Overview

overview

9

Static

static

9

Launcher B...ue.exe

windows7-x64

3

Launcher B...ue.exe

windows10-2004-x64

7

Launcher B...32.dll

windows7-x64

1

Launcher B...32.dll

windows10-2004-x64

1

Launcher Blue/cef.js

windows7-x64

1

Launcher Blue/cef.js

windows10-2004-x64

1

Launcher B...ons.js

windows7-x64

1

Launcher B...ons.js

windows10-2004-x64

1

Launcher B...le.dll

windows7-x64

1

Launcher B...le.dll

windows10-2004-x64

Launcher B...43.dll

windows7-x64

3

Launcher B...43.dll

windows10-2004-x64

3

Launcher B...47.dll

windows7-x64

3

Launcher B...47.dll

windows10-2004-x64

3

Launcher B...lp.dll

windows7-x64

1

Launcher B...lp.dll

windows10-2004-x64

1

Launcher B...GL.dll

windows7-x64

1

Launcher B...GL.dll

windows10-2004-x64

1

Launcher B...v2.dll

windows7-x64

1

Launcher B...v2.dll

windows10-2004-x64

1

Launcher B...ef.dll

windows7-x64

1

Launcher B...ef.dll

windows10-2004-x64

1

Launcher B...lob.js

windows7-x64

1

Launcher B...lob.js

windows10-2004-x64

1

Launchers ...ue.exe

windows7-x64

7

Launchers ...ue.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Launchers Lite.zip

  • Size

    243.4MB

  • Sample

    240420-xa9fpsfa38

  • MD5

    f20013c417cbc2a06fcd8482cea8cc6a

  • SHA1

    8d00eb0d9f10f63ad5bf69f573a974baccdcd49f

  • SHA256

    813f156ea555620651727f7a07e9750b491fcc3e8aacca0cb1807bb64b5cdedc

  • SHA512

    42e7fb9ba2e67fa9f5896bef4399a04dd23c64f102680b33101146629672a1118b51486e7512585ded5b72d7fb30851bc320bd21c42d614ee5129775e6999656

  • SSDEEP

    6291456:mClaQ+i97XcIJ9+3nHVg0Kf144TV5WHoOltZ4:m0+m39+3n1gJ94s5Soib4

Score
9/10
cryptonepacker

Malware Config

Targets

    • Target

      Launcher Blue/Launcher Blue.exe

    • Size

      2.3MB

    • MD5

      3100469fe2bb524c5bbd80166a75de3d

    • SHA1

      d18b37515ca0d288ce989ab443b9d10f9554c4e3

    • SHA256

      190c0c39dc6f4db5c7a47bec58d899bd7b325893bc8c10eccf134c08e42d6695

    • SHA512

      ff6b98835621ac039868425fbc956c22f17d938e6e7a4c9114195c6c0a52f0ceb1ee6105b952f54a3c806915ad1d8d49e2037da66493195e7bec87516a591b17

    • SSDEEP

      49152:cYMdEHZ3Vu5B6k0O9ciX3QdfVkowskoNgeL9nTQRaCo+k9:cYMi530kOK43Qrx3kKgeL9n

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

    • Target

      Launcher Blue/PepperFlash/pepflashplayer32.dll

    • Size

      15.8MB

    • MD5

      5d49f01ec104f87a9102935717748588

    • SHA1

      d38595832bdd8c6cf660532f1cd500d19ac7cec6

    • SHA256

      70bd415d95e42f41f5c722168e75b91821b2cb9f51be4f3a09d40a1cb6b2aa62

    • SHA512

      bec4a9378fc43057c896af6cce44874b27c5e126727c6fd21e35b40680fb85e2ba20e40149572af2b5df11b946cc21865a1a17658e556baf9beb4ff55e3ca26d

    • SSDEEP

      393216:1HCvcIjr3PQMPdqYvhjrW+XEE5awPkSEm/lzZjG9ZlfVSC1pA584LdYC8r:1ivcIjjozY5jrW+XEFwPVE21aZlfVR15

    Score
    1/10
    behavioral3behavioral4

    • Target

      Launcher Blue/cef.pak

    • Size

      2.2MB

    • MD5

      4d991b6db94e823aac8cef6eb1959662

    • SHA1

      84856f2eba08c5ad2df6a946e0eb7519bc9fb6cc

    • SHA256

      2e07dc909efb9d9316e15452f168581966bdc7ad8fb607d3d3a339aaa8dc0266

    • SHA512

      9842bf88339eaed96f81e82b1f1b15f6fe259449097e44f5d7738cd0aa79786da5e0b777d84b9a6a1c08bf3d0edfcf71c9cb396bd6c78145c5dfd171b8384f1f

