44caliber | c29379ad77c234ec161faa837487b6dea9dbd14ce6294e1d0b6878a576ae7f58

Sharing

Copy URL

Twitter E-mail

General

Target

Nursultan_1.16.5.zip
Size

458.3MB
Sample

240619-tjbdgsxgmp
MD5

55132042b2d2bcc154d01515578e752c
SHA1

8e0de598f025221853927471633d3b84bbc7efc4
SHA256

c29379ad77c234ec161faa837487b6dea9dbd14ce6294e1d0b6878a576ae7f58
SHA512

6572102e47496d63c55ebc4d06f65c57d9ac1c9455523e872cda5acaa5960e9b7cf5812e94c5b6471cfb515ee4d9f59c45cd80d04465c357028d5cc87a58b4de
SSDEEP

12582912:hwpKrdPvHoB7gvqy03OR2zGvpiOW03Fzhhg1:hwUrdPuMCy0+oavk11

Score

10^/10

Malware Config

Extracted

Family

44caliber

https://discord.com/api/webhooks/1251490311834828870/bqeRH7nM_KtaFDiK4zYKv8xPNcvkaXXHfpDvBb95OG9m0gJecFASlF1YjaQjAtTInICp

Targets

- Target
  
  Nurik 1.16.5 crack/CrackLauncher.exe
- Size
  
  101KB
- MD5
  
  8af6fddaaaa1e49fd726f573fe69fba7
- SHA1
  
  ccc52eb5c92fb85a8df177ffb467fe9aba2a0cb6
- SHA256
  
  69623ca675497a9bf5b703eaf88d1067704ae004ff16df2e6a26214138776f4b
- SHA512
  
  a0a47ed93a00e5849b5a99e520c39db4efeca7e0e8699e2aa27efebbc000ed908a6c776289c5ae1636157cd91d4b41cefa7ea1a954fb224466d94d88c8e9b5f5
- SSDEEP
  
  1536:MV14sMWfg1AKdTiBjAORN38A/Hdwoja/r6sXxqW4kEEv:u4NWfg1AKdajAOr8A/9wo+/rmW4kEE
Score

1^/10
behavioral1 behavioral2
- Target
  
  Nurik 1.16.5 crack/client/assets/objects/90/90046a9705756370acd9a00502aab5785a2c2136
- Size
  
  28KB
- MD5
  
  a4cd2e91b6fb43d5024f341404cb79a4
- SHA1
  
  90046a9705756370acd9a00502aab5785a2c2136
- SHA256
  
  77f660dbf894ee68e186da517e07bf2575c51a3b0d91c542b950adc45d5d6226
- SHA512
  
  551fa3436cf6302c1f27f7e054653beb3faa74409df44cccd8a2fb5cc5c866ea55a268bbbb1aa2a290cb688970702e64532f86fadf2c99dd2a11fa57fe3f96bf
- SSDEEP
  
  768:ALVsFalNRm2q1xy2SIRvLDs8L1V/eYMpLB2iz+54XWa:AknzvLgO1ALptNzya
Score

3^/10

execution
behavioral3 behavioral4
- Target
  
  Nurik 1.16.5 crack/client/assets/objects/c3/c3cd0db760c980287b26ef9c0894f66c4250724e
- Size
  
  10KB
- MD5
  
  78d3efc4abc7fda450d650b86e757992
- SHA1
  
  c3cd0db760c980287b26ef9c0894f66c4250724e
- SHA256
  
  fa7acce9893cd8ae274bf57453d782d825915e31999a21f0c38713116a100b45
- SHA512
  
  2e835e0e7db5186c7405c4217c7979d444771b58bf263e652485def959e341c1343be1a353686d965a90d504150e5407a50f891fb2883f94a5865a2851e7ae93
- SSDEEP
  
  192:gXDJomrimXOct5g6ksDLFtpfFSSu9z3LnjnM3SoOoKATzk2t74tfyQV:uimzp26F1ty/9LnjnVBAB7cH
Score

