec9458818c01
- SHA256
  
  996a259e53ca18b89ec36d038c40148957c978c0fd600a268497d4c92f882a93
- SHA512
  
  1abac3ce4f2d5e4a635162e16cf9125e059ba1539f70086c2d71cd00d41a6e2a54d468e6f37792e55a822d7082fb388b8dfecc79b59226bbb047b7d28d44d298
- SSDEEP
  
  192:5lkE3uqRI1y7/xcfK4PRef6gQzJyY1rpKlVrw:5lkMBI1y7UKcef6XzJrpKY
Score

1^/10
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/StdUtils.dll
- Size
  
  100KB
- MD5
  
  c6a6e03f77c313b267498515488c5740
- SHA1
  
  3d49fc2784b9450962ed6b82b46e9c3c957d7c15
- SHA256
  
  b72e9013a6204e9f01076dc38dabbf30870d44dfc66962adbf73619d4331601e
- SHA512
  
  9870c5879f7b72836805088079ad5bbafcb59fc3d9127f2160d4ec3d6e88d3cc8ebe5a9f5d20a4720fe6407c1336ef10f33b2b9621bc587e930d4cbacf337803
- SSDEEP
  
  3072:WNuZmJ9TDP3ahD2TF7Rq9cJNPhF9vyHf:WNuZ81zaAFHhF9v
Score

3^/10
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  12KB
- MD5
  
  0d7ad4f45dc6f5aa87f606d0331c6901
- SHA1
  
  48df0911f0484cbe2a8cdd5362140b63c41ee457
- SHA256
  
  3eb38ae99653a7dbc724132ee240f6e5c4af4bfe7c01d31d23faf373f9f2eaca
- SHA512
  
  c07de7308cb54205e8bd703001a7fe4fd7796c9ac1b4bb330c77c872bf712b093645f40b80ce7127531fe6746a5b66e18ea073ab6a644934abed9bb64126fea9
- SSDEEP
  
  192:1enY0LWelt70elWjvfstJcVtwtYbjnIOg5AaDnbC7ypXhtIj:18PJlt70esj0Mt9vn6ay6
Score

3^/10
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/WinShell.dll
- Size
  
  3KB
- MD5
  
  1cc7c37b7e0c8cd8bf04b6cc283e1e56
- SHA1
  
  0b9519763be6625bd5abce175dcc59c96d100d4c
- SHA256
  
  9be85b986ea66a6997dde658abe82b3147ed2a1a3dcb784bb5176f41d22815a6
- SHA512
  
  7acf7f8e68aa6066b59ca9f2ae2e67997e6b347bc08eb788d2a119b3295c844b5b9606757168e8d2fbd61c2cda367bf80e9e48c9a52c28d5a7a00464bfd2048f
Score

3^/10
behavioral10 behavioral9
- Target
  
  locales/de.pak
- Size
  
  477KB
- MD5
  
  7ccdc41a3dbdf89058d71629225664ae
- SHA1
  
  e15c35b18685d9573349ff4247733b5f5ada8717
- SHA256
  
  163ea4c2cf67edd0526a8e18d3810872e92a1d4e17b5cf4f04107fda5967b0c9
- SHA512
  
  13b20b0db02a0a7480c56c79304ef594353507e1a30da0130b73aa8e9ec7636f306315a6f40729b10dc725f936642d2e2b282ed3040a079a6f25a7f9f7f1ae28
- SSDEEP
  
  6144:hHb3YfHLHsf63K7UpTzighla/nxDUBEmw3Am0o268dz5qRwT1MROI+ChF:yzY63K7UpCgvaPhf0p5q9+ChF
Score

1^/10
behavioral11 behavioral12
- Target
  
  resources/app.asar.unpacked/node_modules/node-notifier/index.js
- Size
  
  1KB
- MD5
  
  e4f4ed46cbf7884a2227a07d47907ab9
- SHA1
  
  7b9e4d9904b4468c101b121cf47e4c2816ac77e5
- SHA256
  
  04a22ae517a8f93453097ed636dee04a7635f928eef73cbc003916d091d0bbce
- SHA512
  
  4ba3d99629d983c2b073a584c58ad1d54fc3d2c55eed3e704a18e5db2c8625dc3fd5ffbffe8c56fbe5b096448eddf14b808dc97be9cf73c554095c1d842398f7
Score

