r77 | bf0ae9651456ec9281d55f1b89af448e94af3bdca4616d141e5e06161fdfad66 | Triage

Sharing

General

Target

bf0ae9651456ec9281d55f1b89af448e94af3bdca4616d141e5e06161fdfad66
Size

963KB
Sample

240527-p4gc1sch8w
MD5

54dedff761a58d163260e22e475d8004
SHA1

f03526d51d944adf924162880b07613f7397817e
SHA256

bf0ae9651456ec9281d55f1b89af448e94af3bdca4616d141e5e06161fdfad66
SHA512

a52ddfd041f3a679a036cfc45a19c630c0a798da6b6d6292816f2d1f4cc8860fc445357ffffb49e0ee25fa341bebccd494e0fa0da809a567c4016907c66727e9
SSDEEP

24576:Dt5Y4Huh8EVqrv+xPWvlCAvrfMmu6OswpExov8+x0TB/G:H48EMObAvrAXVK7I

Score

10^/10

r77 evasion trojan

Malware Config

Targets

- Target
  
  2023年全部热门单机游戏及汉化下载.url
- Size
  
  147B
- MD5
  
  6add52528b96eede5f34c91a79ce54bd
- SHA1
  
  f5f187d1d0e84a0398378d17995540d182c8774c
- SHA256
  
  6ad86b657ad73e7d7779e4145f954af9081f9701bb9b7d13ce81f644aa9e3fcc
- SHA512
  
  74b2389442362d344abf44c2c0fe27d06e0f19e63428e7a6b061682dceb3993a73585a92b9f03b191abf05f825bb3533b5b5ecda9708186740e0eae0645c6059
Score

1^/10
behavioral1 behavioral2
- Target
  
  Armored Core VI Fires of Rubicon v1.0-v1.05 Plus 17 Trainer.exe
- Size
  
  1.7MB
- MD5
  
  bc51edf1fc8886817878dbc4553f045a
- SHA1
  
  a53dd3a00cbf269a98c3e01cb230aac2483a84c2
- SHA256
  
  ad28a36088a59f42a8b64bfdf9df13d5ec117c2b7053a41659024e9409238b18
- SHA512
  
  ec59993299202512ed1602d637dfcad6343d10cb5c0e8ebc9cdf417154f90722eef156be87900191ea83cef66dd79bff7b0e14b9195f0fb0c33f4ebe26185e75
- SSDEEP
  
  24576:i7/xvZj3CImQl/qaa7twNlj11X9U2BBd1ReDlaDSVXT5XdRh8d6ya:iNvwImsyaa7WdXlr7kXT5XdRqc1
Score

1^/10
behavioral3 behavioral4
- Target
  
  start_protected_game.exe
- Size
  
  257KB
- MD5
  
  eb556b1a9056e4d3ca5ee416c03e24f9
- SHA1
  
  307fc5b7c8dfc69ff570b41947c7d072b83dbff1
- SHA256
  
  7b7924af22b109c7dce3a1c6271f16ca53c188ff4007809147723ff1039e38d4
- SHA512
  
  af8ae1aa2f51735616817242c1680f85c1b733499cae79d86257f568dad08ef3acdc452c76b4eb430ba8b6822c1d810ca1cfc735c9be9df9cd16b5f3d2ebf7e4
- SSDEEP
  
  3072:sOop9p5Z0VoQTubqOvEvYnFq1Zvbaq5PfOR0ngg2/:5m9TOVoQTOvEvmF0ayWR8R2/
Score

1^/10
behavioral5 behavioral6
- Target
  
  www.3dmgame.com.url
- Size
  
  122B
- MD5
  
  49cbfed4fa9b3fafdc9d499b6163fa62
- SHA1
  
  28decd9138bd3f7b3ef38bf9e40cd0d6305d1cdb
- SHA256
  
  03df27e82600098c34c413cc2e45b43638d3ac33666960cfbd913f1c3f9a0b11
- SHA512
  
  64e91ed564ef64d7687599012c4728b811fec2661dcb7941374cdd3a8450563073c67c452d97d43545f49182fbda2c26702dd35088723ace21717282d1233627
Score

6^/10

evasion trojan
- Checks whether UAC is enabled
  evasion trojan
behavioral7 behavioral8

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8