General

  • Target

    WARPLAY.CLOUD-LAUNCHER-Setup-1.6.9.exe

  • Size

    119.2MB

  • Sample

    240509-tk9bxaae5w

  • MD5

    b12b6e6ca4c38d2ec890dbd1761c28c3

  • SHA1

    ed60626bce89d0fbd95c8d7f43805d12d4d74e16

  • SHA256

    5d537c4258b8bf8366ef92333610dbbe25b72ac1c9be4d4d79f80f6046dde5ac

  • SHA512

    fb546f8d56ef788c9db90d8971460e86a23f9ce7eba7c23649b91931308daa5e4fb9dd8c0c3d2984abfeebeeff6560b690129470dd572a46d1bc2b1f59665b3f

  • SSDEEP

    3145728:FO0upvN0ETakHucSXupMAFGoS56CcAtqIdcHd+Vo++BnQz53fMm:5I+q/JBpMtoS56dTQKEVmqzh3

Malware Config

Targets

    • Target

      WARPLAY.CLOUD-LAUNCHER-Setup-1.6.9.exe

    • Size

      119.2MB

    • MD5

      b12b6e6ca4c38d2ec890dbd1761c28c3

    • SHA1

      ed60626bce89d0fbd95c8d7f43805d12d4d74e16

    • SHA256

      5d537c4258b8bf8366ef92333610dbbe25b72ac1c9be4d4d79f80f6046dde5ac

    • SHA512

      fb546f8d56ef788c9db90d8971460e86a23f9ce7eba7c23649b91931308daa5e4fb9dd8c0c3d2984abfeebeeff6560b690129470dd572a46d1bc2b1f59665b3f

    • SSDEEP

      3145728:FO0upvN0ETakHucSXupMAFGoS56CcAtqIdcHd+Vo++BnQz53fMm:5I+q/JBpMtoS56dTQKEVmqzh3

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Target

      $PLUGINSDIR/SpiderBanner.dll

    • Size

      9KB

    • MD5

      17309e33b596ba3a5693b4d3e85cf8d7

    • SHA1

      7d361836cf53df42021c7f2b148aec9458818c01

    • SHA256

      996a259e53ca18b89ec36d038c40148957c978c0fd600a268497d4c92f882a93

    • SHA512

      1abac3ce4f2d5e4a635162e16cf9125e059ba1539f70086c2d71cd00d41a6e2a54d468e6f37792e55a822d7082fb388b8dfecc79b59226bbb047b7d28d44d298

    • SSDEEP

      192:5lkE3uqRI1y7/xcfK4PRef6gQzJyY1rpKlVrw:5lkMBI1y7UKcef6XzJrpKY

    Score
    1/10
    • Target

      $PLUGINSDIR/StdUtils.dll

    • Size

      100KB

    • MD5

      c6a6e03f77c313b267498515488c5740

    • SHA1

      3d49fc2784b9450962ed6b82b46e9c3c957d7c15

    • SHA256

      b72e9013a6204e9f01076dc38dabbf30870d44dfc66962adbf73619d4331601e

    • SHA512

      9870c5879f7b72836805088079ad5bbafcb59fc3d9127f2160d4ec3d6e88d3cc8ebe5a9f5d20a4720fe6407c1336ef10f33b2b9621bc587e930d4cbacf337803

    • SSDEEP

      3072:WNuZmJ9TDP3ahD2TF7Rq9cJNPhF9vyHf:WNuZ81zaAFHhF9v

    Score
    3/10
    • Target

      $PLUGINSDIR/System.dll

    • Size

      12KB

    • MD5

      0d7ad4f45dc6f5aa87f606d0331c6901

    • SHA1

      48df0911f0484cbe2a8cdd5362140b63c41ee457

    • SHA256

      3eb38ae99653a7dbc724132ee240f6e5c4af4bfe7c01d31d23faf373f9f2eaca

    • SHA512

      c07de7308cb54205e8bd703001a7fe4fd7796c9ac1b4bb330c77c872bf712b093645f40b80ce7127531fe6746a5b66e18ea073ab6a644934abed9bb64126fea9

    • SSDEEP

      192:1enY0LWelt70elWjvfstJcVtwtYbjnIOg5AaDnbC7ypXhtIj:18PJlt70esj0Mt9vn6ay6

    Score
    3/10
    • Target

      $PLUGINSDIR/WinShell.dll

    • Size

      3KB

    • MD5

      1cc7c37b7e0c8cd8bf04b6cc283e1e56

    • SHA1

      0b9519763be6625bd5abce175dcc59c96d100d4c

    • SHA256

      9be85b986ea66a6997dde658abe82b3147ed2a1a3dcb784bb5176f41d22815a6

    • SHA512

      7acf7f8e68aa6066b59ca9f2ae2e67997e6b347bc08eb788d2a119b3295c844b5b9606757168e8d2fbd61c2cda367bf80e9e48c9a52c28d5a7a00464bfd2048f

    Score
    3/10
    • Target

      resources/elevate.exe

    • Size

      105KB

    • MD5

      792b92c8ad13c46f27c7ced0810694df

    • SHA1

      d8d449b92de20a57df722df46435ba4553ecc802

    • SHA256

      9b1fbf0c11c520ae714af8aa9af12cfd48503eedecd7398d8992ee94d1b4dc37

    • SHA512

      6c247254dc18ed81213a978cce2e321d6692848c64307097d2c43432a42f4f4f6d3cf22fb92610dfa8b7b16a5f1d94e9017cf64f88f2d08e79c0fe71a9121e40

    • SSDEEP

      3072:1bLnrwQoRDtdMMgSXiFJWcIgUVCfRjV/GrWl:1PrwRhte1XsE1l

    Score
    1/10
    • Target

      resources/streamer/macos/Parsec/assets/Parsec/libparsec.dylib

    • Size

      3.9MB

    • MD5

      2e31a236f3546e43e7a7ce082885916e

    • SHA1

      e877df3f553f71ae705ffea6f670092ab79656d0

    • SHA256

      01f6c5b4561806bc826ac0dbb15b2a344b0e8b326acdf08f32f891df649d82d2

    • SHA512

      9abe8c22ca9044e0f37f24c25f7bf17733ab5d72b1e64b18b111a1b776a9fa47c469783a37df45bfdbecefd149239ef50ecd3f5ec833df98effee41923ac296f

    • SSDEEP

      98304:k/eIZWYwiP8Ds4MBAk7mnV+n2jiX8wU8ME036mhkQocQBfmD:k/eIZDwiP8DbntEihnocT

    Score
    3/10
    • Target

      resources/streamer/macos/Parsec/assets/SDL2/SDL.h

    • Size

      4KB

    • MD5

      e81de9160976f6ae4ea917fa6bc6e469

    • SHA1

      937eba94bdf2a7fde240dfc4b67b5c2a28aa951d

    • SHA256

      e44d1f1bad2da89b679fb18e6e219e2d11da9aa888333141577308626f4224e3

    • SHA512

      924117c15450e253739ea0689a2155902938db6c52873948e666f31b326bd60c418a03d999db48a3271ac2fcea6cd8ba8cae70ab4f0047bc1250e21fef0124de

    • SSDEEP

      96:uD1t2oORF8p+N9Z4VigZMllNJv0+PW6m/OnG9vHzySFFbcCJDKPjwPX1fE5T0fMg:M2bRO9v2SFFbcCBQjiX185T0f/

    Score
    1/10
    • Target

      resources/streamer/macos/Parsec/assets/SDL2/SDL_assert.h

    • Size

      11KB

    • MD5

      15a870ccf731ccf8570d7f3a82917e07

    • SHA1

      dd3a2abde7b98798fd04d4f688a1b47ae1aa305b

    • SHA256

      1c2e29c313816dd5825d7d46defd2bfcac5486f61e35b5ad39d4cbf6d73d105b

    • SHA512

      430a1298b935e43d680c24373246d26343946142cdff83f116efe2a44994762b3e787c7a7198d58e1c045e9b634941d4105ee536f3d39126e87ae924ac1e77a3

    • SSDEEP

      192:obz8UcbJM8p55iby26g12q8uT3zr1ml3yo5EXIpqIfFbg2JBdaZtA6RMgkS:wz8UcbJM8p55iby26g12qdzRml39gh

