acbd9382b8c2e3d16bdb887c49bc25d5d6519011d1eca858af608ec869030044 | Triage

Sharing

General

Target

Warzone_[unknowncheats.me]_.rar
Size

73KB
Sample

240714-gewgms1cqg
MD5

3f19a2e30be7b1e7b036b6e5b6c31041
SHA1

14f921a0b4f1cfd16d13c9c8d5359352d3cc50fe
SHA256

acbd9382b8c2e3d16bdb887c49bc25d5d6519011d1eca858af608ec869030044
SHA512

38e6fe3573e165a857fdc4bd90b0d2ca9b3e1c8b78ce1454376685bc34054402aad0041eca92b01c2fb80929ab80270695d41a24d7a3459a698dc2ef0980d577
SSDEEP

1536:WXuVKHXAoOLqt3fBBzNiajUXMf2+CQFhRukVvMmiBxISGt:EXmqt35BzNiup2JQFWya5e

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  Warzone/Driver.sys
- Size
  
  18KB
- MD5
  
  2244f65e5c1e22673247876f321dadb2
- SHA1
  
  182ce16987989e8f60d5a53e3494c2a065695b3a
- SHA256
  
  b49be399bb47b2b10e4944553297b3a7ab22a6374cc3e16abcfbbb7b225b40ae
- SHA512
  
  1b4f0c4b6363a904b3591ee937565ef7bb98330b3a5b551753150407d41a01f82cc90697410096dbce901ffe7c61eed037d8b985958e3456fbaceb2d0216764a
- SSDEEP
  
  96:9UBTIlqroo9FL4OfMnojLtBSSHWj7J6C7t0lFLRrIsNL16E9KK8fd3Qc:9P4R9FL4OfMyLt4YcYC7WBhZ6E9oVQc
Score

1^/10
behavioral1
- Target
  
  Warzone/DriverMapper.bat
- Size
  
  376B
- MD5
  
  52d886864bcc9238563164a9dc1fcbee
- SHA1
  
  90966cb3f78a66cc6e9092e73df88d712f238f65
- SHA256
  
  bed63c78acff4e667a144682b80301304172d1a8def0bcc5062b1a2fe2978724
- SHA512
  
  ba22a97fc457e4e322cc0ddcbf8695a7516f7f2ed0c9ca363c1871b62f06bd8712a748a68c2e4247bd8382fbecace8f33e98dd7c76a163229f1ec1bb73890870
Score

8^/10

persistence
- Sets service image path in registry
  persistence
behavioral2 behavioral3
- Target
  
  Warzone/Kdmapper.exe
- Size
  
  121KB
- MD5
  
  643fc1eabeaf9e9fd1e1742812a06025
- SHA1
  
  48883cdd76229541e71615a98f588ee37a597b13
- SHA256
  
  9728621563a1e56a9b7bb0f615c7ba118d7ff9ab4a27f8c4db2226dce7fd148a
- SHA512
  
  6ed692ae0e3fe472991b112b15bd91f0016b4081749784f3f11f53cdd287723ee117f86d915ab14a9f9827862dee8064a281ed586bcc6f01fd841be45c0758c3
- SSDEEP
  
  3072:bieaJdDcN0M/eLrzbJIWPkrxasE79wmJTQSaMm5/63nYdLR/+:eeaJdDcCM/eLrzlTltWlknYdR
Score

1^/10
behavioral4 behavioral5
- Target
  
  Warzone/Warzone.exe
- Size
  
  36KB
- MD5
  
  5fe9bb4c016286544e6285a8a3b07e45
- SHA1
  
  6fee767bd9a7908838cae76cdcca73d0a9486d07
- SHA256
  
  c3025dcca89e40b2d3793e114a9469469c7e9967bd031e11591093e84c093af0
- SHA512
  
  642c3e0e0e216dab584ab8627c613adf4f94cde00cb4e922e39e7e4fa075937657f5e145b29431e343f82bc33c628ba9a26d3ecca273bcb3e11fffe2f5c825bc
- SSDEEP
  
  768:yx89ufOjZ6qUnPgJh+e9v/LBx6FZxRV7lvxRi9Hc2z:yxomyIKhF97Bx6F3R7xRqz
Score

1^/10
behavioral6 behavioral7

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7