Overview

overview

8

Static

static

3

Balatro.v1...ed.rar

windows7-x64

8

Balatro.v1...ed.rar

windows10-2004-x64

7

Balatro.v1...ro.exe

windows7-x64

1

Balatro.v1...ro.exe

windows10-2004-x64

1

Balatro.v1...om.url

windows7-x64

6

Balatro.v1...om.url

windows10-2004-x64

6

Balatro.v1...32.dll

windows7-x64

1

Balatro.v1...32.dll

windows10-2004-x64

1

Balatro.v1...!!.txt

windows7-x64

1

Balatro.v1...!!.txt

windows10-2004-x64

1

Balatro.v1...L2.dll

windows7-x64

1

Balatro.v1...L2.dll

windows10-2004-x64

1

Balatro.v1...ps.dll

windows7-x64

1

Balatro.v1...ps.dll

windows10-2004-x64

1

Balatro.v1...se.txt

windows7-x64

1

Balatro.v1...se.txt

windows10-2004-x64

1

Balatro.v1...ve.dll

windows7-x64

1

Balatro.v1...ve.dll

windows10-2004-x64

1

Balatro.v1...51.dll

windows7-x64

1

Balatro.v1...51.dll

windows10-2004-x64

1

Balatro.v1...am.dll

windows7-x64

7

Balatro.v1...am.dll

windows10-2004-x64

7

Balatro.v1...23.dll

windows7-x64

1

Balatro.v1...23.dll

windows10-2004-x64

1

Balatro.v1...20.dll

windows7-x64

1

Balatro.v1...20.dll

windows10-2004-x64

1

Balatro.v1...20.dll

windows7-x64

1

Balatro.v1...20.dll

windows10-2004-x64

1

Balatro.v1...me.txt

windows7-x64

1

Balatro.v1...me.txt

windows10-2004-x64

1

Balatro.v1...64.dll

windows7-x64

7

Balatro.v1...64.dll

windows10-2004-x64

7

Analysis

  • max time kernel
    140s
  • max time network
    145s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    11-03-2024 18:21

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Balatro.v1.0.0L-Unleashed/MrPcGamer.com.url

  • Size

    120B

  • MD5

    c461dae867eed4072211cf709fa70a20

  • SHA1

    2fa5ce6734f5edd0a213a5b1c9e4f75d3160f3c7

  • SHA256

    2930c58a0b49ef48370f91801e37499f605aa396169e776f78fa7d8b9445f158

  • SHA512

    501e0ddfdbe64331941e268a5362ef0a66f207f442f7341a5e5cc1a1a84581d7f3e610fa52ba06a3cca9c09fa061d01b9c4e3b17498e5228639c2c3dbca12cb8

Score
6/10
evasiontrojan

Malware Config

Signatures

  • Checks whether UAC is enabled 1 TTPs 1 IoCs
    evasiontrojan
  • Legitimate hosting services abused for malware hosting/C2 1 TTPs 3 IoCs
  • Modifies Internet Explorer settings 1 TTPs 48 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Windows\System32\rundll32.exe
    "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL C:\Users\Admin\AppData\Local\Temp\Balatro.v1.0.0L-Unleashed\MrPcGamer.com.url
    1⤵
    • Checks whether UAC is enabled
    PID:360
  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" -Embedding
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1512
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1512 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious behavior: GetForegroundWindowSpam
      • Suspicious use of SetWindowsHookEx
      PID:2996

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    67KB

    MD5

    753df6889fd7410a2e9fe333da83a429

    SHA1

    3c425f16e8267186061dd48ac1c77c122962456e

    SHA256

    b42dc237e44cbc9a43400e7d3f9cbd406dbdefd62bfe87328f8663897d69df78

    SHA512

    9d56f79410ad0cf852c74c3ef9454e7ae86e80bdd6ff67773994b48ccac71142bcf5c90635da6a056e1406e81e64674db9584928e867c55b77b59e2851cf6444

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    607bad4011839d40053ae8d41d0de844

    SHA1

    013f66b1c844f16242ef4c5e53a0427bafe462ad

    SHA256

    d98daaa1c01237a1bee17b02047d135bb3e87c85e4d7fa5907f494a9a06c88cc

    SHA512

    c5bef7bfecf1daa24e45d87a69daef05b481702700ed80fa28460eac6cc61a52ec8918c71b6c68221971fec4c4aeeb0e75edf1a6320d76d073a0183a183301f0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4b848bf72ee80c00f87aa3a95ae086f0

    SHA1

    a1903fa1acd9d1600feb26bacdc515950e4f9cbd

    SHA256

    d73d2e3a8994c10434bac0658681213337cd78f43a62474b409871cca3ab5638

    SHA512

    137f97757012f617a62d009365a5f06a9eb15687bfe3af016aa7de1730cb22359260d1faaf547723e33524447c4d7821a4e62cf7a9c00b3cae2fbd2ccbd2179c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a165be3a2a72750c85acabef67780328

