ab7e4085828b98e52db4a171a5c3b01f7e6a3c1ab97885466a5f97e35e6a10a1

Sharing

Copy URL

Twitter E-mail

General

Target

Cisco's Fantasy Medieval RPG [Ultimate]-V4b.zip
Size

22.6MB
Sample

240520-fnae4add7z
MD5

ad9989a186a8413e9ae02a04f84a256c
SHA1

cca0935b73187667a5b285d4776fd4dd5544938e
SHA256

ab7e4085828b98e52db4a171a5c3b01f7e6a3c1ab97885466a5f97e35e6a10a1
SHA512

234da10922701ddb9104aada1460fb5fc76cdd34103fef67ff07b30977a79ac372dc75d91f7b739c33d4cf289729cff1cbe4aa3a516e55aa9f4e8aaf2b4db5af
SSDEEP

393216:erNgFyOgiLO+yU2PP4NunamVcf063tcTUA5WIK4FHLgqsCEOMk3xwdfbBr7l0F:erNg0Og1HzUunv+ZOTUzp2EOMk3xEbBg

Score

4^/10

execution

Malware Config

Targets

- Target
  
  Cisco's Fantasy Medieval RPG [Ultimate]-V4b.zip
- Size
  
  22.6MB
- MD5
  
  ad9989a186a8413e9ae02a04f84a256c
- SHA1
  
  cca0935b73187667a5b285d4776fd4dd5544938e
- SHA256
  
  ab7e4085828b98e52db4a171a5c3b01f7e6a3c1ab97885466a5f97e35e6a10a1
- SHA512
  
  234da10922701ddb9104aada1460fb5fc76cdd34103fef67ff07b30977a79ac372dc75d91f7b739c33d4cf289729cff1cbe4aa3a516e55aa9f4e8aaf2b4db5af
- SSDEEP
  
  393216:erNgFyOgiLO+yU2PP4NunamVcf063tcTUA5WIK4FHLgqsCEOMk3xwdfbBr7l0F:erNg0Og1HzUunv+ZOTUzp2EOMk3xEbBg
Score

1^/10
behavioral1
- Target
  
  manifest.json
- Size
  
  24KB
- MD5
  
  969ee9987cc0b322ce2db252c198997c
- SHA1
  
  f1a48b60805da232cf16f8659bcf86993864f757
- SHA256
  
  94b7aefab3ce7a211ba00192d2df04530fe11634a2ecf65d861eb6be354b68cf
- SHA512
  
  a7fa9ae1f347d5e12cfb8d5e790de75b4610919da2f2825a674229b4bfbbd5f7527493f9c145ae746ac58fea80455330c09e80972b380aedf984f07d92eb3283
- SSDEEP
  
  192:wZwIY3tXSGf1JVYI9Y8x2Fde6OlJplBCfcWflrOhRderpoXSpPCvCu4DzuJyQVL/:XFYwQRG
Score

3^/10
behavioral2
- Target
  
  modlist.html
- Size
  
  32KB
- MD5
  
  876530a6972ef802325a1ff8ba588c4d
- SHA1
  
  95e5a28c36af8828f7f7261bbb0308f5b2430f0c
- SHA256
  
  7af035eb2537f72b9c9bc14de42d9d85aab8b472f1499dbac5a5524414dca2df
- SHA512
  
  4d1db3bbb61ea8d6479394829d607d1e0b29044ca3ae7e5556078e89d13f297a6a66ee7b6950820e65348e486eb212a722deb5c0bc956882006bbd43ca082ebf
- SSDEEP
  
  384:EkvW/adOAbpZzJ1CKj/oaNOPxzWa1sobDACuTeZ:xO/adOAbpZzOKVwx9sobDADeZ
Score

4^/10
behavioral3
- Target
  
  overrides/config/Elenai-Dodge-2-Client.toml
- Size
  
  295B
- MD5
  
  c1129b8afeb11652edd14cd4f35b8171
- SHA1
  
  9783af6f87860ce5b2162c0f73b005e3b08924cf
- SHA256
  
  abf50b930b8c57818703ce88f6d139abf2455877efedc8f4d1186d6d5932ded0
- SHA512
  
  3d6aa91fd4361b57fa4fd54655f1a1aded52971a450e70d1b09a82954d162e6af2692425256aa56076c0d5c3454d7822a9c2310d918ad1359c754ba887c88799
Score

3^/10
behavioral4
- Target
  
  overrides/config/Elenai-Dodge-2-Common.toml
- Size
  
  486B
- MD5
  
  087412daf4392479550e73ed5d5082b5
- SHA1
  
  4732dafb419dc38b48fad9f17d87879fb346027f
- SHA256
  
  55f9799748df76c6e44836bd4c7c5915feab4247a03545eba1d06051e0365874
- SHA512
  
  8cedd2efc5442873b2db0e878af1d48b1469c2811830e67245491427b18285cca2b691fd61dd2bf03a424a499d6cfccc74cc5c9ef7236077dadb82016cf6c45d
Score

3^/10
behavioral5
- Target
  
  overrides/config/MouseTweaks.cfg
- Size
  
  135B
- MD5
  
  ff577ca09e989c07c056c7cdff465be3
- SHA1
  
  651b3e4db2d430dc1da3566b2984b264061a6794
- SHA256
  
  4069ce1a439d8c37453c1b1e9f2037e0942674c7e48723a39b37eab245792ad4
- SHA512
  
  5a86dc45e2999e337cb36f69ca9d388495ea496058b7346d24369c272bec91af055d3fbc37a26a86d0af03a1a29605c4c846612eb58280bafdb648716220927c
Score

3^/10
behavioral6
- Target
  
  overrides/config/MythicMountsConfig.json
- Size
  
  15KB
- MD5
  
  9e4d20ec03373cee24764906a2e4821e
- SHA1
  
  764ce2238b91a5e0995230bbbcd9891a70a7ebab
- SHA256
  
  ac7d032d98f095edfe891b0c6bd1c837b61a4ecf41a73df71563a105c52a20ea
- SHA512
  
  01a6c2277f52019e4f52842eb4ed9a162caa14c5e84646b5f1510043f88f818a3790125217c6b9ed7ba136d25f1f9355a4984062a1b8a0ce4e4d0ae8292dc7df
- SSDEEP
  
  192:ZvlWBDaffep535I5SAWkJ9dns5iwCB5N/Gww5x5n0SOGGfDe7OdrMDD/Svw8jtSc:h8IXegB4duQOK3KNwJ2RzGCoK
Score

3^/10
behavioral7
- Target
  
  overrides/config/Obscuria/Data/aquamirae_cover.png
- Size
  
  133KB
- MD5
  
  be6ca08f218140665fc8fe155015082b
- SHA1
  
  9ec9399e522e52f9cf6edc23f88ce858746c5c4c
- SHA256
  
  86bec2df159c61ba721a71c7c951450332e3581ce3c8268611c140558989d5b9
- SHA512
  
  62b5c4240742c227b71dc7862a16eaea2d582a48091d66663230e177a214fd97867d2a000633acb433492f2759cc6943af86b1868918e312015afec09846a666
- SSDEEP
  
  3072:Ql+Om7UXDgmLXQUzy5+5/KGTBBo5hRnQXz/UN1jwJ1uXxAKM:oMUT37zy5+Rrde5h9QjMNdwJ1uXGKM
Score

3^/10
behavioral8
- Target
  
  overrides/config/Obscuria/Data/loot_journal_cover.png
- Size
  
  31KB
- MD5
  
  d211874e8493efff00faf9f05033f620
- SHA1
  
  55fc3c5bd0e2ed81740f570d2f6de1a3a5131cab
- SHA256
  
  c516870f7eabb04f762e581df53a7c7330ec28c68f2245fb07885af71bd37830
- SHA512
  
  83e6e97d54e1d3bf4badc9bc15d1e8d1caf2fa388c8be6b03b21edfd0e62d2a3d4f124d4824182e02b241d78b778e19dfdc9aeee7eacf76f82649e1b73b3e21b
- SSDEEP
  
  768:pJwwPurDNs92mgCGBFpXqAEjWHK2knOdw9:EwPurXmVojyWq2kwm
Score

3^/10
behavioral9
- Target
  
  overrides/config/Obscuria/Data/obscure_api_cover.png
- Size
  
  62KB
- MD5
  
  8b355bf8844ae3d3ba4418e1914f8d80
- SHA1
  
  d99ae3c1ba459750a69361d57be4654edeb65566
- SHA256
  
  ecd943698913173d1513b8a300072557304e9c262eb8eaa012ba0a357a6a5ad1
- SHA512
  
  5b2ea931fa9e5843550ddeade11ed7b19980e43386846af0e2776e3112c171309f11bfe69989821814f9238bb2f5a3f1468aac8d456545af6ecf982a241aacb9
- SSDEEP
  
  768:QA2lf4r12CrMQtiH8v3U0edJIWhGcB4hvuwFaugbmhVmJhFSIkibwPvP1P7vw+PM:Qlg8QHv7GJnovuy9gbmWZfk9YzCkuLK7
Score

3^/10
behavioral10
- Target
  
  overrides/config/Obscuria/aquamirae-client.toml
- Size
  
  200B
- MD5
  
  83f295888292d5287a9c92a8840fedb0
- SHA1
  
  c4530e5008169ef0d4d7680bf655e617b14e1f28
- SHA256
  
  c5913558bc43a17ff28e21853f6be9713f3d0a6416235e11aaedb8a3998bcb4d
- SHA512
  
  18685d2e0cfb88ff5e9dbe32d7b8a8d4e3da7a3489209a4dff393947250627538082b8e8d5ac672494818ac0e7f9e205e3df0359d07ef7417908bc14b5c2cda9
Score

3^/10
behavioral11
- Target
  
  overrides/config/Obscuria/aquamirae-common.toml
- Size
  
  2KB
- MD5
  
  6310c1e6526e990ce83b89a76045e121
- SHA1
  
  508c59bd5b8f012c01be2e258bc498721151143c
- SHA256
  
  fe135b7cc515c930335ff2e2a279f2f5b50851746e13bc2aded629abc38e04d0
- SHA512
  
  1e0b3893c582cec706975a7ecbcbc196223f56eb286b020e425eb0d0c826dce9b5bf3bfc0c97a4b9a2fee053f539b419135427d2fbd3a4c8f6246a32bd1af057
Score

3^/10
behavioral12
- Target
  
  overrides/config/Obscuria/obscure-api-client.toml
- Size
  
  255B
- MD5
  
  d91f42785da1c005bccc9e27addf6c55
- SHA1
  
  3d85a3b734a44bba32504fe0244e4ad6ce1c36c3
- SHA256
  
  4889020fee1b9755dacb4ec9f058dfdbbeaaf33401cf63287293046c836f6647
- SHA512
  
  daac8df68a75d5c3d7c4a6bc168aab1225196c5734e0b338bda4a74bd99ce008cc9f93044608edf41751ffcf8770c9907be4f0099d8b72cc21a09738a6573140
Score

3^/10
behavioral13
- Target
  
  overrides/config/abnormals_delight-common.toml
- Size
  
  137B
- MD5
  
  aeda1340f06341acd26708218a89b960
- SHA1
  
  b46155451616f4a2311ae31d992453253e143537
- SHA256
  
  135425bd7d8259fe1a42a2fce422b0ad25946ca8ba8bb399dd03527b76ea484f
- SHA512
  
  e6045a81647300264f5c296dc1a6ccced7630575b586ef605d5d9d63c79dad92af4365b8622be5a956087fd4178af87beb5dc9c3dc8328c5c5c8af4a9fb2f4de
Score

3^/10
behavioral14
- Target
  
  overrides/config/advancementplaques-common.toml
- Size
  
  2KB
- MD5
  
  1ac6b869b0d1d34ac5657492704da54a
- SHA1
  
  aefa81fbaff88d0408f77346bc1444931ed2aaa7
- SHA256
  
  328e19012802308709191b9bdca49d48eecf5da2a1c9cab03fe0ea6768c74c82
- SHA512
  
  7fb908a5ce83dbaf0b8bc345a1d63a0b09f447f6cd8402e4c8c68c22319145c0bd1920735285c4738940146ce3769749214badcc46e196e5e2b04c4bf691090c
Score

3^/10
behavioral15
- Target
  
  overrides/config/aeroblender-common.toml
- Size
  
  202B
- MD5
  
  c90f9da801a422f8782bc5fb104688f7
- SHA1
  
  dea272044c99fe5942acde0f7fee24551adc7c49
- SHA256
  
  d86567afebdb86f4e36e4386fe01238d6a67c7ed060d2618ca713246e1f867d6
- SHA512
  
  66dc65ca9f645afe308ff49bbc2a3b2caab439042020d2b62495807a18b577a2fd108f1a8628900134420e1342250a64f0b100f95b0a7b2807793bfed0bfb62c
Score

3^/10
behavioral16
- Target
  
  overrides/config/aeroblender.toml
- Size
  
  310B
- MD5
  
  64ce09ad691720b7f1a012ccc003d2f6
- SHA1
  
  a41fa99161e4666550943d881c7f938636f22e2a
- SHA256
  
  e7e44b6ac6226d2d322ad81249a0e839baaaecca041dd75ed1eb4347a4c5066d
- SHA512
  
  e16a15d04f8a146df797af697ebfdeacf994b530452b61cd826d6332efc45b463a6366b95dae7689d547380aa6b98867612b7934c53cd15f8c65a9287f8ebe9c
Score

3^/10
behavioral17
- Target
  
  overrides/config/aether-client.toml
- Size
  
  4KB
- MD5
  
  9f62d9109b17a6c346946de2ecc08140
- SHA1
  
  4c082118727e772eb3eb37983aa3c414ac795eac
- SHA256
  
  39193dd9972ffbc139293a190935ade10894f795fdc2c2c1aac041dc5e3fb17c
- SHA512
  
  a5d721901a6d8a25ebedb544d7694d91194930b65f91acf44c3becf84b0017c972bfc781c6c04eae32b6ac3405d9f5584ab196d649a3fcd800a83d0822a9372e
- SSDEEP
  
  96:NsNvSvGSV6/Sb8GKUTiAQz0BswIuzfed61Z65V6k:+N6DZfKUW7vn
Score

3^/10
behavioral18
- Target
  
  overrides/config/aether-common.toml
- Size
  
  1KB
- MD5
  
  a71d711cbbe0b2e7309b703796dc6c0b
- SHA1
  
  22c62d27230f4d067c7ad329207e3b04bc289e98
- SHA256
  
  3911dd941c94b72fb0cc8131a823d593871c016d206f0a82ee513c659e142e29
- SHA512
  
  a4969ef45e462911864e9f0711c0cf56067dd3bd07c81972d1f3c95de488be8b70f5790df2e799dc886cf4e47312352fa017ac66a35dd78e22928cee7e27cdf5
Score

3^/10
behavioral19
- Target
  
  overrides/config/aether-server.toml
- Size
  
  3KB
- MD5
  
  789bc0ca2c0d942913a1667be97568ea
- SHA1
  
  c5a386b1acff3e48f04febfb0b87d03e119cbf81
- SHA256
  
  057b8eb8eadde7313f7164af8a3bfe525052b2e181d20896c9b11af267d74f0f
- SHA512
  
  4d67a3002a0e4e9c0cd162e0d45154b5215399cc0250efe9d2f472f307ac92730eda25299c0790309a0fb3fba338d5fbc4b710bb359265c1c219353e99f67bc9
Score

3^/10
behavioral20
- Target
  
  overrides/config/aether/aether_customizations.txt
- Size
  
  84B
- MD5
  
  cbb7dadd96742517600bf029d14ce08f
- SHA1
  
  b9f71c03578eef752fe3c401112845574529aef1
- SHA256
  
  113f7dfc56b7b2efdc782e45356c87c47174bb76dc34dcef24ca2ec32c7908e1
- SHA512
  
  baa71c60b5428daaadbc3a3e71853d981ac6db397a4c5e3cb16f8c9bfbea36c0a20bcf126887fe633ad74b28b540fa81deeeaddafd56adae624354d3771f24a8
Score

1^/10
behavioral21
- Target
  
  overrides/config/aether/sun_altar_whitelist.json
- Size
  
  2B
- MD5
  
  d751713988987e9331980363e24189ce
- SHA1
  
  97d170e1550eee4afc0af065b78cda302a97674c
- SHA256
  
  4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
- SHA512
  
  b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af
Score

3^/10
behavioral22
- Target
  
  overrides/config/aiimprovements-common.toml
- Size
  
  6KB
- MD5
  
  71450aa2f5b19702f457be0d519bf725
- SHA1
  
  38938944d157102e1651cf7bd07c11b9b022ee28
- SHA256
  
  08a9f7c6f63bd35d49b15fa5bccd8cdf667f21af0c9a8cb2ab5998eb598ee7c3
- SHA512
  
  43a90c3163558e3ac1876d58d333f70db18c220d3436e342400e297dbe9885f8c62543d5ccbf3791e25ed129fa4fcdc84112da7809ae48945c748ca75b493872
- SSDEEP
  
  192:tJ1nObn1ncPv128TKvxik69uhemzJdel6VWEcPPc817O4EVj0PP0cC6mYpUB:tJ1A1cX+IbmxeUezKhVg30fJT
Score

3^/10
behavioral23
- Target
  
  overrides/config/alexsmobs.toml
- Size
  
  35KB
- MD5
  
  eea190ed2810c929da4e0afb468aaf9d
- SHA1
  
  3145a77a0a24cb6244656dde26d519a8a49afe59
- SHA256
  
  9644fadfad5250efc28139e2fc933819d0149c3dc08d8f903f98e91fc9de9a76
- SHA512
  
  00c7e1a6ce20479b2e71b636cfc6a16fe5fd70008ba75671f12d304b13620d6e0f918ab1321e72310d7c157f0b8f8fc61d348655aebb907af76b2965ed3c86d6
- SSDEEP
  
  384:lThzYZBTVX881US7rpt+vyDKEaCtnu2Hul9jkl:l9UZBp71jrrDKEaCtnu2Y9wl
Score

3^/10
behavioral24
- Target
  
  overrides/kubejs/client_scripts/example.js
- Size
  
  126B
- MD5
  
  979c62225b318d6d57499921bc47b62d
- SHA1
  
  dfe0a9197b4b80a3f1235afa6f825857d9ead98a
- SHA256
  
  152019ed6e0410a82805a95ea10f1ad1a17beaf2b50864d89b8fa9d172129ac7
- SHA512
  
  024af5d13ee82fd5dc64084b148b5335b5a38e42a7242aaa26bcf76405cfa1bef1dba7166809abf5f7a8b039bc9657df4cb3fdf88d035fb42f8a62c49139e547
Score

3^/10

execution
behavioral25
- Target
  
  overrides/kubejs/config/client.properties
- Size
  
  350B
- MD5
  
  90702c432eafc8d184825869414a634a
- SHA1
  
  4971fdb54b525a3144cb878f56e9fae3d5b10716
- SHA256
  
  add0790e071ac6cca09235e2f41c0867cee876e70376962ef885c2c0fad4eda1
- SHA512
  
  a69e48ae62fee818c11a8e9a193e0040bfb3f81d9cf4ad4dce5c1b41b5ba7601be868b133e51f451dea50b3f7a5a77babd9ff106d49a98647b88f102263b1d4a
Score

3^/10
behavioral26
- Target
  
  overrides/kubejs/config/common.properties
- Size
  
  299B
- MD5
  
  ace24cb732ef78f280e8cf8ce01fb90b
- SHA1
  
  30bbb33835106f9a82247b0a95ae6b4aa6c30c0b
- SHA256
  
  072d44cd4288ea850ea42c00e440765c87a112e9cadbea0f31a41f3592bdbe10
- SHA512
  
  e957a20576d6ec66cf99ae7e50ae7bd1c86a905ead72724bc69b9b1b6677029d9416ee249f5de8dc44ac42d977526234c5d5ad1aaca912888cf99766c5198584
Score

3^/10
behavioral27
- Target
  
  overrides/kubejs/server_scripts/example.js
- Size
  
  126B
- MD5
  
  96f1e20e0fe5dc7f2aed643bfa3f9a3f
- SHA1
  
  9530c6a8d3608ca41418ccb29a01d179d5c06bab
- SHA256
  
  a19b7c81a150bd965b153ded9c45ee7649eaad9e10d0a5ec1d662e7b15ceadb2
- SHA512
  
  27ac7416a791a66e905f79d8e4ef80319e434d05dd32b5f59be73709d9e05f30632e9e6133b4d1703fe22645a0c15b87c552cfdb4efcb9005b67d95cabee4a1f
Score

3^/10

execution
behavioral28
- Target
  
  overrides/kubejs/startup_scripts/carpgitemmod.js
- Size
  
  4KB
- MD5
  
  cd47de69a47206037cdf21c77c00bce1
- SHA1
  
  02a75537aca37ba3260f519cbe42915c0404dbb6
- SHA256
  
  b7bf519f149bb05ff080862d0c706f9fdaf60ef7697c3c0c69867a6b668fb6d0
- SHA512
  
  1cc0a735050af4a90af93547c23627a182f96ea046556b3dfee7063a3ddc7a93c9c7a22f8abbe45fe994f26e54aed159f0f9d8bb97f55928605cb0f32fcffd06
- SSDEEP
  
  48:1/ZVItITed3deWgTZs6/COwyYlTW5z/kT+YI:JZ2uTed3dNgTZs6KOwyYlCt/kT+L
Score

3^/10

execution
behavioral29
- Target
  
  overrides/kubejs/startup_scripts/example.js
- Size
  
  127B
- MD5
  
  ac40b56827e466149303bb91778b90e4
- SHA1
  
  bbeca4224e5e4dd007400d47b0f1e6618e8c68ec
- SHA256
  
  395c96d3ddd178821db851f387e91560e606ea752177f66d2016f12bd0542b8f
- SHA512
  
  7071a9f524d657683ab965d194b49641d36ed891ebb30797407ffe41323b24aefb7dc0f2edb8e81d35567dba9c06d2c430baa3e28defb134de87740d5410b2c7
Score

3^/10

execution
behavioral30
- Target
  
  overrides/resourcepacks/Quark Programmer Art.zip
- Size
  
  260KB
- MD5
  
  372d5ab8040ea8fbf0265bf9163ff206
- SHA1
  
  2f4cadbbaeffec5f2811b34e053450a930626c15
- SHA256
  
  41cb720cf256a12ea247b2f38068b363aa5b1675470c4b5aa66850701a78bc4d
- SHA512
  
  6fa71e1ca0b2efa27d63d2f57c44957f585e36fab43dc5caa66dbc19656a7bf7ece3fcd217dd3bf2acf5e2b0326bb03149f8f6ae19cb5340391c668f955fe0ea
- SSDEEP
  
  6144:yF9TlQOfxXjG5ki/TCUSM3wE5/yLwoZCIu:KDQOfg5ki/TCPM3w06LbCIu
Score

1^/10
behavioral31
- Target
  
  overrides/scripts/Cisco.zs
- Size
  
  2KB
- MD5
  
  42af4d478162ff6b35b9cf529b8b6556
- SHA1
  
  b25c323d17b964b118d2cc345de0c09ca9319442
- SHA256
  
  e5694c170c461091121a9d4090b56a0f21434f41986f23bf062e22b356d8b918
- SHA512
  
  01aa529b098c8b25a359912806886b8a7b42fcb69d951f0d9fa982816068f281051bcef33815c15d4327aa3e796e0317e123b6c7ab3eaa7db862eea901a03717
Score

3^/10
behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

T1059

JavaScript

T1059.007

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32