3^/10

execution
behavioral5 behavioral6
- Target
  
  Nurik 1.16.5 crack/client/libraries/authlib-2.1.28.jar
- Size
  
  74KB
- MD5
  
  77445f0bfea9402cca525d31fff2e4c9
- SHA1
  
  ad54da276bf59983d02d5ed16fc14541354c71fd
- SHA256
  
  bae2283ec6afde9806142cd877b786123143ae50686fdd138ddb281b3de81d59
- SHA512
  
  3918dec7b2a7e9368948ff5c82cd06fef73a3d5fc2a9c2cf72bd43ebbec771d1c11cfedf377843a55e4d1e6360fa89eb5acc6375824cbf8777e5437e9bdf96c5
- SSDEEP
  
  1536:4/hwQB7wiwkZ6gXclWvRIn9b9tkoc4rCNXK2kR8iXpNLvA/6L8AZ611bojBgSdQs:40YZ6p4In9b1c4WNXCY6LZiM
Score

7^/10

discovery
- Modifies file permissions
  discovery
behavioral7 behavioral8
- Target
  
  Nurik 1.16.5 crack/client/libraries/brigadier-1.0.17.jar
- Size
  
  75KB
- MD5
  
  fe87deeb6e062d678d2bff623fe4e2b9
- SHA1
  
  c6b7dc51dd44379cc751b7504816006e9be4b1e6
- SHA256
  
  296b69b63f3d2a2092bf94fa12add4deb89e7d1f977157f7ee1b6b6d0fd52a58
- SHA512
  
  f0ba79c688a08a48f16bd5877f56b00281ef1b98549277a3301385a507aef4c708499427cc3be906aebc49c564b93a23f2e6fbfe34c85d6afac3769252eb169c
- SSDEEP
  
  1536:y6Scqon8W7DPx9p9ILbXuxIj0aD0aDFYSbeFNF7:Iw8gdfxISaDFYEGH
Score

7^/10

discovery
- Modifies file permissions
  discovery
behavioral10 behavioral9
- Target
  
  Nurik 1.16.5 crack/client/libraries/ca-fixer-1.0.jar
- Size
  
  12KB
- MD5
  
  d60563813a45da621d68efec7f960320
- SHA1
  
  3f813ad3c719357fc9c6108101d26db0e44897bf
- SHA256
  
  092e40e16ea9cdf4a4bc9bc44ba777a90003596301f26f53cb489a6bb04c390b
- SHA512
  
  1d924fe749cf89a77dd6ab1af82a4fcb0ff022e64128b476a58d4f812f3429972cfc944bc06d570b081eea0143b45b9aa0f48c450b2121cd9b9407254e70b901
- SSDEEP
  
  192:37Bf3IevearriOECkXZFVVCojMBsX2jOY4GvGrPlNRNISU9IMuVxNVx:39f3IevearzCZrJjz5Zn8SU9IMINx
Score

7^/10

discovery
- Modifies file permissions
  discovery
behavioral11 behavioral12
- Target
  
  Nurik 1.16.5 crack/client/libraries/commons-codec-1.10.jar
- Size
  
  277KB
- MD5
  
  353cf6a2bdba09595ccfa073b78c7fcb
- SHA1
  
  4b95f4897fa13f2cd904aee711aeafc0c5295cd8
- SHA256
  
  4241dfa94e711d435f29a4604a3e2de5c4aa3c165e23bd066be6fc1fc4309569
- SHA512
  
  8edecc0faf38e8620460909d8191837f34e2bb2ce853677c486c5e79bb79e88d043c3aed69c11f1365c4884827052ee4e1c18ca56e38d1a5bc0ce15c57daeee3
- SSDEEP
  
  6144:+J+dN6A+hCs9rRzuGTaFx+mjIZCLtCdLIh4Jtk2N/NbQZnME4k7ELOU:+J+3+hCsVRNTxmKoFiJt5nbqME4k49
Score

7^/10

discovery
- Modifies file permissions
  discovery
behavioral13 behavioral14
- Target
  
  Nurik 1.16.5 crack/client/libraries/commons-compress-1.8.1.jar
- Size
  
  356KB
- MD5
  
  d862e30ff6b5d78264677dcd6507abb8
- SHA1
  
  a698750c16740fd5b3871425f4cb3bbaa87f529d
- SHA256
  
  5fca136503f86ecc6cb61fbd17b137d59e56b45c7a5494e6b8fd3cabd4697fbd
- SHA512
  
  5f254bffa74bd5a58581ae304a54d127db8a5f68e4d265594ec547013287a87716ce7a60dfa5e19f2ae8a6c75670d25ddf89eab764caf882def1a17e7d3cfddf
- SSDEEP
  
