dc2a165d64a0bd23fa0bd161ecc76665161ba742f4f591f72084ebaaf534fac2

Resubmissions

03/08/2024, 03:02

240803-djesxa1dlp 7

Sharing

Copy URL Twitter E-mail

General

Target

People.Playground.v1.27.5.zip
Size

205.1MB
Sample

240803-djesxa1dlp
MD5

081a3cea8a9900f373f2cb5b841cf2da
SHA1

93ee2014ab315bc652476f0ff3a7ca4aacc07070
SHA256

dc2a165d64a0bd23fa0bd161ecc76665161ba742f4f591f72084ebaaf534fac2
SHA512

8811fdc3fc08d77245cfe87b1d09ea1edddd00d5eb4fad53012636b797bd348c68b003a7d07a64c259939e3024e0c5689038a2b084adcdfe003d020b25b4543f
SSDEEP

6291456:ctxeybGEa5qz9kSN6lTMwW4dHAE29oBsseZT/0620Je/s:c7/GEHSS7wW4OEcKsse5062oe/s

Score

7^/10

discovery execution

Malware Config

Targets

- Target
  
  People.Playground.v1.27.5/Game/MonoBleedingEdge/etc/mono/4.0/DefaultWsdlHelpGenerator.aspx
- Size
  
  59KB
- MD5
  
  f7be9f1841ff92f9d4040aed832e0c79
- SHA1
  
  b3e4b508aab3cf201c06892713b43ddb0c43b7ae
- SHA256
  
  751861040b69ea63a3827507b7c8da9c7f549dc181c1c8af4b7ca78cc97d710a
- SHA512
  
  380e97f7c17ee0fdf6177ed65f6e30de662a33a8a727d9f1874e9f26bd573434c3dedd655b47a21b998d32aaa72a0566df37e901fd6c618854039d5e0cbef3f5
- SSDEEP
  
  768:6CEPutHjvpMgMwP9h5Ij7khsp/6JtEZwMXVtkUI3t3CXyEyk3VbNbqDvJ4oT1y:/r6CdsCOZwMX3k5dWyklh+Dvbw
Score

3^/10

execution
behavioral1 behavioral2
- Target
  
  People.Playground.v1.27.5/Game/MonoBleedingEdge/etc/mono/4.5/DefaultWsdlHelpGenerator.aspx
- Size
  
  59KB
- MD5
  
  f7be9f1841ff92f9d4040aed832e0c79
- SHA1
  
  b3e4b508aab3cf201c06892713b43ddb0c43b7ae
- SHA256
  
  751861040b69ea63a3827507b7c8da9c7f549dc181c1c8af4b7ca78cc97d710a
- SHA512
  
  380e97f7c17ee0fdf6177ed65f6e30de662a33a8a727d9f1874e9f26bd573434c3dedd655b47a21b998d32aaa72a0566df37e901fd6c618854039d5e0cbef3f5
- SSDEEP
  
  768:6CEPutHjvpMgMwP9h5Ij7khsp/6JtEZwMXVtkUI3t3CXyEyk3VbNbqDvJ4oT1y:/r6CdsCOZwMX3k5dWyklh+Dvbw
Score

3^/10

execution
behavioral3 behavioral4
- Target
  
  People.Playground.v1.27.5/Game/People Playground.exe
- Size
  
  638KB
- MD5
  
  5534465062a9089840568af130b7d0f3
- SHA1
  
  47b1b9670c57e945a630787b661ebc57fa6da787
- SHA256
  
  93d8dfb94ade06c2d7d4ca47add7d6881ff70453016cc8d1cd14537cc86c06a8
- SHA512
  
  634e9c71f4ab5ee6d3c70abaecb0020d3fddc9eabcc03a7a0346b95d9c4c00db3fe30370670094ec7fd457d6d8d1491a7db19f70e1a2b49cd7068ebc9a5d3f7b
- SSDEEP
  
  1536:cC79gXAX271lcBzqEY2lkCswVxYDXosWkd09dluaUGX/9fpDBGQ6J5CYExyHQYY:pgXpJozm2lkCsuYDbMkZkBfx9
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Drops file in System32 directory
behavioral5 behavioral6
- Target
  
