f1cd090d9d8a7e6b91d1888f6273af27db50245d0a19876184f67857fa283f98 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

EldenRing_Fix_Repair_Steam_Generic.rar
Size

10.3MB
Sample

240311-xk25dadd22
MD5

c8451598e619ec6f85e06d9001a833db
SHA1

c5447375c9948733d3cb57b0da7c75a8a176150b
SHA256

f1cd090d9d8a7e6b91d1888f6273af27db50245d0a19876184f67857fa283f98
SHA512

7b7df4bdb2e89fb88a71aa60cae02356ebe67617b926a9098ad8b1684b82a889bb6a4d40f698ba2dfafaaf3081abc3abcc90d3d0ef390ad72741b5c5151466c7
SSDEEP

196608:yGv9lQ5gJ/86rp3pHg7AO2H2nomlyc3QMQHkwSFa+un:VAoNjAT2WwMhLFal

Score

6^/10

evasion trojan

Malware Config

Targets

- Target
  
  OnlineFix.url
- Size
  
  46B
- MD5
  
  59bf167dc52a52f6e45f418f8c73ffa1
- SHA1
  
  fa006950a6a971e89d4a1c23070d458a30463999
- SHA256
  
  3cb526cccccc54af4c006fff00d1f48f830d08cdd4a2f21213856065666ef38e
- SHA512
  
  00005820f0418d4a3b802de4a7055475c88d79c2ee3ebfa580b7ae66a12c6966e5b092a02dc0f40db0fd3b821ea28d4aec14d7d404ead4ea88dc54a1815ffe26
Score

6^/10

evasion trojan
- Checks whether UAC is enabled
  evasion trojan
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2
- Target
  
  OnlineFix64.dll
- Size
  
  10.3MB
- MD5
  
  0cccdd04b47dfcd6d20b4d1e21738cca
- SHA1
  
  5f53ebc37fd70de1be2c52494dfde51674dff7f0
- SHA256
  
  a188ff24aec863479408cee54b337a2fce25b9372ba5573595f7a54b784c65f8
- SHA512
  
  9b7ecfcb22e37a6d6ecd6ff650806549352cbdc26c4c2ed1573b08c701cddbd46a9dc774cef79c4eb740208830ee6edbfeb9bd9009bf0fb155ed360bec7aea3f
- SSDEEP
  
  196608:g3giiPVCn+q0Xa8YNUAu9weVbiGEL92ZjSnzo2+pIyis:gQ9VC9oeUAYgpzmph
Score

1^/10
behavioral3 behavioral4
- Target
  
  SeamlessCoop/crashpad/crashpad_handler.exe
- Size
  
  805KB
- MD5
  
  3ec03507fc8a9e09a4e26a10efadad32
- SHA1
  
  424485b95dc7d9f3073f401fcb85b155a6f1d62b
- SHA256
  
  d799b428ecc200a47b08b27f6b33ed5fe1f1e065136f380f6a6e78088c404649
- SHA512
  
  d06605a9829ead68ba54ae796b199144cb8a1e6586fd5c304847abb07f98b2daf4dd8f75d9535bc8128953c4eaf841a7ae77e22d9cf5480f7db481f11c332fc8
- SSDEEP
  
  24576:XyNu7wTizsQCoAe+HhJGs7GT+1sr+2t1t:XvwWzRCoAbJlqT
Score

1^/10
behavioral5 behavioral6
- Target
  
  SeamlessCoop/elden_ring_seamless_coop.dll
- Size
  
  1.9MB
- MD5
  
  e124ca305d637f0b0bd8b2ddb631f877
- SHA1
  
  c36335844c9e97622736fda120fa6e753f9a6433
- SHA256
  
  7eecf18afe9fa0784460501eed544e1db5aad8f8015a76d2deec1336c57e0428
- SHA512
  
  d5abae79f1d035c209a877ac74f361fbe14e244a01691867d778a7fc139ab8816408f328554cbc93edc7b80a2eae9b533fced72a1e3c9a46ec51ebb9fcde4592
- SSDEEP
  
  49152:mvuiZxutPzRGxpL8Nb/61OC1cJ15a0HvZ:m2iZxuqgS1OC
Score

1^/10
behavioral7 behavioral8
- Target
  
  steam_api64.dll
- Size
  
  259KB
- MD5
  
  cbc8b390e065c29572494901b151989e
- SHA1
  
  238243867b2f2daf54ac0dd5f3b68f9d99f8abaf
- SHA256
  
  ca1fa9a7609ab10b7926400559cf073e5888423cc156af72c6027d72a89eea73
- SHA512
  
  e8deb190d9b00d9931f480754cd46b0fa16c4080bf12c25d024ee2c14e75e27a7ed9f9b357a456037c9123537910d5186b7361f359d44a25b175f55bfb9affa7
- SSDEEP
  
  3072:WZz7iKHWadsCKUB6/KuBHlvdXGFcKLF65lhTbCNTnJvxfyN+ve2UhMBCcJo5gDst:+7i6ddsCKg6/KuBFFXyDyEBCcUb
Score

1^/10
behavioral10 behavioral9
- Target
  
  winmm.dll
- Size
  
  512KB
- MD5
  
  e59aac558d9f9c5d1312ac24d09c51d5
- SHA1
  
  2f11c4b00f5f92d4466348f9501aa657c9bf6fa7
- SHA256
  
  ba37009eef6c041bc6d0a271c13679fb9e14a005bd7e038cee596cd4064cf8b3
- SHA512
  
  1c3b357074d62d5ca11c92d71ffdacb4a7e3d6fb17cbd4b489e5bea0032cea43650a6809388e98e4b98256b477c6b5dbd8fd2c7f4e3e08af00ef68e0ed4406d0
- SSDEEP
  
  12288:XQxOD9ZC0WKOy8zMtJKpBmpMgBNwQuQmMzWq0hNwnoAZwl:XQxOD9ZFKpB+N7JmMzWq0hNwnBZ
Score

1^/10
behavioral11 behavioral12

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12