77eff4497232562eeb1862f97d484777202e8ac42c411093a821234045ee61a5

Sharing

Copy URL

Twitter E-mail

General

Target

AssaultCube_v1.3.0.2_LockdownEdition.exe
Size

46.0MB
Sample

240527-tbwdpaaf26
MD5

91aeb7d436f737f7cb60439daa9f3ea2
SHA1

120d0b9f53b0461fce65bcc437648b3e63830ef0
SHA256

77eff4497232562eeb1862f97d484777202e8ac42c411093a821234045ee61a5
SHA512

31c57e08e3ccb7aea1564cc993f4137f5d34e7c958afbb2ddc2b901e50f60d62bb5ecd1ebfc7eec35f1d558da3643fb59774c80b3489b1e53539be3d6948e8e5
SSDEEP

786432:bjLT9Bu4Ke12BYI2Mxn1z2fIc2FoibWskzOLIDSqB6xrqoKhRxDpvfqf+jyvcXJW:bfT9wFegYI2M3iMbjAeIDSqB6xrLIxlg

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  AssaultCube_v1.3.0.2_LockdownEdition.exe
- Size
  
  46.0MB
- MD5
  
  91aeb7d436f737f7cb60439daa9f3ea2
- SHA1
  
  120d0b9f53b0461fce65bcc437648b3e63830ef0
- SHA256
  
  77eff4497232562eeb1862f97d484777202e8ac42c411093a821234045ee61a5
- SHA512
  
  31c57e08e3ccb7aea1564cc993f4137f5d34e7c958afbb2ddc2b901e50f60d62bb5ecd1ebfc7eec35f1d558da3643fb59774c80b3489b1e53539be3d6948e8e5
- SSDEEP
  
  786432:bjLT9Bu4Ke12BYI2Mxn1z2fIc2FoibWskzOLIDSqB6xrqoKhRxDpvfqf+jyvcXJW:bfT9wFegYI2M3iMbjAeIDSqB6xrLIxlg
Score

7^/10

discovery
- Executes dropped EXE
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Drops file in System32 directory
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/StartMenu.dll
- Size
  
  7KB
- MD5
  
  d070f3275df715bf3708beff2c6c307d
- SHA1
  
  93d3725801e07303e9727c4369e19fd139e69023
- SHA256
  
  42dd4dda3249a94e32e20f76eaffae784a5475ed00c60ef0197c8a2c1ccd2fb7
- SHA512
  
  fcaf625dac4684dad33d12e3a942b38489ecc90649eee885d823a932e70db63c1edb8614b9fa8904d1710e9b820e82c5a37aeb8403cf21cf1e3692f76438664d
- SSDEEP
  
  96:h8dPIKJhMuhik+CfoEwknt6io8zv+qy5/utta/H3lkCTcaqHCI:yZIKXgk+cx6QYFkAXlncviI
Score

3^/10
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  12KB
- MD5
  
  cff85c549d536f651d4fb8387f1976f2
- SHA1
  
  d41ce3a5ff609df9cf5c7e207d3b59bf8a48530e
- SHA256
  
  8dc562cda7217a3a52db898243de3e2ed68b80e62ddcb8619545ed0b4e7f65a8
- SHA512
  
  531d6328daf3b86d85556016d299798fa06fefc81604185108a342d000e203094c8c12226a12bd6e1f89b0db501fb66f827b610d460b933bd4ab936ac2fd8a88
- SSDEEP
  
  192:Zjvco0qWTlt70m5Aj/lQ0sEWD/wtYbBHFNaDybC7y+XBz0QPi:FHQlt70mij/lQRv/9VMjzr
Score

3^/10
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/nsDialogs.dll
- Size
  
  9KB
- MD5
  
  6c3f8c94d0727894d706940a8a980543
- SHA1
  
  0d1bcad901be377f38d579aafc0c41c0ef8dcefd
- SHA256
  
  56b96add1978b1abba286f7f8982b0efbe007d4a48b3ded6a4d408e01d753fe2
- SHA512
  
  2094f0e4bb7c806a5ff27f83a1d572a5512d979eefda3345baff27d2c89e828f68466d08c3ca250da11b01fc0407a21743037c25e94fbe688566dd7deaebd355
- SSDEEP
  
  96:o0svUu3Uy+sytcS8176b+XR8pCHFcMcxSgB5PKtAtgt+Nt+rnt3DVEB3YcNqkzfS:o0svWyNO81b8pCHFcM0PuAgkOyuIFc
Score

3^/10
behavioral7 behavioral8
- Target
  
  README.html
- Size
  
  937B
- MD5
  
  1a37949fca556e5c2ca2799745eeb8a2
- SHA1
  
  36f2f7105992abf36a98bac18621b94bd7fe6647
- SHA256
  
  60cbb386e8a8fb46a087c759947eb0a0c920b6b94ef999104516ba01d8a16b80
- SHA512
  
  a67d2aa0a1a9445120e297f123e838edd412b90aaafa90f4f99b043e7f12d818ed070b587831f797e3ca3f379423b9c96545a6691542a7a35fb69b61be567cc9
Score

