5e7761b435a3cd803a547332ba35d8c9e98dc7d47a4fcfbbacba179748861b33 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Mod Menu.exe
Size

87.5MB
Sample

240328-sjzweahc5v
MD5

31f4b9bc75fca596d7f0a38786665bc4
SHA1

85b6813f398c89e897c2aff0298ea53d030e96ef
SHA256

5e7761b435a3cd803a547332ba35d8c9e98dc7d47a4fcfbbacba179748861b33
SHA512

0cc9fac8625a39c9097f7def1c942be27372aad4b3f4381cd551cbc74f8c66256d5d19618ab8954cdb6c30c2a8e534b74da2899ba1c610444fbbb0deb3583c19
SSDEEP

1572864:VGwoY5r4BqkD9HsJer8JVde430pspkfOhRkkcdR5uRuLE+w7++:ycr4IkD9MJp4430yagRKkl

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  Mod Menu.exe
- Size
  
  87.5MB
- MD5
  
  31f4b9bc75fca596d7f0a38786665bc4
- SHA1
  
  85b6813f398c89e897c2aff0298ea53d030e96ef
- SHA256
  
  5e7761b435a3cd803a547332ba35d8c9e98dc7d47a4fcfbbacba179748861b33
- SHA512
  
  0cc9fac8625a39c9097f7def1c942be27372aad4b3f4381cd551cbc74f8c66256d5d19618ab8954cdb6c30c2a8e534b74da2899ba1c610444fbbb0deb3583c19
- SSDEEP
  
  1572864:VGwoY5r4BqkD9HsJer8JVde430pspkfOhRkkcdR5uRuLE+w7++:ycr4IkD9MJp4430yagRKkl
Score

7^/10

persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2