70f96651e4d848e386e66d754f2f6ef530b591587983e6ad8348d17ae66bb9d8

Sharing

Copy URL Twitter E-mail

General

Target

valrise_launcher_modded.rar
Size

1.5MB
Sample

240527-j3evxaec62
MD5

f221f236a27a10add141d510d8882221
SHA1

030c845dc21807a779783a2c6e749b2adec0e8f9
SHA256

70f96651e4d848e386e66d754f2f6ef530b591587983e6ad8348d17ae66bb9d8
SHA512

e781816d73a4ec2904c06f6c5fffcb7d68f234c60cb8b2e9336258df61e7958fbfd0e463fc08366938696786f051221908baef7f3b09e9ec4ee21ee2a3957201
SSDEEP

24576:ow1wMvrNa0WAmBCEygSaTwXRVhzAFpz6wYp1qlxa22DxVF6sOg29bI52fIHYecf:oABvCAmNTazAFV6jDql/2ZXCbI52kYNf

Score

3^/10

Malware Config

Targets

- Target
  
  vac mod/AutoUpdater.NET.dll
- Size
  
  447KB
- MD5
  
  3da285fa26fe180e8c3a3a8ef81750dc
- SHA1
  
  debb0124e5e4d4d56d31cafae4aab41977197eec
- SHA256
  
  a7c27dd874a0934006f054e208ca9caa948dd6404f6eebe16e07062bd3ac2eb1
- SHA512
  
  01eb7e6c38bd885df8f1880e37ed1672e7dd046e085c5e84e1120fe7aaed4bb8f6099cecbc8043481c06bcdf169cc6fa4135f69346bfe21b9e81936251a345c4
- SSDEEP
  
  6144:f/ba1TLj6jTwzg2hRefomv1MQhdyr4eYygVi1oA7HxBpm0Fz8tBUYPTvKyH:Lk6jTcgiiv0Fz8tBUYPTvKy
Score

1^/10
behavioral1
- Target
  
  vac mod/DiscordRPC.dll
- Size
  
  82KB
- MD5
  
  3956130e36754f184a0443c850f708f8
- SHA1
  
  4874cd51b0fa5652ed84e3b0c123bee05dcdffc8
- SHA256
  
  25c39f91f737d80040c72c9e3f95db0fece1c9653f501828adc16cfb1ec59d26
- SHA512
  
  157143dd69378e9914ddbb934229cfbc99ae7d80f4f787b7799fc254054d2c7b1e6f4551cddea30470e28b61309f858fcdb2d009b1c32953dfe5ea7fe78e9e48
- SSDEEP
  
  1536:RICqBkny2//yF9999999999dGxde6HYPM4Q+mRxpSNh:RNy2//yF9999999999dn6b4Q+mWh
Score

1^/10
behavioral2
- Target
  
  vac mod/Fasm.NET.dll
- Size
  
  158KB
- MD5
  
  6392d2d3b6c7526375f4c8a75e02b590
- SHA1
  
  a063d3b9345c211d9f251ac6846befeb8c9e8b11
- SHA256
  
  f4f7a3cff105712a7058b7a7f425370cd5fb85e8287da0f99a56e541e59f11dd
- SHA512
  
  5cd332069c7a6faf251df84072fcab82ec4dfcce126371f5bb40b8d9bec49d72478a892f96587ba3e7547ca98d5bc542cca2ea5b61e9e68ac5d2c9e0943188fb
- SSDEEP
  
  3072:beC4Y0xTD3DJ36Jq7Y5+s7WIxFccjb+uhQR27YZDKkpWMS1:beJY0dD3tASY0ynkpWMS1
Score

1^/10
behavioral3
- Target
  
  vac mod/Microsoft.Web.WebView2.Core.dll
- Size
  
  533KB
- MD5
  
  36a26a59c3b124c90af32bd87fdc003a
- SHA1
  
  abea61150aa1aad467c95528ba9fadaf724189e1
- SHA256
  
  c886c3003f208d64839ec3c77c3889ef98a0344439e18aa613e7b199bd04bb2d
- SHA512
  
  45cea404b0833ddc98077ae859142aa96cefbbddac611511193c637139eec935fa6d50969889a74226ef98afc5da63df4a45ff70fa7cba276b2717503557fba0
- SSDEEP
  
  12288:r0vEInrpQ322zy+uFKcDzRFNXeA+imQ269pRFZNIEJdIEY0lxPrEIgcvLcglxMwu:YMvH
Score

1^/10
behavioral4
- Target
  
  vac mod/Microsoft.Web.WebView2.WinForms.dll
- Size
  
  39KB
- MD5
  
  823d314a7a7b7433d372d5e0fc9abb76
- SHA1
  
  125ab38d78a5d3b1f2f315a500908d132a44b1a8
- SHA256
  
  ccaf1f9ed1313a7218dd456114a2914f5b0b514b8c00ba90f14e6a7927930c35
- SHA512
  
  040db73d0ee1873712cdb93bacadcc0f97f9b2908585e35e96b538ac44a24556498ef7d38263ab6806c3ea8babf7613505d80646933c23a01b63266fac799550
- SSDEEP
  
  768:rFCniwqfU2Gm0bOVmW0etG7yf8ZDgcEST3p4Jjrjh2jJGSUyauTv1JKia5/Zi/Wk:rI7yf8ZDgcEST3p4JjrjaJGSUyau71Jh
Score

1^/10
behavioral5
- Target
  
  vac mod/Microsoft.Web.WebView2.Wpf.dll
- Size
  
  46KB
- MD5
  
  d8a961a75b1949ccc43f567ca98a49ed
- SHA1
  
  1a1237ddb927640fbe58708d61ed8c37e3f9b532
- SHA256
  
  5eaaded54cd8f8f08f8f9aa09f6dbb2cd8f76753abbd6524b23aa1d0f52f7d16
- SHA512
  
  2923160c82e52a25c03ef931b2dc510fe8e29c37f38e08e87b6159364c18699d31f549077abc02f0135bfa02fc0fd5bdafaecbc8b9b1970a4aa940a6c0a4cb0a
- SSDEEP
  
  768:UV08pvSZjQIf1jlCPcePUOVw8aDP/ryEH0tBy4JjrD1h2j5hUURGvkq7FKKa5/Bt:z84jQW1jlOzPjw8aDP/ryEH0tBy4Jjra
Score

1^/10
behavioral6
- Target
  
  vac mod/Newtonsoft.Json.dll
- Size
  
  695KB
- MD5
  
  195ffb7167db3219b217c4fd439eedd6
- SHA1
  
  1e76e6099570ede620b76ed47cf8d03a936d49f8
- SHA256
  
  e1e27af7b07eeedf5ce71a9255f0422816a6fc5849a483c6714e1b472044fa9d
- SHA512
  
  56eb7f070929b239642dab729537dde2c2287bdb852ad9e80b5358c74b14bc2b2dded910d0e3b6304ea27eb587e5f19db0a92e1cbae6a70fb20b4ef05057e4ac
- SSDEEP
  
  12288:GBja5bBvR8Q0TE2HB0WLmvXbsVG1Gw03RzxNHgKhwFBkjSHXP36RMGy1NqTUO:GBjk38WuBcAbwoA/BkjSHXP36RMG/
Score

1^/10
behavioral7
- Target
  
  vac mod/Serilog.Sinks.File.dll
- Size
  
  32KB
- MD5
  
  c25357a7950dcfc7f85ee9d593cb1a24
- SHA1
  
  6a533712852465ab3c11b5c76004312d6482f07f
- SHA256
  
  5b70dc2eeceb1963f9c3690c1cc8ffa793b280e903fa9a31780e6a7bb0bdfcf9
- SHA512
  
  30ca628b17b2a51bd9974fe1380caf728e7826c2bb552e4bc5ac15be8f819e908fc1744932db23734fec64e0f2c758372d8c49d019407efdfb076133c6df70c6
- SSDEEP
  
