General

  • Target

    The_Imperial_Gatekeeper_1.75_Procrastinatus_1.39.zip

  • Size

    135.0MB

  • Sample

    240509-dy42cafh9t

  • MD5

    7c037e539dad67cf5f434660355a1f8d

  • SHA1

    3b5628c60af957b185fc54e84d92ee9a7e040384

  • SHA256

    7c24d7bf0a138c14000d7288d948f0f61dc9101c8dfaa4cbac701ba75bdb1368

  • SHA512

    0190409c66dac92ff8b2e52fc04d194f2b35594a8f345dacb9ed973d61673b40865ac7f0cb7257b2e9b2a72f4e89165fd25e6b35a471fc83a528a63ff144bfe8

  • SSDEEP

    3145728:AuoDBpSrexNTOE1L28jYwdzHIKX0tcagrSGwRHPswHtaMON/Y:AuQbSmYkpjYctczzNapg

Score
10/10

Malware Config

Targets

    • Target

      The_Imperial_Gatekeeper_1.75_Procrastinatus_1.39.zip

    • Size

      135.0MB

    • MD5

      7c037e539dad67cf5f434660355a1f8d

    • SHA1

      3b5628c60af957b185fc54e84d92ee9a7e040384

    • SHA256

      7c24d7bf0a138c14000d7288d948f0f61dc9101c8dfaa4cbac701ba75bdb1368

    • SHA512

      0190409c66dac92ff8b2e52fc04d194f2b35594a8f345dacb9ed973d61673b40865ac7f0cb7257b2e9b2a72f4e89165fd25e6b35a471fc83a528a63ff144bfe8

    • SSDEEP

      3145728:AuoDBpSrexNTOE1L28jYwdzHIKX0tcagrSGwRHPswHtaMON/Y:AuQbSmYkpjYctczzNapg

    Score
    1/10
    • Target

      The imperial Gatekeeper mod 2/Config.exe

    • Size

      292KB

    • MD5

      1e52c9cc6e46cbfefd1ac5d6e45471a7

    • SHA1

      44d7722e711db3c0f7a5d84620f4e0cf9ca580e1

    • SHA256

      283f1e94ab5397e329366f30ab8e72ddb0098f1ce424c7f8a549d698a7fc00eb

    • SHA512

      d3d71cd9d519cd9dcee3f829725dea702829d21c64292fab64f26b84cc44c220008da5aa087c25e17f76f61ff1ded27491e7ab4083f77efda908b24890a1582f

    • SSDEEP

      6144:n+WW5qpjzXsDahlnQNWfbCEl5PHasRmB6ZVLBX:+WWIpj7nQInhmcZVL

    Score
    1/10
    • Target

      The imperial Gatekeeper mod 2/Data/BGM/00_mainA_loop2181.ogg

    • Size

      923KB

    • MD5

      a06dbc83057f8bd4a552b541040f52a1

    • SHA1

      4efafa45a8ede6287b88d2690b1da4084a56781b

    • SHA256

      1ac6c25d77cc8435aa04e81978c581c1c9a5d2ad0b7b63b1a8d26cdd66802d58

    • SHA512

      19b00edb701b56d6776bd9261796e9d6cb26e9beae525603425b64af59d8a30d843d1e9ee8b7680f767c9243882cfaf10285a013858ef469ba683d2067daf263

    • SSDEEP

      12288:GEYEgqf+EB5UqwJxKfBfkUGMfEZBRbr7cIS8v84ohTX/PA9wRyF1kT+4V:GOlB5UXJxmBLtE5rS8059Ryjk64V

    Score
    10/10
    • PrivateLoader

      PrivateLoader is a downloader sold as a pay-per-install malware distribution service.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Target

      The imperial Gatekeeper mod 2/Data/BGM/00_mainB_loop2181.ogg

    • Size

      638KB

    • MD5

      c52b9b30be42834179e346cc36d3a5ee

    • SHA1

      1a53a186ba11a62ae2d65677b98fa0f53ebdc986

    • SHA256

      645d7d2116a4380275aaed3b174233b383474af6059c6f34ac5405d3ea2ef4eb

    • SHA512

      4913bb24797a2b78fc7537a81eaf370b232a59b2431dc5b5e8c3ade9c3e727eb9a2c94f53843cb664840d7a1c761ce90960a5b3e8d5a2cdf2e955981bc7dacc2

    • SSDEEP

      12288:GGDUYpCOZdSLWkfZdsT418FMCLmfisWVc5inysQO4PAx4XZL4I1Aj:RFEEI8FZLmfiBK5inysQfA0ZL8

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Target

      The imperial Gatekeeper mod 2/Data/BGM/01_sub_loop2182.ogg

    • Size

      237KB

    • MD5

      6bcb06067b1f5725aff95da7b9512227

    • SHA1

      d28700c247fbb8167829f28d6817310a809a52c1

    • SHA256

      6c97a92fdc06c5901f803ba1e9add863dc09f8fa5119917791b386bd615f1d09

    • SHA512

      8dd36b333b0b445b2fc1a9252ba939b96d2adc0a015aea3ea6076162e2ea97325045a84c90076efe4c56855754a0b850d0165d670a4be36a3263bae880667bba

