Overview

overview

8

Static

static

3

Balatro.v1...ed.rar

windows7-x64

8

Balatro.v1...ed.rar

windows10-2004-x64

7

Balatro.v1...ro.exe

windows7-x64

1

Balatro.v1...ro.exe

windows10-2004-x64

1

Balatro.v1...om.url

windows7-x64

6

Balatro.v1...om.url

windows10-2004-x64

6

Balatro.v1...32.dll

windows7-x64

1

Balatro.v1...32.dll

windows10-2004-x64

1

Balatro.v1...!!.txt

windows7-x64

1

Balatro.v1...!!.txt

windows10-2004-x64

1

Balatro.v1...L2.dll

windows7-x64

1

Balatro.v1...L2.dll

windows10-2004-x64

1

Balatro.v1...ps.dll

windows7-x64

1

Balatro.v1...ps.dll

windows10-2004-x64

1

Balatro.v1...se.txt

windows7-x64

1

Balatro.v1...se.txt

windows10-2004-x64

1

Balatro.v1...ve.dll

windows7-x64

1

Balatro.v1...ve.dll

windows10-2004-x64

1

Balatro.v1...51.dll

windows7-x64

1

Balatro.v1...51.dll

windows10-2004-x64

1

Balatro.v1...am.dll

windows7-x64

7

Balatro.v1...am.dll

windows10-2004-x64

7

Balatro.v1...23.dll

windows7-x64

1

Balatro.v1...23.dll

windows10-2004-x64

1

Balatro.v1...20.dll

windows7-x64

1

Balatro.v1...20.dll

windows10-2004-x64

1

Balatro.v1...20.dll

windows7-x64

1

Balatro.v1...20.dll

windows10-2004-x64

1

Balatro.v1...me.txt

windows7-x64

1

Balatro.v1...me.txt

windows10-2004-x64

1

Balatro.v1...64.dll

windows7-x64

7

Balatro.v1...64.dll

windows10-2004-x64

7

Analysis

  • max time kernel
    120s
  • max time network
    125s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    11-03-2024 18:21

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Balatro.v1.0.0L-Unleashed/steam_64.dll

  • Size

    1.6MB

  • MD5

    4261667c2cac5f3eb057b161a6314f34

  • SHA1

    fe799892da89be2d0711bb9d63fe3d5c7fde335f

  • SHA256

    94c3750a4cae3af4238af55baf20c3a20fc9b9558dcc40faef869fde747b503e

  • SHA512

    f7a0cd2b77b201e6d8ffa9415acffc73c300e2ab504373409d30e95f017087b3473a99d5df53872c0419199a637259b4f1520472dc5c695a6bd93210c9af2257

  • SSDEEP

    49152:TgkG+zXFU4++SBsLTlfc3E1vLrPsZ+Wbwp24BxwxokB4+YRXyRZKeZ14qNvnfC:Pp++SBsLTlfc3E1vLrPsZ+Wbwp24Bxlq

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 2 IoCs
  • Suspicious behavior: EnumeratesProcesses 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\Balatro.v1.0.0L-Unleashed\steam_64.dll,#1
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of WriteProcessMemory
    PID:756
    • C:\Windows\system32\WerFault.exe
      C:\Windows\system32\WerFault.exe -u -p 756 -s 192
      2⤵
        PID:2308

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\Local\Temp\Balatro.v1.0.0L-Unleashed\steam_api.ini
      Filesize

      1KB

      MD5

      53ba4513ee74eeb38c936de32778c160

      SHA1

      665ec91c182786c59248331299d7e97232cc865e

      SHA256

      02e479d34b729c2ab8aebd9924265d95d53544d54495197adb07d861da03d258

      SHA512

      21d424084a73b023616ceae7129919cf2655d52427044d5b69fb21206afc8ee1b300a29eefeb85edd531ccb4e0e70f50c742384c4556dadee5a643d71b1a354f

      Download Submit

    • \Users\Admin\AppData\Local\Temp\tier0_s64.dll
      Filesize

      291KB

      MD5

      cc7470b39ac697d9a9d2d43f5c30093c

      SHA1

      542d7574b76c16b35912fa8f6a4435b44525aacf

      SHA256

      a3ccbe0f56e4af7a06a1279bc5b45bf4893caa67e5467cb5df3b3f681fb850c0

      SHA512

      ed84c34b4c3c7ba95418b2d582bc2dea1ca771e38f5abbd400f0d06ee897ccd47fd8901f7ab3a709340d4706c1fe2791473e6d98a1ffaac6235927b1f758e13b

      Download Submit

    • memory/756-11-0x00000000773F0000-0x00000000773F1000-memory.dmp

      Filesize

      4KB

      Download

    • memory/756-12-0x000007FEFD510000-0x000007FEFD511000-memory.dmp

      Filesize

      4KB

      Download