  768:0E4c3g4vuh+t/j7zAJ0eBHdDaXRrbNoihV0gZ:2ktt/Hk2eCXR9/p
Score

1^/10
behavioral8
- Target
  
  vac mod/Serilog.dll
- Size
  
  139KB
- MD5
  
  af0d4199c6de7572acd2064f3a171295
- SHA1
  
  d67ca5faf80d9596c32941bf212692cbed688522
- SHA256
  
  d5ba7cf845049670121111789d11ddb9cbf05b431829d347a44c7dfa4ebfc05a
- SHA512
  
  b4dad3a5b83d2e058ea24001bb3a5d4c2b034eee474758ddd9f0cf2bbe27e9240aa5f1ef2838a5ab03e75793ab1bf6b1110bb02c4d162d678ed42035f3ad84fd
- SSDEEP
  
  3072:xAbndsAX1FgvEQjfMx8oI9A4kNvMbOAQFu/:xAbdsAX1i8QjfMsGJi
Score

1^/10
behavioral9
- Target
  
  vac mod/SuperSocket.ClientEngine.dll
- Size
  
  41KB
- MD5
  
  bbea7769de6a008c3156141c52fdc18e
- SHA1
  
  7d9f90e8da62f9834f532e9a0aba54969c14ec28
- SHA256
  
  9863a8ca0fd55fdf1de8d64cb89d034fc009a58220d45c5f4f83c6cdd0c5cbfd
- SHA512
  
  f7a58cbc5a6bc964d2af1a654a5eaee19bbc818352a9a3547a99952c027dbc67307ccb0987ff1ff6c88850ad322fbea1530bb0172a95636afdf9ff34ab340420
- SSDEEP
  
  768:nDGXmBiIOJv2IIXs4UOPhbY+m/rihAt5A8o4/aBS8XpTt/yO0y:nDGXmBiXanx+zehk/WpB/yO0y
Score

1^/10
behavioral10
- Target
  
  vac mod/System.Buffers.dll
- Size
  
  20KB
- MD5
  
  ecdfe8ede869d2ccc6bf99981ea96400
- SHA1
  
  2f410a0396bc148ed533ad49b6415fb58dd4d641
- SHA256
  
  accccfbe45d9f08ffeed9916e37b33e98c65be012cfff6e7fa7b67210ce1fefb
- SHA512
  
  5fc7fee5c25cb2eee19737068968e00a00961c257271b420f594e5a0da0559502d04ee6ba2d8d2aad77f3769622f6743a5ee8dae23f8f993f33fb09ed8db2741
- SSDEEP
  
  384:/rMdp9yXOfPfAxR5zwWvYW8a2cyHRN7vCvlbLg:/rMcXP6N6e
Score

1^/10
behavioral11
- Target
  
  vac mod/System.Diagnostics.DiagnosticSource.dll
- Size
  
  169KB
- MD5
  
  eca216927ed487613b7a042fc643bd8f
- SHA1
  
  030bbd6d404138a5de6ad850269985372c89d9eb
- SHA256
  
  5b8ccdda36486950de37484c25e1334376431e52176c32f87dd730690b273e3b
- SHA512
  
  c234b5a11e14b5da6cc940bc0d989c0f64c73e66cfe62970ecdb5db37f1e86a163861987a947a3c6fe93291557356f1f1c1fbbfa2187dd61f4a9235c1e374e78
- SSDEEP
  
