Overview

overview

10

Static

static

10

ContentWar...ic.rar

windows7-x64

6

ContentWar...ic.rar

windows10-2004-x64

3

ContentWar...er.dll

windows7-x64

1

ContentWar...er.dll

windows10-2004-x64

1

ContentWar...64.dll

windows7-x64

1

ContentWar...64.dll

windows10-2004-x64

1

ContentWar...om.dll

windows7-x64

1

ContentWar...om.dll

windows10-2004-x64

1

ContentWar...ix.ini

windows7-x64

1

ContentWar...ix.ini

windows10-2004-x64

1

ContentWar...ix.url

windows7-x64

6

ContentWar...ix.url

windows10-2004-x64

6

ContentWar...64.dll

windows7-x64

1

ContentWar...64.dll

windows10-2004-x64

1

ContentWar...64.dll

windows7-x64

1

ContentWar...64.dll

windows10-2004-x64

1

ContentWar...st.txt

windows7-x64

1

ContentWar...st.txt

windows10-2004-x64

1

ContentWar...mm.dll

windows7-x64

1

ContentWar...mm.dll

windows10-2004-x64

1

MrPcGamer.url

windows7-x64

6

MrPcGamer.url

windows10-2004-x64

6

README !!!.txt

windows7-x64

1

README !!!.txt

windows10-2004-x64

1

[Game3rb].url

windows7-x64

6

[Game3rb].url

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ContentWarning_Fix_Repair_Steam_V4_Generic.rar

  • Size

    10.8MB

  • Sample

    240412-sdhd6sed7y

  • MD5

    60b1a89cb4d614f898699eeb3f938ea2

  • SHA1

    28ad3c6905488fe245614386619e974f02d1f49c

  • SHA256

    a96e25e828ff6762d3e630a863e27ff54e53d8c5de90b7ea60f4d30facbc559d

  • SHA512

    1dae5f9962a614816f3afb71d61d1edd17b2b2445bfe2a556610e04d5f52b4633228cc038841aa61603cd434c34f25ff3a9c3b6ca35e914720e777225e93932e

  • SSDEEP

    196608:o0fNSVyH7jPkXyj2/YHQ99lYMDdObg4E5Jbwzg/hLggLjIcBD4oax:oSNS8vOyj2wHQtDdObg4IbDhLgmjDBDI

Score
10/10
blackguardevasiontrojan

Malware Config

Targets

    • Target

      ContentWarning_Fix_Repair_Steam_V4_Generic.rar

    • Size

      10.8MB

    • MD5

      60b1a89cb4d614f898699eeb3f938ea2

    • SHA1

      28ad3c6905488fe245614386619e974f02d1f49c

    • SHA256

      a96e25e828ff6762d3e630a863e27ff54e53d8c5de90b7ea60f4d30facbc559d

    • SHA512

      1dae5f9962a614816f3afb71d61d1edd17b2b2445bfe2a556610e04d5f52b4633228cc038841aa61603cd434c34f25ff3a9c3b6ca35e914720e777225e93932e

    • SSDEEP

      196608:o0fNSVyH7jPkXyj2/YHQ99lYMDdObg4E5Jbwzg/hLggLjIcBD4oax:oSNS8vOyj2wHQtDdObg4IbDhLgmjDBDI

    Score
    6/10

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1behavioral2

    • Target

      ContentWarning_Fix_Repair_Steam_V4_Generic/BepInEx/core/BepInEx.Preloader.dll

    • Size

      42KB

    • MD5

      24e30ee42802145447b474613f66c376

    • SHA1

      096810482069885b56fa430f7dfbcb77506f086d

    • SHA256

      9a7597d16bfc1d2564c6c1168fb077443155946b66f2041e1d1cf9548de210b2

    • SHA512

      3cbd64478650c1093e9c778408291d9184a84b5190e2d540060faf112b68feffa2d90a2fb97e82f586b40fd85ff60c77c780adf6f867a591a3c068be3718c0bd

    • SSDEEP

      384:2MEBj+RTLt5m7jJQNqgXnz2pxZqf3mjE7EP/QvlGM/3G3kDH0nMxbdgRwe5Lybru:vRwJxMejEAPMvGjgbVoLybr6csQp4

    Score
    1/10
    behavioral3behavioral4

    • Target

      ContentWarning_Fix_Repair_Steam_V4_Generic/Content Warning_Data/Plugins/x86_64/steam_api64.dll

