ff4bacc28cf6eb2e123bb9ef5fc818ace9f83c3c398d2d9ab78b80c224cdb7ba

Sharing

Copy URL

Twitter E-mail

General

Target

underversebattles.exe
Size

232.1MB
Sample

240712-3sx4aaycme
MD5

8f1b45fafe36e57782652523a563764f
SHA1

333d05376080eddc22aed18cc4fe20587e113127
SHA256

ff4bacc28cf6eb2e123bb9ef5fc818ace9f83c3c398d2d9ab78b80c224cdb7ba
SHA512

1cd0f0f5fdaaf3821063def6c724cb020bb0f27bf6ff71076618599c8dd58277f28a4e2a48b90aae753582b0c0828a0808f62e50f4d66a48669ae79adba9553b
SSDEEP

6291456:bGoPivGw61yf3wP4R2YJuclwDkAROad0+P7CwHcHC2:bbAwP40YJuclwgAROQ7e8cHC2

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  underversebattles.exe
- Size
  
  232.1MB
- MD5
  
  8f1b45fafe36e57782652523a563764f
- SHA1
  
  333d05376080eddc22aed18cc4fe20587e113127
- SHA256
  
  ff4bacc28cf6eb2e123bb9ef5fc818ace9f83c3c398d2d9ab78b80c224cdb7ba
- SHA512
  
  1cd0f0f5fdaaf3821063def6c724cb020bb0f27bf6ff71076618599c8dd58277f28a4e2a48b90aae753582b0c0828a0808f62e50f4d66a48669ae79adba9553b
- SSDEEP
  
  6291456:bGoPivGw61yf3wP4R2YJuclwDkAROad0+P7CwHcHC2:bbAwP40YJuclwgAROQ7e8cHC2
Score

7^/10

discovery
- Executes dropped EXE
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  15KB
- MD5
  
  6f3098fb5f3db26f3bb84f5481109e39
- SHA1
  
  9270793e404cc42c6f5be1eb1eb4305f166c656d
- SHA256
  
  f90a0893c0b0ce2ae3f8bb65f383bf656ce33381d6cbac2b25a7d82b34fde9bd
- SHA512
  
  0462beae0fbd882dc0b6a09547a7959c051928b828e28125b433794de0258f90f3dec8f1920290f114970d2540a113224b8ab372fcee4dfe87f139be4ac0c0d1
- SSDEEP
  
  384:lgw9eYfMCU9oJNJJjL3bhLNdSDL6o5VrSRLmCvl:39AleJNbf3tNgDLn28wl
Score

3^/10
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  12KB
- MD5
  
  ea00e2678e4679ba28b0f560baec9776
- SHA1
  
  f9b647b1ab50cc2de981757ac914a5787bccd95a
- SHA256
  
  60d4a86f65e141d4b6b778e5f448a0c818bd2fa28db7b9dabc1395d354b19cc5
- SHA512
  
  2ee7a4a0af955ba376c66d13e626ca135b2afd13277a006f523eb2fdc1133a12ea35b065a8c119843fbe82f89190cdb2b769329af14e4313a2419b739b27337a
- SSDEEP
  
  192:UA1YOTDExj7EFrYCT4E8y3hoSdtTgwF43E7QbGPXI9uIc6gn9Mw:MR7SrtTv53tdtTgwF4SQbGPX36g9Mw
Score

3^/10
behavioral5 behavioral6
- Target
  
  $TEMP/vcredist_x86_2015.exe
- Size
  
  13.1MB
- MD5
  
  1a15e6606bac9647e7ad3caa543377cf
- SHA1
  
  bfb74e498c44d3a103ca3aa2831763fb417134d1
- SHA256
  
  fdd1e1f0dcae2d0aa0720895eff33b927d13076e64464bb7c7e5843b7667cd14
- SHA512
  
  e8cb67fc8e0312da3cc98364b96dfa1a63150ab9de60069c4af60c1cf77d440b7dffe630b4784ba07ea9bf146bdbf6ad5282a900ffd6ab7d86433456a752b2fd
- SSDEEP
  
  393216:S1RPq5dCsKSR65cX7Eyd/qnejOFxP7OEnl4L/Vvc:yP5iw56oyleej2OEnlwc
Score

7^/10

discovery
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral7 behavioral8
- Target
  
  GMS-WinDev.dll
- Size
  
  85KB
- MD5
  
  fb1e3cb9d7fff99956c96baf742dbf6f
- SHA1
  
  65777480cd33d413bcee7bef89a2be8827bc0b29
- SHA256
  
  fc86c4f3e9bcb57928cab5ebc43c99093b78c97246d400447aa1b4a5bd524266
- SHA512
  
  512b60c28de4e0d591d72086009396439d1f7635c3c2aab04d0a30398b0f1db8dc16c4baf1ccca32233783482aff3bd39bd8e6888c49ec715bda3c1895a9e136
- SSDEEP
  
  1536:VPU8NF9DVMY3UWuFw1LLzhuw0+XA3tJqUsWiJcdAGCKyAP8NqM:Xqy3uw1LLtnKNADrAP8NH
Score

1^/10
behavioral10 behavioral9
- Target
  
  NekoPresence_x64.dll
- Size
  
  72KB
- MD5
  
  4e16dcab5d51e96c4a75a474a14361c6
- SHA1
  
  87eba991de551025cf72cc16e6cab28120944b07
- SHA256
  
  bd0a41b6f52f02d26fd79f0a6e28c2fb15bc06cebce91cf19a7b84fda58e0591
- SHA512
  
  8ca679806fb835adc6abdb2216649cc82342ca7cb04ad4bd51cb3dd152e409c0e1e65127adbe85cd387cca24dfaa283f6296ed720cf622cbdf2e2ed8a9f6edef
- SSDEEP
  
