340a15626e1213bc5c5c13e75aed689323909f4b34bfb24aec1255982e10c4d1 | Triage

Sharing

General

Target

FS22_Fix_Repair_Steam_V2_Generic.rar
Size

10.2MB
Sample

240521-tz7rmabh3w
MD5

b73af2e662712ecc410fee3e672c4222
SHA1

fbcead64f67f23580fabe8ca3067439e1dae2ecf
SHA256

340a15626e1213bc5c5c13e75aed689323909f4b34bfb24aec1255982e10c4d1
SHA512

eab78917b7d4177f73c64dfc69672b896cc24beca93a007dd6ebe7e5f122f39c6738b89dbe471c05959ef48cc2d2f92dd80aaa43c22e67b0d1cc0365e003e19f
SSDEEP

196608:+dY+s4Y1teB/MRFtH2iEp3m1XrjlddW7xSe5ElWemVflo9RINjXfg:+mCMxHLMYRH2KwBfloDIhPg

Score

6^/10

evasion trojan

Malware Config

Targets

- Target
  
  x64/OnlineFix.url
- Size
  
  46B
- MD5
  
  59bf167dc52a52f6e45f418f8c73ffa1
- SHA1
  
  fa006950a6a971e89d4a1c23070d458a30463999
- SHA256
  
  3cb526cccccc54af4c006fff00d1f48f830d08cdd4a2f21213856065666ef38e
- SHA512
  
  00005820f0418d4a3b802de4a7055475c88d79c2ee3ebfa580b7ae66a12c6966e5b092a02dc0f40db0fd3b821ea28d4aec14d7d404ead4ea88dc54a1815ffe26
Score

6^/10

evasion trojan
- Checks whether UAC is enabled
  evasion trojan
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2
- Target
  
  x64/OnlineFix64.dll
- Size
  
  11.4MB
- MD5
  
  47405758b967aa564aeb20fddf06ed77
- SHA1
  
  1d9f52eedbc5f5d7df844baa0b9a9094a4c1a278
- SHA256
  
  14232bd5332d950291bc419d3dba5d8794079adfe108a3fd0688af8a01ca5e6b
- SHA512
  
  77a5b85093d797aff5a02fee74fede49dd24f736c10660167ecc49a10fca7715e5bf107e9318143858a24c8bdb93c4c8442388154ddb4290a7f7ace07df1e3ab
- SSDEEP
  
  196608:L15lPjdkENulnJCLYG+ag8WraGyI0s111IwR+QfgpjHh93OoE9KmG67os:55LkyYP8WrLyIn1uw/IzOYZ
Score

1^/10
behavioral3 behavioral4
- Target
  
  x64/StubDRM64.dll
- Size
  
  99KB
- MD5
  
  ea4f734941abc5c64633e83b2eaa6db1
- SHA1
  
  c89bb08fd717c846f0c6d44d38f647d68cd7c30c
- SHA256
  
  c44ce43eafddf6981ddfb7060eb01d70b0a0b7498a5a114e9fd0a240e6a97e9e
- SHA512
  
  3cd14d3c170521eeaf81cc8f82d7e2202d2ab74d17b98de930de3961444c9f3ed3595b57c01f09b62a056b76657217c7179c3165a8006c1c6d5d8bf0ed3148a0
- SSDEEP
  
  1536:8renqwn4nLCWS9pqSoLDuODBEaiclO0J9dsWaRd09dlAH1tq:Qenqwn4nLhqqhLtDBEaicDj6LMWH1t
Score

1^/10
behavioral5 behavioral6
- Target
  
  x64/steam_api64.dll
- Size
  
  283KB
- MD5
  
  b6cd19b7a73152e24b5ed22da8112c63
- SHA1
  
  dc629a81dc917838f39e44373bc0a82799c351c6
- SHA256
  
  0f16cef53bba8ce21056ecb49aa254eb407759a7ab1095452730695d7d8199a4
- SHA512
  
  46dfa9626c9a045c377ecb4ed82c2c41db29919459fe57cd5641908119ced30b6d41938f96c0c8b498618bac1696ca54be68b8c8e27d2017dda3fe1045b5de4e
- SSDEEP
  
  3072:GJDzqkwR7MTlF5Kg7VAd2itKM462Qe5g8qhKwpqzJAJ65lhTbCYCRvp5ShpRyN+z:1KTvEFd9tJ7QO3cnJQ8ym52CPTyS
Score

1^/10
behavioral7 behavioral8
- Target
  
  x64/winmm.dll
- Size
  
  512KB
- MD5
  
  e59aac558d9f9c5d1312ac24d09c51d5
- SHA1
  
  2f11c4b00f5f92d4466348f9501aa657c9bf6fa7
- SHA256
  
  ba37009eef6c041bc6d0a271c13679fb9e14a005bd7e038cee596cd4064cf8b3
- SHA512
  
  1c3b357074d62d5ca11c92d71ffdacb4a7e3d6fb17cbd4b489e5bea0032cea43650a6809388e98e4b98256b477c6b5dbd8fd2c7f4e3e08af00ef68e0ed4406d0
- SSDEEP
  
  12288:XQxOD9ZC0WKOy8zMtJKpBmpMgBNwQuQmMzWq0hNwnoAZwl:XQxOD9ZFKpB+N7JmMzWq0hNwnBZ
Score

1^/10
behavioral10 behavioral9

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10