Overview

overview

8

Static

static

3

Balatro.v1...ed.rar

windows7-x64

8

Balatro.v1...ed.rar

windows10-2004-x64

7

Balatro.v1...ro.exe

windows7-x64

1

Balatro.v1...ro.exe

windows10-2004-x64

1

Balatro.v1...om.url

windows7-x64

6

Balatro.v1...om.url

windows10-2004-x64

6

Balatro.v1...32.dll

windows7-x64

1

Balatro.v1...32.dll

windows10-2004-x64

1

Balatro.v1...!!.txt

windows7-x64

1

Balatro.v1...!!.txt

windows10-2004-x64

1

Balatro.v1...L2.dll

windows7-x64

1

Balatro.v1...L2.dll

windows10-2004-x64

1

Balatro.v1...ps.dll

windows7-x64

1

Balatro.v1...ps.dll

windows10-2004-x64

1

Balatro.v1...se.txt

windows7-x64

1

Balatro.v1...se.txt

windows10-2004-x64

1

Balatro.v1...ve.dll

windows7-x64

1

Balatro.v1...ve.dll

windows10-2004-x64

1

Balatro.v1...51.dll

windows7-x64

1

Balatro.v1...51.dll

windows10-2004-x64

1

Balatro.v1...am.dll

windows7-x64

7

Balatro.v1...am.dll

windows10-2004-x64

7

Balatro.v1...23.dll

windows7-x64

1

Balatro.v1...23.dll

windows10-2004-x64

1

Balatro.v1...20.dll

windows7-x64

1

Balatro.v1...20.dll

windows10-2004-x64

1

Balatro.v1...20.dll

windows7-x64

1

Balatro.v1...20.dll

windows10-2004-x64

1

Balatro.v1...me.txt

windows7-x64

1

Balatro.v1...me.txt

windows10-2004-x64

1

Balatro.v1...64.dll

windows7-x64

7

Balatro.v1...64.dll

windows10-2004-x64

7

Analysis

  • max time kernel
    121s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    11-03-2024 18:21

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Balatro.v1.0.0L-Unleashed/luasteam.dll

  • Size

    189KB

  • MD5

    3a9684714ccd9f25a9a6d94de9972f8b

  • SHA1

    694380cc1b4fe03d6d7def8384b9ec6c62ae2949

  • SHA256

    737d63541c206e5f88298022c48c7205b0fc72a07cf051a354a6fae2bcd88f49

  • SHA512

    d227eec2d8bfca1afef5bc89a5b6a1ee81edc731793fa4bf91edfd824f3b3bc969bf663b18de97aa0ee2d3b999ae40e2a81a1d9a828f0324c5a0880fc5a037a2

  • SSDEEP

    3072:WXEgpcnvT+hGh9D9z3rQ4Glx4XHz/Y0kyDp1VhfYfPkuZMgRs:8OsGh9DhEHlqD+E1wkCJi

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 2 IoCs
  • Suspicious behavior: EnumeratesProcesses 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\Balatro.v1.0.0L-Unleashed\luasteam.dll,#1
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of WriteProcessMemory
    PID:3064
    • C:\Windows\system32\WerFault.exe
      C:\Windows\system32\WerFault.exe -u -p 3064 -s 196
      2⤵
        PID:2552

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\Local\Temp\Balatro.v1.0.0L-Unleashed\steam_api.ini
      Filesize

      1KB

      MD5

      ca8fba76acdc7c7acc351a80cafab460

      SHA1

      13c43f8013f32a1ad24e59ce57901658fafb2066

      SHA256

      7a3a95c24728806591f00fe686fadacd289aeef097b94b7d348f64ae138caafa

      SHA512

      b9c7319e2efbca4bfcf3ab832c80a5d3ad30fe99f72a5dd7b07db0b8ce8682dce91e0c9244a01f7a4dc4eb86a27a0c91df115dee785a597c44938fcecd589d56

      Download Submit

    • \Users\Admin\AppData\Local\Temp\tier0_s64.dll
      Filesize

      291KB

      MD5

      cc7470b39ac697d9a9d2d43f5c30093c

      SHA1

      542d7574b76c16b35912fa8f6a4435b44525aacf

      SHA256

      a3ccbe0f56e4af7a06a1279bc5b45bf4893caa67e5467cb5df3b3f681fb850c0

      SHA512

      ed84c34b4c3c7ba95418b2d582bc2dea1ca771e38f5abbd400f0d06ee897ccd47fd8901f7ab3a709340d4706c1fe2791473e6d98a1ffaac6235927b1f758e13b

      Download Submit

    • memory/3064-12-0x000007FEFD320000-0x000007FEFD321000-memory.dmp

      Filesize

      4KB

      Download

    • memory/3064-11-0x00000000772A0000-0x00000000772A1000-memory.dmp

      Filesize

      4KB

      Download