Overview
overview
7Static
static
3Terraria_R...2_.exe
windows10-1703-x64
3Redist/dot...up.exe
windows10-1703-x64
7Redist/dxwebsetup.exe
windows10-1703-x64
7Redist/vcr...86.exe
windows10-1703-x64
7Redist/xna...st.msi
windows10-1703-x64
6Terraria.exe
windows10-1703-x64
3TerrariaServer.exe
windows10-1703-x64
3small-games.info.url
windows10-1703-x64
7start-server.bat
windows10-1703-x64
3steam_api.dll
windows10-1703-x64
1uninstall.exe
windows10-1703-x64
7$PLUGINSDI...LL.dll
windows10-1703-x64
3Analysis
-
max time kernel
73s -
max time network
82s -
platform
windows10-1703_x64 -
resource
win10-20240221-en -
resource tags
arch:x64arch:x86image:win10-20240221-enlocale:en-usos:windows10-1703-x64system -
submitted
04/04/2024, 13:32
Static task
static1
Behavioral task
behavioral1
Sample
Terraria_Rus_v1.1.2_.exe
Resource
win10-20240221-en
Behavioral task
behavioral2
Sample
Redist/dotNetFx40_Full_setup.exe
Resource
win10-20240319-en
Behavioral task
behavioral3
Sample
Redist/dxwebsetup.exe
Resource
win10-20240221-en
Behavioral task
behavioral4
Sample
Redist/vcredist_x86.exe
Resource
win10-20240221-en
Behavioral task
behavioral5
Sample
Redist/xnafx40_redist.msi
Resource
win10-20240221-en
Behavioral task
behavioral6
Sample
Terraria.exe
Resource
win10-20240221-en
Behavioral task
behavioral7
Sample
TerrariaServer.exe
Resource
win10-20240214-en
Behavioral task
behavioral8
Sample
small-games.info.url
Resource
win10-20240221-en
Behavioral task
behavioral9
Sample
start-server.bat
Resource
win10-20240221-en
Behavioral task
behavioral10
Sample
steam_api.dll
Resource
win10-20240221-en
Behavioral task
behavioral11
Sample
uninstall.exe
Resource
win10-20240221-en
Behavioral task
behavioral12
Sample
$PLUGINSDIR/LangDLL.dll
Resource
win10-20240221-en
General
-
Target
Terraria_Rus_v1.1.2_.exe
-
Size
26.5MB
-
MD5
9025cb8f277d3549a541a4911829f198
-
SHA1
d8c596b89deb2af4ea51fa2567fa9a4a0e6c8904
-
SHA256
37440bf2f11658a00aa9a01f1f6a7b680c0a54d008413adc9070db0ce219de2e
-
SHA512
65e4e396ff21b558c625036536d1295e47ad4ec0310b3d75e66cad86c83b8ecd444853ef1a4655ae41d74f16994f72655c20f54d70e66cc01650c01476f02d77
-
SSDEEP
393216:N3C1bAiBIQPBA2YOrfRw5RM38qU6GOjQoxasPDxfQBBsMC/pPxRp0G:5ClAwIQpAGfRw5RMuKlJQBeMC/pLp0G
Malware Config
Signatures
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
Processes
-
C:\Users\Admin\AppData\Local\Temp\Terraria_Rus_v1.1.2_.exe"C:\Users\Admin\AppData\Local\Temp\Terraria_Rus_v1.1.2_.exe"1⤵PID:4804
-
C:\Windows\System32\rundll32.exeC:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding1⤵PID:2600
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
208B
MD5eaf42d1d54299d875b04d7efc0178b55
SHA181696a2884c91242587db1bc1ee3292ad2e7505e
SHA256d9dadc633063a54f6532cb102da9fe7318dc4faf6c078ffca0d9dc79634662dc
SHA512ad3cc7a6934e4272b4dd25a4469ddc6b8e8c36a081c12c75786f5be702bcfa4fbe1b6e0d4be54330653def26d5b276e78da9c29e2174468e60e57a9cc28ef3d1
-
Filesize
244B
MD51926de24a018d1799b346e16e2d4d51c
SHA15ef6cfdd73e71d2173282b26892f20dad9d0d5c1
SHA256f2e26aa99941b4e11d7720601ecbb2e576c7e48115cde5472edb9e02f993f4ba
SHA51259162e2d72aa0212b2df702203ad4a97e223cf815074072fa9ea411790d61d8de90f7ef1b85f89c419dd9cf6a9376923ccd6346c2ec1abc940638e1c6902964f
-
Filesize
332B
MD5c9170a38acfb6b2fb5767dd2cbff5f39
SHA1106db1827232427f1ef95a7291130537080ff537
SHA2561b14d6e89e878211b49bcd8c01e3b16d47258489b3103741d3c06c5052503239
SHA5121dafda1351d0a38542bf6dca4cda297f144d21fd286e80fa3b6cc688050e084390c2cd1e34c80f92e6f263b328383fc774fea4d1dac97f51d93b93dd716e3a19
-
Filesize
284B
MD54d00f87002e745cc8e54a94449b69d95
SHA13a1f1f4089bb3746cc49da6791cb876442639570
SHA25644ebf39a8ca3a54957166f3bba9cde9819bf4018af84d12e1df6cd6b4ab67965
SHA512020447a37df8e6917ce885e1b76f7a615b3ad022f355673472c7b161923bf2d16f3e083d7d4037b435726b797744879065a92a8de59c056fd8847ba5754d8c4b
-
Filesize
300B
MD539fdf8260ec666cbbde43cfe52476a89
SHA102c92a8fcd84913ab5a96d0a081db74fd76db57b
SHA25690e74ef003ec60ac76bfa91d185e7615dbfb871e0295c642a50b0bc18334f2c2
SHA51218956b52aef0e9362e067798432f927f93c003d962b032d07f6354dd92201160d3e3f58249c733eccb553e8fe99ff3c9e6ec8f0157216895be7c4e8739d7ab3d
-
Filesize
1.8MB
MD5655d54005f8c96c9c923356bc7581d4b
SHA10eeb07502a72367be98de6e9eefc5cd3679ce759
SHA256262a2cbb910499f1df5c42d3beb7ad57f06430818d032caf14339d678f74bed4
SHA512d791d0e96afda290fbc6fc4b6281ad1c0daba597e455f5f19fde079865862a94f4b7f4435d35d64dc1aa6bb0f120c3595691e78040eec7cfd8204c3f543780c1