    • SSDEEP

      49152:m+jA+bQaVNVtw5uwB2UKO0GGxsbMFsEMtggb7xqk2UQfVGGG2pLTux:FDGGG2pLTux

    Score
    1/10
    behavioral5behavioral6

    • Target

      Launcher Blue/cef_extensions.pak

    • Size

      4.1MB

    • MD5

      6e727928ebeeeb5847c65c15c41802ed

    • SHA1

      d22ba6f8e3160484dd40fd5f4eb685182f404d88

    • SHA256

      221a97daf8263321ceb9ce244452fc97b865b561e399b23d42682fef4785ea7f

    • SHA512

      d39e98d8d2e9afc84f8188e27e412079667df2174da14f93f451396ea1a27fd5abf9fb8218ff02c94b56c60e7e5e59a5819d50d2463ef6f6ad71d29cf1f155a8

    • SSDEEP

      49152:a297+EfG5u8mWexScqKTtUtxT6z/t/G1hoLwpbeuR2oSKolWZHqYNYzv2v3zjKNL:keuKZULT6k1hq

    Score
    1/10
    behavioral7behavioral8

    • Target

      Launcher Blue/cefsimple.dll

    • Size

      1.1MB

    • MD5

      6d87916d4f685062cfa154ddda8de7f7

    • SHA1

      3ed273dc6e311a9267a8d97a8e146bb467c8b714

    • SHA256

      888f1b584bcce1b537f76bfc5f004901bf90f97394cf2ec0ce62e4da37cfee6d

    • SHA512

      1258f511052d3ad3b3b585cedee25792bca390744be817da4a53301b49084f1bc99975f4b30841f7a5b0c97196784eecf489a39e0de3c8e0ab885863be6a0f6e

    • SSDEEP

      24576:O3/1MpnrtkbAengYllllQyv8rvkt63X/1PZt5ydN:OaNaKYllllQA8r1ZIdN

    Score
    1/10
    behavioral10behavioral9

    • Target

      Launcher Blue/d3dcompiler_43.dll

    • Size

      2.0MB

    • MD5

      1c9b45e87528b8bb8cfa884ea0099a85

    • SHA1

      98be17e1d324790a5b206e1ea1cc4e64fbe21240

    • SHA256

      2f23182ec6f4889397ac4bf03d62536136c5bdba825c7d2c4ef08c827f3a8a1c

    • SHA512

      b76d780810e8617b80331b4ad56e9c753652af2e55b66795f7a7d67d6afcec5ef00d120d9b2c64126309076d8169239a721ae8b34784b639b3a3e2bf50d6ee34

    • SSDEEP

      49152:DpX9JVeE9HP6Zpy9KyhMI50Du8LljslNsHSHFUq9OiapbbO5Akb:H3P9HP6Zpy9KyhMI50Du8LljslNsyHiS

    Score
    3/10
    behavioral11behavioral12

    • Target

      Launcher Blue/d3dcompiler_47.dll

    • Size

      3.3MB

    • MD5

      c5b362bce86bb0ad3149c4540201331d

    • SHA1

      91bc4989345a4e26f06c0c781a21a27d4ee9bacd

    • SHA256

      efbdbbcd0d954f8fdc53467de5d89ad525e4e4a9cfff8a15d07c6fdb350c407f

    • SHA512

      82fa22f6509334a6a481b0731de1898aa70d2cf3a35f81c4a91fffe0f4c4dd727c8d6a238c778adc7678dfcf1bc81011a9eff2dee912e6b14f93ca3600d62ddd

    • SSDEEP

      49152:PyZ9lnpmVm/w+EwVOmufvkQS8MH2J9CqS5Sqr88pPWW5KhQYPsXqUiQ6:E9fWAwVBC8MH2JNSF8+YPsXqUT6

    Score
    3/10
    behavioral13behavioral14

    • Target

      Launcher Blue/dbghelp.dll

    • Size

      1.2MB

    • MD5

      4003e34416ebd25e4c115d49dc15e1a7

    • SHA1

      faf95ec65cde5bd833ce610bb8523363310ec4ad

    • SHA256

      c06430b8cb025be506be50a756488e1bcc3827c4f45158d93e4e3eeb98ce1e4f

    • SHA512

      88f5d417377cd62bde417640a79b6ac493e80f0c8b1f63a99378a2a67695ef8e4a541cedb91acfa296ed608e821fee466983806f0d082ed2e74b0cd93eb4fb84

