Overview
overview
7Static
static
3EOSSDK-Win...ng.dll
windows10-2004-x64
3OpenAL32.dll
windows10-2004-x64
1discord_game_sdk.dll
windows10-2004-x64
1nvmp/CrashRpt1403.dll
windows10-2004-x64
1nvmp/Crash...03.exe
windows10-2004-x64
1nvmp/client.dll
windows10-2004-x64
1nvmp/res/r...86.exe
windows10-2004-x64
7nvmp/steam_api.dll
windows10-2004-x64
1nvmp_launcher.exe
windows10-2004-x64
3nvmp_start.exe
windows10-2004-x64
1nvmp_storyserver.exe
windows10-2004-x64
1General
-
Target
build_release_client.zip
-
Size
34.0MB
-
Sample
240420-l556zsea75
-
MD5
c6ef0120f2c6941e08e70b2035fe74a3
-
SHA1
5b091f1c37b5aad062f710e0ef409e44f189249f
-
SHA256
b782dbd696f87d28831fb8dab4efc6d3779e04ceb305c235acd59bf076116cd5
-
SHA512
066dcf455620f3e6aadf003c01151a292a238cb7688315616bb71f75df8bd91d0d5d1640277d1ab0b7ac00ced56ed0bb5f52a70da3b59aaf47dd6b96359c9cc2
-
SSDEEP
786432:xAZ5ueLhHniSCY2ebnTaNpZ7Vpx99rAtuNL7nDPUu:KQeLhCpRZ7Vpx99rAINL7Dsu
Static task
static1
Behavioral task
behavioral1
Sample
EOSSDK-Win32-Shipping.dll
Resource
win10v2004-20240412-en
Behavioral task
behavioral2
Sample
OpenAL32.dll
Resource
win10v2004-20240412-en
Behavioral task
behavioral3
Sample
discord_game_sdk.dll
Resource
win10v2004-20240412-en
Behavioral task
behavioral4
Sample
nvmp/CrashRpt1403.dll
Resource
win10v2004-20240412-en
Behavioral task
behavioral5
Sample
nvmp/CrashSender1403.exe
Resource
win10v2004-20240412-en
Behavioral task
behavioral6
Sample
nvmp/client.dll
Resource
win10v2004-20240412-en
Behavioral task
behavioral7
Sample
nvmp/res/redist/vc_redist.x86.exe
Resource
win10v2004-20240412-en
Behavioral task
behavioral8
Sample
nvmp/steam_api.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral9
Sample
nvmp_launcher.exe
Resource
win10v2004-20240412-en
Behavioral task
behavioral10
Sample
nvmp_start.exe
Resource
win10v2004-20240412-en
Behavioral task
behavioral11
Sample
nvmp_storyserver.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
EOSSDK-Win32-Shipping.dll
-
Size
14.2MB
-
MD5
3ce404c063a9a36ec499b2b70c7a243f
-
SHA1
363b74a1ba4e154545cc05489862a34aac4239a4
-
SHA256
9f8726f8d2e60e74051c40f24feea73231d390485590b321ed2ad80dfa4c4bc4
-
SHA512
9e3dde282ca3cb3f7cc96463992382c3f1d793b62e360d96af4aa4f5488b122d9d763aaff20b1c44fa9a02ec336a46cf9341d5a0d9c77eaeddb59f7f80cc79d3
-
SSDEEP
196608:lmMbkp+6hnGFQmklzhMS+WbSVOXYdDbaSqSUf5H9DyyAOOez:lmM0jhGFKhMS+Wb1qIz51yzOL
Score3/10 -
-
-
Target
OpenAL32.dll
-
Size
616KB
-
MD5
e470a54ed520301dedec87c9db7539e3
-
SHA1
fe7fbb11d731e1ea67fe38cee3436b0dcbc240df
-
SHA256
49f0b67af1341f69cec41940529c0ef551420282f471f0f869f89cc4ab6357c7
-
SHA512
522448047c564a91734bafa3629ff6ab2697a560927016f522397a1431a1e735c09c1ad6a360fab2266fae063f05087f073ec6a0fddadafc20ebd5c7712bbc20
-
SSDEEP
12288:PsmFzEdFKWRcDGqZagU7YLvAmvUCyc54j/XPlJtsMPsj+e:PXzKKjAGAuUxj/9JtsMC
Score1/10 -
-
-
Target
discord_game_sdk.dll
-
Size
2.8MB
-
MD5
71d18d7510fad32a2ac4b038fcdd56e3
-
SHA1
63b2383c12013dcd7bbee08a7f965148c14d9c9d
-
SHA256
e49ca81252852250a254f8c3f169859696542af2d0a81348f5984f0af880f43b
-
SHA512
b160977f17029774ab0c4b3d0f86e59e60e9b529388e629aee76b1d4023f27f91fae91f0c022c5c2f398e0ab38d36e7579e8aced8e2db372c4df5058640e8f2f
-
SSDEEP
49152:XS6i6p3uVpMrgEc/QuZxg0hqPFhBlJ8KbozNtirBC8IU6iRTDr6I:XS0p3uV4zc/QuZxg08nlizae+pDmI
Score1/10 -
-
-
Target
nvmp/CrashRpt1403.dll
-
Size
103KB
-
MD5
e1649511f335186d0cd89a382c44a0be
-
SHA1
882e28f6da65b97e85e28e4f2bce6f1fd4cb8f41
-
SHA256
a68d654461ee949442452872a0a750a01e9e13b3fc9201d3eb70c30cc027ab9e
-
SHA512
a01f4bc05f46e3e4310cdf1df526ba819a371dbcd2ba9bb2e7cbed6f2c0321634e24e8c84aab70c9267f5a26948accacbe10e3d62d3b7e8752fe90a76d6e7d6f
-
SSDEEP
3072:vx0HGSmCWR4j6XseOcF3VYSyP0OiESdr64i/Go:mmSmBwfeOQ3VYSc/G
Score1/10 -
-
-
Target
nvmp/CrashSender1403.exe
-
Size
1004KB
-
MD5
21df5844315218acf4721b5cffd4c1fc
-
SHA1
ad3a4ef53c37c26c358cb3ae8c00d0791f79e7ab
-
SHA256
07b5229856f833d1734b6294d0eb2519cd7e37281e17d328e642d898e363a357
-
SHA512
c7825ac2c3e8c56bc203f41ba623461bca9e6bac382fe5b6b958246de65ebacd3818b7e6d341536d42f12f045464d96b326813bc9ff29723b139c190877b28a8
-
SSDEEP
24576:VYQdYQ1ckp4pjCUi1Q+YbvCCMAYgWj56RHZWhgPApKT1FZ:VYQdYQYCUi1rACCp2hyPT
Score1/10 -
-
-
Target
nvmp/client.dll
-
Size
3.3MB
-
MD5
62edf80a8ff19f92527d83811f8697df
-
SHA1
cba17efda7dcf980b061590a7763db2a52e2658e
-
SHA256
299d125ba936071a6d3d143acab35d5a188e550e804232bfbeb9c23ae6e3ba88
-
SHA512
9ae5f8894c105f94395f97440298350659a8bd117b39fe26c727a135579e452c3bca96fe5c06385b4b1f6b43f3b067048ca5d1ef544dfa0010ad54fc74e86b8f
-
SSDEEP
49152:P4U+pCsG1JjYd9Akber+9GUZuQMb4az9rrlAg4IYrUT/6j9eFSK3499SeBZ4gR+z:J1Ydpbp+b4Cho26j9esH
