cdb7fb42f4442f2a2ede9794b2d3bea7464d10dddf8815c0d29653a6fa4960e3

Resubmissions

11-03-2024 21:56

240311-1tjwyafe4t 7

11-03-2024 21:42

240311-1kq9nahc66 7

Analysis

max time kernel
383s
max time network
440s
platform
windows10-1703_x64
resource
win10-20240221-es
resource tags

arch:x64arch:x86image:win10-20240221-eslocale:es-esos:windows10-1703-x64systemwindows
submitted
11-03-2024 21:42

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Gacha Launcher.exe
Size

10.4MB
MD5

58cf87fb4fac9c69e9075f590ba063de
SHA1

411e14753b2b82e175e1227743f83242551082dc
SHA256

cdb7fb42f4442f2a2ede9794b2d3bea7464d10dddf8815c0d29653a6fa4960e3
SHA512

1c21bd0963415b6fcf60b72407bc231cf49a927d5b9410f7f90b36f3b415a1c04f23f6c7cf56bf1d4f3a2bcb51a086e999149b5692eefa0ea317ad46bebd143b
SSDEEP

196608:FSvaICteErowdNE+sKsXXg+W+TA32/1q3+dgS41kQuo0zq0W8/LBmp2mxl:TInEro+sKkXg+W+TA3oq3+d9LQuo0zd1

Score

7^/10

Malware Config

Signatures

Loads dropped DLL 16 IoCs

pid	Process
1416	Gacha Launcher.exe
1416	Gacha Launcher.exe
1416	Gacha Launcher.exe
1416	Gacha Launcher.exe
1416	Gacha Launcher.exe
1416	Gacha Launcher.exe
1416	Gacha Launcher.exe
1416	Gacha Launcher.exe
1416	Gacha Launcher.exe
1416	Gacha Launcher.exe
1416	Gacha Launcher.exe
1416	Gacha Launcher.exe
1416	Gacha Launcher.exe
1416	Gacha Launcher.exe
1416	Gacha Launcher.exe
1416	Gacha Launcher.exe

Suspicious use of WriteProcessMemory 2 IoCs

description	pid	Process	procid_target
PID 2996 wrote to memory of 1416	2996	Gacha Launcher.exe	75
PID 2996 wrote to memory of 1416	2996	Gacha Launcher.exe	75

C:\Users\Admin\AppData\Local\Temp\Gacha Launcher.exe
"C:\Users\Admin\AppData\Local\Temp\Gacha Launcher.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2996
- C:\Users\Admin\AppData\Local\Temp\Gacha Launcher.exe
  "C:\Users\Admin\AppData\Local\Temp\Gacha Launcher.exe"
  2⤵
  - Loads dropped DLL
  PID:1416

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\_MEI29962\_hashlib.pyd

Filesize
57KB

MD5
4fb84e5d3f58453d7ccbf7bcc06266a0

SHA1
15fd2d345ec3a7f4d337450d4f55d1997fae0694

SHA256
df47255c100d9cc033a14c7d60051abe89c24da9c60362fe33cdf24c19651f7c

SHA512
1ca574e9e58ced8d4b2a87a119a2db9874cd1f6cedef5d7cbf49abf324fb0d9fb89d8aac7e7dfefbeb00f6834719ed55110bcb36056e0df08b36576ffd4db84c

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI29962\base_library.zip

Filesize
960KB

MD5
f29630c9ea20b9536a16a1e422d5d9bd

SHA1
ac92c44f39456ceed6442c4a7769ea5f7c97f14c

SHA256
edc9fd99b6acee8ccffbad9cec2fd0d7c169ae5cfddedaabd9e603927db50883

SHA512
323af6ec51b3b5b6f517d55a7e90ce9338aed2a2421b14e32f2529f6c37d8f349e6f747ed85088c639dbb41fd38460d4ce8be9092c0c9b9ca49202378217db34