    • SSDEEP

      24576:9AkmijauMug/iyFzb2DfsPV8A4C2vNI1cPdf8xZLGNfav9T:9WiOuRg/iyFzb2QN83XfeYaZ

    Score
    1/10
    behavioral15behavioral16

    • Target

      Launcher Blue/libEGL.dll

    • Size

      74KB

    • MD5

      ea699608846b4877dd79dec68de06b1c

    • SHA1

      8c33ff12f3472823615be26f9f26c3b040fadf32

    • SHA256

      9fbfb0b9d8ba50e221097001bf5711b454ee71bb6a54cf3b8199a530dd829ca5

    • SHA512

      2a01cc785f00b39c1fff7d29c264bfb987396c93668d570237b4a70433f25e2df6b97e6f87213dc382acff813a0bc654b9663ab2713bae2cf48bdb427ac58d94

    • SSDEEP

      1536:Y237sLvFTe7iSIbtFfgwWJMc8msWjcdoBp2I2/:Y47wvwCbZ7Je2I

    Score
    1/10
    behavioral17behavioral18

    • Target

      Launcher Blue/libGLESv2.dll

    • Size

      2.0MB

    • MD5

      b158d49e62f86f3f2ab7264f86b23215

    • SHA1

      bdaed77279f36f0130dce8654bc18cf433ecf22b

    • SHA256

      3315cb5a6025aaa0e0e90d24f477ab3bff972cd4f8a2042375bbbf565ce3f55e

    • SHA512

      04779703f9997f9705a571ca21250cdb8da7e5c1eb4d2a7fd6530e6a196222c68519f119145e421ac7e03442119c49c5f820d3f287b45d69acf419ae4ac07aed

    • SSDEEP

      24576:Z80Q8SYmRRuO3tePDpUo3XX9VH95+QO8fDPhKV50QozGCyB8tYH//Y9dapvMXeZN:ZXSYix45X9Fr+QO8fdYkH9dapvMvaP

    Score
    1/10
    behavioral19behavioral20

    • Target

      Launcher Blue/libcef.dll

    • Size

      53.1MB

    • MD5

      98850b7acf2b95b910c1ebf0502436ee

    • SHA1

      a455058d7f83ac0484feab7e8c3f1fd05effc31d

    • SHA256

      72d8bb9b6d5d2b4ec2b4d67df0cbbd2a38c114f9a2c0157b38b7356d487b6842

    • SHA512

      277036d18d185daf993ae97f374ed57468141c7c56dd077cb486985ea722047d67040d1e0325da002d8a569fc359bda5e05715e862e8eb976a2022468a139bd4

    • SSDEEP

      1572864:Sqt0F70wpog/bm8CfkWGazEIL3bo5p4XbCA9lNzh:rLJsbmFBNL3bo5p4XX9ldh

    Score
    1/10
    behavioral21behavioral22

    • Target

      Launcher Blue/natives_blob.bin

    • Size

      402KB

    • MD5

      8f4d6515f4d321313a39a659c3c5ff01

    • SHA1

      f4c95f1abd24c715a3dd4b3e4c9cff5decda7250

    • SHA256

      7d9c0c4d88618bdd16bb0681fdec1dd736e2ed1141ae527a27b22fb93f27848f

    • SHA512

      3c00eb9a8ca8d076140df0071cfa702e1c032edbc20481bb7f7b7a88c1a82c959b8ac901182c2f9d235f55b4528c8e12b1e765119f1e784645c61f66c1c2b007

    • SSDEEP

      12288:ln3Cj7CQaMiyMzQ77Ua7Zm6ap4avfyM3G:lnk7CQWfy9

    Score
    1/10
    behavioral23behavioral24

    • Target

      Launchers Lite/Launcher Blue (Mais Recente)/Trainer Blue.EXE

    • Size

      7.2MB

    • MD5

      0a328c037144522e3a2e3a6156e88bae

    • SHA1

      f325bf6206f97582f90f3f42258fd570b42e09eb

    • SHA256

      3c6181f88b84f6729770ffbecc5954ed2077160f4c66c4321737d1413383964e

    • SHA512

      833e5d0e45d4a5db60fd6a57368962da1a98ec950aec2a2b41ff8d22cc40ad1eedd7b8d47a13c4f68716d7eb6f0dfe66b64208a26dfa55468c0618be185b8242

    • SSDEEP

      196608:yLxtUeH0azQRAl1lReTmf1V3N0j46emdhy:sjU4IADlgTIZ0Mqhy

    Score
    7/10

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral25behavioral26

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

2
T1112

Subvert Trust Controls

1
T1553

Install Root Certificate

1
T1553.004

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

3
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks