af430050f1a36ac9ac0c081d8dac85d706cc8841fb83c626e656111eea30ab94

Sharing

Copy URL

Twitter E-mail

General

Target

Cursor-Custodian-Windows.zip
Size

1.7MB
Sample

240305-wh5l2sda2v
MD5

547634ac8ad21cdee43752922486cacc
SHA1

f8862b433730556373bc5d73c4e7a859a7dd461e
SHA256

af430050f1a36ac9ac0c081d8dac85d706cc8841fb83c626e656111eea30ab94
SHA512

d28045dacc2dfc03dcdecfc74513818064ab63c13c3ed0c6c9d5b94769e4a35f001809e1a4537c98dddc097a9230bcd14dfbce615ad51b77c5d6af9d2d923313
SSDEEP

49152:KlqdruBo8bCefIBgP1YT/3ZPnldZ5LYxN3e8Og:KlqdwlbCefIBgP1U3ZjKN3fX

Score

7^/10

Malware Config

Targets

- Target
  
  Cursor-Custodian-Windows.zip
- Size
  
  1.7MB
- MD5
  
  547634ac8ad21cdee43752922486cacc
- SHA1
  
  f8862b433730556373bc5d73c4e7a859a7dd461e
- SHA256
  
  af430050f1a36ac9ac0c081d8dac85d706cc8841fb83c626e656111eea30ab94
- SHA512
  
  d28045dacc2dfc03dcdecfc74513818064ab63c13c3ed0c6c9d5b94769e4a35f001809e1a4537c98dddc097a9230bcd14dfbce615ad51b77c5d6af9d2d923313
- SSDEEP
  
  49152:KlqdruBo8bCefIBgP1YT/3ZPnldZ5LYxN3e8Og:KlqdwlbCefIBgP1U3ZjKN3fX
Score

1^/10
behavioral1
- Target
  
  Cursor Custodian.exe
- Size
  
  58KB
- MD5
  
  7176df4578148cdec5af41e2b1801773
- SHA1
  
  0155792ba2cbea74654c2565aa6bcfd815641f8e
- SHA256
  
  1d3d4fcf91a3ca644e8b61037539ba749b26080e6b043a8e844e4ccdea9d50e8
- SHA512
  
  c8c8e28bdb40bf239315e695f16485ae211e46702d88bc49adc7c6b43384a60c778db53408b61749da9dbd87b22bcfce69a6aa1b00d9a359332f845c73bf105d
- SSDEEP
  
  768:DzL5b9upbI23tOPixVMp28rjn2SCUN5dpQ/MClWZ7Nnsa042ehMkRRFdK0:DzLS3tOPix+M8+dULd4MCl2KaychW0
Score

1^/10
behavioral2
- Target
  
  SDL2.dll
- Size
  
  1.4MB
- MD5
  
  7a11cbcf3d011d61dfc45eeea0197839
- SHA1
  
  c8ccb1681bd446559f19c303d3b7fb02d01108c1
- SHA256
  
  aae1e2c1a5a2a360be4d849a503ced184425913f89b5f5967ac7231281970d0b
- SHA512
  
  2946cb1e4622769267564ec69ac7ca3720abeef0b14e2cbf1b08682f68254f8f5fb4d728d4760a4452668378b7e8656c382c91febbb572b4a31c65066d2528d8
- SSDEEP
  
  24576:j1ie+fkFwAX1cB93Fg5gagiHXJv43EIDX0disOe8eHHHHHHroCYswGHuKEkjgrgx:jhiAMeHXJvPIqoCHuKEkjgr+64VHRLaa
Score

1^/10
behavioral3
- Target
  
  SDL2_image.dll
- Size
  
  122KB
- MD5
  
  b8d249a5e394b4e6a954c557af1b80e6
- SHA1
  
  b03bb9d09447114a018110bfb91d56ef8d5ec3bb
- SHA256
  
  1e364af75fee0c83506fbdfd4d5b0e386c4e9c6a33ddbddac61ddb131e360194
- SHA512
  
  2f2e248c3963711f1a9f5d8baea5b8527d1df1748cd7e33bf898a380ae748f7a65629438711ff9a5343e64762ec0b5dc478cdf19fbf7111dac9d11a8427e0007
- SSDEEP
  
  3072:6bsejIuO504fzsOM05Nmy7iGpJ7SvFisgf:6bmX0qQOhmyPs
Score

1^/10
behavioral4
- Target
  
  SDL2_mixer.dll
- Size
  
  121KB
- MD5
  
  8668d84320acee48bc64d080dd66a403
- SHA1
  
  1d61d908bfa16ce80e8947100c5f3f936b579c44
- SHA256
  
  900eeb69b67266946f541bc6da5460e6cb9ed4f92816a1710a84625ad123808c
- SHA512
  
  53a57a3619425abef718abf9836e9980c42f4130afa1d7875c4ad5bd5333a4d02d8db8f274619e6932c2a4a8f46a8ab1c56aff8f7af4b2536873ecebe13c6d93
- SSDEEP
  
  3072:GeCtxSl2NCjItkjr2tXYsxSfbWO1i9ssFo2Bm:GeCtslnsw2YsxSZ1KssFo2B
Score

1^/10
behavioral5
- Target
  
  SDL2_ttf.dll
- Size
  
  33KB
- MD5
  
  14e57c1868efc1fb2e4787754e233364
- SHA1
  
  09158212caf3f7f18e3c5ae65eee4f7a7796cb62
- SHA256
  
  507dc8a977d543b3e06bd3fce41f5759d64b2b21ae829cd2ef41b77bf66968c4
- SHA512
  
  83c0c9e444888d837b95b687e127c0c82fb177a712442dc4303e9d03b837941787449804efb8a75a3489ccbdb9165bfec7f99773cab819b6b14cac19eb37752c
- SSDEEP
  
  768:ch6nyBqTviPRGTSJuhrLSA9JT1vZgZDAMABz1w:U6yBqeITSm9HW7F
Score

1^/10
behavioral6
- Target
  
  libfreetype-6.dll
- Size
  
  572KB
- MD5
  
  42ab9dd5740879c8a0913047149d3a60
- SHA1
  
  d117ef70d0100615b5d50fb555345545e823235b
- SHA256
  
  8e263fd9257e8e83bafda0c943184a498c07424c4d558321fdb48c9a197e58a4
- SHA512
  
  5c0656521815cb504a1e840fd0163b0eb10d6b7237dbb76c6bdbf66388111667fb1d4fe78c2bbe8d00d377cf150200142ce7e33cb5434960f69a77899322b417
- SSDEEP
  
  12288:w7AvRbpuflWqWyhb/e+AUCnGqI3qoTF1OgfEWm:w7AWVhbm+AWqc5uZ
Score

1^/10
behavioral7
- Target
  
  libjpeg-9.dll
- Size
  
  238KB
- MD5
  
  c540308d4a8e6289c40753fdd3e1c960
- SHA1
  
  1b84170212ca51970f794c967465ca7e84000d0e
- SHA256
  
  3a224af540c96574800f5e9acf64b2cdfb9060e727919ec14fbd187a9b5bfe69
- SHA512
  
  1dadc6b92de9af998f83faf216d2ab6483b2dea7cdea3387ac846e924adbf624f36f8093daf5cee6010fea7f3556a5e2fcac494dbc87b5a55ce564c9cd76f92b
- SSDEEP
  
  6144:I7wNZIYb0maLgCaqrWqg7EdP8J1dJHoFaeghCbBL:I7we7gCaqrWqg7EdP8jpY
Score

1^/10
behavioral8
- Target
  
  libpng16-16.dll
- Size
  
  206KB
- MD5
  
  3a26cd3f92436747d2285dcef1fae67f
- SHA1
  
  e3d1403be06beb32fc8dc7e8a58c31e18b586a70
- SHA256
  
  e688b4a4d18f4b6ccc99c6ca4980f51218cb825610775192d9b60b2f05eff2d5
- SHA512
  
  73d651f063246723807d837811ead30e3faca8cb0581603f264c28fea1b2bdb6d874a73c1288c7770e95463786d6945b065d4ca1cf553e08220aea4e78a6f37f
- SSDEEP
  
