Overview

overview

10

Static

static

3

Beta/LauncherGame.exe

windows7-x64

7

Beta/LauncherGame.exe

windows10-2004-x64

10

LauncherGame.exe

windows7-x64

1

LauncherGame.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Beta.rar

  • Size

    97.4MB

  • Sample

    240227-1m9tsacd8v

  • MD5

    3f495c24a5e475e65f454898240b74b2

  • SHA1

    bfe74ed0a7e5cc6596b46005e2dd2564c8ee7e04

  • SHA256

    344960cfdcbde89fc94cd8c857a77fba36c1c8c76014b41752f36da61750df26

  • SHA512

    18ab24f5a1643a2f6aff7833468a6f32931c5cde2cd31f8a023d685d108d818bb6748627a0d649ab87571580017b2f54565fe54f956b0858dc545491d2a39edf

  • SSDEEP

    3145728:ek3j11QswE/RV/eoh8heIieVgalSxgv5WxvWdt:ek3j1uns/QeIiePggRuot

Score
10/10
epsilonspywarestealer

Malware Config

Targets

    • Target

      Beta/LauncherGame.exe

    • Size

      71.8MB

    • MD5

      5952bc9f514bc833fabf37af5d0f690b

    • SHA1

      606e43f76e64a19590b482e454db6176809f0167

    • SHA256

      3529a12e159737092e5bdfcc2934fe8ea46089a697d2f5cf374310bf3eb84710

    • SHA512

      2c2fc556731c4754b4cec6d784b1e7ea42c038d44a9f1c6066079f7f2bb2cf3a9fea218f57c0800603e8a8b907335dcb4855ebfbcc2606437c9ecc9886fb726a

    • SSDEEP

      1572864:FejOS3hVJ4n0SdREpUfuVpWO9cC4LG8UzK+uxoG+YYfeGnh1lN:FUXmEPp0C4LGnsX+YYRdN

    Score
    10/10
    epsilonspywarestealer

    • Epsilon Stealer

      Information stealer.

      stealerepsilon

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1behavioral2

    • Target

      LauncherGame.exe

    • Size

      168.6MB

    • MD5

      3b1db4ecef55608d8177f6c6e223beb2

    • SHA1

      3e4d924ed349c5b728c6e84daaa5b519a66ce4c4

    • SHA256

      7caed17f76fc2e6c5fd6d5a4cdc213fe0d1abae9957294f3691c95605b138971

    • SHA512

      27dc7b2b5a8cd04c96b4db5a724270da8fdbd8c5d634cc73d615acb01426e7c8d2cd91de24bf1b0f9f759f3483c1f026a80431600acb4795e18001c0c72441dc

    • SSDEEP

      1572864:KXic4qb6IXgDaJfpEQHgelkLK4z34xGWw0TwW1T/qWhehZvmCtS3JPfyzG49FndX:UVKvWZ8tyx4u

    Score
    10/10
    epsilonspywarestealer

    • Epsilon Stealer

      Information stealer.

      stealerepsilon

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Drops file in System32 directory

    behavioral3behavioral4

MITRE ATT&CK Enterprise v15

Tasks