    • SSDEEP

      6144:eLFBPdCuo/LKtrbVl+YKj371ozMukz/CRtSHFNX:NuoSrbVsYIZaMGtCFNX

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Target

      The imperial Gatekeeper mod 2/Data/BGM/[BGS]kuchu1.ogg

    • Size

      47KB

    • MD5

      1f7e561b4abddedd9e059e1555bf5814

    • SHA1

      16f0e7cf9a827d122d4ba6b3f08d8317cf0c0737

    • SHA256

      25c8c93853ec21f238a490d5134e9fee3f955dc7e6819c7d2a9fef7b444898f9

    • SHA512

      f738285821fb0a5b8f013a5b5d9dfb9f92c21c15c71e5625e91d188100e7169a66c37c0b63ba4ba80de6997d5b83d645d0c62cd31fb4c76cb695d684bf663ba1

    • SSDEEP

      768:79lFCJ6ubHXe73VMubBO51aJL25mj7DeinLkHxP/aSKBos2kxndNC8gWVbcaR34:7rui7m6Jd7lLEGGs2iiCbcT

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Target

      The imperial Gatekeeper mod 2/Data/BGM/[BGS]kuchu2.ogg

    • Size

      43KB

    • MD5

      8e5e4a8e607130fb404aaf6817feef0b

    • SHA1

      c6d5bd8a2957ad65f21f0d4340bf685f124d47c3

    • SHA256

      c215712f9ac93be47e06a95b4be05d9bb8ff2988b7cff58ee6a731d1e7ea9fed

    • SHA512

      e5d6084adea773e94444a60705353b0575da5c98abab3b962c615ea10069c3b055223cb84864ea51d75ae4f19083798a58a4d0dd5a297b6bd45e7888640104f6

    • SSDEEP

      768:i9lFCJfWaCdn+ZJNSyUxsoBuXWBOep9t4mmo9wed5VU7FoZq/dbWNmrF0qT8:irCCdu8yUpBzdjt4mX9wed5VooZqlqmE

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Target

      The imperial Gatekeeper mod 2/Data/BGM/[BGS]paizuri_tekoki.ogg

    • Size

      58KB

    • MD5

      c712ff660703fee57ac82c03bc0fd0c2

    • SHA1

      23e256abe46a857386c2ef89ee9eb72b9ab11820

    • SHA256

      adf1eae794ed1b372ee6105c3ed93280d66e8d3b7c9b34cdd4d2b7eaf267882c

    • SHA512

      4b03742fc02eb6794ac3fcb84613a62da9e06c5730096fa57566a5be02df84d497e80df9b939c98431b20d5721bfe371ba32546ae747e505029c04f0849a4fa1

    • SSDEEP

      1536:lrOLBALE8x9HBE3i4Z1iHs9YU7r7CjIlEAoPv7nn0d4az:9cBAgoBEf1cmzWIlEAoPv7nnMpz

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Target

      The imperial Gatekeeper mod 2/Data/BGM/[BGS]s2-zatto.ogg

    • Size

      251KB

    • MD5

      1de316471ce7b7e83cabc585decf68c1

    • SHA1

      0d17ae5a00f2609f9282a18fb36e38e508d71cf5

    • SHA256

      ab87b643cb36cd07975465a59846e026aec59dd9afc19d9d52f8b02d79a80e0c

    • SHA512

      54ea9f358c2225a3545a2cdbc3f14b2488fcbeec254900d06ae1037f267f5689e7beb4f2c719c185e07a80d5bb03158345897e299bc9c6d53b5070579c0b1335

    • SSDEEP

      6144:eaBmEW9GcZYhCNKDhPXr4yvtWeUcw3bb+IOCqwzhk27:ef6MvoXEeUzoRa+27

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Target

      The imperial Gatekeeper mod 2/Data/BGM/[BGS]s3-kaze.ogg

    • Size

      194KB

    • MD5

      5eb651855fd10f1a125fded9332fd00b

    • SHA1

      e5a5b8bac602aa50e42f49cf86cdfcfff4eb31aa

    • SHA256

      c7819fa067703b1b50641123710de5b69f9960e2e9d8a4ec5cd22c8b9fb93f7d

    • SHA512

      3d88d7fba8e96af952a0419521034eec7aa01ec9964656867747fed2fa74fd9fc802751745a72866f0aeab146c71e1c7348c30476de4df6cb818d08416c586a0

    • SSDEEP

      6144:55DefyPZae2oSu9e/Ngpdj9YRlR3QWli8:7iKPZqFgv9Yqq

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Target

      The imperial Gatekeeper mod 2/Data/BGM/[BGS]shizuku.ogg

    • Size

      100KB

    • MD5

      276a165a28bdaf761ee7ad5dbdf35b14

    • SHA1

      c4b8fd741ee82ce65329125bbff4e3147052f65e

    • SHA256

      0c1a5c454b67dbdaa4869df68b4c09093e21158a1a452c49b2a7d5d54f4738bd

    • SHA512

      80e9b8e61630a55bf9c87f0e257b770b71d11e174eb9e002445bb6899722553cdf044be2d0ac0c77bb836bc7aeda0617cafe8cda3fcd267a2c4b14c91de1e90e