Score1/10 -
-
-
Target
nvmp/res/redist/vc_redist.x86.exe
-
Size
13.7MB
-
MD5
69551a0aba9be450ef30813456bbfe58
-
SHA1
85354326ef8fbe908d9331446b8c8463577c5633
-
SHA256
50a3e92ade4c2d8f310a2812d46322459104039b9deadbd7fdd483b5c697c0c8
-
SHA512
f7a8578146a8666174adcffa8212eaddce8e433d7531c4704e2a35e7ce723f92b968e5b9df9c6662f351edd21317f929c04d23bf2b976642a92d663d0e3f5240
-
SSDEEP
393216:Sr/wlptVYmfr7yBG/4fXw91bfPLnzgm7:SbMpttD7yBG/T91bnf
Score7/10-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
-
-
Target
nvmp/steam_api.dll
-
Size
256KB
-
MD5
56d9f94d37cb8f03049a1cc3062bffaf
-
SHA1
90f0f4780117bd2ae44fe051077005964eb75bce
-
SHA256
1ac139ebad2a653adff5700347274cf9816256eb5d69ae6dc43c4cf9c8532aa7
-
SHA512
f92bc75a4fc6de545a9773093c39993942f03d5091c6fa0150e0bd00fb5c1dfb6edb3afc0afc7eaf3fd311336e513eeacfbb2cac5d638ab366c384c9e831b54e
-
SSDEEP
6144:D9j7BrSKU/mXxQ7C8cbp9huslymC2CPRuyd/:D9j7BrSKUYQWByl2C7d/
Score1/10 -
-
-
Target
nvmp_launcher.exe
-
Size
9.7MB
-
MD5
886d084da50d4acffd0a4741a599bedd
-
SHA1
d5cfbcc697fc92aebf5baf50325235f42759686d
-
SHA256
0a7f2571b6ce3c0106a23b9db6ab102fd222821ba6bca23a77df9c0608c4a95f
-
SHA512
54db14ba1c993720eac9c9a8af314e4733fa748b0e10a1f3b6986c631a17c412e2c4cc8d5e96ae09d8daf26bc7af362818e4ee10501698ac47a795c9dc3556af
-
SSDEEP
196608:9r798tO8AZ0cmLkNL16Sp7negpg9GTNS5zB/oM66:9mML0cwkNAQegWGTNOzdoj
Score3/10 -
-
-
Target
nvmp_start.exe
-
Size
1.0MB
-
MD5
d0607f951dbbe8f0ed8925b53b9776b9
-
SHA1
2c34a27bf2fe530af103fd283a31261c2cc9522d
-
SHA256
51d37de464bb935334078b94e281ae212f3d136f3c490752270e6b188cf18032
-
SHA512
963b3e08c0f0ef6ee079efc1ea5aeec6f165d6882460919507977b04ccf62e2515c647d27e2434456ee588dd073485ecfcf84dcf3d18f56596b56dfaea5544f5
-
SSDEEP
24576:TEGA+qic7Epd18qGHlZ26aipYYX2XcpaxttIw/v2mWG2mWG2mWG2mWGVF1lVF1lm:YN1Kn1G7taAYYGXcmtV/v2mWG2mWG2mu
Score1/10 -
-
-
Target
nvmp_storyserver.exe
-
Size
2.9MB
-
MD5
4a4bf9e4b434e204fd5cfc9c0345489b
-
SHA1
77e768b03c0f1c295fb46503d48ffd9528148e00
-
SHA256
8b9061a46b3c910e6b89c7b2a9b5c08cde99753191aa299db83d8cfe987ebe39
-
SHA512
9320fecc244abe745b44ced2204fb287de3a39a6922249ab971b0e76fd98fcfebf8fe3210e11e66db3580bd33fa13afcd0aca87a34976c57e3088e5441ad7c94
-
SSDEEP
49152:WbMWbq9Ky6KgmQ1+Ug+MgspDR4r9n3ynut3pRYwhrau01SL7rbL7rbL7rbyiSCyr:WZ3B1+XI53ynw
Score1/10 -