  People.Playground.v1.27.5/Game/People Playground_Data/Managed/0Harmony.dll
- Size
  
  910KB
- MD5
  
  3952f05b0982abbbb9ea953db836b3ea
- SHA1
  
  a1a72d6ad32261de9d03624032c4fd80fd62e0ca
- SHA256
  
  0de0118c8f1d4408de389ca33b46d2ff7778f3a8541b430cae729ec913d899c7
- SHA512
  
  1aefb7363ae4d1313bd12b947b0975408f284d37b2cfb0694c8f79795dbf578503cd949167fe654ff6d3c3e4339ae502d933065276cbff0747423ef80703fb2f
- SSDEEP
  
  12288:3ePzA5Qa0p+bULobHoMF/8+wtdwArLPnWn:uPbsYMIMgtKArq
Score

1^/10
behavioral7 behavioral8
- Target
  
  People.Playground.v1.27.5/Game/People Playground_Data/Managed/Accessibility.dll
- Size
  
  12KB
- MD5
  
  63c434b864ff270ce9fef43917dc8621
- SHA1
  
  bd0a92569b2a14f52bea0dc52fae7238332c3b8c
- SHA256
  
  c36813bdf03fbad922e6558756c3cc2956e6f74457003947fa4e91952445e19f
- SHA512
  
  0770253b619a3f5b8154aaceb924e7c97fabcbc33a84db636662c3f8d24ac0967ba479745df6cc0e0b8e38483d2c93164540eb55ae3add512675360e88b125d3
- SSDEEP
  
  192:b1n3RPr/jgUiix4ix4eJFBRbl9KYYoK3ESmMadMpCNSeFU:h3p/jgOvRbli3ESmMadM4NhU
Score

1^/10
behavioral10 behavioral9
- Target
  
  People.Playground.v1.27.5/Game/People Playground_Data/Managed/Assembly-CSharp-firstpass.dll
- Size
  
  158KB
- MD5
  
  204ed6d7dea4c0aa8d53b5eb7eb6ed14
- SHA1
  
  7e14f31ea67ab7d7d2d4455a8cfccd586f392090
- SHA256
  
  726ae2a1529f153f34a2e1a6b83e82dac2d7291803d6b0804b60b364f40c7034
- SHA512
  
  2d4f7703bca17f6fe095624a8b551bd91b99fa4e1614c04e8f2839d1878cc1027f3fd919c656a3ae1910ef82edd2da5a1c86310cebe448bc848f224197f3749f
- SSDEEP
  
  1536:WOcwPzlzBFIqQEShnLWlgAM79UE0zE3BmFi2STJDCdXbzc264dlSgcL16HyAOYWr:vbnbEGE0zABFtpwnUjz/LxTVHoPk
Score

1^/10
behavioral11 behavioral12
- Target
  
  People.Playground.v1.27.5/Game/People Playground_Data/Managed/Assembly-CSharp.dll
- Size
  
  1.4MB
- MD5
  
  d1ab9223df02251ad6915fc64dbc845a
- SHA1
  
  ae3e7601bb6a317fd61d75f929eb141ff60d2bf6
- SHA256
  
  189574bf172cc4f71454dd5e897edd41da462255afe2944216d7bb7b6fc9f545
- SHA512
  
  4677129fe7cdaae5cc436443a49881552806ec202e2ab1d93a47800bae44b41b2ab383eec40f6b5b8b9b998818886ff49254d8054e56107d9463c637695e92fc
- SSDEEP
  
  24576:ZnphoXeQ13mKBYY+0au5GXlsjz++CCJJ3sTJY+0np3UPoO:c3mKBtau5GXlsP++CCJJRnpfO
Score

