cbd33d7ba3b8ef4562c696e1b70b5e71faded4cfb6b18b5f4c3d2eae20abf872 | Triage

Sharing

General

Target

NetflixCE V4.zip
Size

11.4MB
Sample

240423-2vnrysce5z
MD5

5a6f9c581b1cfcb0a93687dae00df995
SHA1

536c20553f352f8cee9e545819a10f803704cb63
SHA256

cbd33d7ba3b8ef4562c696e1b70b5e71faded4cfb6b18b5f4c3d2eae20abf872
SHA512

8cb25fb24f2dbbfb7ebe94c831deb3e9bd9c12e7dd576ea062e2d82d6cc850669cf78cf52555b4368e71e235bda3e8bdec2604c1df646ff90527519a68653572
SSDEEP

196608:gOFQcdNVdGCis+2S1WObi8t9FDbBH4ma6bgP6MITd9Wrxt1QJcllTdiGnRd:gOFQctdG3sRMk8tHDlysrMwbQt1TlVnv

Score

5^/10

Malware Config

Targets

- Target
  
  NetflixCE V4/NetflixCE/RobloxStudio.exe
- Size
  
  16.1MB
- MD5
  
  8e6a15de31285c621f54e28f2a916234
- SHA1
  
  5d00229772679367c103cd38428aa9943bbeab10
- SHA256
  
  648397280c2b3660755a91900faccbc2f9431f891ae3ecccd8c54950abcaff11
- SHA512
  
  7b1b1f6fc3186db8752805f66baf846a9930a6edb516e312c381fe018a47be184f478e3f604a41a7d76d42ff1b4bcd6463c8738d558aa9f806a6cf40dccdaee2
- SSDEEP
  
  393216:b3Z8A06vEQ3ITvzx46SxiILGRKuc3W/R8q:b3ZIzx46YNLRWpN
Score

5^/10
- Drops file in System32 directory
behavioral1 behavioral2
- Target
  
  NetflixCE V4/NetflixCE/autorun/DotNetInject.lua
- Size
  
  7KB
- MD5
  
  019537c21e839ed2dcf6372d4ee5437d
- SHA1
  
  c70622fbd9922a1f98ea100dadb1cdaf73a407df
- SHA256
  
  f93774c321fe590b26f6838889654b7639d251e0190e3509c3e50556ba0d7989
- SHA512
  
  9cb3a81c77aea77cd12b87fe981b06096760da6d32f83b856a454f30d88067710261f6ded11a75c01181d8a789b6d39c9861f03f237a1da36cc0801168e222a3
- SSDEEP
  
  192:YyiTmTvRu8ff5A3bvoZjCEA5Ugcyqoeg0Ex:YxmLRu5ga
Score

3^/10
behavioral3 behavioral4
- Target
  
  NetflixCE V4/NetflixCE/languages/cheatengine-x86_64.pot
- Size
  
  237KB
- MD5
  
  8319dc1e7c2c2b5b66adf2a088dc8f1c
- SHA1
  
  8cba7064d859baa4875bcc22d9fd5b7b230fd9f9
- SHA256
  
  3bf0c50a35e924128ff5eeb7786260c37e08d44e759fc1c63d3f30ff6a744545
- SHA512
  
  8f1952a5122fd7bf34bc041f37b4ac2b940dc9128a52f9175c7f986a606c3b1e8f51879f0f394cfc9e6db51e43ab0c6a24cce0559cbed4498be9495d31fb0fbf
- SSDEEP
  
  3072:wY4EriDlRO2vY6qyih6yie4UI6x1bZCiLINMUVqKEZ:wY4EB6qyNe48MNM2qKEZ
Score

1^/10
behavioral5 behavioral6
- Target
  
  NetflixCE V4/NetflixCE/lua_extra/lua.exe
- Size
  
  100KB
- MD5
  
  47eb9bc40eaff591fb8ad620fcd5ddb6
- SHA1
  
  4972e99e71cc73995014c17b2dbee33bf3a7c1ec
- SHA256
  
  702502820320538d06409d7818754ce529087ef8ff608a723f49b1ccffdc2d6f
- SHA512
  
  d57e6e86c4a78dc7d70942c00f34f26546fed7c32eea674cff1e9311610bae6ad0a6a86e821ac296d577809a9f2067808cee065d702b25c2956fd5adda31cfb8
- SSDEEP
  
  3072:piYL/0TXMvmmDjuTVi9V+/lqiFZG2tfvt:pimsTXMNDjci9w/MS/
Score

1^/10
behavioral7 behavioral8
- Target
  
  NetflixCE V4/rbxfpsunlocker.exe
- Size
  
  605KB
- MD5
  
  09d083f0e2c1e8a3561209902333ad8f
- SHA1
  
  d9692d3aba34a39aeb9e53cb3d25562b94e2e597
- SHA256
  
  83dfcb08ea4aa1b857d952a8a177db775d1a7e9cfc30b528848a4a29c8dbf0b9
- SHA512
  
  c71371263cacc4872a4bf621614940f08c9436062683be5de921ae6e509079e25ea380623e8945d40858819a664bd76590defb2a89949e8e5666190f1024ca6b
- SSDEEP
  
  12288:IKOjJsDc2+WC+D+4H/xeGofENaTSuGCC709:IKyacgDD+4fwG1NaTSw
Score

1^/10
behavioral10 behavioral9

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10