1^/10
behavioral13 behavioral14
- Target
  
  resources/app.asar.unpacked/node_modules/node-notifier/lib/checkGrowl.js
- Size
  
  550B
- MD5
  
  fa7d81bc020ec4ef6c8055083876fcd0
- SHA1
  
  d3c62e48427f39dc613bca96997d38a06c966283
- SHA256
  
  01c807bd9f273f09ffd87bab13473865bbf321071513f5c487dd1b6e7fbdaf10
- SHA512
  
  4fb0844820363199ad78f0a667e0f945114e9d65d86283fb5bb79a1b97be25dbe8ebd2ce85a9dc40545630f3146b3897433e1d23e9117027d2c74fa698df3f1a
Score

1^/10
behavioral15 behavioral16
- Target
  
  resources/app.asar.unpacked/node_modules/node-notifier/lib/utils.js
- Size
  
  14KB
- MD5
  
  46b0f23f133ba1bd568e5cbdde8e7502
- SHA1
  
  fa3154cd92cb2c398e8b324e6b8a2402e46c4a32
- SHA256
  
  bd5ed859adeda193e15672e769551966b31cecaa6294fc52297533d835af3702
- SHA512
  
  198ea2cb626be8ed7ded3188489952ae6a424da8a9294a507345bc23fd14ccbd4715dc472e4febf25f2ece460492ee3d3dceef394a79e79ea8e91950016380fd
- SSDEEP
  
  384:lgQtxf7vKWXU5sli8m4q95W+V0TYVRvQliYqG5sYaLhG:ZH1q4ihG
Score

1^/10
behavioral17 behavioral18
- Target
  
  resources/app.asar.unpacked/node_modules/node-notifier/notifiers/balloon.js
- Size
  
  4KB
- MD5
  
  22e0b5a21107a340bd37f034e88be79a
- SHA1
  
  cfa46acdefbfb08542ac890d8de2fd007e343355
- SHA256
  
  ef68f4d2e8dfcd1443843d81707a3e0e7a2e01d9573100710736eb1990306220
- SHA512
  
  0c45207ec1875459355a01a8ce163811f267a95546171f2837dfd09a9587bd2888add14c4c0f868a67a66b56e6a15fcc8bbfb713141311bb8df737c8a23a91c1
- SSDEEP
  
  96:EaKoSVm5cv9SRMRTvgkKAyJBVNL/wm/1Go/WB6EiTyaugNN2Jv:rKzmGKoEk0JBVB/3/woDzy9Kgv
Score

1^/10
behavioral19 behavioral20
- Target
  
  resources/app.asar.unpacked/node_modules/node-notifier/notifiers/growl.js
- Size
  
  1KB
- MD5
  
  b899ef0e83aee19a163ce8ee249ac392
- SHA1
  
  b729bd63844cb485a8cb183725d8c6720633c23e
- SHA256
  
  922eecd40262c26337901479de95b0960c719df76fd3b53dfa3fc3aaed95823f
- SHA512
  
  cfc0ab6a0ab5111da7759868d4478043688f6eccd261d4f5fdaa74ffb4422956fe1cfe94974fbf3b08f1405ddd505053ee4ca3102c7182ae1e4ac5006ee2f882
Score

1^/10
behavioral21 behavioral22
- Target
  
  resources/app.asar.unpacked/node_modules/node-notifier/notifiers/notificationcenter.js
- Size
  
  2KB
- MD5
  
  09de38e77abd206cd405aa6ea70bda26
- SHA1
  
  f91eb550baf3378e63086160100fbc82e88a6c1e
- SHA256
  
  10dc099d7164133959a61c70ed2951921ef591738c327dbd76d7338f1c9630b4
- SHA512
  
  0dff587aedc93fd315b1b6f8001ef33973cbea5b416b5103da80dbb54e8182ceffa00402b3e6affd5193ddbac3b9c3d00210b052e8f1ee0ae91bb306552c056e
Score

1^/10
behavioral23 behavioral24
- Target
  
  resources/app.asar.unpacked/node_modules/node-notifier/notifiers/notifysend.js
- Size
  
