General

  • Target

    underversebattles.exe

  • Size

    232.1MB

  • Sample

    240712-3sx4aaycme

  • MD5

    8f1b45fafe36e57782652523a563764f

  • SHA1

    333d05376080eddc22aed18cc4fe20587e113127

  • SHA256

    ff4bacc28cf6eb2e123bb9ef5fc818ace9f83c3c398d2d9ab78b80c224cdb7ba

  • SHA512

    1cd0f0f5fdaaf3821063def6c724cb020bb0f27bf6ff71076618599c8dd58277f28a4e2a48b90aae753582b0c0828a0808f62e50f4d66a48669ae79adba9553b

  • SSDEEP

    6291456:bGoPivGw61yf3wP4R2YJuclwDkAROad0+P7CwHcHC2:bbAwP40YJuclwgAROQ7e8cHC2

Score
7/10

Malware Config

Targets

    • Target

      underversebattles.exe

    • Size

      232.1MB

    • MD5

      8f1b45fafe36e57782652523a563764f

    • SHA1

      333d05376080eddc22aed18cc4fe20587e113127

    • SHA256

      ff4bacc28cf6eb2e123bb9ef5fc818ace9f83c3c398d2d9ab78b80c224cdb7ba

    • SHA512

      1cd0f0f5fdaaf3821063def6c724cb020bb0f27bf6ff71076618599c8dd58277f28a4e2a48b90aae753582b0c0828a0808f62e50f4d66a48669ae79adba9553b

    • SSDEEP

      6291456:bGoPivGw61yf3wP4R2YJuclwDkAROad0+P7CwHcHC2:bbAwP40YJuclwgAROQ7e8cHC2

    Score
    7/10
    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Target

      $PLUGINSDIR/InstallOptions.dll

    • Size

      15KB

    • MD5

      6f3098fb5f3db26f3bb84f5481109e39

    • SHA1

      9270793e404cc42c6f5be1eb1eb4305f166c656d

    • SHA256

      f90a0893c0b0ce2ae3f8bb65f383bf656ce33381d6cbac2b25a7d82b34fde9bd

    • SHA512

      0462beae0fbd882dc0b6a09547a7959c051928b828e28125b433794de0258f90f3dec8f1920290f114970d2540a113224b8ab372fcee4dfe87f139be4ac0c0d1

    • SSDEEP

      384:lgw9eYfMCU9oJNJJjL3bhLNdSDL6o5VrSRLmCvl:39AleJNbf3tNgDLn28wl

    Score
    3/10
    • Target

      $PLUGINSDIR/System.dll

    • Size

      12KB

    • MD5

      ea00e2678e4679ba28b0f560baec9776

    • SHA1

      f9b647b1ab50cc2de981757ac914a5787bccd95a

    • SHA256

      60d4a86f65e141d4b6b778e5f448a0c818bd2fa28db7b9dabc1395d354b19cc5

    • SHA512

      2ee7a4a0af955ba376c66d13e626ca135b2afd13277a006f523eb2fdc1133a12ea35b065a8c119843fbe82f89190cdb2b769329af14e4313a2419b739b27337a

    • SSDEEP

      192:UA1YOTDExj7EFrYCT4E8y3hoSdtTgwF43E7QbGPXI9uIc6gn9Mw:MR7SrtTv53tdtTgwF4SQbGPX36g9Mw

    Score
    3/10
    • Target

      $TEMP/vcredist_x86_2015.exe

    • Size

      13.1MB

    • MD5

      1a15e6606bac9647e7ad3caa543377cf

    • SHA1

      bfb74e498c44d3a103ca3aa2831763fb417134d1

    • SHA256

      fdd1e1f0dcae2d0aa0720895eff33b927d13076e64464bb7c7e5843b7667cd14

    • SHA512

      e8cb67fc8e0312da3cc98364b96dfa1a63150ab9de60069c4af60c1cf77d440b7dffe630b4784ba07ea9bf146bdbf6ad5282a900ffd6ab7d86433456a752b2fd

    • SSDEEP

      393216:S1RPq5dCsKSR65cX7Eyd/qnejOFxP7OEnl4L/Vvc:yP5iw56oyleej2OEnlwc

    Score
    7/10
    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Target

      GMS-WinDev.dll

    • Size

      85KB

    • MD5

      fb1e3cb9d7fff99956c96baf742dbf6f

    • SHA1

      65777480cd33d413bcee7bef89a2be8827bc0b29

    • SHA256

      fc86c4f3e9bcb57928cab5ebc43c99093b78c97246d400447aa1b4a5bd524266

    • SHA512

      512b60c28de4e0d591d72086009396439d1f7635c3c2aab04d0a30398b0f1db8dc16c4baf1ccca32233783482aff3bd39bd8e6888c49ec715bda3c1895a9e136

    • SSDEEP

      1536:VPU8NF9DVMY3UWuFw1LLzhuw0+XA3tJqUsWiJcdAGCKyAP8NqM:Xqy3uw1LLtnKNADrAP8NH

    Score
    1/10
    • Target

      NekoPresence_x64.dll

    • Size

      72KB

    • MD5

      4e16dcab5d51e96c4a75a474a14361c6

    • SHA1

      87eba991de551025cf72cc16e6cab28120944b07

    • SHA256

      bd0a41b6f52f02d26fd79f0a6e28c2fb15bc06cebce91cf19a7b84fda58e0591

    • SHA512

      8ca679806fb835adc6abdb2216649cc82342ca7cb04ad4bd51cb3dd152e409c0e1e65127adbe85cd387cca24dfaa283f6296ed720cf622cbdf2e2ed8a9f6edef

