0b25dc9906d1268beff19723e00b354122385059138c8e303d1aa112559fb2c1 | Triage

Sharing

General

Target

t7xInstaller.exe
Size

2.7MB
Sample

240801-3bva3awgkd
MD5

71e18a1b788051d27e6d04778c7768df
SHA1

9668d23e52c9b48ba00f62314aacef44da0a2aa6
SHA256

0b25dc9906d1268beff19723e00b354122385059138c8e303d1aa112559fb2c1
SHA512

1d1d58b28943bde298579e0925631f734523dbe2507d458625583c5c6a0ff27d7d36e226cba473e677ff0b63dbbcd87df6fe7d2b89470035a65580334b248283
SSDEEP

49152:YEDEY85ulNLjd8595qtRQK7uACwO9HBDzf1B23D4vpndHCwRl4mXMtias:YIEYflN9i9cQKSkOBDL1I3DmxVld4js

Score

7^/10

discovery execution

Malware Config

Targets

- Target
  
  t7xInstaller.exe
- Size
  
  2.7MB
- MD5
  
  71e18a1b788051d27e6d04778c7768df
- SHA1
  
  9668d23e52c9b48ba00f62314aacef44da0a2aa6
- SHA256
  
  0b25dc9906d1268beff19723e00b354122385059138c8e303d1aa112559fb2c1
- SHA512
  
  1d1d58b28943bde298579e0925631f734523dbe2507d458625583c5c6a0ff27d7d36e226cba473e677ff0b63dbbcd87df6fe7d2b89470035a65580334b248283
- SSDEEP
  
  49152:YEDEY85ulNLjd8595qtRQK7uACwO9HBDzf1B23D4vpndHCwRl4mXMtias:YIEYflN9i9cQKSkOBDL1I3DmxVld4js
Score

7^/10

discovery
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  $LOCALAPPDATA/t7x/data/launcher/main.html
- Size
  
  3KB
- MD5
  
  e7e0ab080d5ad004eb055f2c845aadf9
- SHA1
  
  d259e512834c43d743394456f1f891b42fbca0a9
- SHA256
  
  4539b58a87ca86398ddb24bacc9be1195c5166cbfeecb3aeefeef360165ba6c7
- SHA512
  
  2625af7c3828e5cf0f36dbaa7dcee3badf03debf63c07f0a7076d713a2de2bad46dadb8a2e3df43636065a5acced3726c9cb77bc5f0fa9da3e9d1bb52b54c3d5
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  $LOCALAPPDATA/t7x/data/ui_scripts/doubleclick_join_server/__init__.lua
- Size
  
  3KB
- MD5
  
  8d5f882ecbfcbef379ae4afd6065dd51
- SHA1
  
  a5df469722eb0098a6d743cffff4e98f02a01379
- SHA256
  
  0ea0065c9a706eb41f219b7014349b938b2318d886b6f0c592376a9bf46d3937
- SHA512
  
  d8fd52654475c5476fdd8c6f9ae14f4ea32769704698fb3523572ff67790a15f11a82bc7a331ed08d56e12178bce2aecc4437d3caecaee40bd183ba9c6fbf262
Score

3^/10

execution
behavioral5 behavioral6
- Target
  
  $LOCALAPPDATA/t7x/data/ui_scripts/frontend_menus/__init__.lua
- Size
  
  5KB
- MD5
  
  9ae6ab3f8f789368b82ad228254733c2
- SHA1
  
  bf0d08bde95087f8e54efb57359eaf835d3f34e1
- SHA256
  
  a59a33b55aef22da1754625bb9c8bb24bb7f687949178f1951c5597345939543
- SHA512
  
  e0cbbbe3b6c0342c0fc764ef8385f4c404f66f3e21d4ba09ccee25344399788ef1ec3880ebe441e740f085de2b51350ab382228d8a6da10812bc82a7e147b71a
- SSDEEP
  
  48:D0YR8zO/quu6vUH/jFqdmMu/M+/u04/uVIudoVFVAEPzIOL2FB9NFSi77oQaUExc:x5NfC5zMPSUXHVvPa0msjVsSWO3VXW
Score

3^/10

execution
behavioral7 behavioral8
- Target
  
  $LOCALAPPDATA/t7x/data/ui_scripts/frontend_menus/datasources_change_map_categories.lua
- Size
  
  3KB
- MD5
  
  0236305645cf996200509aef49997f22
- SHA1
  
  62360c76e9b0941657ce56a0f61f7d18b7acdb28
- SHA256
  
  468320779107c84553062a5151a338f21782e0bafee6d3a0d30f6d7a1e1c65c0
- SHA512
  
  b70d667af2febf32e57938e93ae6a7c28cc263be3647fa8086b56ac36e181ccce3a1b58a03ebcb8a72946421b62f2d1a51b1dcb82c7b2ecd051c6d83bcff53e2
Score

3^/10

execution
behavioral10 behavioral9
- Target
  
  $LOCALAPPDATA/t7x/data/ui_scripts/frontend_menus/datasources_gamesettingsflyout_buttons.lua
- Size
  
  8KB
- MD5
  
  cd0ece59795044b4e8aaeff2b741a5d0
- SHA1
  
  7c0f66275b131e3ea7b33e46ddfd8a529064fcd3
- SHA256
  
  66154685ab03d93e02a93705c113ab3eb0d9308e05ad72e02d5d94f5f7e85a94
- SHA512
  
  873cc7fdcbef683123e7d2836d1a52452ec67b3329238340049f580a2b8db3e8ce4c7669306da6b2b3f9437d5d6896d43aec35ed3488302615405468c07cde0c
- SSDEEP
  
  192:sCgOf+eoits+/LEUA68A6y82HIC5Aky5zhjBZqcs:sefVts+jEUAa6J2HICM/1s
Score

3^/10

execution
behavioral11 behavioral12
- Target
  
  $LOCALAPPDATA/t7x/data/ui_scripts/frontend_menus/utils.lua
- Size
  
  4KB
- MD5
  
  e0092abc478b7e8b4fd0a01d79d3a48e
- SHA1
  
  f77caa4069ca8478bbe7f0c8c36cb7436650fac1
- SHA256
  
  0c5d61ce1479cad3c66af8224b9fc65519d0b500282a51f1230fdbb4114753a7
- SHA512
  
  b4400380f27084357988929885cb91395d712da2fa4a25e532d9f372e4d006b90b040b267196c6b092cb9438de83aadefc923d3046a7855b933f2a7e922c87bf
- SSDEEP
  
  96:UHBC+9WVNARu4NygC419noxsOt+dEh6dHuGdHu6OpgOKjhfGd4WON:iBCtVNAI4NygC4bmz6dpdvSgLjhfGGJN
Score

3^/10

execution
behavioral13 behavioral14
- Target
  
  $LOCALAPPDATA/t7x/data/ui_scripts/graphics_settings/__init__.lua
- Size
  
  4KB
- MD5
  
  761bc06a747f93f8c495f240e1b805c2
- SHA1
  
  50381e6d842df5375a06ce51d1a9122fd51af4c9
- SHA256
  
  bdbea7688d5f77f44110c8ba57d6a9cdbfa17b166e87f63bda3609cffcfcd1b7
- SHA512
  
  f6c60c297b559ea6f16ff5d91b8560856916cb5cf98dba9aeb1820803591d54a4d2dcfc4de365f82a3969fc9700b941d8846b047fc729b2576fac7606ada93b4
- SSDEEP
  
  96:xwWPUGpVZ11IBVZjuQVB7QlbSDP24xWQtgq4xHNuadEseB8Rh:NrZiZ7KtxEseB8Rh
Score

3^/10

execution
behavioral15 behavioral16
- Target
  
  $LOCALAPPDATA/t7x/data/ui_scripts/party/__init__.lua
- Size
  
  910B
- MD5
  
  68ebf1b1e3fcfae462942c28808fb646
- SHA1
  
  4e79743a6e955449625f0201b6c762dfe85dfdb7
- SHA256
  
  af38eb50df014795977faf1c0d616acce5868a4cae682a448d449e8e0906e6a4
- SHA512
  
  5d7e66e1150cc77a8d98405a2c3d4014fcdc364e29af47b0d0879dc995822f32cf50a88e62f265cebf75ec7b8660ea7f42a173366cd718a2bd4f96f2e0080bde
Score

3^/10

execution
behavioral17 behavioral18
- Target
  
  $LOCALAPPDATA/t7x/data/ui_scripts/ranked/online_mods_loaded.lua
- Size
  
  726B
- MD5
  
  6ead5a6b332fda50ebb5baa5301f2eb1
- SHA1
  
  d136e6d2a817be4762840f3a7e32774e2aeb2940
- SHA256
  
  cbf1a49c9d341bed32045f09e7cb078b24e4600116852d4db9a73d6d092e79be
- SHA512
  
  29cb443e1d348d036f3a5a3950fd2a6089e391799f15d5fbb514deea73c6f93c26828af5eb52953de5731c969c2398df50e88075e35fe6e6c674594495565432
Score

3^/10

execution
behavioral19 behavioral20
- Target
  
  $LOCALAPPDATA/t7x/data/ui_scripts/server_browser/__init__.lua
- Size
  
  13KB
- MD5
  
  0bf5bfce5c3b0f4212c13c98bae7489d
- SHA1
  
  de7d46a9d2d40e26725b9c3992c039bc44238711
- SHA256
  
  7d9d892efaadee3479ab11430622f95ddaf694c44306b9033b4a22c82104cc6e
- SHA512
  
  f046fdfa95010cf02ae92bca44fc588e22cb632861bcce9b5096f56064a69f91e8abe13db21f54316c97fbd2a46c8f7ad15f9450378a32cd1c3b493e8388afb2
- SSDEEP
  