    Score
    1/10
    • Target

      resources/streamer/macos/Parsec/assets/SDL2/SDL_atomic.h

    • Size

      10KB

    • MD5

      6ef505868b07898ce43c758764a4c8cb

    • SHA1

      7ff9f438ef397bf4142f30f1b3a5a8b6bc4dc3bc

    • SHA256

      32f3bc76ebd8f59e4d9b5fa770126fe36794e6afc906c11f59fba7d487157b8f

    • SHA512

      8a41a3df274a1effb52706d297457dbc9104b434d4e388e53c97f6d58118793099ce1eb2aa36d8825efd76dc528a0da7080ce19a09a450f34456eb1e8bbed277

    • SSDEEP

      192:L+dehf8dXsdR8UsM2ph8GQH8nba8Bv8BEkzGMfKFbC3rALt6TMgRV/:6UhUXsL8UsM2phAH8nba8Bv8BEkzGMfb

    Score
    1/10
    • Target

      resources/streamer/macos/Parsec/assets/SDL2/SDL_audio.h

    • Size

      33KB

    • MD5

      308fb0c6b89f5c721f7da0b53bb47927

    • SHA1

      8972f6ae974568ca6c8a80443c15bbe9ccbf4bd3

    • SHA256

      ce48e2b727fb29d2e5e7fb6cd74a4fef30a28ce161034d8754a5bae7068ea305

    • SHA512

      bd1c359838271167b0493171bf40d88e70692e001835ca347ad58cb8bdcf56bdbc575d99916ebfc892ab2b25a34037b04c3c465f2770cd869813491d95b842f2

    • SSDEEP

      768:2lyU0vyi94s5XQhARn+ADLl+mr4wp/U0YUDf:2K4wXMO+Ggm1b

    Score
    1/10
    • Target

      resources/streamer/macos/Parsec/assets/SDL2/SDL_bits.h

    • Size

      2KB

    • MD5

      254cc4e058d2445add38dc45c9b3c9cd

    • SHA1

      a61947a312f4f345d0abdb19b7d5cfb89d5db767

    • SHA256

      304e7439f0e954abee5a206eb6267d63836f11686644202e398466f1eda953a4

    • SHA512

      1d104f1cdfe85051a7cfcf4dd773a2bbb6abfc87ebd30582e0372ea29628fcc63d1e547ea9714cdbbac62b1edc0f8c4c9da7d31aae508f21af8f41846fd4b905

    Score
    1/10
    • Target

      resources/streamer/macos/Parsec/assets/SDL2/SDL_blendmode.h

    • Size

      4KB

    • MD5

      5577f886f6c0c19c220790c83c17e019

    • SHA1

      b0bfa7ef3121ea41b9ba8f819f3ff36be91cec8e

    • SHA256

      074d52757c8f2df668616a91e32f31316f3d18df52cf785a311aeeacc8268a9f

    • SHA512

      62f12ad276a49c1500fb2e01e426c1aa5fdf16e05b815024ea8b5849571d57e32b53de90dfc8fc92185af08859297fa2ec20f6647e0047463b10f13b6d95cc39

    • SSDEEP

      48:9a2J4vcebyt6NMTpxe1ywnTsdfuQnj5Ia8w0KmBm2QmRGQIaf+enj5n0nVy1T1Un:uD1tT4R1x8jGQxN10V76Uar4xKlz2x3

    Score
    1/10
    • Target

      resources/streamer/macos/Parsec/assets/SDL2/SDL_clipboard.h

    • Size

      1KB

    • MD5

      2130d3745d5ac551ef13bbdd7283a1af

    • SHA1

      15cee7063bc8fb99db45620b5e98d34fff799a41

    • SHA256

      db42c1fd3fe2aa12d09434b0cd78a8ff2b0891b6157874ec134b2bbb892a5b98

    • SHA512

      f92000c0c38e54346c704b9788da2bf5c7b4a580ea289dfb3c5f41348e06bb3b4e6b333cb4b5977491550ebd85c5d44c97941f120acf601c6645dc531c684ead

    Score
    1/10
    • Target

      resources/streamer/macos/Parsec/assets/SDL2/SDL_cpuinfo.h

    • Size

      4KB

    • MD5

      95db8c46762ddce94099d6025bb37dce

    • SHA1

      3e744ce0d229745a88f37d035f3a1e6086b3eb6f

    • SHA256

      2b0f30b116509e965ad011cb9e43041dd283833e85b589402d3b9f0f76089205

    • SHA512

      590bba0c292cd62a7dc8ecfe088b15137e2c973f8f85ac707aa92aac1d3be9a8546fea7ee43e9e79296fc3934c4881a5c63bc9746c402a0706acc6ad8cd21886

    • SSDEEP

      96:uD1tB2tR7LB6DqUUt6kQxP6rK7dHaTwpPbwd7rMrDUfWlU7AdstuSXCJnuN8d+AH:MB2tRsTIgNWmt3PbwxrMnUfWlU8dstur

    Score
    1/10
    • Target

      resources/streamer/macos/Parsec/assets/SDL2/SDL_endian.h

    • Size

      6KB

    • MD5

      82c366448ac142355ed5e529b93d482a

    • SHA1

      a07b8e717e1b81e044791097a0dc69b8c50ed233

    • SHA256

      7f1aa20a4590816954c3ca4ab596447643c78d3a4f77b578053481e673e0715a

    • SHA512

      73951ff344d9d99f290a8befc875a251603cd5a0a44a309d1b119eb3c296710ea51cbdee90dbf825d21209db033d078f279675dad4809e2eb8459954f49b1570

    • SSDEEP

      192:M4jeKx3H6Xk7kjRD8BEN8BoN8nbjK8naG1NNfX28B6ZN8BrN8nbgY8naGI4NNF7D:Hx3H6Xk7k98Bs8BI8nb28naGXNu8B6Du

    Score
    1/10
    • Target

      resources/streamer/macos/Parsec/assets/SDL2/SDL_error.h

    • Size

      2KB

    • MD5

      05da44aed6818391707f55ee3951a567

    • SHA1

      bdd2ddcd7ff78ace7d8d5030cf436ef1449afd2e

    • SHA256

      e7c3c712dd22f7681c6ce701dcb0b5252c2463b26a198a7d2c6bb6b2952e6558

    • SHA512

      f82b33d6cedbc185b5e0074cea4d0ec4f90c034328a9986b73ed006c3efedcd3ab03cd0ae60a82244d4d44cb609461f3bfffdf8403e6bd7315492267ffba0c8b

    Score
    1/10
    • Target

      resources/streamer/macos/Parsec/assets/SDL2/SDL_events.h

    • Size

      29KB

    • MD5

      7ce66485a94af7e9cf50ae7614b481e3

    • SHA1

      f5a3b7a7ce067463b1b313607a35f36a1468c4a3

    • SHA256

      988ef0d09b59e945ff4532b7f1a2aa006013d04e49b244d03cb9a9c677cddf2b

    • SHA512

      2ac1bd3b7c4696e8cd2b55ba01ed6918daf28c054bffe987b7b4540d9d53c0afc9b4e3fceecf266c3881ecf239d0703422d67cd4409d887943f6b951103e7ad6

    • SSDEEP

      768:P22GLGHLTG9r003Hj1l8lalDIgw1mj8Kl:P22GLGHLTG9r003Hj1ec6H1m4Kl

    Score
    1/10
    • Target

      resources/streamer/macos/Parsec/assets/SDL2/SDL_filesystem.h

    • Size

      5KB

    • MD5

      1eac34168c7ccf28ea6967fe637fcd9a

    • SHA1

      ec40bf013f976e5617882bb16409ee986fadff76

    • SHA256

      885d70a8ada6cac863be8f3a05ec270bde8587e62ed9cd6f14e363118bd9e329

    • SHA512

      8498cab91753b9295b1ff1bb416c1ff7dd70e5af815c9c81a2d3b0a8f838dbef96205c1b4854997cc3b77461f250a6092b320c427926d4e5cde36c1469014303