    • SSDEEP

      1536:jz1QHQb1gwVPDOpZRnHdLu6tRIcqU3N1EZAT:f1TqwVGZRn9LucR9qkN1EZAT

    Score
    1/10
    • Target

      UnderverseBattles.exe

    • Size

      11.8MB

    • MD5

      99046feb2eaaacfc31797895bd3eaf00

    • SHA1

      f39c66c46c2d506b01db36d3b9a0226418470906

    • SHA256

      d8eb91a821585b3dc778222a7782515a5b404e59dd92a9988ccb1b1003f4e621

    • SHA512

      de88ec355a37596488caefe6f6862743144b90ca9389118d52215d240e87e6452f8b317d125c7e9892e6e9f3ae8c5823e546fe6ca573358f6244e5182a021e81

    • SSDEEP

      196608:OXDu1wa1XYwsUkxCWU8lAuIUTcEM2QDoQaMRq+AraAuLOUUjrsQUSKNjeI2Cmzls:OIHrmaNO0/L

    Score
    1/10
    • Target

      Uninstall.exe

    • Size

      70KB

    • MD5

      7117ab480674b8aa780916265ed6db14

    • SHA1

      216881c2e8a2c3298f9d251d5ac525760fedd59a

    • SHA256

      9af1402ea961ecf470b7bb637bdd6e4497438fa95cbe2f13a6958e317fbec878

    • SHA512

      946e60261a6e0fbe9fbab1157b364822eca015a597ac94dfa3e7eb5afb07b1b48ca190a1b310897b721d05ee4e09f976a72b9524e94c57b4b825b284314ab651

    • SSDEEP

      1536:LcVxMtkyfWqPG1QIcVdWToWw2JqM9I3pR0tRTGCIXB:L4MrfWdbcDWToWNJ1920rTUB

    Score
    7/10
    • Executes dropped EXE

    • Loads dropped DLL

    • Target

      $PLUGINSDIR/InstallOptions.dll

    • Size

      15KB

    • MD5

      6f3098fb5f3db26f3bb84f5481109e39

    • SHA1

      9270793e404cc42c6f5be1eb1eb4305f166c656d

    • SHA256

      f90a0893c0b0ce2ae3f8bb65f383bf656ce33381d6cbac2b25a7d82b34fde9bd

    • SHA512

      0462beae0fbd882dc0b6a09547a7959c051928b828e28125b433794de0258f90f3dec8f1920290f114970d2540a113224b8ab372fcee4dfe87f139be4ac0c0d1

    • SSDEEP

      384:lgw9eYfMCU9oJNJJjL3bhLNdSDL6o5VrSRLmCvl:39AleJNbf3tNgDLn28wl

    Score
    3/10
    • Target

      $PLUGINSDIR/System.dll

    • Size

      12KB

    • MD5

      ea00e2678e4679ba28b0f560baec9776

    • SHA1

      f9b647b1ab50cc2de981757ac914a5787bccd95a

    • SHA256

      60d4a86f65e141d4b6b778e5f448a0c818bd2fa28db7b9dabc1395d354b19cc5

    • SHA512

      2ee7a4a0af955ba376c66d13e626ca135b2afd13277a006f523eb2fdc1133a12ea35b065a8c119843fbe82f89190cdb2b769329af14e4313a2419b739b27337a

    • SSDEEP

      192:UA1YOTDExj7EFrYCT4E8y3hoSdtTgwF43E7QbGPXI9uIc6gn9Mw:MR7SrtTv53tdtTgwF4SQbGPX36g9Mw

    Score
    3/10
    • Target

      gamepad_force_focus.dll

    • Size

      75KB

    • MD5

      a9bf753564e1eb9e51c3b0c7209bfd37

    • SHA1

      8eeb41ec22e125b5a36f6e84acb91d7fc27dd6ce

    • SHA256

      1ac8f9f484ba452d3cca023927f5cca5e00150ce859ccef30aa015cddd0f3706

    • SHA512

      5c885a549e89d1dd398ad54dd0d0a9e62aa74f663916a58a7713dd5db4291f978c014e7930316fee9a6c0128fa3841abf85033e0ed21689fa72cc0bdb29ba932

    • SSDEEP

      1536:sLTsIQPOxdKBpzKLkkcgu6YGZ4FbsW1HcdFOs3c34:q0POxdwzKLbu6YGSF2FOss34

    Score
    1/10
    • Target

      netlog/netlog.exe

    • Size

      56KB

    • MD5

      8b939474a7df8a328e48be7576654814

    • SHA1

      7427f2e51308d0f83b2e6ff00057100b69f291c3

    • SHA256

      16ba76c0b6fd420ccd89e19c14fcda3629c19011309093587fdb67b543e433e6

    • SHA512

      ec03954e1e795a43856e86b6ce96d5943e673a35c41eab2933c3144c1d97318a5cca93efc5d304050a0406ac8fea5a9aebd4fa565e206a106b1423908bb98bcf

    • SSDEEP

      768:ghjLXtRCBT1AhmsYS/Wmw1z9OXOo0xYlWlbuwJyqabXd9:ghjzLCTgYS/WeE15uwJfu9

    Score
    1/10

MITRE ATT&CK Enterprise v15

Tasks