    SHA1

    0d4db931854e0c0fc7f6ca0bd16fe53d2a5e6e24

    SHA256

    406294135b41a28a8a016766269975089fe9a85e71690421d4790cbc0281a052

    SHA512

    c3c4dc83356e79d475277996cfdaadd88f133fd1559633f25ea901310bdad6c80c6df97e8fe5053379bc7862618642b02f45f7d832be3b9eee60662bfe7d7929

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    afb2bc4e288a8321d4aebff0e5757c07

    SHA1

    6fb323ae120d4ea6535ccfa95f4892f26bb0c2f6

    SHA256

    6622411a2edc93cb0ea5a8bea9e00c41fb0f25f9f35537988595658636e102ee

    SHA512

    e71c2fb3fefc83cb2e63783da6f0e2513265162a8364fbd7c0612e0c4a3491098fbdde3961a123799bf3525811c407964f714422b7c544fcf2a96ee5eba8e4bd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9923668ba8ca4bffe97cf73a2bdcf294

    SHA1

    da0aac8ddd7bf7de7744664f7376d3891f68237f

    SHA256

    5e758044bb63298a16e058f46bfc8dfd691c5bda598a0a2ef08208f9cca3c923

    SHA512

    30d0782813a5367708695b03cba31941f8700e280477e38c39a51ea2691b112efe3f4bb26d64dd2ec11c357eb578ab054a0bf09b4339341895e6e32a24ab1e95

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    47858917d92c8a36ddd988c41d8b50ba

    SHA1

    8680f226435142e4bca1317f4936c50be365dfb0

    SHA256

    73fa8fb95bd4f2bfed67f541eaf8aded0cc5085973c0f4dbb2bff93c643c916b

    SHA512

    b7b0ef7446fd66490647e2ba890c5823989edb630b4a6f849a23787237314cfe5674d3e6caea91b818437d621ddb8ba1823687278bf27de4b6e5f7f354e6d22c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    30886800a0845f117330e42a91a628a9

    SHA1

    342f3297b891d7e5f8c099231591573095a3fbc3

    SHA256

    e99b669fe5292d079dbf09b4fe49054b073f6c7a7061487d10c5194560669c5e

    SHA512

    3ac2ae74c7cea1af78d0c59cdd08e296f144fc67557027ca128d1a493089a11a93be6050596859dcd5cbdea78a5313aa2b64064c9c3df20e7c07cd8419b0a494

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f1cb09e6314212a84321dad1a386acdf

    SHA1

    76324943a61fb7ae8e7a195d9d59f082d2b8ad04

    SHA256

    7a6d21c625f0c246100b8f8940dd2e169848439909650b8c2cc0619bd6a03f63

    SHA512

    6eae65417d36721ba1297787dcea0228ae50f4a93fb17a0ceb31d905c6d921e2821afd29c2c1223c8236f264dcf7b7cc29bc44883d8f56157688867ca304f313

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    db3ad57e8610e963f63cee5342c05567

    SHA1

    087ed9f4907652276e855ceab25edc241481c790

    SHA256

    c5872d034cd2808fbed896dc80a162cfcbb7afe1a7249ecfb166c2e559d15e02

    SHA512

    afc58ac0d3833837573e792bfba18985de2f5dd4602e0277eb9eddb6f57007fdcb3e6adb1b92dc069676e4df8c6682cf348ffa8dc577d4b2dde438bec1836b13

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d34147c702999d9a69973633d0e6f2f8

    SHA1

    64e8be5977e30e21b1f8ff3cd4b85448580f1a69

    SHA256

    bbb2ef93c68b62879782ca169456828993760b0478576b9cd0befc99d88b7470

    SHA512

    c3bdfd80225d31f7c8fd2d7882cbf03d0aad5b7c49c6d438773ca0131a77d97d3b49ee01deefe3f06abacf39dcb62dea07172a0ccebd1344a878b0a6fa71fed2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9552689c815d05f39a00d9dc6af4a251

    SHA1

    e542ae89b6966fc0cd60ac33f26ccc7ef343f4a2

    SHA256

    92ac394ba6c1d880674dc298f5cc768b289e86ea453268c70dbfca3e0193ea75

    SHA512

    71ac0077eb6526bfd12ee93edad51853a87e93dc171339f76839534b75956cc4e84a2feb976223711775c24de3365a0330e60e76b762a9b66046beb4746aacc8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    573f9bc014710783863cf1b02810afa0