  2KB
- MD5
  
  9792dbfec85c053f46582638e9c8a966
- SHA1
  
  35ab80ae67cabc161aa3b91c2539de8c4a00035a
- SHA256
  
  29fe357ee97ad29245f55bfcfee3ce75bc86375910d9b9709105a11d28f287de
- SHA512
  
  16347295888393ab2cae5730cb5f54fa87cc19fb1f745302cb0132eee1c5326ba15d651f81980fc8568e34fe4a935e0926e31b528ed9ccfc480b2468d53564f9
Score

1^/10
behavioral25 behavioral26
- Target
  
  resources/app.asar.unpacked/node_modules/node-notifier/notifiers/toaster.js
- Size
  
  4KB
- MD5
  
  5930863c25cd9d285e91ff10cbe7a947
- SHA1
  
  4d1a2e9942335d16b8af07b26d780dd2e1dd30cb
- SHA256
  
  3dc551eb4aa9f5ef5a2d983336e8e52714b16ad044a6e29435300299058823ed
- SHA512
  
  3b60cfb76634e60ae57a147d65930ecc5826b45f82c749bbadb16183cbbcc74faf8bad46a34058e13896f49a24d50492bcb9b1fa67e0e618bfb87d9715fb5d60
- SSDEEP
  
  96:XJu9LBshFyQlgf0KkZxHtKEIeBb/rHb9ujBCdDdNnu/O9yPoj:5uRBaYQSf0xxH7Ie1/rHbAMdDHu/Ojj
Score

1^/10
behavioral27 behavioral28
- Target
  
  resources/app.asar.unpacked/node_modules/node-notifier/vendor/mac.noindex/terminal-notifier.app/Contents/MacOS/terminal-notifier
- Size
  
  85KB
- MD5
  
  ade5227f13963b5bb72b47f0ad410819
- SHA1
  
  24d1a22cbd8b026c35b29f1981f4d9fdff08af37
- SHA256
  
  2588f4ae2118396419767c388cf2b0a9a5e0cb53ce5d05a07c00f68a97a50215
- SHA512
  
  ee702782dbd44682f0c9234fbd2d256b14ee70f349186f37e025bdac20ec5b10d515e9d91e6b54a5df7ee7312f2faf4d299e1ba1e03419cfa52585f2c1195fb6
- SSDEEP
  
  1536:nTAF22YtIwY0lROGiPcKXXXKV2Qaf5dC1:nTvtIWROJPvXKv
Score

4^/10

evasion
behavioral29
- Target
  
  resources/app.asar.unpacked/node_modules/node-notifier/vendor/mac.noindex/terminal-notifier.app/Contents/Resources/en.lproj/Credits.rtf
- Size
  
  436B
- MD5
  
  f0d4a61caf597423ff07c5e9b24a345e
- SHA1
  
  60a248148b319de26e36424d25021c2488e23ce8
- SHA256
  
  b4386fe1cef65cd91e6c8ecc065d117089083f91b7cadbf0c3e5eae20e8b9640
- SHA512
  
  e361011499cf70fc71e247fdda71f49d913654a983aa4ae67d00dc977e53b9cf0d88d4d2ac07efe248261c3ab6e3345e829e22dda3e51dccc221a94c660ace69
Score

4^/10
behavioral30 behavioral31
- Target
  
  resources/app.asar.unpacked/node_modules/node-notifier/vendor/notifu/notifu.exe
- Size
  
  260KB
- MD5
  
  e911f4dc3204e93c4b336228c48c3518
- SHA1
  
  522eb28c02fc1cb74d65b53d631f6012b1980e88
- SHA256
  
  aa60fdfd31800979078ceacc6f26570c7f99ea82d43edb33748d8c05d186f30d
- SHA512
  
  030a9d65b2aea5dd305873ef1899d631fc8cc5c1beefdc1d8ff346c531650ba05256ce042c825400eebceb143794dbc48aeff94641f444ff50062181b7d6ad01
- SSDEEP
  
  3072:vqBnKutGyzlMoDNoq7ZlQ18geiZE1Jk+ibqB82MdYQrYnf3OTkf2tD1fSCM:vq0utGyzlM/rpeiZpywY5l8K
Score

1^/10
behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

T1564

Resource Forking

T1564.009

Modify Registry

T1112

Credential Access

Discovery

Process Discovery

T1057

Query Registry

T1012

Remote System Discovery

T1018

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32