  1536:jz1QHQb1gwVPDOpZRnHdLu6tRIcqU3N1EZAT:f1TqwVGZRn9LucR9qkN1EZAT
Score

1^/10
behavioral11 behavioral12
- Target
  
  UnderverseBattles.exe
- Size
  
  11.8MB
- MD5
  
  99046feb2eaaacfc31797895bd3eaf00
- SHA1
  
  f39c66c46c2d506b01db36d3b9a0226418470906
- SHA256
  
  d8eb91a821585b3dc778222a7782515a5b404e59dd92a9988ccb1b1003f4e621
- SHA512
  
  de88ec355a37596488caefe6f6862743144b90ca9389118d52215d240e87e6452f8b317d125c7e9892e6e9f3ae8c5823e546fe6ca573358f6244e5182a021e81
- SSDEEP
  
  196608:OXDu1wa1XYwsUkxCWU8lAuIUTcEM2QDoQaMRq+AraAuLOUUjrsQUSKNjeI2Cmzls:OIHrmaNO0/L
Score

1^/10
behavioral13 behavioral14
- Target
  
  Uninstall.exe
- Size
  
  70KB
- MD5
  
  7117ab480674b8aa780916265ed6db14
- SHA1
  
  216881c2e8a2c3298f9d251d5ac525760fedd59a
- SHA256
  
  9af1402ea961ecf470b7bb637bdd6e4497438fa95cbe2f13a6958e317fbec878
- SHA512
  
  946e60261a6e0fbe9fbab1157b364822eca015a597ac94dfa3e7eb5afb07b1b48ca190a1b310897b721d05ee4e09f976a72b9524e94c57b4b825b284314ab651
- SSDEEP
  
  1536:LcVxMtkyfWqPG1QIcVdWToWw2JqM9I3pR0tRTGCIXB:L4MrfWdbcDWToWNJ1920rTUB
Score

7^/10
- Executes dropped EXE
- Loads dropped DLL
behavioral15 behavioral16
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  15KB
- MD5
  
  6f3098fb5f3db26f3bb84f5481109e39
- SHA1
  
  9270793e404cc42c6f5be1eb1eb4305f166c656d
- SHA256
  
  f90a0893c0b0ce2ae3f8bb65f383bf656ce33381d6cbac2b25a7d82b34fde9bd
- SHA512
  
  0462beae0fbd882dc0b6a09547a7959c051928b828e28125b433794de0258f90f3dec8f1920290f114970d2540a113224b8ab372fcee4dfe87f139be4ac0c0d1
- SSDEEP
  
  384:lgw9eYfMCU9oJNJJjL3bhLNdSDL6o5VrSRLmCvl:39AleJNbf3tNgDLn28wl
Score

3^/10
behavioral17 behavioral18
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  12KB
- MD5
  
  ea00e2678e4679ba28b0f560baec9776
- SHA1
  
  f9b647b1ab50cc2de981757ac914a5787bccd95a
- SHA256
  
  60d4a86f65e141d4b6b778e5f448a0c818bd2fa28db7b9dabc1395d354b19cc5
- SHA512
  
  2ee7a4a0af955ba376c66d13e626ca135b2afd13277a006f523eb2fdc1133a12ea35b065a8c119843fbe82f89190cdb2b769329af14e4313a2419b739b27337a
- SSDEEP
  
  192:UA1YOTDExj7EFrYCT4E8y3hoSdtTgwF43E7QbGPXI9uIc6gn9Mw:MR7SrtTv53tdtTgwF4SQbGPX36g9Mw
Score

3^/10
behavioral19 behavioral20
- Target
  
  gamepad_force_focus.dll
- Size
  
  75KB
- MD5
  
  a9bf753564e1eb9e51c3b0c7209bfd37
- SHA1
  
  8eeb41ec22e125b5a36f6e84acb91d7fc27dd6ce
- SHA256
  
  1ac8f9f484ba452d3cca023927f5cca5e00150ce859ccef30aa015cddd0f3706
- SHA512
  
  5c885a549e89d1dd398ad54dd0d0a9e62aa74f663916a58a7713dd5db4291f978c014e7930316fee9a6c0128fa3841abf85033e0ed21689fa72cc0bdb29ba932
- SSDEEP
  
  1536:sLTsIQPOxdKBpzKLkkcgu6YGZ4FbsW1HcdFOs3c34:q0POxdwzKLbu6YGSF2FOss34
Score

1^/10
behavioral21 behavioral22
- Target
  
  netlog/netlog.exe
- Size
  
  56KB
- MD5
  
  8b939474a7df8a328e48be7576654814
- SHA1
  
  7427f2e51308d0f83b2e6ff00057100b69f291c3
- SHA256
  
  16ba76c0b6fd420ccd89e19c14fcda3629c19011309093587fdb67b543e433e6
- SHA512
  
  ec03954e1e795a43856e86b6ce96d5943e673a35c41eab2933c3144c1d97318a5cca93efc5d304050a0406ac8fea5a9aebd4fa565e206a106b1423908bb98bcf
- SSDEEP
  
  768:ghjLXtRCBT1AhmsYS/Wmw1z9OXOo0xYlWlbuwJyqabXd9:ghjzLCTgYS/WeE15uwJfu9
Score

1^/10
behavioral23 behavioral24

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Executes dropped EXE

Loads dropped DLL

Checks installed software on the system

Loads dropped DLL

Checks installed software on the system

Executes dropped EXE

Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24