    • Size

      291KB

    • MD5

      f3db5801dc9b75da671b39041e2e8bcf

    • SHA1

      40d0ae44e090db49b2309fb152fbd3e11124a376

    • SHA256

      a44e5537939ae4eebc69000589aa9b2437a667813a1657cc779198bae9b815a9

    • SHA512

      9abeb8542ce48f3d263e9924a82cafa80b42b730636f1df6e594679482b6638997563b5d752d5505f25596a5d0e2f56f1255e4a94bb9523d47c180bc131e22f9

    • SSDEEP

      3072:B8Y+BDOgGIWcXSEJeRhqTMdU55UuT7+7JtN3RUOj65lhTbCMTiGu2ZvJpKCZyq+g:BYPNrQheMW5vTKxRo8CgCZyqO2CM4OYS

    Score
    1/10
    behavioral5behavioral6

    • Target

      ContentWarning_Fix_Repair_Steam_V4_Generic/Custom.dll

    • Size

      2.1MB

    • MD5

      310120290f8cc047681f8a348ab9d851

    • SHA1

      478b3dd155c06be474efde3ae3ffb86450f78a6d

    • SHA256

      3ff601e0ad8c73ad433f158627fda8d58c52a983907f05ff0d83933230becf56

    • SHA512

      c381b20d3b8fcb19a2b483f47db11401b2196c8cfef12cb613bf60513b7a1e15d4b3150a56da8516a708f845889a353607306d2751b00f5365b622d5b4422854

    • SSDEEP

      24576:1uILGblwKgf70b6sAUmLuBUJ/KE/dFdy8goDSGIt6:1wlS0bBmQKRynqS

    Score
    1/10
    behavioral7behavioral8

    • Target

      ContentWarning_Fix_Repair_Steam_V4_Generic/OnlineFix.ini

    • Size

      553B

    • MD5

      38b877777ff2bdbf9c3a6cb1496b0a7a

    • SHA1

      2dfbe9ece9f32d51e2a2487f006cc8be4f5de7a8

    • SHA256

      c4f77eb33eb6d403d8ef5756ea9ab4380d5cc0040721928aff87a0aa4238201e

    • SHA512

      6f812f900bf4572e6977b24d1d875adcdbe96191f2ad3f44dbcf6f9d228f48e2f127fe1187b72c11d3156f9e680cfd1fe6363b49e1f5d133d7832b93ddb5102c

    Score
    1/10
    behavioral10behavioral9

    • Target

      ContentWarning_Fix_Repair_Steam_V4_Generic/OnlineFix.url

    • Size

      46B

    • MD5

      59bf167dc52a52f6e45f418f8c73ffa1

    • SHA1

      fa006950a6a971e89d4a1c23070d458a30463999

    • SHA256

      3cb526cccccc54af4c006fff00d1f48f830d08cdd4a2f21213856065666ef38e

    • SHA512

      00005820f0418d4a3b802de4a7055475c88d79c2ee3ebfa580b7ae66a12c6966e5b092a02dc0f40db0fd3b821ea28d4aec14d7d404ead4ea88dc54a1815ffe26

    Score
    6/10
    evasiontrojan

    • Checks whether UAC is enabled

      evasiontrojan

    • Legitimate hosting services abused for malware hosting/C2

    behavioral11behavioral12

    • Target

      ContentWarning_Fix_Repair_Steam_V4_Generic/OnlineFix64.dll

    • Size

      11.4MB

    • MD5

      47405758b967aa564aeb20fddf06ed77

    • SHA1

      1d9f52eedbc5f5d7df844baa0b9a9094a4c1a278

    • SHA256

      14232bd5332d950291bc419d3dba5d8794079adfe108a3fd0688af8a01ca5e6b

    • SHA512

      77a5b85093d797aff5a02fee74fede49dd24f736c10660167ecc49a10fca7715e5bf107e9318143858a24c8bdb93c4c8442388154ddb4290a7f7ace07df1e3ab

    • SSDEEP

      196608:L15lPjdkENulnJCLYG+ag8WraGyI0s111IwR+QfgpjHh93OoE9KmG67os:55LkyYP8WrLyIn1uw/IzOYZ

    Score
    1/10
    behavioral13behavioral14

    • Target

      ContentWarning_Fix_Repair_Steam_V4_Generic/SteamOverlay64.dll

    • Size

      114KB

    • MD5

      0a5429b888c75f6525e1100e32dd2b69

    • SHA1

      8ae224580aa0838a7b1570c79d4d8f27a1b46d19

    • SHA256

      f784b4b85b627c7ea541bd2a90c9fc6e9736a0731707c31265aa86fe684dc2df

    • SHA512

      5f77ac9619ccb5baebabb2e406ce265148ad18c6e1162c7d4c3a5656f38abedf90f756a829da856312689a738a3258382f37a279843bf7db0c14ac953c6992ef

