General
-
Target
3.0.0-PVP.rar
-
Size
478.2MB
-
Sample
240419-anwensba85
-
MD5
3f7ef386dba58f6a61c0f3ec1812fbea
-
SHA1
c17a4fc0044cd3045f8624308534fe4a3d1fc1ec
-
SHA256
ffbe8c67e2a72063c0f2f5e96c4c2be69861d50f3996af0ed97131620363f8f7
-
SHA512
69ff3e8484ba0722d8f2421d0938e1178e660dffdda9dc6aacaa07ce7403fa84b2356b7f792e359c1d30306add1ad58b8dfa65cb6cb279c9968c5f5d696eac29
-
SSDEEP
12582912:RKr5KTbTo/64YGqWLSml67GXmNi3kB+io+03hj2sGW0OtivFpQG6:Ur5KTbTF4D5l6fGYo+Cssb0OgzQZ
Malware Config
Targets
-
-
Target
3.0.0-PVP.rar
-
Size
478.2MB
-
MD5
3f7ef386dba58f6a61c0f3ec1812fbea
-
SHA1
c17a4fc0044cd3045f8624308534fe4a3d1fc1ec
-
SHA256
ffbe8c67e2a72063c0f2f5e96c4c2be69861d50f3996af0ed97131620363f8f7
-
SHA512
69ff3e8484ba0722d8f2421d0938e1178e660dffdda9dc6aacaa07ce7403fa84b2356b7f792e359c1d30306add1ad58b8dfa65cb6cb279c9968c5f5d696eac29
-
SSDEEP
12582912:RKr5KTbTo/64YGqWLSml67GXmNi3kB+io+03hj2sGW0OtivFpQG6:Ur5KTbTF4D5l6fGYo+Cssb0OgzQZ
Score7/10-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Registers COM server for autorun
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops desktop.ini file(s)
-
Checks system information in the registry
System information is often read in order to detect sandboxing environments.
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
2Event Triggered Execution
1Change Default File Association
1