    • SSDEEP

      96:uD1tAqomHvUN0IoqK5hSTQ/gwTbwv9UN0dYH7kGabx:MAqouvU2ZqRQYwTbYU2dNbx

    Score
    1/10
    • Target

      resources/streamer/macos/Parsec/assets/SDL2/SDL_gamecontroller.h

    • Size

      12KB

    • MD5

      02667358e8b1d94bf7d4d01a8a505ac7

    • SHA1

      4c6946d360041a4046c6ae3f454c6c01c79cc219

    • SHA256

      5495cb9d198a33f9979ed785ad48cfbe3bd755c6a174423e9d037714b28b217b

    • SHA512

      818215f29dae0807aa89297e64d1ebd29d6fb2b4198d76b88774fde21fa27ecabbe22eb8eca3c5b9645fe042ce74519c3ff432e418516cc2ef70627e54102df1

    • SSDEEP

      192:MLURLGaetKNnacxf2yvLIsr+lJat/ktvbLutiItFEwtRKo2N1BmOtBt/ktkgtnkw:9puyII2QjdeRi2g

    Score
    1/10
    • Target

      resources/streamer/macos/Parsec/assets/SDL2/SDL_gesture.h

    • Size

      2KB

    • MD5

      7150754d9131043003ebdd09b2eba833

    • SHA1

      49a4c0ed8631b39bf763d2f8715bd9f926b6f019

    • SHA256

      8da2de0a2db8acc92b938f287575f52f4ec414e33c8941d15ae6d1a5920536da

    • SHA512

      359d2196d3cd7c207019dc7062e4a1d9e36b8287e56cbcf3afc0fb0c9e78f42b560d1f1294b08c366cfb0db0fdfb77f86d4d64e2aeadd5879861150798915d00

    Score
    1/10
    • Target

      resources/streamer/macos/Parsec/assets/SDL2/SDL_haptic.h

    • Size

      39KB

    • MD5

      74c74d0a5a779ecd5f1a049798b4d181

    • SHA1

      56dff594d74bfc4aa9142eecadd7145c8f17daa7

    • SHA256

      d08977710af320e60e96598d9d5aa3e234b72a356b1ad7253e53a74192639eff

    • SHA512

      bbbeaf019660b77cbbc5eb35ddf8d9b09ea7f53d7bb4b9a66f6483c5589db060a53ec7fef7b97061c59a4b65b3b5285ffab7a5b0fc6d45ae5e22af8e32197d0b

    • SSDEEP

      768:N3QSuD7AhtB38qEgb8EsNxpu+VoCSAA+c24tGb2NkruT2x+E4/MN5catso:JQAt3+BE5CSAA+cHtGbAk6T2x+E4/MNZ

    Score
    1/10
    • Target

      resources/streamer/macos/Parsec/assets/SDL2/SDL_hints.h

    • Size

      42KB

    • MD5

      440a51f706f66703874635c59fb44294

    • SHA1

      daf375da0dc8bf1254866e282bdc4be53c2e9c84

    • SHA256

      572068640474a4b2ceb557e925b1758198307c2300f5487c9a583079f78119b3

    • SHA512

      1a942cfb242fad7870fd44036507e76a4ba119a8092d302162ebd9e96066a6ab19f1a10647fc914b03296dc0bcfd2dd432c4646b974936d6516058faf232f524

    • SSDEEP

      384:RCo4iltnVfC9ynQUAdkPQOhN/tU9MpDDt8EPVSIJk8wAHqB0plhoeFOjuVlPAn0i:LwPshN/lp/7SUGIHP6S06dnG

    Score
    1/10
    • Target

      resources/streamer/macos/Parsec/assets/SDL2/SDL_joystick.h

    • Size

      12KB

    • MD5

      b3f35f6b3317be4dd8bbacb6659cce88

    • SHA1

      94bcad254ec53ae36f4d38eb957df8e9344e2343

    • SHA256

      e86c7be0faa7317d3f264fac9a6968e1fd798d722856dbd522f384ce1db08119

    • SHA512

      242ec1599d37d2eddf142c83420eff62896d44b4d5275a7488ea6a4de233f775fbaaa80eff3d6a9802c09dfc6c90bac20ab8bba526870cf90d1c8e686f3fa360

    • SSDEEP

      192:M/XrR/+rCWnmZtcwUtxsM/BtEFt/T1teEtJFtRtmZ3yNOtjt/qtqteCL1tntvJIz:FrNFc3SudNTgfth4v