    • SSDEEP

      1536:h1iaPnCtV4+1/IGiaA7bSMhP3rOy843NxnpWJtRsWkd09dl38s6BtcBRXh4:h1iaPn5+uGi/7bpxaX43Ni3aMLJB1h

    Score
    1/10
    behavioral15behavioral16

    • Target

      ContentWarning_Fix_Repair_Steam_V4_Generic/dlllist.txt

    • Size

      204B

    • MD5

      88b5da9eac806f1af95b884d9649215e

    • SHA1

      d229a8e0dda21b53af01f58584aace321d1fd5be

    • SHA256

      2a4b92a851e6fa066803236744cf110c0f25072f4b14b67e6ad81b06952ac197

    • SHA512

      ba74affd534fb9eb1dfb850f8d11f2fafb337536ee73b6aa1b5e0b399b92dc1533ab2e1fbc8c76f3f8d94b09631d549aba1c4026383bcabf0214cc055d2465d8

    Score
    1/10
    behavioral17behavioral18

    • Target

      ContentWarning_Fix_Repair_Steam_V4_Generic/winmm.dll

    • Size

      512KB

    • MD5

      e59aac558d9f9c5d1312ac24d09c51d5

    • SHA1

      2f11c4b00f5f92d4466348f9501aa657c9bf6fa7

    • SHA256

      ba37009eef6c041bc6d0a271c13679fb9e14a005bd7e038cee596cd4064cf8b3

    • SHA512

      1c3b357074d62d5ca11c92d71ffdacb4a7e3d6fb17cbd4b489e5bea0032cea43650a6809388e98e4b98256b477c6b5dbd8fd2c7f4e3e08af00ef68e0ed4406d0

    • SSDEEP

      12288:XQxOD9ZC0WKOy8zMtJKpBmpMgBNwQuQmMzWq0hNwnoAZwl:XQxOD9ZFKpB+N7JmMzWq0hNwnBZ

    Score
    1/10
    behavioral19behavioral20

    • Target

      MrPcGamer.url

    • Size

      220B

    • MD5

      e4de23acaa93617bbfc2aca9b9881ee5

    • SHA1

      b1fc999c81e87b784e369e6d57fb1e7f5f302e6a

    • SHA256

      e7429327a37047e65b366212591ca03efc9c6bd8bf3a79a465e3d42a95a42525

    • SHA512

      a6eecda572fba2c5dc543b04a695cc27fda0c2be913660df69a8640a375fbeffba0cf7a5dbaf44e9fba6a7e7ed7886c64852ee5e843d1f3cc6ca333f67743ccc

    Score
    6/10
    evasiontrojan

    • Checks whether UAC is enabled

      evasiontrojan

    • Legitimate hosting services abused for malware hosting/C2

    behavioral21behavioral22

    • Target

      README !!!.txt

    • Size

      116B

    • MD5

      c0b368f83f23bcfbcde0fafa9f30d741

    • SHA1

      3e8ef72a11f537500ebae7dcdb644e57cbb5dc31

    • SHA256

      ba314c3708c6b435e5a7fa4ae044e5e651308ac0aa3fbce58d0b3f163f101eb7

    • SHA512

      9ca3004fcb60050a65baf0d721208d8bd10a71dbbc4b206abec121495973c1f25e405b6e2ecd0731a54d336e9ba39d9e009b40b16ddf8d992f5b10754fab61ba

    Score
    1/10
    behavioral23behavioral24

    • Target

      [Game3rb].url

    • Size

      218B

    • MD5

      d0d54bcdde7fce0424d072c5babaa968

    • SHA1

      3c88909ef366d819e2e62a4984ac836e6b5e8695

    • SHA256

      e4b38b71be0000d8085808776a25af7193d1e327054601c6ef568dd22e20b45d

    • SHA512

      6015347e0358438cdfed8bb71b30aa6f83438d9161d2bc05c277b290ea1f40269425cef67528de52f621f6e0537dbd702d88ec6bc8e6b47f76c2f6d58b2018a2

    Score
    6/10
    evasiontrojan

    • Checks whether UAC is enabled

      evasiontrojan

    • Legitimate hosting services abused for malware hosting/C2

    behavioral25behavioral26

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.