    SHA1

    ffb291aa425ad24d91d1403dea41afc966fea040

    SHA256

    ab3a25646ed773f454962c0ea1367d7332dc2cf66eefbb8f717d3b25d99887e8

    SHA512

    8c6591b07b88601c670ff831679a417492f19d1032127b820e2997afb243b8b9141842825767066bb7433b19a3fff7f8f29917e0c6ca84bf0d5677ac2b8d739d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f0b9dbded61c7481cc77375e479f2841

    SHA1

    cb769ac3a7e26a302a3624a7973c959d09e50119

    SHA256

    5c29a1625e900097d195d4a0db13e75480a6280b7e024d9c7ed79f97fc31d82e

    SHA512

    7d8b35c2ccb9a8410c34633898e9edb153aa086c9b35335909e973d576b84b75d2d3c768ac19e2edf4a6f61f5297f32078142836ed52f8b0c156b53b1cf89bc9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    17357ce0d69b8166478a61eff0ea138e

    SHA1

    853e8c1c574602924f2595d3695392bba8c9d178

    SHA256

    484648f63659cb08dc10a97bd7493055c6c4988bf7c029f37bcee23de3f4520c

    SHA512

    9229913737b3ad9a7ca7a87dbb6ba1fce4b6a6b9d73c914299c943cc2b0850d34a36040cd059122fa4f06f9e63e594b82a4b0786d15df502f3afbc39e18648ae

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3046ad74eea4fc39f941d40d5d01e312

    SHA1

    faf56f379cd8844c286bc7eccf8f45cbc2c0d4be

    SHA256

    380e2695c46bdf0629ff4eea5eaff0b7de4ecef8634e389a6cae1aca221626a3

    SHA512

    569d0460326298d39e41266c8f0539900e8c01e8232b20b34d74aec4f9a1209143482cf0535b9d4fbb491b02b2d4c2c48de49e18fe9afc3aec4e222d72d0705e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b566885f1e5657572b675eb9db652a0b

    SHA1

    e74dee2c07141dd3ec660d42e6bf51c3e6d59f94

    SHA256

    123afa77abe0254ed6c3b204af2922f9f6b49c6fba2fb35b25f4875e76669bfb

    SHA512

    003bd5665548f18bdfacfbf790a75bdda7cc26bee06cd1ce48030df38fd62405942fcc314b7fa5427c6a70d5f8d6d395017e23f13a6e2914fdcdc1f8f15ffee6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    312338eef22a4da00f1a167f98e7851c

    SHA1

    77a898ea943f61b18ccf5d39d332e53628b008fe

    SHA256

    6a6deb23f6aea0193d6e97d64ffd23596b5ab165d67521b8d8b8894d916fbd29

    SHA512

    d62d8ae64ae5fe79d2aa5325e38d27ac4eb690bee16fab128d5128663797f30464c64eee586eaaa7f500dd5a0fda071f2493975308c97a8c3187e4e7261eb3aa

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\P7P96Z4S\mrpcgamer[1].xml
    Filesize

    288B

    MD5

    9ee6eadd03b3d736875241fa3fd76d30

    SHA1

    4495205e8618190a61887ff67285d9cf6e548781

    SHA256

    7bda0010e13d047bdd0c96677f89f847de3a1c1452eac5b60885ee55d310771d

    SHA512

    2ba9706a91dfc232deafe2f84302dc40abcea50544de20a0587f1a654310173e20592c5d900d4e3d3d6f81e8c8fcdeebb50c7f711f2d053e5d81f05570ea73ac

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4JZQ5QLK\favicon[2].ico
    Filesize

    127KB

    MD5

    15d9fa5f8b092493b15c6b66d7b5bf9b

    SHA1

    c6b05dd8fa7b30698bc49a2f0e68103f9fef58cc

    SHA256

    40f201dc40fe64e9808e99a03e4c0c0c73517db887a6d68c970ced1e7a321806

    SHA512

    30e411459b0fd3a723f5842fcc64f6466a15540b1ebed14dff2bd193d8331f920cf053b4987743a9f3cf83d823d30fdeeaccad10d6009b7c667669033b451522

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab28A8.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar29F7.tmp
    Filesize

    175KB

    MD5

    dd73cead4b93366cf3465c8cd32e2796

    SHA1

    74546226dfe9ceb8184651e920d1dbfb432b314e

    SHA256

    a6752b7851b591550e4625b832a393aabcc428de18d83e8593cd540f7d7cae22

    SHA512

    ce1bdd595065c94fa528badf4a6a8777893807d6789267612755df818ba6ffe55e4df429710aea29526ee4aa8ef20e25f2f05341da53992157d21ae032c0fb63

    Download Submit

  • memory/360-0-0x0000000000150000-0x0000000000160000-memory.dmp

    Filesize

    64KB

    Download