    Score
    1/10
    • Target

      resources/streamer/macos/wpstreamer.app/Contents/Frameworks/libavcodec.60.dylib

    • Size

      7.7MB

    • MD5

      e7fc72dbce1d70b77ee3a1db107ea07b

    • SHA1

      2792397686af40afab14c50b51ca47e65ca606af

    • SHA256

      dc8cbaef35591c4f0c41b7acda74272cd55ad87627eaac7eea3872f3ef250ade

    • SHA512

      1dd218bde1d6ea4a87acd26ad4e5f35b335a3450743119bd3be565021cbf10ee05d2aedd164a651b6584afc7a9c9e6932181c173e4e97f14c1f921808e6fa99f

    • SSDEEP

      196608:X1hdgLLK3yMLIeX/dy0Qv64OPz2iwGMY:X1hdgLLK3PLIS/dJQv6BPzqY

    Score
    3/10
    • Target

      resources/streamer/macos/wpstreamer.app/Contents/Frameworks/libavutil.58.dylib

    • Size

      1.4MB

    • MD5

      31d7158e1e6efb9d28da08c6e806fecb

    • SHA1

      5099a603353230c943df5e95dfe649a6fa0b0ba9

    • SHA256

      7241af3746a48c48f1c2c97bd9c3d660deccdb160a808e9818f50a1444ddf0b6

    • SHA512

      a01eb7890e090cb0382cd3ae03c93394616bebe3837128f8da4e4aca3e87ffbe972da6595303be138aa2b27d2825bd64990640d5fb38b23aa103385bb6373d33

    • SSDEEP

      12288:wH2j9xamojDmqRqtvEoLqAZn0lKpw1+HL+/KG0zbn0kz8ZMjKZbQrmJUbaSCTr5Z:pomIRqtso2AqKpwy/TPNbaSCTr5IxQ

    Score
    3/10
    • Target

      resources/streamer/macos/wpstreamer.app/Contents/MacOS/Moonlight

    • Size

      9.5MB

    • MD5

      ea77e701c9acdd968e45c4b479dc1f67

    • SHA1

      4adcd11289631a734847c947d3f64235fd89509b

    • SHA256

      fbc9a054436b9426e4a90700b185ab58e4f1d2f8813bca1e8d53f643f3d5848b

    • SHA512

      f08dc28abe7479311ef3b6e932e1a6a27d1f83b628440380926e011b49ddcbdfe4a654bcbb01a109b3f1458d557ffd4741bdc2fb66c17afd2cf982032344afef

    • SSDEEP

      98304:PjmHfM2Y8VKrgXZKY5+oS4qf+cHRSEe6OmUiPi8xa9VBA9Og52GfPWnb7buciP/w:v8VKQVlQOmE8kKXAiPWnb7bup8tgp9c

    Score
    1/10
    • Target

      resources/streamer/macos/wpstreamer.app/Contents/Resources/qml/QtQuick/Controls/Material/impl/RectangularGlow.qml

    • Size

      6KB

    • MD5

      95deb1b410b1d2190641f2b9e5ae254c

    • SHA1

      5df51421dd38ccbea301f5c030a1f7f8ac74f5d7

    • SHA256

      fc7d15d3c04e540786aafdfcfc171046463390f3b451826b2c2e07c48f83afd5

    • SHA512

      757c90343030caafca101e30bca7e2dfe053e37ef7149db6bf6d1a73e0ca45acf4a2b9c394f9a058967147e79dae2b0c5e66082efef0ed3dfe75ee0a26ed62f9

    • SSDEEP

      48:Yxxwsio5JAS44kH1KWRmoAAJ/H0SAAd449lM688YAAd44dpYG7ECyNfRjEzVTmiw:YLJA/RmEZRMTmtnWwbQ9VA

    Score
    3/10
    • Target

      resources/streamer/windows/Streamer/QtQuick/Controls.2/Material/RectangularGlow.qml

    • Size

      8KB

    • MD5

      f98e2eae330aee1fc832a15fc395ae4d

    • SHA1

      bb91c3051a65832000db517913f8a4b122c10f5c

    • SHA256

      e4ade2e5c1600befe2ae31221035b5beee33acbb9395db6911c32b117c10a300

    • SHA512

      c263a0a3ae0af2c665a079c4d77e931322ff4a6f062b3aa54d9d96540d53a1cb9d761e2901da39f869528f3b4f2867dbcb65540d8bf42e876e643c64de95f944