  192:77qk3uKs4NtVzdXgC/vjWXgbpEnG0Nb5Ut7vAWFe0:7m8uK7XTgwy8mG0QL
Score

3^/10

execution
behavioral21 behavioral22
- Target
  
  $LOCALAPPDATA/t7x/data/ui_scripts/stats/__init__.lua
- Size
  
  14KB
- MD5
  
  2be653bcf4866a74d76780a869519b55
- SHA1
  
  3b60e07d52ce29100ce7fa6d596e69170279d102
- SHA256
  
  114b47d11e1fae7cbd327a2674e863ff1e6c675031c5bf5452ad773a3bb119f5
- SHA512
  
  f287c770181d55e1e8e4c24ac3df9153fe90f5bde3eca08d8a1164f619dfca77c81daa0f5518072a2f15c14ca89a65b6aa1d7dd5d679ff53b7127d3e9bc65205
- SSDEEP
  
  192:0ksZxVF6u5A5gFH6NUOSOwKQmnN+oKpFhS0yGfHhpGSDPdSyBduXS6b6bs62x:agkndmnKPNpGosoduXaA62x
Score

3^/10

execution
behavioral23 behavioral24
- Target
  
  $LOCALAPPDATA/t7x/ext.dll
- Size
  
  596KB
- MD5
  
  6d3b5e41e546279c2d8b2db0e0e50948
- SHA1
  
  bb24b59de8db62ba55fbc789883429708c8abe3a
- SHA256
  
  9e442b0e55f32011a9a2ceca31260b18edde487f49c9fc569e1ee0c8d188cd33
- SHA512
  
  4a968a56d3328909e82b0a4564c7f51d12c5f5c91fdbe61863689180b9150d509636470fe8fc5fcff3d3e49f970921c57d1d4b6cd1dadad80b648a3219d62e94
- SSDEEP
  
  6144:Y0KYKHO1eBYgpXfrgcn5SZeQPTLojsZdx77j95wJK5iULZIbVgsohZd67pB:Y0Kr4upvrgcn5SrBZdVjPriUaJto3a7
Score

1^/10
behavioral25 behavioral26
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  12KB
- MD5
  
  4add245d4ba34b04f213409bfe504c07
- SHA1
  
  ef756d6581d70e87d58cc4982e3f4d18e0ea5b09
- SHA256
  
  9111099efe9d5c9b391dc132b2faf0a3851a760d4106d5368e30ac744eb42706
- SHA512
  
  1bd260cabe5ea3cefbbc675162f30092ab157893510f45a1b571489e03ebb2903c55f64f89812754d3fe03c8f10012b8078d1261a7e73ac1f87c82f714bce03d
- SSDEEP
  
  192:VjHcQ0qWTlt7wi5Aj/lM0sEWD/wtYbBjpNQybC7y+XZv0QPi:B/Qlt7wiij/lMRv/9V4bvr
Score

3^/10

discovery
behavioral27 behavioral28
- Target
  
  $PLUGINSDIR/nsDialogs.dll
- Size
  
  9KB
- MD5
  
  1d8f01a83ddd259bc339902c1d33c8f1
- SHA1
  
  9f7806af462c94c39e2ec6cc9c7ad05c44eba04e
- SHA256
  
  4b7d17da290f41ebe244827cc295ce7e580da2f7e9f7cc3efc1abc6898e3c9ed
- SHA512
  
  28bf647374b4b500a0f3dbced70c2b256f93940e2b39160512e6e486ac31d1d90945acecef578f61b0a501f27c7106b6ffc3deab2ec3bfb3d9af24c9449a1567
- SSDEEP
  
  96:o4Ev02zUu56FcS817eTaXx85qHFcUcxSgB5PKtAtoniJninnt3DVEB3YsNqkzfFc:o4EvCu5e81785qHFcU0PuAw0uyGIFc
Score

3^/10

discovery
behavioral29 behavioral30
- Target
  
  T7x_CP_Server.bat
- Size
  
  1KB
- MD5
  
  9a39bccd0daf4a3f41f80fbb8e0bc8c5
- SHA1
  
  05a6b7bfd07d0b8f2d4d63116481ffc4c9180444
- SHA256
  
  162678046d6c469b115d4ef86a37f962365529733b41c57cba5638f9b126dccb
- SHA512
  
  cff0afa1835de8c1636ff7657bafd943115768eeb209443c503e69e6eb502ecf8acb55a722560c100c4e7ed53e22d49c92a7a8bba66fbdb76dee76085401c05a
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32