  6144:HIoZhGubbnAzKczHsqUQFTQqXjiwZqldgfIFlR2WLbQE48hjtumzf:oo+N15UEJXjiJHZv5bQE1uOf
Score

7^/10

discovery
- Modifies file permissions
  discovery
behavioral15 behavioral16
- Target
  
  Nurik 1.16.5 crack/client/libraries/commons-io-2.5.jar
- Size
  
  203KB
- MD5
  
  e2d74794fba570ec2115fb9d5b05dc9b
- SHA1
  
  2852e6e05fbb95076fc091f6d1780f1f8fe35e0f
- SHA256
  
  a10418348d234968600ccb1d988efcbbd08716e1d96936ccc1880e7d22513474
- SHA512
  
  1f6bfc215da9ae661dbabba80a0f29101a2d5e49c7d0c6ed760d1cafea005b7f0ff177b3b741e75b8e59804b0280fa453a76940b97e52b800ec03042f1692b07
- SSDEEP
  
  6144:m4kN4FYEA+xWF9BfM4xm22MR6YQJlvyRpdw:hkuxQnfnxm22o6zfvWpq
Score

7^/10

discovery
- Modifies file permissions
  discovery
behavioral17 behavioral18
- Target
  
  Nurik 1.16.5 crack/client/libraries/commons-lang3-3.5.jar
- Size
  
  468KB
- MD5
  
  780b5a8b72eebe6d0dbff1c11b5658fa
- SHA1
  
  6c6c702c89bfff3cd9e80b04d668c5e190d588c6
- SHA256
  
  8ac96fc686512d777fca85e144f196cd7cfe0c0aec23127229497d1a38ff651c
- SHA512
  
  9e6ff20e891b6835d5926c90f237d55931e75723c8b88d6417926393e077e71013dab006372d34a6b5801e6ca3ce080a00f202cba700cab5aabfc17bbbdcab36
- SSDEEP
  
  12288:RXWoN+vjrk1GDSZSYPv46XEfJtBaR7QDbC2:RXj0vk1qASSzs22
Score

7^/10

discovery
- Modifies file permissions
  discovery
behavioral19 behavioral20
- Target
  
  Nurik 1.16.5 crack/client/libraries/commons-logging-1.1.3.jar
- Size
  
  60KB
- MD5
  
  92eb5aabc1b47287de53d45c086a435c
- SHA1
  
  f6f66e966c70a83ffbdb6f17a0919eaf7c8aca7f
- SHA256
  
  70903f6fc82e9908c8da9f20443f61d90f0870a312642991fe8462a0b9391784
- SHA512
  
  e5d1fc8ec4544e1fa0f7c4aae8dbcca466c4987bc92fbbc430b054b10d646b745add4a754b1be9d50edd64330c798c53173a97289db57a966312e16f934e9d1f
- SSDEEP
  
  768:Oirgim03eHcOSlWmuvjpNToHSQfWZy2VDfEXsHtprlPox2u+nA5q5ddrSxw3qKrg:Xtmjc+TbT4SKQ5VD7Zi2u+niSddrtvrg
Score

7^/10

discovery
- Modifies file permissions
  discovery
behavioral21 behavioral22
- Target
  
  Nurik 1.16.5 crack/client/libraries/datafixerupper-4.0.26.jar
- Size
  
  657KB
- MD5
  
  2fed12ebc12229db27ac65d998622ba0
- SHA1
  
  ebd6690f33871ccee9b6132c6480668ee2e35020
- SHA256
  
  58fcc65cf4bde25a70073e574a15cff790df176920dd219291d5649f24417316
- SHA512
  
  9a42b869b8d764f2536265b7b15dbe79a472dea1e8008dfcddbf13c226ab75e4905a0a422fbf9aa4bb833494f04194ba4d62f01b90975a947a6a2eb0f2a120df
- SSDEEP
  
  12288:JyfWVJtQz3QEQUGJMJvZXAx3S58jYRZfA9R5+jeOSnWazPXEwoSXQc:JyuV3xJyvZXAxjQAh+7VazPXf
Score

7^/10

discovery
- Modifies file permissions
  discovery
behavioral23 behavioral24
- Target
  