1^/10
behavioral13 behavioral14
- Target
  
  People.Playground.v1.27.5/Game/People Playground_Data/Managed/Ceras.dll
- Size
  
  174KB
- MD5
  
  22336b3f449b016e77f793912db7ab5a
- SHA1
  
  8b107d9a3cbd32ac61dccbd5bd9da116a6ec9df4
- SHA256
  
  1a4f54cb81af29d10a7868a07c3eaf742ed847178154ab1c1cc8acb67148a2f6
- SHA512
  
  269d63b108a6b38d5cda9481fd2e0cdd3aeb717cd1206288b0837f371e65a3952598a926546f560779afafd35cec637b982f3449ea768765d41d7a07380bf0f8
- SSDEEP
  
  3072:nW7HJgmRyWI4wnYsW0jDP1WFIN9dXEl+htREUEglyUqhYTajnExywRp:nWT12YgzsFed0lu6OR
Score

1^/10
behavioral15 behavioral16
- Target
  
  People.Playground.v1.27.5/Game/People Playground_Data/Managed/Facepunch.Steamworks.Win64.dll
- Size
  
  534KB
- MD5
  
  9b6881f3af33f662ee9a2a8f07016b98
- SHA1
  
  06e4b53d3d7177d2465c9f53e7881a8c4cfb8ac0
- SHA256
  
  7f4e025564e9b2dd6ac248727b37c9767212c567b18a422629256737524d23b8
- SHA512
  
  39bf3ffa5456db92f5d44c78764efc6cdc5a4c52e7493a1a1940dbbcf4268120538b0b86db3ccdbf9cc3453b11ef3d6827db4fa38ce18968f38829a1e600253e
- SSDEEP
  
  12288:4dMCyDIDge2t7yOcEXJ5HfuhftgUT2lCeamE:sVDge2t7JJ5/2ftgUT2lCeamE
Score

1^/10
behavioral17 behavioral18
- Target
  
  People.Playground.v1.27.5/Game/People Playground_Data/Managed/ImmersiveVRTools.Common.Runtime.dll
- Size
  
  85KB
- MD5
  
  ae491807f7d81934b5f195185fee4302
- SHA1
  
  a84b4e7b68da2ec8d6648e48ac453629fd41c6c0
- SHA256
  
  aa9864ee66413a97594e808eda904d0f28e9bde9337c40a83f9eeb6e4a89d306
- SHA512
  
  b14a26cf55b5af959e262adae1c485e0b7c8357b8318507f436cce0ff06b58645a71f6884dea584014b90d8c29dcd46cfcf2466cad68af477b027af6f0dfd354
- SSDEEP
  
  1536:CJ8sUvvuv1+WTzC5rkG3G2rCKehjjGj6uXF1Jt8rqx0wrvbhcNiLGo:CSsPg3wmkqxfrzuAR
Score

1^/10
behavioral19 behavioral20
- Target
  
  People.Playground.v1.27.5/Game/People Playground_Data/Managed/LeTai.TranslucentImage.dll
- Size
  
  16KB
- MD5
  
  8ecc9ed0a6c9c443bffb275393b922e9
- SHA1
  
  5d20257a3bc123bd8cae317650ead448a63c9ff5
- SHA256
  
  a86bdd8adb2192598927af535491d24c67734a8bea815845d324df1a7db82446
- SHA512
  
  f8571e7c5ee1773de55ff3bdd756c16e95c657c19ac3e4646a658e97350fa176bfe110eeb9e9ddf969029ea74b835ff80431022ac6f88d2bbbbe5f266643fa79
- SSDEEP
  
  192:unpuBiL+i7dYZ/HJjA4oopfAWn1kesVvsanrsPuYHuUxfdbnp0PMx9Xq4O4pLpHW:u4I/eJqoJn1psvsShiukbtQ4pLpHGj
Score

1^/10
behavioral21 behavioral22
- Target
  
  People.Playground.v1.27.5/Game/People Playground_Data/Managed/ModModels.dll
- Size
  
  4KB
- MD5
  
  a8525d27741005b8f277a3b1770176f0
- SHA1
  
  a3d5947dd834d7cdca2697122704c3faa0146afc
- SHA256
  
  453454b07bbabbc4962cda29c4f865351c4f2ad9e39cc38c404181ae09be749d
- SHA512
  
  b0b3f08181af494167100bd08a5c82ed8d9d206edfdc31a270d7762f92d424c52721042948bda6c5f3f514bb84451fcb45c13842b949983d4eec4603bdb06940
- SSDEEP
  
