dffcb5b2086e133d88ef6ea0ec7a630138979ec1c4145d02cdb001a349b15354 | Triage

Sharing

General

Target

Install-Alto's Adventure-GooglePlayGames-Beta.exe
Size

10.5MB
Sample

240501-yhrfjahc42
MD5

ef4c41c0eda75c49e3cfccc7dc38df82
SHA1

0f5de992a047c4e3eb267c044fd04c7a6cb0baba
SHA256

dffcb5b2086e133d88ef6ea0ec7a630138979ec1c4145d02cdb001a349b15354
SHA512

c7a0b3d94bd9117e9ff5d5c9647d0518d9db7c2cc8dac10db4d3f8e103a71177658b9d8ca6b584ebfc6743abae2478c4355cfb9c13d82ab776a01d9db7ead4ac
SSDEEP

196608:dCJBYlzkSIEc+waFvtCK4BbCSC3qzF1/goaSZzpBM:cUzkSU+FvV47Ccz/goa03

Score

6^/10

evasion persistence

Malware Config

Targets

- Target
  
  Install-Alto's Adventure-GooglePlayGames-Beta.exe
- Size
  
  10.5MB
- MD5
  
  ef4c41c0eda75c49e3cfccc7dc38df82
- SHA1
  
  0f5de992a047c4e3eb267c044fd04c7a6cb0baba
- SHA256
  
  dffcb5b2086e133d88ef6ea0ec7a630138979ec1c4145d02cdb001a349b15354
- SHA512
  
  c7a0b3d94bd9117e9ff5d5c9647d0518d9db7c2cc8dac10db4d3f8e103a71177658b9d8ca6b584ebfc6743abae2478c4355cfb9c13d82ab776a01d9db7ead4ac
- SSDEEP
  
  196608:dCJBYlzkSIEc+waFvtCK4BbCSC3qzF1/goaSZzpBM:cUzkSU+FvV47Ccz/goa03
Score

6^/10

evasion persistence
- Modifies Windows Firewall
  evasion
- Sets file execution options in registry
  persistence
- Drops file in System32 directory
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Create or Modify System Process

Windows Service

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify System Firewall

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence