Overview

overview

7

Static

static

7

Geometry Dash.rar

windows7-x64

3

Geometry Dash.rar

windows10-2004-x64

3

steam_api.dll

windows7-x64

1

steam_api.dll

windows10-2004-x64

1

Geometry D...sh.exe

windows7-x64

3

Geometry D...sh.exe

windows10-2004-x64

3

Geometry D...ep.ps1

windows7-x64

3

Geometry D...ep.ps1

windows10-2004-x64

3

Geometry D...64.exe

windows7-x64

7

Geometry D...64.exe

windows10-2004-x64

7

Geometry D...86.exe

windows7-x64

7

Geometry D...86.exe

windows10-2004-x64

7

Geometry D...64.exe

windows7-x64

7

Geometry D...64.exe

windows10-2004-x64

7

Geometry D...86.exe

windows7-x64

7

Geometry D...86.exe

windows10-2004-x64

7

Geometry D...od.dll

windows7-x64

3

Geometry D...od.dll

windows10-2004-x64

3

Geometry D...32.dll

windows7-x64

3

Geometry D...32.dll

windows10-2004-x64

3

Geometry D...nv.dll

windows7-x64

3

Geometry D...nv.dll

windows10-2004-x64

3

Geometry D...ns.dll

windows7-x64

3

Geometry D...ns.dll

windows10-2004-x64

3

Geometry D...2d.dll

windows7-x64

3

Geometry D...2d.dll

windows10-2004-x64

3

Geometry D...rl.dll

windows7-x64

3

Geometry D...rl.dll

windows10-2004-x64

3

Geometry D...ff.dll

windows7-x64

1

Geometry D...ff.dll

windows10-2004-x64

1

Geometry D...E2.dll

windows7-x64

1

Geometry D...E2.dll

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Geometry Dash.rar

  • Size

    187.6MB

  • Sample

    240712-l8e4za1dpf

  • MD5

    cee4903fa492beaffd7d73b0ade93beb

  • SHA1

    3026927c470de783eb369199dd63510d62a8b748

  • SHA256

    fdca31d917022c94f32a0194f558db3bad4e89874f316b61950d670bdf0deff0

  • SHA512

    63690af2314dd1297bfdf215b0e0d7ee12b45842e82b322f7333956d0e8e18809af4b893863f4b4cc51f8379241ef353bc47c722e5676bca40497d182e0c892d

  • SSDEEP

    3145728:xEznNs3enIOLBwQFbjcCT2RzkdTBBDlSKJUqrtkw/KKaMO432MOavo2bFibH6vAt:xES3KDLOyqxgF9lSKJJpkXn43VOaw2hi

Score
7/10
discoveryexecution

Malware Config

Targets

    • Target

      Geometry Dash.rar

    • Size

      187.6MB

    • MD5

      cee4903fa492beaffd7d73b0ade93beb

    • SHA1

      3026927c470de783eb369199dd63510d62a8b748

    • SHA256

      fdca31d917022c94f32a0194f558db3bad4e89874f316b61950d670bdf0deff0

    • SHA512

      63690af2314dd1297bfdf215b0e0d7ee12b45842e82b322f7333956d0e8e18809af4b893863f4b4cc51f8379241ef353bc47c722e5676bca40497d182e0c892d

    • SSDEEP

      3145728:xEznNs3enIOLBwQFbjcCT2RzkdTBBDlSKJUqrtkw/KKaMO432MOavo2bFibH6vAt:xES3KDLOyqxgF9lSKJJpkXn43VOaw2hi

    Score
    3/10
    behavioral1behavioral2

    • Target

      steam_api.dll

    • Size

      251KB

    • MD5

      23767288e6a003aaaa54355cbe108da8

    • SHA1

      c7f21dc71491fe661c698f5c561405c0e3f423c1

    • SHA256

      209135c082a8ef8323479384e97d769d9b2d98f727bbb34a7806ce150b750c89

    • SHA512

      a870b2f99da48ad07f9b36d6730d74af5f285af12e21a24d61e6e3023d5917920bd343fe295b7374a2065bf9c09b6f1cbb03fbcf05206f4bd0544b5f0eb0e147

    • SSDEEP

      6144:3arGRDMhiFh18vUThy7g0F6vrlOcHvlwupy4RFsKQ97XtDQies3R:fDMwhRThy7g0F6vr4Klpd1QpuOh

    Score
    1/10
    behavioral3behavioral4

    • Target

      Geometry Dash/GeometryDash.exe

    • Size

      6.5MB

    • MD5

      8c73a34f740b59ee613c6128ad11c2c1

    • SHA1

      66788bf78d32238a6a89110afe9ee663ca55f715

    • SHA256

      1a91e60510b8c6a5e113b9c089e3020fe71a13b7513392a09f84d3588dbf9c38

    • SHA512

      fa7b7426ef6d850cf658739c72f3be77bb545e1d228f09816cd3088d90b42958dede51b4381fdb93f6cabb5a59e74bbc82008e063ed3d4af29a5fd1f91c34b62

    • SSDEEP

      49152:pxIv8Yz3qRzSpXyDOZF2LRr9BR3Qa2d1ww6xfS+w6xfSExIlvYqb3xCTjzDyW:k0FJSpyDU2LRTRNVxfS+VxfSgI

    Score
    3/10
    behavioral5behavioral6

    • Target

      Geometry Dash/Resources/xStep.mp3

    • Size

      1.3MB

    • MD5

      57390e094c37599a790095af692cc039

    • SHA1

      3d08f483e1a43f029164eb06d89693446f314f48

    • SHA256

      9164bf3594a2b0d2ce80e80927bab95d8cbc2e80f5a0198112c178957b0a1621

    • SHA512

      54ee65cb2965c89c54b85358e0769bd0d361f804a7c29183d11d89e6fffe2374016b68affcf7928f76e2c28c506103f6047f09883537607476c0b47062a07fd8

    • SSDEEP

      24576:C/QH9dD0uc1tKjUvoCcHvtui+CWoIADt4BqgepaI+lUlAOhYfe4gyAKNOR7rFUGM:C/M5ueUvodHvtuYWDAmBFeP+lIhYfvgY

    Score
    3/10
    execution
    behavioral7behavioral8

    • Target

      Geometry Dash/_CommonRedist/vcredist/2010/vcredist_x64.exe

    • Size

      9.8MB

    • MD5

      c9d9eebccef20d637f193490cec05e79

    • SHA1

      15d032d669078aa6f0f7fd1cbf4115a070bd034d

    • SHA256

      cc7ec044218c72a9a15fca2363baed8fc51095ee3b2a7593476771f9eba3d223

    • SHA512

      24b56b5d9b48d75baf53a98e007ace3e7d68fbd5fa55b75ae1a2c08dd466d20b13041f80e84fdb64b825f070843f9247daba681eff16baf99a4b14ea99f5cfd6

    • SSDEEP

      196608:n9A3D5MBD0vwqMKgL29M2JWMWiKV/nPlnqIaAAVINqsAsbPnpCxmz7dU8:23D5MBwZMd0b4oSQ7VSrAs1gEdU8

    Score
    7/10

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral10behavioral9

    • Target

      Geometry Dash/_CommonRedist/vcredist/2010/vcredist_x86.exe

    • Size

      8.6MB

    • MD5

      1801436936e64598bab5b87b37dc7f87

    • SHA1

      28c54491be70c38c97849c3d8cfbfdd0d3c515cb

    • SHA256

      67313b3d1bc86e83091e8de22981f14968f1a7fb12eb7ad467754c40cd94cc3d

    • SHA512

      0b8f20b0f171f49eb49367f1aafa7101e1575ef055d7007197c21ab8fe8d75a966569444449858c31bd147357d2bf5a5bd623fe6c4dbabdc7d16999b3256ab8c

    • SSDEEP

      196608:e9A3DAnfudQZKuNK0kMp2Wxw2tr3aA5Jegn9kaK6Hj0aaNz9ZBJ7C:t3DAnGKZKuNK0SvAn9kaK6gaaNRZbC

    Score
    7/10

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral11behavioral12

    • Target

      Geometry Dash/_CommonRedist/vcredist/2013/vcredist_x64.exe

    • Size

      6.9MB

    • MD5

      96b61b8e069832e6b809f24ea74567ba

    • SHA1

      8bf41ba9eef02d30635a10433817dbb6886da5a2

    • SHA256

      e554425243e3e8ca1cd5fe550db41e6fa58a007c74fad400274b128452f38fb8

    • SHA512

      3a55dce14bbd455808bd939a5008b67c9c7111cab61b1339528308022e587726954f8c55a597c6974dc543964bdb6532fe433556fbeeaf9f8cb4d95f2bbffc12

    • SSDEEP

      196608:19OaQ54oYY7jLwXjZ41OON2uk3bQWgtyccMEL:Gz5x7jLXkmkU4cFe

    Score
    7/10
    discovery

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral13behavioral14

    • Target

      Geometry Dash/_CommonRedist/vcredist/2013/vcredist_x86.exe

    • Size

      6.2MB

    • MD5

      0fc525b6b7b96a87523daa7a0013c69d

    • SHA1

      df7f0a73bfa077e483e51bfb97f5e2eceedfb6a3

    • SHA256

      a22895e55b26202eae166838edbe2ea6aad00d7ea600c11f8a31ede5cbce2048

    • SHA512

      729251371ed208898430040fe48cabd286a5671bd7f472a30e9021b68f73b2d49d85a0879920232426b139520f7e21321ba92646985216bf2f733c64e014a71d

    • SSDEEP

      98304:hQEKzHx15bWUuBrNatjJh2eNUrzKRL/RaIswn7aBOC5qZxVqFb2iExMc7FvxwGvf:WRDnuBotjJh2emr8L/YIsG7MOgqHG64

    Score
    7/10
    discovery

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral15behavioral16

    • Target

      Geometry Dash/fmod.dll

    • Size

      1.4MB

    • MD5

      9a9fc4fea3bdd3f3fa09b0aa43dfee07

    • SHA1

      b2c3e267ac33a50c3c5b69208ca1fb76cb4fd658

    • SHA256

      9cefee362589ed05b571ad3b61a2b37c8bf593be0a6a560638c2b79986776368

    • SHA512

      53c56cc01e03f74d82b3acc4afb91044df10058643ba179d50a9b8b86f9f49770ff7eb8f804d42fb94096f7fa16a40ca7c3144103451cb1059a2156b3007a732

    • SSDEEP

      24576:QUumAPpnkv2jg91qDQXIq6paXK2oGCV0y8KZFpVMS6Xcyjj:QUuHyT91qU+pmKZjwKLmLj

    Score
    3/10
    behavioral17behavioral18

    • Target

      Geometry Dash/glew32.dll

    • Size

      324KB

    • MD5

      7399bc6fcbcfe81b6437d37d45d27e00

    • SHA1

      254ac4f5e56cd5ce14d31f824de7949b09597c78

    • SHA256

      1ea8aedc46418e08aeabcb91c16fb4a0ab669924dd0a6071d143f13cd932a022

    • SHA512

      bfffdd518b1a7a4890762e38861db465e187dc197aa6b02f2644ac798e0e03e6f6b2543e24e92e3a16a82ee3d9f795ff12845caf174b2d1b5f6800d7ae1941ea

    • SSDEEP

      6144:GzLQ5Ht2YVVlGSAkApyg8YifaTzaOAz7Du:6Q5HkUVzH

    Score
    3/10
    behavioral19behavioral20

    • Target

      Geometry Dash/iconv.dll

    • Size

      868KB

    • MD5

      73af5773bf5627fe771bf6809ec839f9

    • SHA1

      69d9597991dd0d1c6b478174aaa85b0e8175d0a7

    • SHA256

      6cd69191469bf13f0cea70837bac9b1e7871c116f5f6f18bef5a6a9575c020c9

    • SHA512

      64b631454d1d16709ae96cca95e8e3dd6049841c53ef6c4643b1a5b28a32fe6bfacb86337e93b5f9f2abf43d0233b094646b8065d3c1fafeaab7c3d6e371b864

    • SSDEEP

      24576:Vf2VfWlcKu6Gavkg3NydIbbbI4IBAUZLY:ZuscKu6GaXUT4IBAUZLY

    Score
    3/10
    behavioral21behavioral22

    • Target

      Geometry Dash/libExtensions.dll

    • Size

      280KB

    • MD5

      bf4f9ca8bc5a1aa24603ece1f5dd3e62

    • SHA1

      5692a5ee0b107f32c2359574470e14ff4fe572f3

    • SHA256

      ce0f52884650e3e9779e034d4ba02baae57c3635f6d721e57440f2e29c97e6c1

    • SHA512

      18bfe58c8c7ded74365c40dfd7cfa593a8ec5af2b7f7457ea88211e9aa8ecc146dc140fae9e5e5821c9291a76ddf269e76ce54645d5584933bf17e94dfb1cf8f

    • SSDEEP

      6144:2jjeDzyKCMijQaErrHr5Cx7D7gcGRCYG6Ls5QQMe2:JDzyBjZMHr5Cx7DPgLs

    Score
    3/10
    behavioral23behavioral24

    • Target

      Geometry Dash/libcocos2d.dll

    • Size

      1.7MB

    • MD5

      d7a14d6968fd882af43f423e730a18a0

    • SHA1

      7b81de3bd557c8b81646153bf1e8a2d7c71244af

    • SHA256

      fb36d6b2090ebaf33d07dcb6461d8b52657ebf2335ba31230f0349e7b84e036c

    • SHA512

      9c25a9374af552645ed429575e48d8a9fa742960eabd150de759963f19abdd2f9ea8811d6573175958fdd72fad56e221f65869a0c0582528e8d5cd473109f089

    • SSDEEP

      24576:oTtLEJxHemGJY5l4ZazpD+gWfTe6AcAf9yw0UbSkig+QYOcUZEvN:oTt4oi1CW9yw4Rg+QYOV

    Score
    3/10
    behavioral25behavioral26

    • Target

      Geometry Dash/libcurl.dll

    • Size

      1.1MB

    • MD5

      a629bf05e48171a7152b15c479727da3

    • SHA1

      b39c487c3a8ece83ef8bdecd2e37537c6617f9e6

    • SHA256

      db4e84c77b41bd0e40e3b29db518faa44d4a40df802299befc21f87c16ec1124

    • SHA512

      13596fc1f5be8de92177e7ee5e09a37e7f829ebc36678ff5233b627b7f798307270c69c9dec05407c1d758ff421484b66261a9e2c3abde7cf24fb0b5b15774b9

    • SSDEEP

      24576:LX/2J+LaOzIx2uPOAr1faOn4fv7oonBUzPnAbcmTEp/y9qQ1II:KmaO8DOwfwf+PucmTEp/8f1II

    Score
    3/10
    behavioral27behavioral28

    • Target

      Geometry Dash/libtiff.dll

    • Size

      513KB

    • MD5

      c741db91cddb32c0ccd1fab980b1a5a4

    • SHA1

      08f624cff407b25c6ecca087f763bd02e69231bb

    • SHA256

      2d7b7f76089829aac2fa043d712e3a908563bf77f4e7da6e82d86bb0467a9feb

    • SHA512

      7f92e7cdc0feb16ca42eb9f588a92a481b402ef00c0e02b8236f8925bd828507a4e6c1b576d9639184a15322107d0d3810817d1529ebf6f94ff18ea070c67e76

    • SSDEEP

      6144:SymBVjFxF2nv2aY+NUXgJWnjUz2XyGK77f4NJrzNfQv3vCJYiY2IGEBg6CD:cBVp2Y+W1jUzWY7f4X7JYiZH

    Score
    1/10
    behavioral29behavioral30

    • Target

      Geometry Dash/pthreadVCE2.dll

    • Size

      76KB

    • MD5

      ae4ae0ef65becf8684db223ceecbfba7

    • SHA1

      1826006ee9ca5090eacfdca63bcc370e2be701e6

    • SHA256

      27a8bd5814bf5e67858856f5090952e558c6e03fbebcbd66f7d8eb8fda2b369c

    • SHA512

      880b38c69a38c02923988ccafba630e8a5a12ec885d713fc863f69174b475e408427fb68acdf6a3415a3bbd6cb80a1eb81eb752b18ef03a4590cdb36c9f52e3e

    • SSDEEP

      768:o6J0QrqcRpxKyCqr/vb4ssGE9lICiH3Yays/:zJZxbf3stiH3Yays/

    Score
    1/10
    behavioral31behavioral32

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Command and Scripting Interpreter

1
T1059

PowerShell

1
T1059.001

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

3
T1082

Query Registry

4
T1012

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

Score
7/10

behavioral1

Score
3/10

behavioral2

Score
3/10

behavioral3

Score
1/10

behavioral4

Score
1/10

behavioral5

Score
3/10

behavioral6

Score
3/10

behavioral7

execution
Score
3/10

behavioral8

execution
Score
3/10

behavioral9

Score
7/10

behavioral10

Score
7/10

behavioral11

Score
7/10

behavioral12

Score
7/10

behavioral13

discovery
Score
7/10

behavioral14

discovery
Score
7/10

behavioral15

discovery
Score
7/10

behavioral16

discovery
Score
7/10

behavioral17

Score
3/10

behavioral18

Score
3/10

behavioral19

Score
3/10

behavioral20

Score
3/10

behavioral21

Score
3/10

behavioral22

Score
3/10

behavioral23

Score
3/10

behavioral24

Score
3/10

behavioral25

Score
3/10

behavioral26

Score
3/10

behavioral27

Score
3/10

behavioral28

Score
3/10

behavioral29

Score
1/10

behavioral30

Score
1/10

behavioral31

Score
1/10

behavioral32

Score
1/10