Overview
overview
7Static
static
7osu!rx_mpgh.net.rar
windows10-1703-x64
7Bunifu.Licensing.dll
windows10-1703-x64
1Bunifu.UI....es.dll
windows10-1703-x64
1Guna.UI2.dll
windows10-1703-x64
1config/default.ini
windows10-1703-x64
1config/legit.ini
windows10-1703-x64
1deg.grv
windows10-1703-x64
3iTVqM6K.exe
windows10-1703-x64
1prejit.dll
windows10-1703-x64
3General
-
Target
osu!rx_mpgh.net.rar
-
Size
4.3MB
-
Sample
240308-w2sftsed4s
-
MD5
648d22c3d22a3c6ffb34f028544d123f
-
SHA1
60927a2e34f1f07f8e3bc675809373711f4b9b78
-
SHA256
71bb87b4ff7fa115d2f4902b0f5636c4015de9c222882b06c730127a6146093b
-
SHA512
5ac39d4104a460a21908183a83f54b0e8b3cf496d05942837f9bad801c0dacb290e5b211abdb309dd2015b5ca41344313d87954ef66d162a244bb4bf18bf8322
-
SSDEEP
98304:42OsdH6RmssXfMCO8378qjlnqiZOL03dq6XWiJd2FCF0ZWAC:4pZgHOu1jlni07X7Jd2YoC
Behavioral task
behavioral1
Sample
osu!rx_mpgh.net.rar
Resource
win10-20240214-en
Behavioral task
behavioral2
Sample
Bunifu.Licensing.dll
Resource
win10-20240221-en
Behavioral task
behavioral3
Sample
Bunifu.UI.WinForms.BunifuPages.dll
Resource
win10-20240221-en
Behavioral task
behavioral4
Sample
Guna.UI2.dll
Resource
win10-20240221-en
Behavioral task
behavioral5
Sample
config/default.ini
Resource
win10-20240214-en
Behavioral task
behavioral6
Sample
config/legit.ini
Resource
win10-20240221-en
Behavioral task
behavioral7
Sample
deg.grv
Resource
win10-20240214-en
Behavioral task
behavioral8
Sample
iTVqM6K.exe
Resource
win10-20240221-en
Behavioral task
behavioral9
Sample
prejit.dll
Resource
win10-20240221-en
Malware Config
Targets
-
-
Target
osu!rx_mpgh.net.rar
-
Size
4.3MB
-
MD5
648d22c3d22a3c6ffb34f028544d123f
-
SHA1
60927a2e34f1f07f8e3bc675809373711f4b9b78
-
SHA256
71bb87b4ff7fa115d2f4902b0f5636c4015de9c222882b06c730127a6146093b
-
SHA512
5ac39d4104a460a21908183a83f54b0e8b3cf496d05942837f9bad801c0dacb290e5b211abdb309dd2015b5ca41344313d87954ef66d162a244bb4bf18bf8322
-
SSDEEP
98304:42OsdH6RmssXfMCO8378qjlnqiZOL03dq6XWiJd2FCF0ZWAC:4pZgHOu1jlni07X7Jd2YoC
Score7/10-
Modifies system executable filetype association
-
Registers COM server for autorun
-
-
-
Target
Bunifu.Licensing.dll
-
Size
1.2MB
-
MD5
59d62a9b7fd1aeb9ba1fda1d259ddf65
-
SHA1
70ffe4b0cf5f90d37a0a565fa0f25dd11619fc79
-
SHA256
7ff9a81f603a46362227affee1ee9a4cce23dacb1f9478d5b52f3ec08275126d
-
SHA512
9d0618a9af38aae3d6a336b1b5f5c564b0b8e87516290822973a631ef553e6ab56f0160e74f5fcd10dc51275fbb5cb63a2a10389b5cea185e6fa925a09901407
-
SSDEEP
24576:ilBu6lsgu8la4AfrCN/s3IEiZfy/bbxqt72l6oQkwa8W:MxyIla4lN2liQ/bYtg6iwh
Score1/10 -
-
-
Target
Bunifu.UI.WinForms.BunifuPages.dll
-
Size
96KB
-
MD5
57df2e32ec9e3ffc95441cd1d8dbd1d7
-
SHA1
1e0f0d877b78deeba569a6dd4febeba50b9f44fd
-
SHA256
c1049bff371e0d3196edf6eb345dd150bd2051252cd5435f2e9b5a1b64faf917
