General

  • Target

    Black Myth Wukong 64-bit.rar

  • Size

    6.4MB

  • Sample

    240406-htl27adg53

  • MD5

    6d11ec2f82d8385be4da159049468f23

  • SHA1

    b9e6e2f325025b2809bc9eb3c1b273907b3ad9b5

  • SHA256

    65b855d60a8f2583ad7f4ec3cd406ef598d71e6f32e67006bde3aa7061bb6798

  • SHA512

    f667869e9cf41512f653747c04b068f59e4f47dfed831eaf738ad6e842a2687c234aeef224e4c8d182f6f7b0cf40b40b9395ea3ee56c95af071f145b11be766d

  • SSDEEP

    196608:+PCa0yl4BoBI+frVa8zJNSEMLooUIT+r8+Zrcta4ud:+65yKiB7bFAEMpT+Xrsaf

Malware Config

Targets

    • Target

      Black Myth Wukong 64-bit.rar

    • Size

      6.4MB

    • MD5

      6d11ec2f82d8385be4da159049468f23

    • SHA1

      b9e6e2f325025b2809bc9eb3c1b273907b3ad9b5

    • SHA256

      65b855d60a8f2583ad7f4ec3cd406ef598d71e6f32e67006bde3aa7061bb6798

    • SHA512

      f667869e9cf41512f653747c04b068f59e4f47dfed831eaf738ad6e842a2687c234aeef224e4c8d182f6f7b0cf40b40b9395ea3ee56c95af071f145b11be766d

    • SSDEEP

      196608:+PCa0yl4BoBI+frVa8zJNSEMLooUIT+r8+Zrcta4ud:+65yKiB7bFAEMpT+Xrsaf

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Target

      Black Myth Wukong 64-bit.exe

    • Size

      6.6MB

    • MD5

      be9c01d1b46fd869e93187e1b65eb820

    • SHA1

      fe8f3b6e69af45663a8fd908a915d772aa388f83

    • SHA256

      38ba384cdb7c9cfc9c6ab60138b1b62dc465fb60e5abab17500249b39827f124

    • SHA512

      9489f74f0259b603fc3110a55ddddf1a0ccfb97dabec685ebf557d0a5dacc1ae00fb9a374c763327794760e7fba4323f0f4ef319cf1af94a4b5acf2042270308

    • SSDEEP

      196608:phZXfdfhMWOHXGjAcMIaITlkruDOT6icm+OAAkjKW8p:X+L3bjImruaT6iBm

    Score
    10/10
    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

    • Suspicious use of NtCreateUserProcessOtherParentProcess

    • Loads dropped DLL

    • Target

      BSR.pyc

    • Size

      10.5MB

    • MD5

      7a0e5fbbbaf82bbf0be66c5761dfbe7c

    • SHA1

      b837618235d17c2fee6a02f0d3eadedc8d25d549

    • SHA256

      ee4cac072df122d13ec3dfbdb1fe276a9d0193fec3b6552088eead067e36cca8

    • SHA512

      644e36d6e7d043386c78aca405dcd208d283525743cb3509c1e292875ec877e32cee792aacc107ddee1b11dcfa480319299e084d3150bb169a63a24cef4003bb

    • SSDEEP

      24:SfLFtLyxnSanyXUSanyXndzmiCCHBSanyHcXRSany+SanykSanyMo3SanyS9wSau:SfL72iCDkRZW7PvWWbrs8r

    Score
    3/10

MITRE ATT&CK Enterprise v15

Tasks