General

  • Target

    Battly-Launcher-Windows.exe

  • Size

    112.1MB

  • Sample

    240819-flx4davglc

  • MD5

    03696da629e834c395f699847326448a

  • SHA1

    3529afa76451ed5beeeb0bb4a31f7cc8bc463aa6

  • SHA256

    9d8763451c2bd900dbf10e3cdb16132ec706b8e13dbd563aa15835d5b2d8cc4d

  • SHA512

    fca0ef778b3ab13cf01e3d39d4c7eb4a587f600ed8d5ab10a03a3061178609dc13a75f6cc736ec27ed9f40a2a554030217cc91a8bf982d42f460585102f1969b

  • SSDEEP

    3145728:SJcuNt6i+X0MdTUPo+YFawtU4odzp7emMT:qcuN7+QYFjmPztemE

Malware Config

Targets

    • Target

      Battly-Launcher-Windows.exe

    • Size

      112.1MB

    • MD5

      03696da629e834c395f699847326448a

    • SHA1

      3529afa76451ed5beeeb0bb4a31f7cc8bc463aa6

    • SHA256

      9d8763451c2bd900dbf10e3cdb16132ec706b8e13dbd563aa15835d5b2d8cc4d

    • SHA512

      fca0ef778b3ab13cf01e3d39d4c7eb4a587f600ed8d5ab10a03a3061178609dc13a75f6cc736ec27ed9f40a2a554030217cc91a8bf982d42f460585102f1969b

    • SSDEEP

      3145728:SJcuNt6i+X0MdTUPo+YFawtU4odzp7emMT:qcuN7+QYFjmPztemE

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • Target

      resources/app/node_modules/jake/lib/utils/file.js

    • Size

      7KB

    • MD5

      6ddb6b6069ba2b74bbe577481567a6fd

    • SHA1

      ef378b8f58b533e596e4ff1e1319b40e3b805f79

    • SHA256

      a4bf53edaf6bbc6ac7a10b9bba5fdd408b458edcf2aba74e61601514e79c5713

    • SHA512

      180e236efe7c62067f94b691a4799484ea53fd615b82d5666619e2046435dbea83ae1ed5c52c77557836ed0d8c2086a9f827ba308427cb0004dba7a1e5b745e7

    • SSDEEP

      192:A/XHbJXks6comyb4aCzaioCKTyaGJYNPTgMgors7MOQuY/aNdPrsBb3i3OQHmqgI:A/LR6p0A2JYl07MCdPguh9gsgQvjX

    Score
    3/10
    • Target

      resources/app/node_modules/jake/lib/utils/index.js

    • Size

      7KB

    • MD5

      86e8b0e8fa1086ba0ee57a01a27f9862

    • SHA1

      ae824a9e2e359412f32e2ecbde20c2eb50c56c68

    • SHA256

      66691f8cc51985993fdd60c65564dad611cb4b84f21aaf7cb5444f235416653d

    • SHA512

      8ef15d2100ac82fa8d7ef75f014aa8f9460b5d343159072c96f932898ea4963f260e91d89ab9f62fe8ba460da410545dec781bf3f007be6b21e5c5616923b8c0

    • SSDEEP

      192:F/XHcWpeFumOkchIdUxV7G3du1tv95anQipQCiv5nZthaXsMMXMdH3+lpaDNkqRV:F/sW0OkchICn9Epov5nATxNk8V

    Score
    3/10
    • Target

      resources/app/node_modules/jake/lib/utils/logger.js

    • Size

      505B

    • MD5

      9af7f008b5d09520232b2d72dfccea7e

    • SHA1

      dd4b86c8ef34392bf6cdb585095e97e3dd330b70

    • SHA256

      8c2afec105c79dd5690aa0cf78b9c9f25d5a5e1f77b7a765d0732c5add61a7bb

    • SHA512

      0cf240f3e4f4151ba9df8175b9a5673982a2c7d7aa528b6ecfde91c0f00322723cd70c59b735ab5f1fcabc98921a4714ef7626167fb3577a6416921405981f72

    Score
    3/10
    • Target

      resources/app/node_modules/minimatch/minimatch.js

    • Size

      25KB

    • MD5

      43855baa9189d8dd645c44afc4132ec1

    • SHA1

      f21a6b3c6d1d71bb65e4e6e0af1bf1baba3a207e

    • SHA256

      ebae64a212004e293fd7b536f33a2ca830452f71377f4b51fa0a0e9885ee6a93

    • SHA512

      b67a9875c4c70c765c00e24d02ee807c22099c66ce1ce41ffca4f47d53deaae0c2c9a39e19eaa42a94c31b937888681f945da3704f3e6e1a3e0711bda00ad77f