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI29962\libcrypto-1_1.dll

Filesize
761KB

MD5
2e761badd6eae47b38b53a3b98c3feb9

SHA1
a4863f66dee78f3c42c47d53356a3da7526fee7a

SHA256
1cb109792374a799b50547452dc21c78cd403ffc5c46e628247fac1eb1dad482

SHA512
9e45afdb7499a9142a8a2114f963c6dca3c1489e864cefc4777033c28932ca7fbbf913555649557038e50757fee90be261db7f14ebfb23de73674c21bef1342d

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI29962\python310.dll

Filesize
2.0MB

MD5
467f6210035717b113afeb84f572b885

SHA1
50b1ffdca01c0e01fbf1994bff6b2bd545670ced

SHA256
f00fad517db88ec5c4c5faea11c094c279d344483d216f95de052facb0069052

SHA512
a4e5e4ece8a4d0df1efe5ef11056891602f650ca47caa3c1dce8eb342e590347cb1af5c5bf0d73a44dda3fada94f6547c2769561d902bef08b436e98d24eb56c

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI29962\sqlite3.dll

Filesize
695KB

MD5
be07dfb02b1e0a06240ef38b75612b15

SHA1
7f87752a9c6e40de65affe2004297c67272fa3d6

SHA256
4590314e5aa2ac586cd3cb0acfad7405e45264271bdb176f2ffcb4c6965f3763

SHA512
a92baf55d7f9585b5dafe445862023d2626aee3c8f3360c51c126fc7b759948f4d463c8c80218eb4876bdb01cdf81e2e6e25c162e8874bfbed1112846ce2197c

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI29962\tcl86t.dll

Filesize
1.4MB

MD5
164f0fef4d675547d09dd3673273f5a0

SHA1
e89c318c46d79056718e8dbd7eb2b3600d3b4a39

SHA256
5edce97ecc43d29dcbc8ad7ff779417b4a5337def6be12aa4f19dfd1e1fa161d

SHA512
a92ca9d0385f3caffc18ff30690acadc45fef3cc359165688a7deeba0a26579a7d48b9d4b070ce084fda691532fdfff0a18aab49375375b9ec6a8138ed5d5a4c

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI29962\tcl\encoding\cp1252.enc

Filesize
1KB

MD5
e9117326c06fee02c478027cb625c7d8

SHA1
2ed4092d573289925a5b71625cf43cc82b901daf

SHA256
741859cf238c3a63bbb20ec6ed51e46451372bb221cfff438297d261d0561c2e

SHA512
d0a39bc41adc32f2f20b1a0ebad33bf48dfa6ed5cc1d8f92700cdd431db6c794c09d9f08bb5709b394acf54116c3a1e060e2abcc6b503e1501f8364d3eebcd52

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI29962\tk86t.dll

Filesize
593KB

MD5
a79fad6f66cfb67f0dda8cbf14464e0a

SHA1
82c2ab330a97f8728787cc567bd7e6de6c6f5e8a

SHA256
ce40ac4a11d69667c226d1c31b4a167d4f7aff4cbc29e7a5b69c3962d743065d

SHA512
4d09273e0da73dc9a05ef7844191047cb5c6cd04ff90f9a0ee8274bcfb3119ebc0fca3156e6b25c32b3f2f32923c8928ea13f38389e50dc9c3f09a524fd8baa9

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI29962\ucrtbase.dll

Filesize
1.1MB

MD5
b76f01ae50ce43187be1d701b51ca644

SHA1
cb59f1ff16f8f3996646930f02d3090422c64a02

SHA256
903806c8888e3c9ac0212ed50be6889c21cf4fd12f49931da8b548b5326a0bf8

SHA512
d0962bdc5439c7068d67e59d6434606581744daf41a628c083ae147936074f489b44dca8dd737a6766dcdc2b99a2cb7e5cbc79e13e0d9b661f77acd13a9c5300

Download Submit
\Users\Admin\AppData\Local\Temp\_MEI29962\VCRUNTIME140.dll

Filesize
94KB

MD5
a87575e7cf8967e481241f13940ee4f7

SHA1
879098b8a353a39e16c79e6479195d43ce98629e

SHA256
ded5adaa94341e6c62aea03845762591666381dca30eb7c17261dd154121b83e

SHA512
e112f267ae4c9a592d0dd2a19b50187eb13e25f23ded74c2e6ccde458bcdaee99f4e3e0a00baf0e3362167ae7b7fe4f96ecbcd265cc584c1c3a4d1ac316e92f0