  3072:bNcLPcNABKuTwIxpRoZgM4U2Ny1jb54rbHXrwZ2F3c:p1NAB9qZgM4U4qnQwl
Score

1^/10
behavioral12
- Target
  
  vac mod/System.Memory.dll
- Size
  
  138KB
- MD5
  
  f09441a1ee47fb3e6571a3a448e05baf
- SHA1
  
  3c5c5df5f8f8db3f0a35c5ed8d357313a54e3cde
- SHA256
  
  bf3fb84664f4097f1a8a9bc71a51dcf8cf1a905d4080a4d290da1730866e856f
- SHA512
  
  0199ae0633bccfeaefbb5aed20832a4379c7ad73461d41a9da3d6dc044093cc319670e67c4efbf830308cbd9a48fb40d4a6c7e472dcc42eb745c6ba813e8e7c6
- SSDEEP
  
  3072:nUGrszKKLB8a9DvrJeeesIf3amN32AW/rcyw/s:OB8l3/aK32qU
Score

1^/10
behavioral13
- Target
  
  vac mod/System.Net.Http.dll
- Size
  
  194KB
- MD5
  
  6c068c1d54707e817779a31c555c5383
- SHA1
  
  0ad73addbb71d13e658ffa823105cb4be2cafc1a
- SHA256
  
  c9cd4a7658d83b79c47e335e98bb1fb67900090f4c6aaf25ae141fafc5c9bca4
- SHA512
  
  a85b7b2b1e2aea6fb1eed0de666f7a737df2e25fcf76357b41d7030415870fb1789d031572305b8f62e8e2669974092a8b1ac378ecf2be84f24e5b3436adfe89
- SSDEEP
  
  3072:Wz79v0/yejq+HNbjQynaWIhB4MAuzvqWAH28dZOjc/T2UsbRo2sY7s9d3Oe:WIq+HdQfDhB4LOlw/x
Score

1^/10
behavioral14
- Target
  
  vac mod/System.Net.WebSockets.Client.Managed.dll
- Size
  
  70KB
- MD5
  
  24917aff981962f2cd12574c9d36200e
- SHA1
  
  dd23c5048b4a74f895bde77bdeababc388382c80
- SHA256
  
  31430f928bb5eadd8de1d2ee2617c4462b564674f71b209bdd77de1b2209aa3f
- SHA512
  
  9469866201ba7a84ec27c5aac0ea3900527bf4d8920851e7fbae88ca22f0da8b372aecb7f067673d49c58931b217422c2a9e2dabfa25fd5fc4854cbc4b822b91
- SSDEEP
  
  768:TS3U5a3ImjoPuYe6JO6GC7E+vk32EVhNlgjVDcQ93K6mCmCfEQEOdEtgU2kuCLfh:2Imv56J3vdQqJm9LZf27oYVv+/PBI7C
Score

1^/10
behavioral15
- Target
  
  vac mod/System.Numerics.Vectors.dll
- Size
  
  113KB
- MD5
  
  aaa2cbf14e06e9d3586d8a4ed455db33
- SHA1
  
  3d216458740ad5cb05bc5f7c3491cde44a1e5df0
- SHA256
  
  1d3ef8698281e7cf7371d1554afef5872b39f96c26da772210a33da041ba1183
- SHA512
  
  0b14a039ca67982794a2bb69974ef04a7fbee3686d7364f8f4db70ea6259d29640cbb83d5b544d92fa1d3676c7619cd580ff45671a2bb4753ed8b383597c6da8
- SSDEEP
  
  1536:nPOw0SUUKw+GbgjMV+fCY1UiiGZ6qetMXIAMZ2zstK/hV+sUwS:nWw0SUUKBM8aOUiiGw7qa9tK/bJS
Score

1^/10
behavioral16
- Target
  
  vac mod/System.Runtime.CompilerServices.Unsafe.dll
- Size
  
  17KB
- MD5
  
  c610e828b54001574d86dd2ed730e392
- SHA1
  
  180a7baafbc820a838bbaca434032d9d33cceebe
- SHA256
  
  37768488e8ef45729bc7d9a2677633c6450042975bb96516e186da6cb9cd0dcf
- SHA512
  
  441610d2b9f841d25494d7c82222d07e1d443b0da07f0cf735c25ec82f6cce99a3f3236872aec38cc4df779e615d22469666066ccefed7fe75982eefada46396
- SSDEEP
  
