a42a8ff1902cf63d0a087335b3a04dfc349471fca551b948a834e8049efa95af

General

Target

Riot Vanguard.rar
Size

24.7MB
Sample

240515-zpgeksbg52
MD5

cce589dc2f1dd11e2ee2dd997eca1ee7
SHA1

8939d90f678ab7175eab9aa4238f0ee7c22b3b39
SHA256

a42a8ff1902cf63d0a087335b3a04dfc349471fca551b948a834e8049efa95af
SHA512

33c4a62998589ee223debb49f7fb61ac57ed95c122f924ef044042df68f63541aa9c135dbbd69a85379a50c3a350586fb5b6e92feec5c383a5acd2665e35d5e0
SSDEEP

786432:Qx3uurjux9NA4Kd/k839SV64ZjcyHgdrD77b:fBx9HKdZN4cwgVH

Score

6^/10

discovery persistence

Malware Config

Targets

- Target
  
  Riot Vanguard/installer.exe
- Size
  
  2.8MB
- MD5
  
  8b963e14b46af2aa941af845ea117718
- SHA1
  
  c235d530e9a437acdb642800649f7e5e6a14f272
- SHA256
  
  d75e71bd7e984bc63dbd5adfd0d0275968cbf0086b765defa346d9be9ce6c465
- SHA512
  
  372296b3bd966d4ef2478cd555ea907d03287c62eec9452b46596ba4969099238b2615a3a5832618f2a94cea26974c9b02e52a94520b84e606d7f06afa62a705
- SSDEEP
  
  49152:LGtlqrrIU6isw71UcHwbq+wh9O0DdvW4LgkDHRcIucVsqTaJON2pgk/ZrcOh5PiU:6+stcHuzqOyLPRcfpJZNRJnAc
Score

6^/10
- Drops desktop.ini file(s)
behavioral1
- Target
  
  Riot Vanguard/log-uploader.exe
- Size
  
  3.0MB
- MD5
  
  541778347e8549d2b34c89738a1115b6
- SHA1
  
  64ee73fce22affa9e98336dc4985305917f528ab
- SHA256
  
  e7573e756152ffc7dedab1b2e5679284fa67834f9e3b9a64d763666d0491802a
- SHA512
  
  c80bcc51b45d725aceca707076b03a20b1e9464e8f9b4566c89dfcc8fef12b70110d1f65e86b3dd3e4edfdb14198a3107bfe087fdfcf7921d49312ed17952378
- SSDEEP
  
  49152:fGtlqA6IU6iQWzRjCMf86TeZBIzYQItmkYY7VTpegSXQ85cEjlOh5PeiakKmYNP5:8+QS7fYIPIt1B80akKldRu1rxW/
Score

1^/10
behavioral2
- Target
  
  Riot Vanguard/vgc.exe
- Size
  
  9.2MB
- MD5
  
  db5a77fc97d4e1f79a796280f81ff484
- SHA1
  
  98dfb793a880050c228aab9a699a243bce8d4a7b
- SHA256
  
  435791a28a753a04288dff7e01bee38922905bd9d2b9a47c9a4a6679c7c6ae67
- SHA512
  
  e7d886928e9c84351ea4fbe5a09c2f055db916f100bb674ff4f2d5585cd5243b2350294fb45a3687a202b1458a879c8abdb243d2c0c4f1e0d11d8017be65d3ac
- SSDEEP
  
  196608:RG6xahLimV4bhhaqBf+cdSyf+u2/sCYM+29PodVN7QqL7TQfKXHLztM:zxaVJUhtBnSyD2/H+29+VN7tLoC3Lp
Score

6^/10

discovery persistence
- Adds Run key to start application
  persistence
- Drops desktop.ini file(s)
behavioral3
- Target
  
  Riot Vanguard/vgk.sys
- Size
  
  20.9MB
- MD5
  
  6db1a4934c5d476ecb6164980551799d
- SHA1
  
  c38fb968997f5e949473e7ee85b95057b670af9f
- SHA256
  
  57e44fc8b9e017019c1ee054ccb2873b1242f7f74d4ab5ddb0c19791cea3f7dc
- SHA512
  
  8c85d5ccb6ea67fc32ab3cf6705daaa13187653284a94e7fe1a6c39eddb9156d72b7df178201d8af2b402beb4d65e61f99c78f607a7eb253116e3e3ceb2d218c
- SSDEEP
  
  98304:56CtcFgp7IEk1Zp13yDZOEJCSpi8jpPIX1RrRRV0gMqL4BfHkcE69o:55SFgp1M1C6SpiQPIFcqL4BE/F
Score

1^/10
behavioral4
- Target
  
  Riot Vanguard/vgrl.dll
- Size
  
  3.1MB
- MD5
  
  724adc32515b50907469c0a40b42f655
- SHA1
  
  09b876c483216aa1abb280fbbb232598c66ba21c
- SHA256
  
  51cad0ece67bc5255eee5dcc2d8f0a62a4bc279eeecb9beec28f031876fb8d3a
- SHA512
  
  13ae37b4449e9cb4ed2186cdcd0cc0562ec4abce43e4af8e378381b3a2850b25c2c977a5643282ab4c37eed6768a5cbbd5509a6950580a1a6da504649a676c5b
- SSDEEP
  
  98304:71y2pfooRKG5cVYuPRUF8JvtkWKqmscsUO:5JsG5cXRUOj8Pi
Score

1^/10
behavioral5
- Target
  
  Riot Vanguard/vgtray.exe
- Size
  
  2.9MB
- MD5
  
  5e5d365cab9cb660809402a79bfa1bb9
- SHA1
  
  b80d9ba048683650a77c7145f103478135ec28f5
- SHA256
  
  6cc42a855e7dd89462f70ba9c4c4c3e1b3d1f865f143d7237c17aa2a41188ed6
- SHA512
  
  7e5a5ff0c7913221e8f2149a351cbf52e772507d6ecb9e3ea05b0c1efe69678068306e141af21cbcd77f04f5ffa55aa24dae0b3d9372e10ca023b07c3b9dc207
- SSDEEP
  
  49152:DGtlqyNIU6iNKtsCdJerb2WkqKp1RqaznksD2iUGT+3K6aXsPy5dHoVCOh5PXK3g:N+Nme32DL5n3GyAYlRXBE2qgXI
Score

1^/10
behavioral6