Overview

overview

10

Static

static

10

Battly-Lau...1).exe

windows7-x64

7

Battly-Lau...1).exe

windows10-2004-x64

7

resources/...zip.js

windows7-x64

3

resources/...zip.js

windows10-2004-x64

3

resources/...der.js

windows7-x64

3

resources/...der.js

windows10-2004-x64

3

resources/...dex.js

windows7-x64

3

resources/...dex.js

windows10-2004-x64

3

resources/...der.js

windows7-x64

3

resources/...der.js

windows10-2004-x64

3

resources/...ter.js

windows7-x64

3

resources/...ter.js

windows10-2004-x64

3

resources/...dex.js

windows7-x64

3

resources/...dex.js

windows10-2004-x64

3

resources/...ter.js

windows7-x64

3

resources/...ter.js

windows10-2004-x64

3

resources/...pto.js

windows7-x64

3

resources/...pto.js

windows10-2004-x64

3

resources/...nts.js

windows7-x64

3

resources/...nts.js

windows10-2004-x64

3

resources/...ors.js

windows7-x64

3

resources/...ors.js

windows10-2004-x64

3

resources/...ttr.js

windows7-x64

3

resources/...ttr.js

windows10-2004-x64

3

resources/...tem.js

windows7-x64

3

resources/...tem.js

windows10-2004-x64

3

resources/...dex.js

windows7-x64

3

resources/...dex.js

windows10-2004-x64

3

resources/...ils.js

windows7-x64

3

resources/...ils.js

windows10-2004-x64

3

resources/...try.js

windows7-x64

3

resources/...try.js

windows10-2004-x64

3

Analysis

  • max time kernel
    12s
  • max time network
    17s
  • platform
    windows7_x64
  • resource
    win7-20240611-es
  • resource tags

    arch:x64arch:x86image:win7-20240611-eslocale:es-esos:windows7-x64systemwindows
  • submitted
    02-07-2024 18:23

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Battly-Launcher-win-ia32 (1).exe

  • Size

    183.1MB

  • MD5

    33c367aff57f5a7fe56ea5bc2e78a588

  • SHA1

    66b80004fc6884fe3e2f2278a2e611f90d3cf2a0

  • SHA256

    78224fdb64cc3f6c06d5d3843c1a1445f82556b370cf1df4af536e68119c4dd3

  • SHA512

    c36fc4226a0072a7a8d8ebb2b0b9e377c59b73ed98dbdd8e2138f030e806b067a52635c0f2e80e6910688f4d9226ea845e17cbcebce27710e795fae1e50647bc

  • SSDEEP

    3145728:BJcuNt6i+X0MdTUPo+YFawtU4odzwz3436E7IkGl0BkChNw5+VTmms+B6Q87:ncuN7+QYFjmPzwz3J0wahNw5+VTTs+BA

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 5 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Battly-Launcher-win-ia32 (1).exe
    "C:\Users\Admin\AppData\Local\Temp\Battly-Launcher-win-ia32 (1).exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:2224
    • C:\Users\Admin\AppData\Local\Temp\2gPTV3VjEnzXnmqxHIEDhOx1T3I\Battly Launcher.exe
      "C:\Users\Admin\AppData\Local\Temp\2gPTV3VjEnzXnmqxHIEDhOx1T3I\Battly Launcher.exe"
      2⤵
      • Executes dropped EXE
      • Loads dropped DLL
      PID:2696

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\2gPTV3VjEnzXnmqxHIEDhOx1T3I\ffmpeg.dll
    Filesize

    2.7MB

    MD5

    bf09deeeb497aeddaf6194e695776b8b

    SHA1

    e7d8719d6d0664b8746581b88eb03a486f588844

    SHA256

    450d5e6a11dc31dc6e1a7af472cd08b7e7a78976b1f0aa1c62055a0a720f5080

    SHA512

    38d3cac922634df85ddfd8d070b38cf4973bba8f37d3246453377f30165cc4377b4e67c4e0bca0ffe3c3fa0e024b23a31ec009e16d0ab3042593b5a6e164669f

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\2gPTV3VjEnzXnmqxHIEDhOx1T3I\resources\app\src\assets\js\index-pt.js
    Filesize

    33KB

    MD5

    91e7e7d8962d9884e9889af3e9d7c0f6

    SHA1

    d1ddf25a8aafa79fa273ff1aa37e50af355f40b1

    SHA256

    5633d24145f70ec8c8ee29fb196d5019158c3af7e057dfb63f5c9c4f7982322f

    SHA512

    b607e2e22996bc0be787218b011a827afdefc7dd9289c974b33a51cd493ed451c5a0596079d6969bfa4fd9339708055e16855d824444afb02c38eb59ad43691f

    Download Submit

  • \Users\Admin\AppData\Local\Temp\nsy31CB.tmp\BgImage.dll
    Filesize

    7KB

    MD5

    487368e6fce9ab9c5ea053af0990c5ef

    SHA1

    b538e37c87d4b9a7645dcbbd9e93025a31849702

    SHA256

    e27efa5dfde875bd6b826fafb4c7698db6b6e30e68715a1c03eb018e3170fc04

    SHA512

    bb3ed4c0d17a11365b72653112b48c8c63ab10590dda3dfd90aa453f0d64203000e4571c73998063352240e1671d14da5ee394439899aaa31054fa2e9b722ea7

    Download Submit

  • \Users\Admin\AppData\Local\Temp\nsy31CB.tmp\StdUtils.dll
    Filesize

    100KB

    MD5

    c6a6e03f77c313b267498515488c5740

    SHA1

    3d49fc2784b9450962ed6b82b46e9c3c957d7c15

    SHA256

    b72e9013a6204e9f01076dc38dabbf30870d44dfc66962adbf73619d4331601e

    SHA512

    9870c5879f7b72836805088079ad5bbafcb59fc3d9127f2160d4ec3d6e88d3cc8ebe5a9f5d20a4720fe6407c1336ef10f33b2b9621bc587e930d4cbacf337803

    Download Submit

  • \Users\Admin\AppData\Local\Temp\nsy31CB.tmp\System.dll
    Filesize

    12KB

    MD5

    0d7ad4f45dc6f5aa87f606d0331c6901

    SHA1

    48df0911f0484cbe2a8cdd5362140b63c41ee457

    SHA256

    3eb38ae99653a7dbc724132ee240f6e5c4af4bfe7c01d31d23faf373f9f2eaca

    SHA512

    c07de7308cb54205e8bd703001a7fe4fd7796c9ac1b4bb330c77c872bf712b093645f40b80ce7127531fe6746a5b66e18ea073ab6a644934abed9bb64126fea9

    Download Submit