  384:EybU8ndrbbT9NWB2WL/uPHRN7bhlsQVryo:Ey5ndvWbMPVryo
Score

1^/10
behavioral17
- Target
  
  vac mod/Topshelf.dll
- Size
  
  186KB
- MD5
  
  454e79a0ccd847306c0649d7af3b0142
- SHA1
  
  c0e7c895ddd009d1ebe52cbc2401f3439e9e7e0e
- SHA256
  
  bd70a5832124e36840452ff46e442efa0a09a4ceba842aea72c79b2d322d7fe8
- SHA512
  
  056d222535691f10e03ed9bf5473e8c4ab30c44adcd8ca823540559453ae70221edfc0f0d491a42508949d86bc0a4dd17d4b149a78bc1a8b4431412a124386d2
- SSDEEP
  
  3072:CA77sCyRSB9lN2FAeqDEGEdznasf3oJunPlHe72BbLJ:CeDEznasvoJunPlH22Bb
Score

1^/10
behavioral18
- Target
  
  vac mod/ValriseLauncher.exe
- Size
  
  947KB
- MD5
  
  71ceb618238998b967b6640c0b6f8776
- SHA1
  
  5cf63b58f7ecececd15cb51c90babf90f86ad9b3
- SHA256
  
  68833cd13b85a6ac9ac14c7161d72beacf50f8bbf27ea6133fc368220d5c3a4e
- SHA512
  
  f249f0573c96f86bfc4ba54c27280f72c2c5af67a66bc910d28baeb9c4be05adf881b240861ad92654abceabb6bda5e02b2f7ba337957d785673bf5ec0b74428
- SSDEEP
  
  12288:18rPyJBH333Pnnn2f7nm7/Fm333Pnnn2f7nm7/FvrawuTEeF5tN+Hf/vXJJUbJPy:o6PBovrapIeF5teUbJF+wJyh
Score

1^/10
behavioral19
- Target
  
  vac mod/WebSocket4Net.dll
- Size
  
  60KB
- MD5
  
  a47b0ee354a56cd82040b17e4edb0329
- SHA1
  
  16835813a4bc3339d4b8044460fa646369e32c19
- SHA256
  
  a8550b9c7b6895c18e73b903064511b99982bd9928c7dcefaac14b592d201b73
- SHA512
  
  525a9dd7af9eb5a32363854c59f705c231f6f3c68c702ba108460935caef45c979683227a713eccb9498aee95bf4578da8851e699b320cdbce6f835f7236dbbd
- SSDEEP
  
  1536:oXSaVnItYw1N0tUUTAz/kI5JIol/NkIgJ4W:o5VnqzNaNE4IvIolSIgJj
Score

1^/10
behavioral20
- Target
  
  vac mod/websocket-sharp.dll
- Size
  
  244KB
- MD5
  
  7379936cac71973885587a3bc6fbb70b
- SHA1
  
  e72fec39314d7eb75f13c1ff0459515d95dd910c
- SHA256
  
  fb06ffceb4f8789c893d2f292e5810927dd7266d3bad68df2cedb8775500e8be
- SHA512
  
  d9da358bcc134232f6418d49fe98c427ad49fe8a212a2f166fcbf1718d0a8f8b0fa055caec30b267c6e4b1b4d687f08394830e3fadbae812c4b255abdf8c7b7a
- SSDEEP
  
  3072:ZLixO6zz8t4OXDegbQy058MP2pZrCmrrDse0ecdfF7b2gqEiyDvSmqtNlVusC519:Sn8nDenoRXoJF3bqEiyzZ5m1FsgU
Score

1^/10
behavioral21

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21