    • SSDEEP

      48:MCd5H6E+iCsAaKj7fOWIkFy99io5JAS44kH1KWRmoAAJ/H0SAAd449lM688YAAdC:nd5CB7fdpFWJA/RmEZRMTmtnWwbQ9VI

    Score
    3/10
    • Target

      $PLUGINSDIR/nsExec.dll

    • Size

      6KB

    • MD5

      ec0504e6b8a11d5aad43b296beeb84b2

    • SHA1

      91b5ce085130c8c7194d66b2439ec9e1c206497c

    • SHA256

      5d9ceb1ce5f35aea5f9e5a0c0edeeec04dfefe0c77890c80c70e98209b58b962

    • SHA512

      3f918f1b47e8a919cbe51eb17dc30acc8cfc18e743a1bae5b787d0db7d26038dc1210be98bf5ba3be8d6ed896dbbd7ac3d13e66454a98b2a38c7e69dad30bb57

    • SSDEEP

      96:YjHFiKaoggCtJzTlKXb0tbo68qD853Ns7GgmkNq3m+s:JbogRtJzTlNR8qD85uGgmkNr

    Score
    3/10
    • Target

      $PLUGINSDIR/nsis7z.dll

    • Size

      424KB

    • MD5

      80e44ce4895304c6a3a831310fbf8cd0

    • SHA1

      36bd49ae21c460be5753a904b4501f1abca53508

    • SHA256

      b393f05e8ff919ef071181050e1873c9a776e1a0ae8329aefff7007d0cadf592

    • SHA512

      c8ba7b1f9113ead23e993e74a48c4427ae3562c1f6d9910b2bbe6806c9107cf7d94bc7d204613e4743d0cd869e00dafd4fb54aad1e8adb69c553f3b9e5bc64df

    • SSDEEP

      6144:aUWQQ5O3fz0NG3ucDaEUTWfk+ZA0NrCL/k+uyoyBOX1okfW7w+Pfzqibckl:an5QEG39fPAkrE4yrBOXDfaNbck

    Score
    3/10
    • Target

      $R0/Uninstall WARPLAY.CLOUD LAUNCHER.exe

    • Size

      298KB

    • MD5

      a492fa93def80b67bd2812986d767087

    • SHA1

      239254a6fd6ceb3f194a8af1958cf6c00ddec83a

    • SHA256

      5b4af5c53903a61d7834a9aef03effa4e4ff192060b37083299dcec0b6d6c74b

    • SHA512

      497ec06eb1c6b72b8f868aaba8c5f6b84ea6a41ae5679097f5c854e028d3d3d457300e499722f5adf93042d595c9789300e26def0df893a9f38dcc4d49d2147a

    • SSDEEP

      3072:fn77v00hEoDEtauAs8X3S6+gsQB/JSh9XwQoiifIseeak+I8uaRtZaH2tvhOEA1b:f740IISX57jgZ+I89s2t0EyL+ya6

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks

static1

privateloader
Score
10/10

behavioral1

discovery
Score
7/10

behavioral2

Score
1/10

behavioral3

Score
3/10

behavioral4

Score
3/10

behavioral5

Score
3/10

behavioral6

Score
1/10

behavioral7

Score
3/10

behavioral8

Score
1/10

behavioral9

Score
1/10

behavioral10

Score
1/10

behavioral11

Score
1/10

behavioral12

Score
1/10

behavioral13

Score
1/10

behavioral14

Score
1/10

behavioral15

Score
1/10

behavioral16

Score
1/10

behavioral17

Score
1/10

behavioral18

Score
1/10

behavioral19

Score
1/10

behavioral20

Score
1/10

behavioral21

Score
1/10

behavioral22

Score
1/10

behavioral23

Score
1/10

behavioral24

Score
1/10

behavioral25

Score
3/10

behavioral26

Score
3/10

behavioral27

Score
1/10

behavioral28

execution
Score
3/10

behavioral29

execution
Score
3/10

behavioral30

Score
3/10

behavioral31

Score
3/10

behavioral32

Score
7/10