f9717a2a9af4fa2e0b72b18e5fe2b5f74121775b71b562bd752edab07f06ca83 | Triage

Sharing

General

Target

Inari.v1.2.1-Steam.7z
Size

748.2MB
Sample

240429-ezjx8saa85
MD5

cbdae2b752aaebcc622fc1be771e2710
SHA1

504a830f1249462b7108fab3ec0bcdd4c8b72149
SHA256

f9717a2a9af4fa2e0b72b18e5fe2b5f74121775b71b562bd752edab07f06ca83
SHA512

d828ddf8eb93a6b12e49cf45381b59074a602922a57bc46c4d344f828937780d248a50932e0458445a006e3564263f6cc4d48e68c1377d8eceed324e4ebd11a6
SSDEEP

12582912:pU1cScH2+1EIRxS6j2L1ZcJIw85KuqDFnvnv6jwgVa1DjkPvibatd0gDapo7ulCk:plr2EEIRxS6qhWl8wxv6jwg6jkmaUrld

Score

7^/10

Malware Config

Targets

- Target
  
  Inari.v1.2.1-Steam.7z
- Size
  
  748.2MB
- MD5
  
  cbdae2b752aaebcc622fc1be771e2710
- SHA1
  
  504a830f1249462b7108fab3ec0bcdd4c8b72149
- SHA256
  
  f9717a2a9af4fa2e0b72b18e5fe2b5f74121775b71b562bd752edab07f06ca83
- SHA512
  
  d828ddf8eb93a6b12e49cf45381b59074a602922a57bc46c4d344f828937780d248a50932e0458445a006e3564263f6cc4d48e68c1377d8eceed324e4ebd11a6
- SSDEEP
  
  12582912:pU1cScH2+1EIRxS6j2L1ZcJIw85KuqDFnvnv6jwgVa1DjkPvibatd0gDapo7ulCk:plr2EEIRxS6qhWl8wxv6jwg6jkmaUrld
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  Inari.v1.2.1/Inari_Data/Plugins/x86/steam_api.org
- Size
  
  232KB
- MD5
  
  73688ffcbc2e5f0980b055c1d93b2fb2
- SHA1
  
  23ba5c922a79eb0c6a9821842ceaaa947b9b5f53
- SHA256
  
  e5a6c93e20de33a2bb75c3c84aae4319159a000086aa2ccb2e857cf247cb9016
- SHA512
  
  a60f8eec882bacf592b852ec9f5358a923a29d82c3816eb0f62a8cffd176642b5592644262316042a567789f69b576c8259e37b4ca8cefb0d480d746fe629c34
- SSDEEP
  
  3072:SbHP/FcPq0sCQQE5Acid9OQC2mCVTcjdMaK70JwSfjZUkZFBTbCldQrrpSq+PxH2:s/FcPBJK5fiDfMu770JwSq06ynxCbKh
Score

1^/10
behavioral3 behavioral4
- Target
  
  Inari.v1.2.1/Inari_Data/app.info
- Size
  
  15B
- MD5
  
  0e936c286e18c91d937b32c7829c8c73
- SHA1
  
  234b04b0b8643c0a76de6c7db82f00b38ddf122f
- SHA256
  
  5f1a2d79083482d655690890a0ad431f2c0b41f84736e295794f3391deba3344
- SHA512
  
  2a1b5bce3d730937a13265810f95f7fbb6f126b0523750fb696acdbf661f60000fafd2542b73ff16c45ba1ba18cf7abf6dd8b434f7a5e5290db6bfd4efe7479f
Score

3^/10
behavioral5 behavioral6
- Target
  
  Inari.v1.2.1/Inari_Data/boot.config
- Size
  
  86B
- MD5
  
  e0cc3d180088c8c2ab277613b1fa77ce
- SHA1
  
  3c5af5c86fe70d1975ac0de8bc0ba26e0b13573b
- SHA256
  
  a2eec40c5ce47add99ff5a85fc8ba68143897f9728af32b76ea552e1c8b00e6a
- SHA512
  
  a6d7db7dfc2329a3d3daf98ede90f653e5a72d5ca49dc643966680f915292fe3739a0cb22de4da5b9c5f1c5328e51fa7d1d1dd3e1a9e5aa99347becf35576633
Score

3^/10
behavioral7 behavioral8
- Target
  
  Inari.v1.2.1/Inari_Data/data.unity3d
- Size
  
  873.9MB
- MD5
  
  1024d0568b467f1cf2b1d9f71d93db3f
- SHA1
  
  df7d205548a756b4a6e1fa88fef47c8091439773
- SHA256
  
  26d689e2b480151d5e48d66c4668d7d2dc73443ada0faae2c2b8b52d02b4e0d6
- SHA512
  
  adfba8a09e73990cdbb2bfe72301ee79bddadfb0f82aa2197435745be1cac6896ccdb765efb0abea8994863534ae8f6e8dfeef4bfd31f51561e05bc5c520c1b0
- SSDEEP
  
  25165824:im2yLc20tPVzuRUhprtyz8haVE/24ZARkiRv0x3uT1St:im2yLX0tPVzuRUhprtyzFVE/7ZARBRvK
Score

3^/10
behavioral10 behavioral9

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10