  3072:VatMOImapxER0/vnm2mjq61IJJT1fX0yuWUQstxZw2TnzFEY5IQ:VatMOImapaR03nmnYJV1cjtnwunw
Score

1^/10
behavioral9
- Target
  
  libtiff-5.dll
- Size
  
  422KB
- MD5
  
  7d40a697ca6f21a8f09468b9fce565ad
- SHA1
  
  dc3b7f7fc0d9056af370e06f1451a65e77ff07f7
- SHA256
  
  ebfe97ac5ef26b94945af3db5ffd110a4b8e92dc02559bf81ccb33f0d5ebce95
- SHA512
  
  5a195e3123f7f17d92b7eca46b9afa1ea600623ad6929ac29197447bb4d474a068fd5f61fca6731a60514125d3b0b2cafe1ff6be3a0161251a366355b660d61a
- SSDEEP
  
  6144:d8x4RKXHtEOtiYFJEn9RX9kgr+6Dr1Xu1ih/QpGJylW:qx4RK3tvKRH3Dt4ih9Ji
Score

1^/10
behavioral10
- Target
  
  libwebp-7.dll
- Size
  
  437KB
- MD5
  
  2c5aca898ff88eb2c9028bbeefebbd1e
- SHA1
  
  7a0048674ef614bebe6cc83b1228d670372076c9
- SHA256
  
  9a53563b6058f70f2725029b7dd2fe96f869c20e8090031cd303e994dfe07b50
- SHA512
  
  46fe8b151e3a13ab506c4fc8a9f3f0f47b21f64f37097a4f1f573b547443ed23e7b2f489807c1623fbc41015f7da11665d88690d8cd0ddd61aa53789586c5a13
- SSDEEP
  
  6144:t2lROjMXfhVy+tEZzshykv2SxgQceWni1UC2JCsJ5zIGWexIaZOovMPVt9ACB/1O:JMtVykiiiCsJdpxIaZOokPVtW
Score

1^/10
behavioral11
- Target
  
  res/fonts/cocogoose.ttf
- Size
  
  69KB
- MD5
  
  3529fc2a1c22f836b72a87eec5c190e8
- SHA1
  
  f4e06e52a1356f5c2c6d34f1f2a4b1497fde8650
- SHA256
  
  42d309c495a5f81572a74d6a02c88a6df04777e182c969c23c2ad2aafed80865
- SHA512
  
  a7ed06ddc84741afa9a0e5cfd74ef535546c8acc05ebf8a0d4859f8add5c71081fd54a631657df36e8c74d5363c80e28a9dd7c46cb678c74bb55f32c6d0feb51
- SSDEEP
  
  1536:B5bSJQaFoK/1zu1GfR3VEQ2viwYfrMbI2irvrebnKk8ByWiZs4Mkgyl:B5bSJQaFNNzr5BwYjEwrIKkWy9JMpc
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral12
- Target
  
  res/sounds/click.wav
- Size
  
  5KB
- MD5
  
  ddb36f9e2cf7dfb8c78f6ce6fe3245a2
- SHA1
  
  aa4f631333cc95925bce7f03a6c92264cf913a4c
- SHA256
  
  9499031a25cdcffa34593040bd53deb9075f66ce7ab1c752870d2e369ff2f3ef
- SHA512
  
  1a421133d7c938373a9107f993f0d7de6465e99db89048b3e40c1f0b11ae5c6f95540a159bd0111228979bf92f2cbab2a4c1fbd3cbb1dbec121b6d787b4db887
- SSDEEP
  
  96:bzFCuLGjCePWeYwZXRovPAanUp8qyfr0ccEG/IKITHVeeuW2u/pT6ZI7i36mk0O:bzFymsA2mPADmfjcjOh4uxcKA6x
Score