    • SSDEEP

      384:Dxc8r7MvghVE1WtnxTEVLctXtbzdE281rY2qUkrwVzB9Xo6NHikm5PTt0VOKtEVH:lc8/vCWtnFoLc9tblNfWtEVSbsYm

    Score
    3/10
    • Target

      resources/app/node_modules/protocol/benchmark/benchmark.js

    • Size

      4KB

    • MD5

      aed52dfc6ee45583ee47274cbf80b6cc

    • SHA1

      043ea2811d13b41cb7c230ec66d2a667de296cb3

    • SHA256

      42091e950dea3a76bd810950f8f97dd6fad8da62101e8130834ecd0917d4b3c1

    • SHA512

      cddeefe21289bd95b7c404f3625527558d247e4c476d757022918b52bac7490af6e1ef5b0a5f18498240f93edbc1d9487fd1d632ac043acdeb9781e19e7ccadc

    • SSDEEP

      96:Jg/TgQH3o07o+FNVh3+S++bzGYXUt+8vj8uPVGZagVy5sy5uj0H0Wjw6:JLQH3HFNVhuSTbzGYkw8vj8u8am0H0Ox

    Score
    3/10
    • Target

      resources/app/node_modules/protocol/benchmark/input.js

    • Size

      2KB

    • MD5

      785edd8cc7a89e1f0ba909e7cbe94c75

    • SHA1

      c3950f31737fdfab65d8a0808fd04792c5b6aad8

    • SHA256

      f3b7561e39120dd693a57ec041d03725382428eefd7e44a073d3706b427d87bd

    • SHA512

      3b0e64549c54b1b84c5607a67395a92d0a2a84501adfa7094bb90eec079f7060837c2ef23c71960ef3ef22f182b5838c48a1fbd6a471998eaae213b4f814a9aa

    Score
    3/10
    • Target

      resources/app/node_modules/protocol/benchmark/protocol.js

    • Size

      1KB

    • MD5

      4d8b4b39a39e5e1a71cf9c1fd47709a6

    • SHA1

      8157ed84ad3f1acbf25a47e5a5062613dc5015fd

    • SHA256

      4536a65cfaa548aadb18d5eae8df1fc601446c6938a1f2742e9e1e9a238ff7fa

    • SHA512

      9f53903d1baa64339e75700b99c28a8616517005c139dc088d1b4a5e38b242881bdc8b2ffd4866b2655c714fed9d3662ae94a201a47e0f2375ea66c3cf2eaa91

    Score
    3/10
    • Target

      resources/app/node_modules/protocol/lib/flatten.js

    • Size

      1KB

    • MD5

      d367349071b4ae45b07eb1a58bd7f1b4

    • SHA1

      3023548890b8c2f3fc56578953ac35f7a455af6e

    • SHA256

      ad7e89663b817c86960bbcd61ff8b235bd6cfc4e25b1802cebefa73551d258cf

    • SHA512

      4458345a4bd8031edb9f232bec17090db3690f0ca33f93219bd0a6c8d73c18bd68568d0b784bd18fd4e3286eba3c91d3bd0cac19c42f8b3f4020ffaba76b43d0

    Score
    3/10
    • Target

      resources/app/node_modules/protocol/lib/flattenSchema.js

    • Size

      2KB

    • MD5

      5f4f1b166ebb578045282e5feeb975a8

    • SHA1

      ea39b5aff8dd83774f73329229f0730a865742f8

    • SHA256

      d8c40b4e3f079d5f6f096d6bcd89da0fbbc2b0e877abe4048998fc8f68140f23

    • SHA512

      370bf23237141ff61608893771a7de8d5b9e223b143c2a4103d7ec3ee00ea5b230d231eb9af3fd867357a7387d02781df76ec0c76ec45dfa0651947f6f10f3cb

    Score
    3/10
    • Target

      resources/app/node_modules/protocol/lib/generate.js

    • Size

      4KB

    • MD5

      bf5c409a2747f75a99dc1e4b0b8357ba

    • SHA1

      4f2c2e97d6c6428bdc4a088d3ad008636d3fdaee

    • SHA256

      24cf5c56cd623937ccda186290c2fbb4453331a9c39b0b03f079442e00f47643

    • SHA512

      59a795784201f0a8fc346be681f0b544ab94947b4225dd355c70c2b8df112e59ff9063f55d9ab2c2b6aac3f9a375b4889e6cd8b1606b4f98f26e8a53d823095e

