40a90ddd4f4491ee74b28bdea5524fc01a484ab827954f2d2f1cb25461610573

Sharing

Copy URL

Twitter E-mail

General

Target

SuperHexagon.zip
Size

25.5MB
Sample

240511-wc1e5scg38
MD5

31b053505f70d5264c9305b73a04defd
SHA1

6a5c8a751f2a9567c157dfd903bc9a3c95c06b98
SHA256

40a90ddd4f4491ee74b28bdea5524fc01a484ab827954f2d2f1cb25461610573
SHA512

d207152b1a91c2dda3c7ddb99c65528990c4d74376bfbfac30530f4608ba03cf6ee3d86ae1e5fe929f6359ce0a0a1ff22d5c5052ec4d6a8bf6a9e013d43b6b89
SSDEEP

393216:Jd7wkukZ5OKRtP6HEBP4M0i+dmlerWu+x7UTdqUU8jyilexrx/TmeEwswe7Nv:/O8Uk/09KeMKdq58jxQl/6PNwo

Score

7^/10

persistence upx

Malware Config

Targets

- Target
  
  Super Hexagon/Super Hexagon/Assimp32.dll
- Size
  
  4.4MB
- MD5
  
  5cdb62a460250bbc56b53969146ca4a2
- SHA1
  
  a3e5f36e83494c9ceb82f6d86f2282afe46fddcb
- SHA256
  
  7e022a9f754d53e4690255ff4e38d3d9ce43829995c8e8e372b647164b4275ff
- SHA512
  
  5c96cf53bc00654b006b74e5315c6d51da77ba4aeadcbd66d607a1e49b307304e75e2754b14e0b3ec06ca88b132af0834600f907d162e7b10a376e540fb691ae
- SSDEEP
  
  98304:ItEZRgjs/AY7AV0KyHtFyPdMWCq0YjzBNJdE9z7QX2xmRXmEoOELyRQNYEow8omS:ItEZRgjvJ0K8yPuu0Y/BNJ29PQX2xmRe
Score

3^/10
behavioral1
- Target
  
  Super Hexagon/Super Hexagon/FreeImage.dll
- Size
  
  2.3MB
- MD5
  
  681a319e6639bed31cf626238d37506f
- SHA1
  
  9df7456167619328021acef45cd7b84b33ee95b9
- SHA256
  
  60710ac86a3427e7311ab2ddc77e2ece1eb03b5c9a3236fe5a26f31aa31b6d48
- SHA512
  
  0a9702bbda7b2014e4336f42ea0758e5d1db136ea3d2cf966cf1cb95940683b406e367181ec9c57fff217a2be3dd85a94f23c761dc77aea3ad0a4fc783bda12e
- SSDEEP
  
  24576:6fvJabimcsNY9L80+nhfKPUvhUkZvcVEg1WhcKp2p9AqVlQSGg70gIhTxCTMy8NO:6fvJablc8iL80HUZOUyKp29pGvgKT+p
Score

3^/10
behavioral2
- Target
  
  Super Hexagon/Super Hexagon/FreeType-6.dll
- Size
  
  356KB
- MD5
  
  e8a84fc74e359f86c7bdf61170cac17b
- SHA1
  
  1911978ec68a2fb74181215689f97664d2560172
- SHA256
  
  4cedbc6051284f8c7e18f598531b6acd5f60bb1a158e521e71d4039f566b369f
- SHA512
  
  936f87e151b4bd5db79ffaafab9442676a3cf8ef4b131515344e04c8a4366bd1fcfa0deb0b9f993a2b85fb0c941e3b821e4364d340a919baf603cdbbf98a92bc
- SSDEEP
  