6^/10
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral13
- Target
  
  res/sounds/fall.wav
- Size
  
  120KB
- MD5
  
  744db9ea4c16645dab3d92e2bca2b87e
- SHA1
  
  e8ed322b84e876772e0e273afe2da84a654906ec
- SHA256
  
  59761a0f0148a6303e2cbfe3dfeda3ef25d15b4391fdf97d7f0838b534af8ff7
- SHA512
  
  a63696491e0d27f9fd4d21870343993527adc53b90dd67ac678a971a1bc6b1b953f5f612f6e41d6e96b655bd78e501ad98b79cc54ab3f5a32abc4b64f649231f
- SSDEEP
  
  3072:WExs0/UxJO3faFqCLoG4b6FW8gRCgpWrVcJlQLDAvAEItj8iWD8:WExsK3lCkG66s8gAgpRHvAEkj8
Score

1^/10
behavioral14
- Target
  
  res/sounds/hit.wav
- Size
  
  17KB
- MD5
  
  d99971cfda4d1de2b729fa6e50e93c85
- SHA1
  
  1e6eee4270bfb978675c8b4c19e07f9da10a49e5
- SHA256
  
  f6c1d4540cd0229eace2bccee828dc3464f9f5e3cac3fd35ea905eb4bc2da4e3
- SHA512
  
  b3aef18a31c7ae0a8fd7cd8f18fb3a206ac6af0981d7c7b469b62bb48e4b2b437d74c6074e7c9879fb08d35ff4c1d1576186d03a409e894969cd8ed04c29940c
- SSDEEP
  
  384:bK2fygH1NJeDWll0G+59hak83+5fPco/ExSOqI:e0nNJue+fhan3+5fko/sqI
Score

6^/10
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral15
- Target
  
  res/sounds/jump.wav
- Size
  
  10KB
- MD5
  
  f521be49c1322c01a6396d32a8f99252
- SHA1
  
  59bddf51e85a618a06119858abce4a5bcab09345
- SHA256
  
  be9b4bbe24d0245bda63f46351d2bb24cb64c3e1825596d3f1fe312b8c75f82b
- SHA512
  
  aa7b169cda7e5017f63ef33470fd3ff46e0497359a01fbf0530d7443fadb6be94ccdc37d2d9eb1f730815c1f3c528520910c38208b1a8dce8b0f7161b648654f
- SSDEEP
  
  192:V2Zn9XN+j8JcJtqnxLCK/gY8OhDzx+KAOVaJXVieGwmhXSZPQxuBmwYOewwLC:Vkn9wjY4twBCKGO/+g8XIesXAPQxuIAj
Score

6^/10
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral16
- Target
  
  res/textures/arrow.png
- Size
  
  319B
- MD5
  
  70a119d3f8fdb5b581448f61aea51238
- SHA1
  
  766cd844d630dfbfdad5ebf9563eea2ff2fecce6
- SHA256
  
  b33f7dd75ee4bfb402913e359a1d937e60e185f3c4abeba73e88e26229597def
- SHA512
  
  d770683a870998a2a32fa557c6f66c49de17dac3832cfb031dba4027f73e515007a94fb11d698feb9803e083bb84bb483aad2050fd5ac41ab6df713dc3744bcb
Score

3^/10
behavioral17
- Target
  
  res/textures/death_overlay.png
- Size
  
  2KB
- MD5
  
  eb998aa5ef905c4f35ca5ab88dcc5abd
- SHA1
  
  c81b764563254496c37298d8aef5f8fa13e7b2af
- SHA256
  
  407bb1235e14b52d4d43b3b1bab69df964343439e982f96e5a4a627262871b1f
- SHA512
  
  a696078f937e09251dd61d527240295b949d4a4b5cdf456851968b73fdb4083974c854d212f27cd5080aba19d2278045273c4e8af90906f554768a34198abcb4
Score