    • SSDEEP

      1536:OVrW7KIeGPthnNCrSyA49TJrrMTLlWbbLjHZnnPOhfWdso2E7/+olHQX7ZBZq:O5W7HeGPZCrLFNMfQb3bhPg+dGKa7zZq

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Target

      The imperial Gatekeeper mod 2/Data/BGM/[BGS]sparrows.ogg

    • Size

      234KB

    • MD5

      f3c2d682ab498d5728f8824518647b92

    • SHA1

      22a4335ed855de8e4c84c206f9818dc907562f01

    • SHA256

      9abe0e1221a7daa5a9d37aa42e6add02acc5893c656e1f446cbf1a13792366de

    • SHA512

      807282ba1c901d1642442460d68731c11a8ec8ba0b4775d3c6141b671dfb726127731cfe1d8fca8b48123597d3c34e0956d35cc4d12f6ef30d1bbc44e4943c94

    • SSDEEP

      3072:QVIFx/0Wb81/KX1CN1XnEo5eGWYqajuY20n2zbK97QIKqrPRTItIgobel:Bv8/t1Xn1enYqaLM31IKq98tI3ql

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Target

      The imperial Gatekeeper mod 2/Data/BGM/[BGS]tekoki.ogg

    • Size

      44KB

    • MD5

      ae8c7caf3d3c2b0688f8bd12c44f81cc

    • SHA1

      4bd64da7e73275fba1fc60f29137f0417a94dc54

    • SHA256

      e088e36a7819ef09ff3cc13d3ca967548bbc91b0e1e31e5e04f23c4b1e1cb48a

    • SHA512

      f6b4a8bed73761af406f8762d8870a987ca2c0f140cf78211270781ad71d74270bd83ff38908c773149fd7d3582ddea7a98a0c9149f6580cbe9e35e50889ab74

    • SSDEEP

      768:P9lFCJrFShsQO+iLPa0vlCeGKQVTP4SxjmyO7TvwgB7yb/vUo:Pr0FS1heWU6jHOXvM7so

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Target

      The imperial Gatekeeper mod 2/Data/BGM/[BGS]yachou.ogg

    • Size

      240KB

    • MD5

      a750b196b013a28f5b3ea4543786acd2

    • SHA1

      6924d8f25843e5a4c9475cc407fa8a987ee27cba

    • SHA256

      779ec48bf33c243c4fe6c3dca0024cbc111cce17d1bd1d09a1bdc0c99a55d2fe

    • SHA512

      7d2b3d17302da5da05a3a8c554063c068f2f487af3c5c2b0b2f6e17bc3974b795e6318f72053d29c89700bc009cdbdddf9f7d1fb12bc864cec5ea587d7d468c5

    • SSDEEP

      6144:q9XzgnuhUnh11aAYrigcxC+5UUfdHzFa4yW0LcIPCaeoYwaL:qBIuuhPiig8n5HxzFa4V0LqaU

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Target

      The imperial Gatekeeper mod 2/Data/BGM/[bgs]panpan01.ogg

    • Size

      130KB

    • MD5

      0ff4bbee48ee42f9c324f55aca618864

    • SHA1

      5884b67bb50dc392a85a4d0a83fd0da1f971a271

    • SHA256

      10c36582e1e5345ba74d29962987e116eed9485fbad2514d010c46639d39e3a4

    • SHA512

      419d93f8acc22f2bbd3a6b75b24abb37b68d544293105e784e372465738fb97ad10bc8acc0aae47a1fce216ae35f85f3856e4ab9b090d59d48bd4a3e4281216f

    • SSDEEP

      3072:YxilpygzFticsSHtOOyqSYF5zhDtK5PZVaiL327d:omjFHsSNOOX5Fc5PZVa4ed

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Target

      The imperial Gatekeeper mod 2/Data/BGM/[bgs]panpan02.ogg

    • Size

      48KB

    • MD5

      472420c69ac8073be34b60f94875682d

    • SHA1

      46d462f270e7f37321331bd8f0ef635d65d2ae32

    • SHA256

      f2b66a1e01e9f720539c95fb1cd42055a19fe02ee08b7be13b46117e5aaa30ac

    • SHA512

      af6c174e47b4c9a156aabccbb5a46840e2c468ba2c846080eeceb78edadd3eb14397c2afed4a570b6092f577ca4edc29dc007cefc05980dbb8948b0ae4abff7e

    • SSDEEP

      1536:QdPQddI0hiG90qJpdBLHt5M9w+Qj29F464hBXQmQF8XlYHB:QdWriGWItH7M9weF49rAjWXlYHB

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v15

Tasks