1^/10
behavioral10 behavioral9
- Target
  
  Uninstall.exe
- Size
  
  110KB
- MD5
  
  3b04c55505bb5926e52603cbb9d3ab65
- SHA1
  
  87330da4cc804c93c89ba1012a99593d3a50eceb
- SHA256
  
  73a8b81a37dfebf54457ce978d293d9e10667803a58bc4eb038bf05743ce8e6b
- SHA512
  
  bcde9ec2818819ce24cdfe678f6abb9d979c193dbeee4244fb863a78cb20e71e8555b3c9e0bf01de3145a3599d8131efcd5a9463ebbce59ceff6e7d3c8697156
- SSDEEP
  
  3072:wfY/TU9fE9PEtugGkDitmpYSRXzmONI5kes:GYa6qGkDitsdSC4k1
Score

7^/10
- Executes dropped EXE
- Loads dropped DLL
behavioral11 behavioral12
- Target
  
  assaultcube.bat
- Size
  
  102B
- MD5
  
  5712cb3e54733dcfe084375cf56ee91c
- SHA1
  
  db4ace6e71208b8eae4e155e49c34701b11f77ca
- SHA256
  
  060e8cf999204e18f8c9fb4036978ff2a352dfcf41c8153059db4faa787d93e2
- SHA512
  
  6b1a5dfe0be63203e060a7ca264f2781db543d9f1d919517e1a3a6a5bdaae976970df25d6ef984568a81f961e6d161d5db2a441b774fd23e5aa7c98dea847af0
Score

1^/10
behavioral13 behavioral14
- Target
  
  assaultcube_portable.bat
- Size
  
  94B
- MD5
  
  4cdba6c7d0c87a6730f0157a2a86f5ae
- SHA1
  
  8472e9dea60a20facb4055493b451e32f11381d7
- SHA256
  
  35b02d38317c934c307e350790f54402dfe56217d46df66eddda6c3946d6202f
- SHA512
  
  891d3e3af1d6fa889f4d0088fa54f756adfc04d4bff6db4fb5f66b1e7d3fdd9ec16c9cf506a056ed6cfc5cac9c8a0c8835c06ddebe75f6e9ce8a7263d303ef96
Score

1^/10
behavioral15 behavioral16
- Target
  
  bin_win32/SDL2.dll
- Size
  
  1.2MB
- MD5
  
  fc9437f416f54994c83e9403bd861107
- SHA1
  
  9c7ea69b6629ec93dd3fa53ab1f2f9d9cc85db5a
- SHA256
  
  ce15334fe253ff38b887214f57bc76a7d4286a346ad09e909f21c4a640003f86
- SHA512
  
  1fc4423f24e4375badeecfa65171cee4be362f2c8ab56f5841549c8a5494b084e36ca29fa23395f38e719f5a8cddaf149dfe78d2c779daa3f7f3260183fda07f
- SSDEEP
  
  24576:U/282N1ELM1/aGAPvVM4RavuFzeb7LVspbmJ8rU8W8t5lef9wn0TSLFyy2VPszOm:2JwxaGlTvQsRLa/r/fHc/d/xHq/z/XwS
Score

1^/10
behavioral17 behavioral18
- Target
  
  bin_win32/SDL2_image.dll
- Size
  
  114KB
- MD5
  
  129c15c173a927513d2fac86e424f616
- SHA1
  
  3b120cf2265f9a2495b6f92b1fdc8d4a9f8d19ab
- SHA256
  
  7ddceb00fff15b05ef03adbd1ab6d1514cac6dd4646376a0a94f2248c66f6db7
- SHA512
  
  48724632e7f9e7dc466b92584ebb34f2fbc9f48ca4b7391ce6b7ac7d6dd54e61783eb914f6b011e804e9f35a30209e905ba16a172a285f9c1165f1d5a3bb4b66
- SSDEEP
  
  1536:2nfTBXXfK/kFIWDVN84MU3iF6uyZ2lDIDCzRzcuk:UlSsFIENZMU3J2ZIDCTk
Score

1^/10
behavioral19 behavioral20
- Target
  
  bin_win32/ac_client.exe
- Size
  
  1.6MB
- MD5
  
  2abc290c544e3ba2125c94ca255d07b2
- SHA1
  
  fb34dbfea60d54d9d98824b746f23ec9a6f4d26c
- SHA256
  
  5b588e6ff7710fa0170553506a50bfa14750ccb438a154e4ea0e0b1ba621cefb
- SHA512
  
  8f121be6b15bbe4d1fa19780439a65c289029946ba9e6773b20c0fcb7bb907e00a34baead1c4501015f643dcd22433756f2e008f92e9c6b3abca1016a4a4f0b3
- SSDEEP
  