3^/10
behavioral18
- Target
  
  res/textures/ground/center.png
- Size
  
  1KB
- MD5
  
  46215c95e21fdca9ec3055478eacede8
- SHA1
  
  8aa9f637be8547c0fe1bfd0d9841e80266771630
- SHA256
  
  a4a77b1a26a810db498dcc387e7fdd32d580c833a5763f7e094aa5c05c421acf
- SHA512
  
  46dd623cc293b9db3a7b8ee60dc89d5ae1d8844c7b1255fd275e1da355450bbfe9bfa2ee9c4fa1caafc1a953470fde7a0036718ca76663c650c63560f97de0f6
Score

3^/10
behavioral19
- Target
  
  res/textures/ground/hole.png
- Size
  
  2KB
- MD5
  
  4e1bdad78368e7a07a9d3b1f22e8df74
- SHA1
  
  08209a073f53b18bd98144f1947e2f1d40f496a1
- SHA256
  
  d5bc16416e2f2627eb8e2c91b37281addd6aaf33f04ff9dcd55791f4278928d2
- SHA512
  
  dcfee0f42c0870035b755474eb8608426aadfd0343dfc05c8b2720fa15590ec2aa69cef0832ca4c911c3e171b0f061892c6c28a0432fd1ec854fb1783c21a966
Score

3^/10
behavioral20
- Target
  
  res/textures/ground/left.png
- Size
  
  1KB
- MD5
  
  bc9788eda2c86c319fea0dce7978cc67
- SHA1
  
  d0de8bcf376e7b297036456e0eec1cfcf564745a
- SHA256
  
  b0944b88406ad93e9c3b91b94773453cd9bd4642f1f2cac2c441b93e6eab1759
- SHA512
  
  3a1671c5d30f41d492875ffe32f663c7c77e62c9f1601fd4abc51444c7cf62fa666a10ec3109168ee5e76801ca68ff6f75ed52c74d3d00f0fc0cabc2843381a3
Score

3^/10
behavioral21
- Target
  
  res/textures/ground/right.png
- Size
  
  1KB
- MD5
  
  440667dc138f66b5b812ed431d97f580
- SHA1
  
  9c042fb1f6c0c5c8179dc899e05da69d97b5b7f7
- SHA256
  
  b1dd37bf33908b16eae98252d1f0a57c256f410657469a686b4589f42af77100
- SHA512
  
  6afe3db8680dbd578490dde01611bc5a212040f1ef58b700df852430c3e58b944cd3fa56829fbee37a29a446762c30183da6f6758a11dd039d58fceb56faedcd
Score

3^/10
behavioral22
- Target
  
  res/textures/highscore_box.png
- Size
  
  1KB
- MD5
  
  b66ffc90023280a91ee0ee91c87d863e
- SHA1
  
  d3b3f3d99921a7aa0d4e9eb405a3365140dfb525
- SHA256
  
  7b2adf0b9dbd168ca2bc67bd4df244f1baa8a7eeae5fec2579f99fa4238ac645
- SHA512
  
  0bdf17beb89aaed8ed36de415f44019e60fd7e1778f7390cbad583efd4759373c3cd543f9e1119768ea6ca246d94ac29930e9832afc63f1fb5909d07ac20b021
Score

3^/10
behavioral23
- Target
  
  res/textures/logo.png
- Size
  
  32KB
- MD5
  
  3b560ec93d55c17b705d8bc8b5af6fd7
- SHA1
  
  0cc9cb932df038287b0dee3bb6e5b7f5ecadc1b7
- SHA256
  
  43dc78bb62d4f7bcc5ab84f99e1e1ece365d08bf2838c8f387023f56138cccc8
- SHA512
  
  d7b4f39211fee299fc5ef8363d0f921ad801378751c3d98655349905780320618e2e5103581de1eb0291749659047eeb5e39395e5f987066dbeb07622f3784fe
- SSDEEP
  