Download Submit
\Users\Admin\AppData\Local\Temp\_MEI29962\_bz2.pyd

Filesize
78KB

MD5
e877e39cc3c42ed1f5461e2d5e62fc0f

SHA1
156f62a163aca4c5c5f6e8f846a1edd9b073ed7e

SHA256
4b1d29f19adaf856727fa4a1f50eee0a86c893038dfba2e52f26c11ab5b3672f

SHA512
d6579d07ede093676cdca0fb15aa2de9fcd10ff4675919ab689d961de113f6543edbceecf29430da3f7121549f5450f4fe43d67b9eab117e2a7d403f88501d51

Download Submit
\Users\Admin\AppData\Local\Temp\_MEI29962\_lzma.pyd

Filesize
149KB

MD5
80da699f55ca8ed4df2d154f17a08583

SHA1
fbd6c7f3c72a6ba4185394209e80373177c2f8d7

SHA256
2e3fd65c4e02c99a61344ce59e09ec7fde74c671db5f82a891732e1140910f20

SHA512
15ea7cd4075940096a4ab66778a0320964562aa4ae2f6e1acbe173cd5da8855977c66f019fd343cfe8dacc3e410edf933bce117a4e9b542182bad3023805fd44

Download Submit
\Users\Admin\AppData\Local\Temp\_MEI29962\_socket.pyd

Filesize
72KB

MD5
7f25ab4019e6c759fc77383f523ef9af

SHA1
5e6748ce7f6753195117fdc2820996b49fd8d3af

SHA256
d0497b79345b2c255f6274baea6ac44b74f345e111ab25bf6c91af9b2a3f3b95

SHA512
a179b22c61f661e4d9b17f56b6a7f66f2d8d8e1d2a9a8aca3c4d6a9cb7755ce6d223bfbca817c1098692a39b6fc20ffbdacefd9bfb47ff02ffa47badca437514

Download Submit
\Users\Admin\AppData\Local\Temp\_MEI29962\_sqlite3.pyd

Filesize
91KB

MD5
485aa66e439a3fe177dc41ca99c47764

SHA1
804c3e453f033f32e7550f5665b4275e68b8addd

SHA256
89d32e0206c06cdd196c1dc97a7540d8893eb31ec4703c996494ac68ca62dc7d

SHA512
d40eec1e2a63f141752f4a8390db1f20720601cce6ce98f16f7f2bbbc41234d1b290dee2399e9b0e65774751bc6c4c39a3c200adda1e78b1362d293420c3506b

Download Submit
\Users\Admin\AppData\Local\Temp\_MEI29962\_ssl.pyd

Filesize
152KB

MD5
cf2f95ecf1a72f8670177c081eedeb04

SHA1
6652f432c86718fed9a83be93e66ea5755986709

SHA256
ba6025ab22d8e6c5ad53c66dc919f219a542e87540502905609b33dc0a8dddd8

SHA512
7e5df920f6acb671e78078e9c4fa3278ae838ea6bef49c0ae44de6a79923a3d7bccf0fb3f0e477ca5092e23450494dee265d8735b24d8026456e1328f6fe8b2e

Download Submit
\Users\Admin\AppData\Local\Temp\_MEI29962\_tkinter.pyd

Filesize
59KB

MD5
c76da9cb5af654367036201cd6b77a96

SHA1
3a8a41c728cfc17556dcb0cbcd762aae4cbc8239

SHA256
e616f850e6905d5f5f1c821a5c39360090444555c1444f97bd2313f4cb99aaf4

SHA512
d91b1027d2ff6e3491c62f2fbc9942e75d76795cc9d48fef423378d69eb8d813add17c8dacb4cea252c5f2cc13b8550057dae41a1de8ffdb720099efca66370c