  Nurik 1.16.5 crack/client/libraries/discord-rpc.jar
- Size
  
  2.0MB
- MD5
  
  614804802c32c61f5e62ee1a1503c5c2
- SHA1
  
  36f422c16318bb0f7afd3257d6f64853e89a5dc2
- SHA256
  
  2d31e48dada4b92d7df857a0b352414da39b1965d01947b5ffe912d5b108308d
- SHA512
  
  e775d12b486a6905976b56409aaf366df55f93a9522cda8f913de9a54adc9afdb7dbc8f01d2e18adba7db1b9173f71de2c19f1e39416251dbfdece39e610e02e
- SSDEEP
  
  49152:YOQFwtchwO8cnJ8D8gE+uJkoWCeaiPCzqahNC+:YbStaDn+v3aXiPCzqaPC+
Score

7^/10

discovery
- Modifies file permissions
  discovery
behavioral25 behavioral26
- Target
  
  Nurik 1.16.5 crack/client/libraries/fastutil-8.5.9.jar
- Size
  
  22.3MB
- MD5
  
  a20da3754d5f4b8f297f9274f1843caa
- SHA1
  
  bb7ea75ecdb216654237830b3a96d87ad91f8cc5
- SHA256
  
  9578bf2a1700cf20d21746a2ee89e57ba1abbd37fa9feda68ff5e9a28473a7f9
- SHA512
  
  649bc8676b3327cfd46c6461dde4242848f1afa4ef0fbc719fdab32c4b222e513db72dc4013d9e2a38f30bca33752ee7caeedafed4faa11e28c9492d67c824fb
- SSDEEP
  
  393216:oxISXki6cwdNlKRhde8ioG24RRU0TA+nw4M4oW2PkLzHhLMRILG0W98Qzqp:oxIkk95K7driod4RX/nR12sjLAuQzY
Score

7^/10

discovery
- Modifies file permissions
  discovery
behavioral27 behavioral28
- Target
  
  Nurik 1.16.5 crack/client/libraries/gson-2.10.1.jar
- Size
  
  276KB
- MD5
  
  df6097815738cb31fc56391553210843
- SHA1
  
  b3add478d4382b78ea20b1671390a858002feb6c
- SHA256
  
  4241c14a7727c34feea6507ec801318a3d4a90f070e4525681079fb94ee4c593
- SHA512
  
  7503e4b8d05c6cc0ecb3a94c5a2e070e049083a441003a79a0cdf474f4286699b4ba1d2a655ddabb8ba10c50e7c36a7045cccdaee465166d4630db647aba2727
- SSDEEP
  
  3072:p4WGydWjBhxyrhQG8L58iASUZNKszf+KRb2nkqzcKxrKGKXukGjPphbeT9ctyCmA:OWGydCfxAJKsr+yKoKRKNGjPMLA
Score

7^/10

discovery
- Modifies file permissions
  discovery
behavioral29 behavioral30
- Target
  
  Nurik 1.16.5 crack/client/libraries/gson-2.8.0.jar
- Size
  
  226KB
- MD5
  
  a42f1f5bfa4e6f123ddcab3de7e0ff81
- SHA1
  
  c4ba5371a29ac9b2ad6129b1d39ea38750043eff
- SHA256
  
  c6221763bd79c4f1c3dc7f750b5f29a0bb38b367b81314c4f71896e340c40825
- SHA512
  
  740f66ddd5d46ef9f8da97b2f53299aff64cadbffc15217f0b26dc6dc7d53b140b16b3d09d22f72b223d7f85740dd6c2e1951ce57b4c06f5ba795fc17df30cfd
- SSDEEP
  
  3072:TCpUb6hCZr3L4GZjnhgwm2m4noUNVZBM32XCcZPRrpkLQI3WvVBmKQh/kdem9IcI:TLhZ5jiioRmSclRtyQmWvVBr8mOcLCb
Score

7^/10

discovery
- Modifies file permissions
  discovery
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

T1059

PowerShell

T1059.001

Persistence

Privilege Escalation

Defense Evasion

File and Directory Permissions Modification

T1222

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Modifies file permissions

Modifies file permissions

Modifies file permissions

Modifies file permissions

Modifies file permissions

Modifies file permissions

Modifies file permissions

Modifies file permissions

Modifies file permissions

Modifies file permissions

Modifies file permissions

Modifies file permissions

Modifies file permissions

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32