  6144:DUhFEoYhnDbcrFk/PF2uV05X8g6zxs6URgVkfw3v:DoFEoYhnDbcFk/92HATmAv
Score

3^/10
behavioral3
- Target
  
  Super Hexagon/Super Hexagon/GameuxInstallHelper.dll
- Size
  
  94KB
- MD5
  
  4d3ac88054df63fc810427bdaa96c458
- SHA1
  
  e4d554e03ba91f6b53a2a80253b339f56e303c94
- SHA256
  
  b07ffcd0af80f6b9fba09abe816ba2f0ff0d336639f1768fc317291bc635ece6
- SHA512
  
  d4732ad89bbb19b316dff1b9c534acf98bb985c89d1295f08e24b21531123426500b3712979dda2f0e941a5969c0cbca15bbd52f6c167653f96a494a6677ca54
- SSDEEP
  
  1536:B+cZE7LuH82vbVSEru0QrtLMNYxKoqbEnz8Gj1Nh5vIexy8Cy/3:YcE7LV2ULMZowGjJ5vIexy8Cy/3
Score

1^/10
behavioral4
- Target
  
  Super Hexagon/Super Hexagon/Launch Super Hexagon.lnk
- Size
  
  1KB
- MD5
  
  bbaa9673c9b5e51d17049e1d1f0af250
- SHA1
  
  9393739f9b5a30f2c4ccbd230792b89c59f33679
- SHA256
  
  8b920dcc4457cae5db0700ea1014fcae14a9c4b5ca16f6c61ed5cc32bf946279
- SHA512
  
  879eaff380bffaca621d6d365dbfe5f484ad99c239a6c3e7f8d53ee137a6f59076727375ac46a7cb932e0e7d030388666dfe75cf9d36ae9846e47f580f8836fe
Score

7^/10

upx
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral5
- Target
  
  Super Hexagon/Super Hexagon/Zlib.dll
- Size
  
  68KB
- MD5
  
  48affbcb623a3e56c83e5d28f0583ce6
- SHA1
  
  7e202febc01554f3320541a2941c12b9e855eccb
- SHA256
  
  edd08eb064ed586630960568aa995cf046ecd9557f97adfd793b2a135048eb77
- SHA512
  
  c9306cdc1a71a86a89778fa82bf5260534a419bfad9984688d07d491fa20b68c53a103aea862f3cbf4fc3870d37a6405ca757d9bbcc93e2868c57645ff1993d4
- SSDEEP
  
  768:nRagNMR87pA2cp+k8AVfgibjlR1L+zwWMyKO+zlSXuNiOxPj6:nRkREpITVfgin1iz91C8hA
Score

3^/10
behavioral6
- Target
  
  Super Hexagon/Super Hexagon/fmodex.dll
- Size
  
  282KB
- MD5
  
  11b9c9949b797552badb69eb68d0d4b8
- SHA1
  
  5e56c03b89e0130310f100b1cc445ff2fb0b0e55
- SHA256
  
  5e2323323a3d0fb62551fc581a86be4b0800361685f4b07a0a7945fb4aae4aa7
- SHA512
  
  8671c38ec9fa01cd966613541b2c4e80d0a5b670bb8fa6797eab8479f9ea5601b04579672e511e37862f861e7ea155471edebfe13ec36f8cf4b779ed950f19b4
- SSDEEP
  
  6144:lz/1zLL/lXjOyjTo5RAO3T7hFNy8fVtvw/tXJlxNB/tEp2Bl:t1vZJTo5+O3/hjy8fVtv
Score

7^/10

upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral7
- Target
  
  Super Hexagon/Super Hexagon/fmodexL.dll
- Size
  
  323KB
- MD5
  
  c5173be465e9f68f640f67479546187e
- SHA1
  
  6cbf385dfbcaf7e7aff16d3b78064cbae3138f81
- SHA256
  
  edc5f33f36e6cc84d132a6f81dca5a4e32d1341f9c2dff951b050b0c9a404162
- SHA512
  
  a12604f310d432d8153bda411f255a949b34e0a6dd4b1a5d690a1ac7a84695c9f573ee24979a55f816f650dcffe107f662a31390022ef0460538907957eea6a0
- SSDEEP
  
