b782dbd696f87d28831fb8dab4efc6d3779e04ceb305c235acd59bf076116cd5

Sharing

Copy URL

Twitter E-mail

General

Target

build_release_client.zip
Size

34.0MB
Sample

240420-l556zsea75
MD5

c6ef0120f2c6941e08e70b2035fe74a3
SHA1

5b091f1c37b5aad062f710e0ef409e44f189249f
SHA256

b782dbd696f87d28831fb8dab4efc6d3779e04ceb305c235acd59bf076116cd5
SHA512

066dcf455620f3e6aadf003c01151a292a238cb7688315616bb71f75df8bd91d0d5d1640277d1ab0b7ac00ced56ed0bb5f52a70da3b59aaf47dd6b96359c9cc2
SSDEEP

786432:xAZ5ueLhHniSCY2ebnTaNpZ7Vpx99rAtuNL7nDPUu:KQeLhCpRZ7Vpx99rAINL7Dsu

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  EOSSDK-Win32-Shipping.dll
- Size
  
  14.2MB
- MD5
  
  3ce404c063a9a36ec499b2b70c7a243f
- SHA1
  
  363b74a1ba4e154545cc05489862a34aac4239a4
- SHA256
  
  9f8726f8d2e60e74051c40f24feea73231d390485590b321ed2ad80dfa4c4bc4
- SHA512
  
  9e3dde282ca3cb3f7cc96463992382c3f1d793b62e360d96af4aa4f5488b122d9d763aaff20b1c44fa9a02ec336a46cf9341d5a0d9c77eaeddb59f7f80cc79d3
- SSDEEP
  
  196608:lmMbkp+6hnGFQmklzhMS+WbSVOXYdDbaSqSUf5H9DyyAOOez:lmM0jhGFKhMS+Wb1qIz51yzOL
Score

3^/10
behavioral1
- Target
  
  OpenAL32.dll
- Size
  
  616KB
- MD5
  
  e470a54ed520301dedec87c9db7539e3
- SHA1
  
  fe7fbb11d731e1ea67fe38cee3436b0dcbc240df
- SHA256
  
  49f0b67af1341f69cec41940529c0ef551420282f471f0f869f89cc4ab6357c7
- SHA512
  
  522448047c564a91734bafa3629ff6ab2697a560927016f522397a1431a1e735c09c1ad6a360fab2266fae063f05087f073ec6a0fddadafc20ebd5c7712bbc20
- SSDEEP
  
  12288:PsmFzEdFKWRcDGqZagU7YLvAmvUCyc54j/XPlJtsMPsj+e:PXzKKjAGAuUxj/9JtsMC
Score

1^/10
behavioral2
- Target
  
  discord_game_sdk.dll
- Size
  
  2.8MB
- MD5
  
  71d18d7510fad32a2ac4b038fcdd56e3
- SHA1
  
  63b2383c12013dcd7bbee08a7f965148c14d9c9d
- SHA256
  
  e49ca81252852250a254f8c3f169859696542af2d0a81348f5984f0af880f43b
- SHA512
  
  b160977f17029774ab0c4b3d0f86e59e60e9b529388e629aee76b1d4023f27f91fae91f0c022c5c2f398e0ab38d36e7579e8aced8e2db372c4df5058640e8f2f
- SSDEEP
  
  49152:XS6i6p3uVpMrgEc/QuZxg0hqPFhBlJ8KbozNtirBC8IU6iRTDr6I:XS0p3uV4zc/QuZxg08nlizae+pDmI
Score

1^/10
behavioral3
- Target
  
  nvmp/CrashRpt1403.dll
- Size
  
  103KB
- MD5
  
  e1649511f335186d0cd89a382c44a0be
- SHA1
  
  882e28f6da65b97e85e28e4f2bce6f1fd4cb8f41
- SHA256
  
  a68d654461ee949442452872a0a750a01e9e13b3fc9201d3eb70c30cc027ab9e
- SHA512
  
  a01f4bc05f46e3e4310cdf1df526ba819a371dbcd2ba9bb2e7cbed6f2c0321634e24e8c84aab70c9267f5a26948accacbe10e3d62d3b7e8752fe90a76d6e7d6f
- SSDEEP
  
  3072:vx0HGSmCWR4j6XseOcF3VYSyP0OiESdr64i/Go:mmSmBwfeOQ3VYSc/G
Score

1^/10
behavioral4
- Target
  
  nvmp/CrashSender1403.exe
- Size
  
  1004KB
- MD5
  
  21df5844315218acf4721b5cffd4c1fc
- SHA1
  
  ad3a4ef53c37c26c358cb3ae8c00d0791f79e7ab
- SHA256
  
  07b5229856f833d1734b6294d0eb2519cd7e37281e17d328e642d898e363a357
- SHA512
  
  c7825ac2c3e8c56bc203f41ba623461bca9e6bac382fe5b6b958246de65ebacd3818b7e6d341536d42f12f045464d96b326813bc9ff29723b139c190877b28a8
- SSDEEP
  