  24576:+Qhp/f7MGVTwLr5h8LMRb5vj11VFW+otv5HFpnmFVz3nhVfUishxUim9z:5M6wLrb8LEhfW+qRHFkpnTd
Score

1^/10
behavioral21 behavioral22
- Target
  
  bin_win32/ac_server.exe
- Size
  
  633KB
- MD5
  
  3ea93cca1b1146c6b818fed10d808ab7
- SHA1
  
  d0a7f31cb99ded48eb82475f0cf9b4b6370dca0f
- SHA256
  
  dd5f15e6d610e7789bb13d7303b455910617340b6586341e65ae4aae6b261f0a
- SHA512
  
  80d79b1e2f0d91a6d117a01cf67517c1b0422ad8137c71fd52dd6993e174cd4563fabd5b2a7027b3a60269d05d59816c51329ecc54e85d32beb3fb5059c582dd
- SSDEEP
  
  12288:HReI2ZueVyLvoTM7l97nT1E8XvzE74ESWtaqM+XdSX:HsI2ZdTkT/1EcE7Paq
Score

1^/10
behavioral23 behavioral24
- Target
  
  bin_win32/libjpeg-9.dll
- Size
  
  219KB
- MD5
  
  18bcc235d2a04409aeadfaf01f0cbed1
- SHA1
  
  1a7633fc27bcfe386e7fc39a9d0e2e0550f6b411
- SHA256
  
  d445efdd297e85576bad1e0fb8cebfd4868004c4544f87a2e958a9ecad48bd0c
- SHA512
  
  39c9fa69d6142604c9a58a626b271449040547b93041b2cfa9681caafce16bacaeb979cab81e0747bb399e5e69972b8357dc65623fc576087f2dd4a835c171cd
- SSDEEP
  
  3072:qkyDWxpaxiEUv48snMR3lS/5LP390Ja0uKhg3G3M1fcZPomLsatECkl5f38z29tU:ppaxEQXcIhLP9MvG3IMFyIuWsrRH
Score

3^/10
behavioral25 behavioral26
- Target
  
  bin_win32/libpng16-16.dll
- Size
  
  194KB
- MD5
  
  c156897a9c8616877d199cab89fcd42b
- SHA1
  
  35c1cfb564953f2d5ad2d5e698b679221add1b5e
- SHA256
  
  71dbd2b080df373b24b869900b96036fa3dd5b0295f5b074e8b27052d73c2794
- SHA512
  
  8ede8d33a3cd8de16062812bfaf0d58de2b7ae28e529cf18487e34b4f20a44cf6451cc104d4065a35dd77e66513c1bc3697344844e38f308a874d14bd310c5b6
- SSDEEP
  
  3072:4OoYgtu75HrlAHFP10N4fSDIQ5seLg5X2IFy+lYnvlBwp+niILtf:BoJyZiCDIYsigUIFy+lYvzK+niEf
Score

1^/10
behavioral27 behavioral28
- Target
  
  bin_win32/libvorbis.dll
- Size
  
  1.2MB
- MD5
  
  98c74ccc5415c0e72d4e6781e4135311
- SHA1
  
  44979fcb5d8eff5c967f86ee0767ac4f1cab8726
- SHA256
  
  6588d4110474dcc4e362600cd4dc6d010e350c3fbc09a3594a2a45fbb4c60c79
- SHA512
  
  83c6d33f927d23eb1ec20dade0173d76e1b7d7f70700537f7927390aa92e0c53d317bbe76449c097eff8c6d507e5d441934c8d2067afd12180c25ccb6ae010b6
- SSDEEP
  
  6144:vLUqaW/JEpyknmlRuTAOmz90R0QHyaaPH4Mv:v9aWK4knmYUhMlHyaqH4M
Score

3^/10
behavioral29 behavioral30
- Target
  
  bin_win32/libvorbisfile.dll
- Size
  
  104KB
- MD5
  
  522abfcc889293dda2ff79b33f15799d
- SHA1
  
  0c02b330d17f660908180b77b1435eda53e5b39a
- SHA256
  
  49564cd6facc72d430cd191e7302281143c0122633c8bd2df7a1d077ebeee1fb
- SHA512
  
  c8853411c4b1bd144309328d5613beb70da49235730f50abaa1624ffb9c8f88503c026586e97d415d5ab2d231dc27c2547322530df007a592b5f6836631eff3d
- SSDEEP
  
  1536:sz0rO3YqoVv0/qGd95vwOeKgncmD73cCUA542bvAQnatsU:lq3Yq6v0iGdTiKHmnzRnats
Score

3^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Executes dropped EXE

Loads dropped DLL

Checks installed software on the system

Drops file in System32 directory

Executes dropped EXE

Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32