Download Submit
\Users\Admin\AppData\Local\Temp\_MEI29962\libcrypto-1_1.dll

Filesize
607KB

MD5
f6be09cb98c106470fc6127c395346ec

SHA1
617b682b2f7f54de88f5d187070489dfcbf4f8d0

SHA256
63acbcfeadd6f8011ff52d5dd9de1cdfedd17641cf52d143d153e3476300dc22

SHA512
617f2f0d409d686b1d38852b49d5adf5be261565deb267a0d411f79a8d667e953a3ac5dff26d5f8fdde05c86dc5a0cb49c9b6214947054331a26509f64680cfe

Download Submit
\Users\Admin\AppData\Local\Temp\_MEI29962\libssl-1_1.dll

Filesize
678KB

MD5
bd857f444ebbf147a8fcd1215efe79fc

SHA1
1550e0d241c27f41c63f197b1bd669591a20c15b

SHA256
b7c0e42c1a60a2a062b899c8d4ebd0c50ef956177ba21785ce07c517c143aeaf

SHA512
2b85c1521edeadf7e118610d6546fafbbad43c288a7f0f9d38d97c4423a541dfac686634cde956812916830fbb4aad8351a23d95cd490c4a5c0f628244d30f0a

Download Submit
\Users\Admin\AppData\Local\Temp\_MEI29962\python310.dll

Filesize
1.2MB

MD5
37d0dfdb13712aad78b3b0eeb0d0cd7f

SHA1
b025f7570e3cbf83126c4a64bb3c4083981d9af1

SHA256
f8317b56123fdda23e54e5b2b92ba7401dbe0dab3b15f66918ad566e865a1626

SHA512
1c2f521b3eebd0de81649e2ec44f58f93eddc8b4d588c942fdb67d9f02677df73bfdf2ecd2518ef03c47936dd02d4bc290cd0a1fcef86fdf63deab469e95af8d

Download Submit
\Users\Admin\AppData\Local\Temp\_MEI29962\select.pyd

Filesize
24KB

MD5
589f030c0baa8c47f7f8082a92b834f5

SHA1
6c0f575c0556b41e35e7272f0f858dcf90c192a7

SHA256
b9ef1709ed4cd0fd72e4c4ba9b7702cb79d1619c11554ea06277f3dac21bd010

SHA512
6761c0e191795f504fc2d63fd866654869d8819c101de51df78ff071a8985541eec9a9659626dfcb31024d25fd47eff42caa2ae85cc0deb8a11113675fac8500

Download Submit
\Users\Admin\AppData\Local\Temp\_MEI29962\sqlite3.dll

Filesize
1024KB

MD5
99ce176188b38f2e2f94f974187cb491

SHA1
88b0c4b9e662dd774947ef488953597dad18bd47

SHA256
5c63de251ee71934e4f9f726c5a6b3a50423b30fd7d4eaa7d6629d61157264cb

SHA512
5ea9f6e46d306ccb6dedaf7735a13b73ec09836827c9f64d0187b01e8e96970f4d277dafa52707f43d8b13fbd00fff2a51f89dba4ce05ae00844deb982f9fa25

Download Submit
\Users\Admin\AppData\Local\Temp\_MEI29962\tcl86t.dll

Filesize
863KB

MD5
27fbf7c9fe38db6723f3f91f91e8a6c7

SHA1
fa07d7a3e81b947fa6207f849cc3338b340d8f95

SHA256
d223c141087ee3083233247c41e08c03e65d6bf31c9ec76fbc064bebdf2c1951

SHA512
a40076519c1ec20302f2a10f7af465ee9a964e16339a2689d3ef749171824fcf543bc4b8c3c1ff9f7674fbe4b8511b271bcfe74a770fb239f6e701329a06a7c1

Download Submit
\Users\Admin\AppData\Local\Temp\_MEI29962\tk86t.dll

Filesize
1.3MB

MD5
9822b7c99da9e8bb5e0e371b5065d23e

SHA1
4322c0a72be0495ca6d0a2246e3ffedd2e2471fe

SHA256
161d40d7e73cc93fd586c20f3232829f1c81feda98d3f9d02b7dbd63cbe99011

SHA512
c9deb45ab75e11600181853e1633bfbfc856df309e873b17abfaa47f1c0e5231ef1358d75c1540d6f4564cdb92410654d9c8e38ffedb76230e17d52af9731028

Download Submit

Resubmissions

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads