4d4d53b1838441f48f171c68ff21096c582492866a8fd2fa7f8e91e24cf8a0d7

Sharing

Copy URL

Twitter E-mail

General

Target

Tobey's BepInEx Pack for Subnautica-1108-5-4-22-payload-2-2-0-1710807089.zip
Size

4.0MB
Sample

240522-dwbl1sae59
MD5

8133f64795f26ffd667b3b9987401490
SHA1

94ff73fb4a50a917f8a4125d6e70c36d0a95cd9f
SHA256

4d4d53b1838441f48f171c68ff21096c582492866a8fd2fa7f8e91e24cf8a0d7
SHA512

835ce58a20c321001bd4cd2792172276f302ed84a73d3fc69c4d1dadbd0f553ab12f48f39a1dc5620227bd71dbf1d445a56d4248fea0e66132f5f544bb29eef8
SSDEEP

49152:KZphdsCwZyrw0qWTE1yfe16Q46GeMYWlrfuzQSu/KrfuzQSu/jYzJjL+UU+d2rIx:wsCwZyrw0DcDUDvL4+dZx

Score

4^/10

evasion macos

Malware Config

Targets

- Target
  
  BepInEx/core/0Harmony.dll
- Size
  
  200KB
- MD5
  
  4705aa1c7a9795d2787722bc8c419ae8
- SHA1
  
  aa1552cf0311f27ca02d34df0558a718d16fb660
- SHA256
  
  1a21cc03424fc82c3dd1346905d16494536b9595ae4162228d99fb7c285c1031
- SHA512
  
  2f2bb761d21d7288c2b373958a5eab228797d1a348147f8ff0ea603611c6d79e938a4ccf45f23ffc82500731a68bce8feafcd26a5264d79fd5d7435e6ba69b93
- SSDEEP
  
  3072:VQsxAaNWfZKtIZWTr7MDiIVXQ9PsMIuvq14e3Lvvv9L2yZKDVkNCuwMTfyQV:GBa+UWi2XCH7s3RqyZ5NCuTeQ
Score

4^/10

evasion
behavioral1
- Target
  
  BepInEx/core/0Harmony20.dll
- Size
  
  109KB
- MD5
  
  5f5de3df6984a806bf0175c96027ae4d
- SHA1
  
  1acbbb103c522d039c987bea852473bb1187676a
- SHA256
  
  f1f69690ccc7aae9156238c4115c09e9c9c7bd646d4524ff9091ae3e04667e23
- SHA512
  
  a8870bd53fa4f5c2399d3a01d909ba06c37e82fc3a4d4e7ed115478e21a690ce39df59291fb30785aca14eabc2655062e13d8c6368b5d505516aa15b17b52327
- SSDEEP
  
  3072:Nm7Ygs3s0FIIashShCJJwW1dEknAh1StSE3zZ7:T5s0UsAQJzLEknAhE
Score

1^/10
behavioral2
- Target
  
  BepInEx/core/BepInEx.Harmony.dll
- Size
  
  5KB
- MD5
  
  dbda2a5dce19f10b1d28e4c9f6132f33
- SHA1
  
  28cdb90e0ff909e125c97a1a16ab567387548395
- SHA256
  
  d0739c4a13f369094cb164c205ee4cca5392bdd7241b9f242ee13f0d4c0b1856
- SHA512
  
  515b30fa0479c8fdd9d5dfdbe7e4fd407ecf31d8885caf2a5d76ed02beafe2c4090aba94533cc844e7a04c552a642cd8e38623fdf91a8f7d3a0e06544ce10aa1
- SSDEEP
  
  48:6Pw5Kgf/sY1jYyx1mG9dt7kjYgKYbLkark/G/wKCogkglufVkd6u9FFUpE6lPkgg:gQT1tx1mG9dt7kc/YbLkmA3okYKdWx
Score

1^/10
behavioral3
- Target
  
  BepInEx/core/BepInEx.Preloader.dll
- Size
  
  41KB
- MD5
  
  f2f4c346de1c195fe04e5ae70d2e4e2b
- SHA1
  
  21d69b3f01e0f15b7657177afcb142b797cb3c3e
- SHA256
  
  d247b6a3b9a04f0d96105cda2961864a404aedb9193c59663aac5fa153d6ffbd
- SHA512
  
  636bcca9acd86788b74ed1cd34882cfd63765610a8d10bba087f7e0d09f94063445261d36368b34c48a3119aa6a9a4fd57037a4f773afbbb8741e958cc5545ff
- SSDEEP
  
  768:L7p/5FwgFSj36au2hvZvbh58LCWMMGjobOogub86cNQG0Ep:h/5FvFjau2hxTtWMoSTjQG0M
Score

1^/10
behavioral4
- Target
  
  BepInEx/core/BepInEx.dll
- Size
  
  124KB
- MD5
  
  1a5e430022ec26485dee232e9ad3780f
- SHA1
  
  bcd8cee94d81e185aea3d7fcbbaf9a9bd61f04f0
- SHA256
  
  2674d3aecf3097bee817abe7e8bbcc42bf583df51402069d5fcd4fbed55017ce
- SHA512
  
  10af71ef9a75f3756793cb4a1d3ae2465b05ac9f8c87b82ceb694e51edbec4956d9582150bdfbf97273ef294288170230f8f49685eebd4cf621f41341e864129
- SSDEEP
  
  3072:wQfEslO3FJ1TR2N0gvQvoc//8mfFIs29zXKBQeG9VROkmw1I:ks81D9QD5Bmw1
Score

4^/10

evasion
behavioral5
- Target
  
  BepInEx/core/HarmonyXInterop.dll
- Size
  
  23KB
- MD5
  
  e4e97d7d922e53f023a8741a35e2dfa0
- SHA1
  
  3abe7645b27c3d6f92876491a1ded7ee68cb247a
- SHA256
  
  8c26c96003c32742b8fa3d134f56782530be3a8ee8b8c662bde210190d1aac64
- SHA512
  
  635219aeea14939cefc1cb50613bad9e5ab75cf9d7b47eec0755138b84a255350fd31e77de8b0678e5114e70b3f66817da2e7f65e8e1bfcd06c40734499310ae
- SSDEEP
  
  384:mnZ+u8rdpVwx6ycbCvVOnjhTyO5P2F2KqY3DB/ZU2CamZM2/DVejhUF8fC/bUAGp:mnfqVBlC8VyePqrU2nSWC/oAG2xj6
Score

4^/10

evasion
behavioral6
- Target
  
  BepInEx/core/Mono.Cecil.Mdb.dll
- Size
  
  42KB
- MD5
  
  5a8b48fcf5e445095799e2c9149ff932
- SHA1
  
  d4c514fbac7a30ddee7d0f597c3eae23a32ccedc
- SHA256
  
  5896d1898f616701fff18f3b2c71e6b844d2390ef9f41e1c5fccce8cb27c698e
- SHA512
  
  b99b02f296e5c817b8f984317e67c885099a3cc1198ee1808a0033b48ef60d27866719f0986d7f9a1ad547939bf6dc1886e858b9db7ba4375013b96db31957b6
- SSDEEP
  
  768:XgjgMVEdS09ayuzjF/RwmanXdIiO1nqP+7y4CRIJZTMRTIzcRuYhpzt:XgUMn09ay6jF/WmcITIlITMRTtuYnt
Score

1^/10
behavioral7
- Target
  
  BepInEx/core/Mono.Cecil.Pdb.dll
- Size
  
  84KB
- MD5
  
  427e0464246b1e364c5a1a898db2ecf4
- SHA1
  
  dc968ab6e3f9202b5550efb04c0e17c1df04d7d7
- SHA256
  
  174db44a067f58561510af746f3caeb032037762c57a31c8d9ee32db25174984
- SHA512
  
  02ef1f9246e6117e6e958f019333720f07ff13feb5778b343e69d6e27e74e8ef1e6f122b486ce12b1e1eed546b17499ce906e8660babf281676bd8c6405f0dd6
- SSDEEP
  
  1536:qguHKU52yKfwZyrw03xFjeylsP+ndKFi94lNSex6SU:qguHKU52rwZyrw03uZ+Um4lZ0SU
Score

1^/10
behavioral8
- Target
  
  BepInEx/core/Mono.Cecil.Rocks.dll
- Size
  
  27KB
- MD5
  
  36a8284f264bdb2cb3420f5d2b8b10e0
- SHA1
  
  b842aa70ac6ff9cc3922189e971a62659299ef64
- SHA256
  
  54ac539fb5ddc8b44c0e9acd0fcb7324f89d1a072edf8ebc1b06dd691e3d3927
- SHA512
  
  3979601ce74b72e1519d020832e57e21b5269bda955878ad52e2d162d6de47fde4793fee9a163551f52081bc2dff90e197f030f8cb83128d07b8571073451e0d
- SSDEEP
  
  384:ZNXMT7GsmR2jm13u4NcU11qvJCyIXcMeDz8PmR1uhLoXeuLMBG9UphJAprjE+J1H:v0I2jo3uobeCyV8uRsdeeum1pg1w7H
Score

1^/10
behavioral9
- Target
  
  BepInEx/core/Mono.Cecil.dll
- Size
  
  331KB
- MD5
  
  50ae8a86b701c83fce3a814ae8d79321
- SHA1
  
  7c8b821367897baa1b78157d5cea0767f424bc40
- SHA256
  
  7ae470288fff4a402899c254d0a76cefef55877f5c54f96e83c797cc5bb6e2f6
- SHA512
  
  04b57207d4fd9fa9f1a71323ea803f023b4b0f2f7a7070bf431806c7a7f41277969c0f5979ecf134812001b47f5d36ec8e8541982473287323e783b3ffe93121
- SSDEEP
  
  6144:BTU5Xn0f1oUh8dK9S5K0UEece8plCTNgoF:9pJS5KEpWgo
Score

1^/10
behavioral10
- Target
  
  BepInEx/core/MonoMod.RuntimeDetour.dll
- Size
  
  103KB
- MD5
  
  04e1988b3ea65408d4c4c29e34bcdeb1
- SHA1
  
  9c599b3c60f92bd3663042dc0781be78e2ff0882
- SHA256
  
  40e49bb314391cd7bddc2644f8553eeba92c194b940836b103df16955c464e0c
- SHA512
  
  93fd6df274132691a47e00c84e69c84620de7967434c2164deeb7b605038233be7d29d0acb2dc6dce5bbb4b13225094a61f12458be094ac9b2ec27edc6a524a0
- SSDEEP
  
  1536:IFSuZYhhgotA6e4GDSGVjkodWWD7Fjsgql8R6AvdbiwbeMvdo:IUuOhhgsAPDlV5agql8cAvd5do
Score

4^/10

evasion
behavioral11
- Target
  
  BepInEx/core/MonoMod.Utils.dll
- Size
  
  183KB
- MD5
  
  96c7b1340105a3b86f3e8d19a844903a
- SHA1
  
  bc258633aab1a2a1839dcc44eed944d865fd6038
- SHA256
  
  9d1495f147ac93c4f81f84538c1a326e8f8a6aefc78d6289d798f3ce1162c5e9
- SHA512
  
  36706eb655c995d81aa731c067912452a566ef5b752effdf212603aa0099e28de56588191acced82fb97aeae33df06f229d8cbed969c92cf9b8d439d04c223de
- SSDEEP
  
  3072:ojh9XBmF8HjDrQlDSKNcTD3dAC49Uock8dey4DAYxRDA8:oXUF8HjDrohO3KCllAAYD
Score

4^/10

evasion
behavioral12
- Target
  
  BepInEx/patchers/Tobey/ConfigHandler/Tobey.Subnautica.ConfigHandler.Configuration.dll
- Size
  
  11KB
- MD5
  
  cda49a46194def053bff322b99a92bd3
- SHA1
  
  e69bb07371a8b1cb0915dafa89bb82b0ff51c74d
- SHA256
  
  58a38fa003eb74487a207bd917a6800ab981c800dd354fd8b4f8e0b61cec426b
- SHA512
  
  a7a067b5522d7ee25a92ffc916367dbd8dbbad6a5947a92c183f47b3e39e28ee9c73d8bf1786045c37e5e40ba7bd19bfed7854078c3feec4513b8464a223111b
- SSDEEP
  
  192:JurH5BYVQdLTAjTWSynX6jAkhBaE8rFbAVaU1:JuTgy90WSjUkhBaIVaU1
Score

1^/10
behavioral13
- Target
  
  BepInEx/patchers/Tobey/ConfigHandler/Tobey.Subnautica.ConfigHandler.Patcher.dll
- Size
  
  729KB
- MD5
  
  2256ad187e7d1190fcaa0743c9e14ad6
- SHA1
  
  71f08df8305161c943da1eee0de1028cb20596af
- SHA256
  
  2edbb52eccedc52c2b0732da42769ee79b678de60574a2ac016783c55b3bd67d
- SHA512
  
  2db5a0e4b01245a87954004311eccc515a3720512f2223cdf967def89712a4f96abd1ca90d0ccc4202fd65e4763bfea1ae4bed3e32dd8d10f5d91e03d377a296
- SSDEEP
  
  12288:o1yDvbKaKUEgPJtq17wB1sGviR4Q46GvIzm:o1ybbvPJA1cB46Q46Gem
Score

1^/10
behavioral14
- Target
  
  BepInEx/patchers/Tobey/UnityAudio/Tobey.UnityAudio.Patcher.dll
- Size
  
  731KB
- MD5
  
  cd91de7c06a09af71bd3f0bf388a7621
- SHA1
  
  78760407734f9cae9efca97ebcdc06aa69f55c4e
- SHA256
  
  340f671ab408d19a695de29ee928939ef126dddf7c555a344bc314550aed48b7
- SHA512
  
  bc0a45e4a8e178037dfc2da97bb9fc169af5f38dd351c528fcf4a1a7ae41bc5e4ae31f2bd4dfabeb489a76eb359569cc1fd778971d20e6237ad7b0d193df7375
- SSDEEP
  
  12288:SW6zW3PuJ4mgrgFpC0sDth+u+h/YAI+uV3Z7yupErgFpC0sDth+u+h/YAI+uV3Zt:NYW3Pu6BrcAtth+z/YSuL7KrcAtth+za
Score

1^/10
behavioral15
- Target
  
  BepInEx/patchers/Tobey/UnityAudio/Tobey.UnityAudio.Shared.dll
- Size
  
  9KB
- MD5
  
  b965408c1424e1c2aee954ffa1a01d8d
- SHA1
  
  8a34423014d18c6d4d6d4ecd29fb16246daa26fb
- SHA256
  
  37f1a842f3a6c4fab39ade5cba15d3ecade63974e8e6804117095836d0efd80c
- SHA512
  
  8ba506330fab4ed8939ccede2a90885dd1f94279297b9fc8611e80de81468b4ff21573dbaaa356f50c129e03127a61ae64a713726a3d5dc604784b62e6219b4f
- SSDEEP
  
  192:syJfVsRYU7Tnl6wKZk1NHR2GPCLgUstxvUyra:syNVsyUHKZ4HR7B9R
Score

4^/10

evasion
behavioral16
- Target
  
  BepInEx/plugins/Tobey/ConfigHandler/Tobey.Subnautica.ConfigHandler.Plugin.dll
- Size
  
  6KB
- MD5
  
  15abdd870d313fbb0934805396947859
- SHA1
  
  a951986337ce2664b0b1fc055821b1723c0ddc2f
- SHA256
  
  5cf622eb65d2cd368ec90887d2b4aaef556874dc3aa58d10d739fa4066f63172
- SHA512
  
  7061b3f63b16879b29a137e35c822db53e1d56b167f7b0abe8116779a418722cba941f1ee03beb850e9dcceafb42ad3de5dccc00d1fcb6a9a1031bb1f8f4eb46
- SSDEEP
  
  96:MaFJQcTK8Iu0EfvqHHqskvsNpuVGLvq4qAqYqlGqxZqBq:w8YECq1vsCrF9lxxUM
Score

4^/10

evasion
behavioral17
- Target
  
  BepInEx/plugins/Tobey/File Tree/Tobey.FileTree.dll
- Size
  
  23KB
- MD5
  
  1fe359e31be06f40121e9c5c559244cc
- SHA1
  
  5675af3c8e471fe84a7c8b3fd4bed9412c0a7815
- SHA256
  
  c4753cb87782f702968fda23efc42125528e53814e26d0e4fe4436eadc9b2bcc
- SHA512
  
  396a2bb810dedf2129ddd0fcc138ddf49056350f637b583ae3ca7b0c084f083d1acec624b33016f78a196295938ba0e472fea13436460322fca0986b92a86a6e
- SSDEEP
  
  384:uh3zUhUT31zNurbqqOFbi0zJ49G4cx8xaSrQOfPmNnT5wzWgjBI8Dzp5I:uRXT31iMw0zYC8zrbEtw6YZi
Score

1^/10
behavioral18
- Target
  
  BepInEx/plugins/Tobey/UnityAudio/Tobey.UnityAudio.Plugin.dll
- Size
  
  14KB
- MD5
  
  bc516b96f241a8c2eda472b4b4faf796
- SHA1
  
  46c226b22495ad49f40bc4e6a6dc882c4a51f436
- SHA256
  
  bfb7e39beab2af86ebfe3ac0023eac46cc9b088e6dc0c7bdf4c20ffe58d60b40
- SHA512
  
  957c1b9113546b64b3cd70be41238e1476618d784d2dad18adf9971396a4495e1f9ef9b152eabcf9b7181ae8aa44b5d31e9c3650c8a5d225975d9dc9c2d167d7
- SSDEEP
  
  384:ZqET0n2wvyFmatDsZeaqujGAX6Rozejh7GMpBfAL:Zq2wK0eaT1Xl
Score

1^/10
behavioral19
- Target
  
  doorstop_libs/libdoorstop_x64.dylib
- Size
  
  24KB
- MD5
  
  2d65bfc92198de87eba43f4b6f4b7f59
- SHA1
  
  c99a568f41bf86f55a7533c80d5a33a5a4dab523
- SHA256
  
  1867bfefe236bcf2c29d2a7e183a755c749861d27355e8bc4317a343e93ef15b
- SHA512
  
  92ac79d4dac74c5b15fcdb800c8fd90bf7971e725ad3d6c308d804f968365fe18dd813661d743523a8f65648a99196a82bd811cbae3521ae91470826ad68a5f3
- SSDEEP
  
  384:OjN7vZKC2t7nAhQcgtslDPOmp3PjvFNIpbNb:OjNb/MslqEjIpb
Score

1^/10
behavioral20
- Target
  
  doorstop_libs/libdoorstop_x86.dylib
- Size
  
  28KB
- MD5
  
  eab63a6d53b8a26e8d0e7f0e08f6bee5
- SHA1
  
  81f79b64fc5a59d5d9f77edf782c06f0745917f7
- SHA256
  
  7f0d1b00a8eb71f0746e9d2ecf3a18034662e0e5826ac7357ceb8d117ed14eff
- SHA512
  
  7f8448dea127743dae6f9eb86728a507b56ac6b9f637bc8a79620e7b3b5d404f348313cd627d32c989a3e942e3a37f3a97063e7c649faae27bd4258285130091
- SSDEEP
  
  768:o0K9hNC31Ne01HDzIY3xo8f6tPuYJ3CZRBazrX5qyXEl5KS/:q9hNC31Ne01HDzIY3xo46tP0hazTwyXa
Score

1^/10
behavioral21
- Target
  
  winhttp.dll
- Size
  
  24KB
- MD5
  
  f67ed749e83419d4086d6ad9b8428b35
- SHA1
  
  805ea44fbc71842b321e56f7ab99914142d29d89
- SHA256
  
  cf9dd372ca0ddbe01153502c49f8f756197bb260001792fe766f6c0242dc7fc0
- SHA512
  
  c638647478e0093e7b845857c0288f8b33a1b7b15ed18f51259bfd37897c4b29a1d386203bfde6f0d9da09ba33259b8e58e06eff2c44e5c22d0e6a454536556a
- SSDEEP
  
  768:TmX/SGuGzPdSoQLB0GgsC1fxgKT5ImckVPxIiT7V:YY90GgsC1fxgKT5ImckVPxIiT
Score

4^/10

evasion
behavioral22

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

T1564

Resource Forking

T1564.009

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

Sharing

General

Malware Config

Targets

MITRE ATT&CK Matrix ATT&CK v13

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22