-
SHA512
75549ba63f068d184bb26720bcc1cf34d286bd1ad50ec4daf4a7d253a54f22682d569e17233cdcde3a3b467c228b6bd737a1bfd54fc3c59bd17504444e42f834
-
SSDEEP
1536:SbGjHYCjIRQUJOvI1qD+8euTUrWYtcHF/Bm3wMDcF3faKH+Al:TYkPvvNNLTUfcHZBpM8yKBl
Score1/10 -
-
-
Target
Guna.UI2.dll
-
Size
1.4MB
-
MD5
acec68d05e0b9b6c34a24da530dc07b2
-
SHA1
015eb32aad6f5309296c3a88f0c5ab1ba451d41e
-
SHA256
bf72939922afa2cd17071f5170b4a82d05bceb1fc33ce29cdfbc68dbb97f0277
-
SHA512
d68d3ac62319178d3bc27a0f1e1762fc814a4da65156db90ae17284a99e5d9909e9e6348a4ff9ef0b92a46ba2033b838b75313307b46ab72dc0aab9641e4f700
-
SSDEEP
24576:0EYgGsL29WxSrDIFlabtrA8UCf4haho7pcHxvHOVSAF:0dgucgciQj
Score1/10 -
-
-
Target
config/default.ini
-
Size
900B
-
MD5
227ea5ee2a90fedb5f68451099b45d6f
-
SHA1
ac8a21be4590473eb5ad36275357fee387543173
-
SHA256
9f461286845daa54c86e397d5e0eef5fcef4dd12245453b29c8222c385589eab
-
SHA512
a31c57c92cc1955c61d36393aa56c0f45fb9cf26470520f536299dade7ca66d7acea5cdf0e171cc04f6d2679fa6ad970213b71402048b7cef94ccfee2d954d19
Score1/10 -
-
-
Target
config/legit.ini
-
Size
950B
-
MD5
281ecb60e9bf0055057c89eab78c75c4
-
SHA1
1a0f8ba9a06a70f807aefa234f3597c6deaff553
-
SHA256
05704714b1472b77704824c9e7a51e7a34f24bbe9eb7b2346993f4da57d65cae
-
SHA512
5c9e2add845d772c3e9cab40ba5688429e88e70c5f9830799426cd0fb5efb6d74e9956de708ab4f47c4fcbb7c7072ceac83b71e6f950f0831755f71924a912ae
Score1/10 -
-
-
Target
deg.grv
-
Size
32B
-
MD5
5ed067f7995bbdb4da6c90afb5d9494c
-
SHA1
7c7d10a98dcb42c4d401de4e2388a336158714f0
-
SHA256
8b76ea790580d3d3f49efb4e14acc80d7f98aa83342d97b8e8482efac55c6738
-
SHA512
6b5d8e3c05f4f28d5b1df44319b9fbae4b77ab7b9d0539b0d0dfd3b1521ba7ee246c4ffa8cd790981c58f0c3382936562fc0a80bb1dee5a72c891b6cb628e8f4
Score3/10 -
-
-
Target
iTVqM6K.exe
-
Size
2.8MB
-
MD5
01fa434916a256b51ac38c221203e6b6
-
SHA1
cdab235683e9f7c7a7b4d6e3700f67bbf2dbfd39
-
SHA256
404ee8275db57a90b3679f3b2adb3e0a95fdd05157a5d8006b6ff8816e4ed00f
-
SHA512
fa5573c769b8ea824bf09be4f61218751835403972ac867b5c654bf4f2f03a3a4c62ef8cf6684fd115cfc28fb9902efb19aec75674e9301ed72a520fe67d15ec
-
SSDEEP
49152:K6eLGm1el4XE92NIeq7hRVDSQNW8Qtqb8f+QXzM68mHJm/bcTpZluI:K6GG4+H9CItPSQNWEJQf8yobcT/X
Score1/10 -
-
-
Target
prejit.dll
-
Size
18KB
-
MD5
a3bbcebd27ab144424579f6901a8f835
-
SHA1
ee11f0c7a83f9f6f7e108a86cfbb94fce02a0180
-
SHA256
5c4e10984c841e6af9299f07388ccb68b4f7e21d603b794cd258b3ca60579023
-
SHA512
48ba1b90edf89bf7328170f3c8aeaf622e1952174a7c470500c8e7f71783c06c24314004115b4b4354a209c322891b28cdfce597307c907039de48edc8d865a1
-
SSDEEP
384:fOZcyBLts8kM/xirjMe2Fcbc3vWOJKfpz/rZtiMjnX8g9brRdWQtcDIDAI:fOZcAZfD32ZT8q/rjt1
Score3/10 -
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Event Triggered Execution
1Change Default File Association
1