  48:6K+lrqZt3yPGKkiAlQ/SADvIsRflH7LUpcQXG8xREvVfrZjQlgX65QL:8gtCPGxifpDv7RfJUCQ6FcuXq
Score

1^/10
behavioral23 behavioral24
- Target
  
  People.Playground.v1.27.5/Game/People Playground_Data/Managed/Mono.Data.Sqlite.dll
- Size
  
  163KB
- MD5
  
  c3f45469e392a105cffe6ce007a54a61
- SHA1
  
  bf0edef3a0cb5fc35920497a108600d5625b869a
- SHA256
  
  5cfd7d5e444ec8d53755d4d82220524aa455f34b87a6f740b984d50465d76d4b
- SHA512
  
  d2fff88539fe6999ea428416cc153500f9ba5c2d130888853bec3568b1599b60d84da40fc3b7f08d4bde439c2d2500c720084064f92277a2ef16840a7cb83ff9
- SSDEEP
  
  3072:9b4Gh78nIXk4uuIgZUHfdNQFNFGFOFwcGF6cmFWc0FWc8cIcKcUFJFpcNcHc7cbz:9b5qI04uuIg+H7QFNFGFOFwcGF6cmFWt
Score

1^/10
behavioral25 behavioral26
- Target
  
  People.Playground.v1.27.5/Game/People Playground_Data/Managed/Mono.Posix.dll
- Size
  
  207KB
- MD5
  
  72c9ea78101c493635c0f763d1795d7a
- SHA1
  
  c04e331b6415bf566e1aa26550bf794651704c7c
- SHA256
  
  a33abceffeaa6b6d5dbd2cf77210daddfe331ed40eeae4cea3c5efb0c0db2cc0
- SHA512
  
  4dcc9495000f0cb0d93381a466f8d0553c2f9ef9521ac71979371b5eded37a25224a861ccc101a24b0b2741d30efb71d81d03fa00ca476bf8339c1786d9c46f2
- SSDEEP
  
  6144:9c9wE0Q11JQ1S+OWMYU7nUXxOwblnsAPe+Eg:9c9wE0Q11JQE+kY1SA1
Score

1^/10
behavioral27 behavioral28
- Target
  
  People.Playground.v1.27.5/Game/People Playground_Data/Managed/Mono.Security.dll
- Size
  
  302KB
- MD5
  
  d1b792d07b0e08ef190eb6ef5361e6f3
- SHA1
  
  36890188d80598132d63561ded707e641282f2a1
- SHA256
  
  2b7651b398dc63af0dbc0038758981c29238a495681a7ed487357a464ad4de15
- SHA512
  
  1229d49068401a078b81ee398524327ccdebcd2fb6134c980d643b76f075244f2670d0773aa35027aa8b8d40ad6c29f16a223b142f3a6595c3641c32c8c31215
- SSDEEP
  
  6144:+JvWNTGENjTzSQfGFzPTzcyaksosrNn95tq:fmFz9mN
Score

1^/10
behavioral29 behavioral30
- Target
  
  People.Playground.v1.27.5/Game/People Playground_Data/Managed/Mono.WebBrowser.dll
- Size
  
  163KB
- MD5
  
  ac6215e0a18a783958a39f6fd8e74057
- SHA1
  
  ac7cbaec3869728b236634691c356512af308054
- SHA256
  
  7d2eb49a5120d9b1f3eb3c6501d4eed6cacf81f921fbf5c248aab5f0d093f2ee
- SHA512
  
  36eee8f732e6e5c4664dcf77f5d1dc03ded650720624de532cbbd4fe2214accbb2a08365ae2cfc8640e30f8ae1aa81532f867ad303c2798fc5288f6393a78e88
- SSDEEP
  
  3072:ot5akP49r7Mt5as0yAg2TMqEHbbqRJz7FW0g:IP40fAMW3
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

T1059

JavaScript

T1059.007

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Resubmissions

Sharing

General

Malware Config

Targets

Checks computer location settings

Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32