  24576:VYQdYQ1ckp4pjCUi1Q+YbvCCMAYgWj56RHZWhgPApKT1FZ:VYQdYQYCUi1rACCp2hyPT
Score

1^/10
behavioral5
- Target
  
  nvmp/client.dll
- Size
  
  3.3MB
- MD5
  
  62edf80a8ff19f92527d83811f8697df
- SHA1
  
  cba17efda7dcf980b061590a7763db2a52e2658e
- SHA256
  
  299d125ba936071a6d3d143acab35d5a188e550e804232bfbeb9c23ae6e3ba88
- SHA512
  
  9ae5f8894c105f94395f97440298350659a8bd117b39fe26c727a135579e452c3bca96fe5c06385b4b1f6b43f3b067048ca5d1ef544dfa0010ad54fc74e86b8f
- SSDEEP
  
  49152:P4U+pCsG1JjYd9Akber+9GUZuQMb4az9rrlAg4IYrUT/6j9eFSK3499SeBZ4gR+z:J1Ydpbp+b4Cho26j9esH
Score

1^/10
behavioral6
- Target
  
  nvmp/res/redist/vc_redist.x86.exe
- Size
  
  13.7MB
- MD5
  
  69551a0aba9be450ef30813456bbfe58
- SHA1
  
  85354326ef8fbe908d9331446b8c8463577c5633
- SHA256
  
  50a3e92ade4c2d8f310a2812d46322459104039b9deadbd7fdd483b5c697c0c8
- SHA512
  
  f7a8578146a8666174adcffa8212eaddce8e433d7531c4704e2a35e7ce723f92b968e5b9df9c6662f351edd21317f929c04d23bf2b976642a92d663d0e3f5240
- SSDEEP
  
  393216:Sr/wlptVYmfr7yBG/4fXw91bfPLnzgm7:SbMpttD7yBG/T91bnf
Score

7^/10

discovery
- Executes dropped EXE
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral7
- Target
  
  nvmp/steam_api.dll
- Size
  
  256KB
- MD5
  
  56d9f94d37cb8f03049a1cc3062bffaf
- SHA1
  
  90f0f4780117bd2ae44fe051077005964eb75bce
- SHA256
  
  1ac139ebad2a653adff5700347274cf9816256eb5d69ae6dc43c4cf9c8532aa7
- SHA512
  
  f92bc75a4fc6de545a9773093c39993942f03d5091c6fa0150e0bd00fb5c1dfb6edb3afc0afc7eaf3fd311336e513eeacfbb2cac5d638ab366c384c9e831b54e
- SSDEEP
  
  6144:D9j7BrSKU/mXxQ7C8cbp9huslymC2CPRuyd/:D9j7BrSKUYQWByl2C7d/
Score

1^/10
behavioral8
- Target
  
  nvmp_launcher.exe
- Size
  
  9.7MB
- MD5
  
  886d084da50d4acffd0a4741a599bedd
- SHA1
  
  d5cfbcc697fc92aebf5baf50325235f42759686d
- SHA256
  
  0a7f2571b6ce3c0106a23b9db6ab102fd222821ba6bca23a77df9c0608c4a95f
- SHA512
  
  54db14ba1c993720eac9c9a8af314e4733fa748b0e10a1f3b6986c631a17c412e2c4cc8d5e96ae09d8daf26bc7af362818e4ee10501698ac47a795c9dc3556af
- SSDEEP
  
  196608:9r798tO8AZ0cmLkNL16Sp7negpg9GTNS5zB/oM66:9mML0cwkNAQegWGTNOzdoj
Score

3^/10
behavioral9
- Target
  
  nvmp_start.exe
- Size
  
  1.0MB
- MD5
  
  d0607f951dbbe8f0ed8925b53b9776b9
- SHA1
  
  2c34a27bf2fe530af103fd283a31261c2cc9522d
- SHA256
  
  51d37de464bb935334078b94e281ae212f3d136f3c490752270e6b188cf18032
- SHA512
  
  963b3e08c0f0ef6ee079efc1ea5aeec6f165d6882460919507977b04ccf62e2515c647d27e2434456ee588dd073485ecfcf84dcf3d18f56596b56dfaea5544f5
- SSDEEP
  
  24576:TEGA+qic7Epd18qGHlZ26aipYYX2XcpaxttIw/v2mWG2mWG2mWG2mWGVF1lVF1lm:YN1Kn1G7taAYYGXcmtV/v2mWG2mWG2mu
Score

1^/10
behavioral10
- Target
  
  nvmp_storyserver.exe
- Size
  
  2.9MB
- MD5
  
  4a4bf9e4b434e204fd5cfc9c0345489b
- SHA1
  
  77e768b03c0f1c295fb46503d48ffd9528148e00
- SHA256
  
  8b9061a46b3c910e6b89c7b2a9b5c08cde99753191aa299db83d8cfe987ebe39
- SHA512
  
  9320fecc244abe745b44ced2204fb287de3a39a6922249ab971b0e76fd98fcfebf8fe3210e11e66db3580bd33fa13afcd0aca87a34976c57e3088e5441ad7c94
- SSDEEP
  
  49152:WbMWbq9Ky6KgmQ1+Ug+MgspDR4r9n3ynut3pRYwhrau01SL7rbL7rbL7rbyiSCyr:WZ3B1+XI53ynw
Score

1^/10
behavioral11

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Executes dropped EXE

Loads dropped DLL

Checks installed software on the system

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11