  768:OxKSAUSp9NBPneNC1gfPTGhFnnZzwKI0Ydbw4S9:gKSAJpfANEgahlnZ0xdG9
Score

3^/10
behavioral24
- Target
  
  res/textures/player/player_0.png
- Size
  
  464B
- MD5
  
  891c5cfe1c1e4678e8ff8a4c20226615
- SHA1
  
  d997910d666c233a17210d4c7a622e0c1dfa8bc3
- SHA256
  
  981e9b43de221277ebb856d88c97003d37cade7df85c306483a146318bb618eb
- SHA512
  
  082acd0a6c15410e066876805cf106b41ad5a9bdc9b699a2c48542f8e60646021ac06f9125f186ad3a28338baa498bf6d0b43ce4999128d7c588ad14b47140df
Score

3^/10
behavioral25
- Target
  
  res/textures/player/player_1.png
- Size
  
  919B
- MD5
  
  e63c4ea457518ac02998aaaab3234f7a
- SHA1
  
  35a6b4735d2e8b5b6053fc7f2f5bfb3f09ab30c8
- SHA256
  
  f85542066c0a29a08e9e8a5f83dac50e24e7b1d6150e6ea8f2dd4658b938fed5
- SHA512
  
  f61876c935e84339dd238e75a8f9bfb0d84e92808665d5069ed3afd14135b2476629283fbdbff88e3bc0deb1aeb0e8323f25d65c533f25aadd9b32a8376bd55c
Score

3^/10
behavioral26
- Target
  
  res/textures/player/player_2.png
- Size
  
  527B
- MD5
  
  2778a672022bfe3878b4b6a5a88de375
- SHA1
  
  e09ebbc86d24480f1f65c3181a02403f5901fbf2
- SHA256
  
  9838913c68b0bc52d6b966d454dafc8202d94c81dec366c95e9261952c6304cd
- SHA512
  
  b230a5cd9117127d6c17d58f922dcc55bb74325e8dca52dc027a3005835c887a5f5a31123d592777593d4e8a45a55e658e45b1049e909d45d15f48ea47a84e49
Score

3^/10
behavioral27
- Target
  
  res/textures/player/player_3.png
- Size
  
  219B
- MD5
  
  0779fc501b0e034986538e21c6726c05
- SHA1
  
  65910d84327edca9afe0f04a663cc56b5f27e2d2
- SHA256
  
  93ef5164cd26c5ed45897e9e45bb20f28af67ee4b33d727ebab40bee86abcbf3
- SHA512
  
  61f0189f7f589eb9823b6c933ad05989126d12bdb623d94e2ecf9ce6939dca2e514666ef360d31cc9dff92ab54e444898c4cf262f7e5e9a0eec2adb64e23ff47
Score

3^/10
behavioral28
- Target
  
  res/textures/player/player_4.png
- Size
  
  222B
- MD5
  
  538e5eb63d78e605db9fb16a7f1b326d
- SHA1
  
  19b699b9f98e8c7fa3a87e1d3dbeacaf8f711f52
- SHA256
  
  d9f8abc238f9a47b9aa20e683e73612209bea08d9378574ef033ea236e7a155c
- SHA512
  
  ddb208a496a383e979e7271972a71bb5c1cae342297ce501dfa022440e170e64563d7f6e90f4de7e2538ee3a69434ae6d824a83354d66322947092044579e480
Score

3^/10
behavioral29
- Target
  
  zlib1.dll
- Size
  
  106KB
- MD5
  
  5eac41b641e813f2a887c25e7c87a02e
- SHA1
  
  ec3f6cf88711ef8cfb3cc439cb75471a2bb9e1b5
- SHA256
  
  b1f58a17f3bfd55523e7bef685acf5b32d1c2a6f25abdcd442681266fd26ab08
- SHA512
  
  cad34a495f1d67c4d79ed88c5c52cf9f2d724a1748ee92518b8ece4e8f2fe1d443dfe93fb9dba8959c0e44c7973af41eb1471507ab8a5b1200a25d75287d5de5
- SSDEEP
  
  3072:wLmjK8n5MYk+NqZSB23eRenGvTBfs9Yy0J:wLl8n5MYCjFnaTBwYy0
Score

1^/10
behavioral30

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

T1120

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Checks computer location settings

Enumerates connected drives

Enumerates connected drives

Enumerates connected drives

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30