  6144:48a0qldUMAGDxLG5u9XnnFxj0+qCcxk7yD9XdLhrfYNNu9lxNB/tEp2Bl:4L0AzAGDZG5u1nnFG3OWvBmN
Score

7^/10

upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral8
- Target
  
  Super Hexagon/Super Hexagon/glut32.dll
- Size
  
  232KB
- MD5
  
  ae1f4dacacb463450dde420c0758666d
- SHA1
  
  9b14ae8de96cf7c211152a5d6db8584cd7c3d22f
- SHA256
  
  722b8d2c4912ab640fc766424fe1bffd45a0e735293ac2d763eb4031684bb468
- SHA512
  
  925c28706b42a04c8ffd0b1c58c692d7aab2b719ec5f8938763d275dca5b9a50a1071f0fb6be067e4ad0f3ae3dd7d44ff2b54e03c23312fd6b5bdcebc0185bba
- SSDEEP
  
  3072:w7wWdCMC/DmbptJT8yQCekJZyJQL7xctpP+RXgol33MpV:tW4rQuyQUNctp8xaV
Score

1^/10
behavioral9
- Target
  
  Super Hexagon/Super Hexagon/goggame.dll
- Size
  
  199KB
- MD5
  
  7f3014ac2a2c75f7bc69bbd1a5f39161
- SHA1
  
  7d74d0917546796ab8828c53e9c3ffb80551f90d
- SHA256
  
  513e05ad7b3b5df140c2c4d4ff9098c83f516bb8c27ed9f89b3befc9f854ad87
- SHA512
  
  467068d342e48c31aa1fe49916e9a6696001d6faf088ba2f1fcfb41189e24048806f94823bca6e22a45c7f5d4c66000a475b777bc385c8aeb3a7522030b5bf69
- SSDEEP
  
  3072:bx3avFRGzrsLPs9JaKI00vZzD+5qJ+cOmnb9mkXdUAn9gZ8FFKJsFFFF8FFFF0Ta:bxdrsLUEDKWnZhXdWS2
Score

1^/10
behavioral10
- Target
  
  Super Hexagon/Super Hexagon/msvcp100.dll
- Size
  
  411KB
- MD5
  
  03e9314004f504a14a61c3d364b62f66
- SHA1
  
  0aa3caac24fdf9d9d4c618e2bbf0a063036cd55d
- SHA256
  
  a3ba6421991241bea9c8334b62c3088f8f131ab906c3cc52113945d05016a35f
- SHA512
  
  2fcff4439d2759d93c57d49b24f28ae89b7698e284e76ac65fe2b50bdefc23a8cc3c83891d671de4e4c0f036cef810856de79ac2b028aa89a895bf35abff8c8d
- SSDEEP
  
  12288:iHEqYsrMWIqz473PTiPoH/aGhUgiW6QR7t5qv3Ooc8UHkC2eKq87:iH9YsIWIW4rPTiPofaDv3Ooc8UHkC2e8
Score

3^/10
behavioral11
- Target
  
  Super Hexagon/Super Hexagon/msvcr100.dll
- Size
  
  752KB
- MD5
  
  67ec459e42d3081dd8fd34356f7cafc1
- SHA1
  
  1738050616169d5b17b5adac3ff0370b8c642734
- SHA256
  
  1221a09484964a6f38af5e34ee292b9afefccb3dc6e55435fd3aaf7c235d9067
- SHA512
  
  9ed1c106df217e0b4e4fbd1f4275486ceba1d8a225d6c7e47b854b0b5e6158135b81be926f51db0ad5c624f9bd1d09282332cf064680dc9f7d287073b9686d33
- SSDEEP
  
  12288:fQmCy3NeRjkpQmj3oaMtQqjoygfXq3kon9IlbgaOxQdVJJ6j5EBKX8hR5:ImCy3VQs9MtLjTgfa3kon9FaOdEz5
Score

3^/10
behavioral12
- Target
  
  Super Hexagon/Super Hexagon/steam_api.dll
- Size
  
  103KB
- MD5
  
  e5578450156d19260fc06e2a72856595
- SHA1
  
  c15657dec995085ec83430c03367ab36f3af67a8
- SHA256
  
  b55054a9d9287c704b8e0ad3acfef1ea5c3fa6982b20b7e36466dc76a6ad8925
- SHA512
  
  70e16dd0978c9275d7ace9a608c67cab688b6ab35bb50c22c4c68427bfdfc0b760fd82ef084d185ecf65de271d29a83a48afebafd814aea4d01bd347ecc4a127
- SSDEEP
  
  1536:iNta1rZyGnqjdnFIrD4s1hRdjlRUWYG0HeT3W8zyXmnYyOIVoOu3a/kzQSC6F:iXaBUNnFo1hRjRxYWHwX1N3a8NF
Score

1^/10
behavioral13
- Target
  
  Super Hexagon/Super Hexagon/superhexagon.exe
- Size
  
  2.6MB
- MD5
  
  6a5934a409eafa882d5159a8d6039702
- SHA1
  
  4ed8cd42ac0cee241b44534a7e809508e1ee45d1
- SHA256
  
  a68bffbdbc6c1c6c625d6e9f565c6dfdc1d517a98f781bdbd5d7c96636538625
- SHA512
  
  deddda0981502db156901b13a0a2b24ca5b1cc4baa423e11ce2f9741e065943c11e6ec5a4c61f71d62db4894bcecb704d1c44e25b37fbc5b9cc166c90eec9f60
- SSDEEP
  
  49152:J9ZGVSwBIB9PJFWBEow/4c3M1nkNMLqE+7HG9TF:JrB9PJFWrw/4R1kNMLqMT
Score

7^/10

upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral14
- Target
  
  Super Hexagon/Super Hexagon/unins000.exe
- Size
  
  1.2MB
- MD5
  
  dc61e0db68d2417e0a2ea73e01182dcc
- SHA1
  
  a44a21cd1bfeb8dc1d7cc61ae44cf94e1059a9c3
- SHA256
  
  557285aa17977f5666cdaa33df8dd3836f72e5ea696ffef0ecfb16cc1c861d2e
- SHA512
  
  1f9058bc3c25f0361579baf820c700c5521c2f38480279a27db692845fdf2ba9b46f043b4ce69e11254c9f36b8ad429072bd40d04378f7243b7c813fe74363aa
- SSDEEP
  
  24576:0YwCLCUplZhgjXj8YcgoniqO3CBiO0jmS+Elzcy8ZNat1NC2Nx94B:PGUhni7eSRzcZEgMM
Score

7^/10
- Executes dropped EXE
behavioral15
- Target
  
  Super Hexagon/_Redist/dxwebsetup.exe
- Size
  
  285KB
- MD5
  
  bcbb7c0cd9696068988953990ec5bd11
- SHA1
  
  3c8243734cf43dd7bb2332ba05b58ccacfa4377c
- SHA256
  
  34f64699d4830145cae69bd40115b1f326e70fc6a98456cb3df996d947dddca4
- SHA512
  
  551a2e3aa5fc7c0e79c3bd7c5333df5f1920ea83fe35b99adbbe865ea926fa772d72709bde2ea8f2685f4914cd96ff7b5b6f894f9b99f1120c2abe89c390a786
- SSDEEP
  
  6144:3WK8fc2liXmrLxcdRDLiH1vVRGVOhMp421/7YQ43:mcvgLARDI1KIOzOR3
Score

7^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral16

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Checks computer location settings

UPX packed file

UPX packed file

UPX packed file

UPX packed file

Executes dropped EXE

Executes dropped EXE

Loads dropped DLL

Adds Run key to start application

Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16