    • SSDEEP

      48:J+bs5JslcE3QQHFs5DST93oVFJV8PHsNUbVrkAvEZGbdNRR0KJRwZt+6np3aGbDc:Jg/TgQH3ooP5hLvEmeERLOlr/npVNGn

    Score
    3/10
    • Target

      resources/app/node_modules/protocol/lib/index.js

    • Size

      1KB

    • MD5

      06f500160ac7a72c194f9e56feb1944d

    • SHA1

      958041371c692d00d62d84b83464f85e77a1ab0a

    • SHA256

      b18be9ba6637b8a8265fb12bde098f8ab79c9424e3b7a985f5f426214dd696da

    • SHA512

      2f506488ffba16b90ab630cc36227c7809e519f432f11417ad23a19b4ed58dd9b1b097f0d343fd2696ebda1e92fc90e9316e3537a6d7b442684a78edcdbdd824

    Score
    3/10
    • Target

      resources/app/node_modules/protocol/lib/parse.js

    • Size

      3KB

    • MD5

      33fa81cdeeca62dcfc4ee4fddc35b682

    • SHA1

      56c7ba62faca753ed7e7a7ce20c13c6463f55e04

    • SHA256

      f9617d4890bc02d093016432736f03b4209e698a462542e269a33b0585996583

    • SHA512

      cf302441230fa926b1644883b4bdb5242f71259cc7ee3fbffe653100415132ffc60f4133f5bb15d996c1a2a28f8dd395e4df4e58deaf25019a8b25def1d1b6cc

    Score
    3/10
    • Target

      resources/app/node_modules/protocol/lib/setup.js

    • Size

      2KB

    • MD5

      d336a9449018fb55c4b536a6d2f2ad26

    • SHA1

      8ff7e2efa1918e3e173c942843f42dbb055825a5

    • SHA256

      3cb7dd3c88c303550773ab7434b949a18258e24681337d9b0967a7f98530d8a9

    • SHA512

      bde857b2251b395cd427ead86cfcf71d711cac13fb391c0fd2f38b0c4a0e720f24b4bbdf33fe2e6459fae04c83a8f7bd02de6e8f1e7290587faef340ba60af3d

    Score
    3/10
    • Target

      resources/app/node_modules/protocol/lib/unflatten.js

    • Size

      1KB

    • MD5

      abc00ee24fc5e80ec876ea32c1db2b0b

    • SHA1

      3a61753e6d42af1e25a168cd59ce937b3fc189b1

    • SHA256

      a5a5f71309cc917ce73621d3f94ed5dcca2e72cfde04381462075b3337101bb4

    • SHA512

      432b2f84283b51bc2c460380761e0a2d62ce17d561f89934c9b13109924deca6ffae7a393dcf076fc0f204ee4934666cd532208c214685438bd1d3f445f02143

    Score
    3/10
    • Target

      resources/app/node_modules/protocol/protocol.js

    • Size

      2KB

    • MD5

      d2e56d25d4eb0c557fcbdd5c8b29a39f

    • SHA1

      d9834cfd5997a256a53cca95700aac9953977199

    • SHA256

      63f640cc41ac1beb9f5fc79e226ae3df08d1d6957cee100af858e1e32330602b

    • SHA512

      4ecb983236770223b25702cf7d561698bab1a9d556b49ee7da2e5ef5337400349e6d81a436a190343e2272054afa0ddc831d6c67268808e35a32a7087404d019

    Score
    3/10

MITRE ATT&CK Enterprise v15

Tasks

static1

zloader
Score
10/10

behavioral1

discovery
Score
7/10

behavioral2

discovery
Score
7/10

behavioral3

execution
Score
3/10

behavioral4

execution
Score
3/10

behavioral5

execution
Score
3/10

behavioral6

execution
Score
3/10

behavioral7

execution
Score
3/10

behavioral8

execution
Score
3/10

behavioral9

execution
Score
3/10

behavioral10

execution
Score
3/10

behavioral11

execution
Score
3/10

behavioral12

execution
Score
3/10

behavioral13

execution
Score
3/10

behavioral14

execution
Score
3/10

behavioral15

execution
Score
3/10

behavioral16

execution
Score
3/10

behavioral17

execution
Score
3/10

behavioral18

execution
Score
3/10

behavioral19

execution
Score
3/10

behavioral20

execution
Score
3/10

behavioral21

execution
Score
3/10

behavioral22

execution
Score
3/10

behavioral23

execution
Score
3/10

behavioral24

execution
Score
3/10

behavioral25

execution
Score
3/10

behavioral26

execution
Score
3/10

behavioral27

execution
Score
3/10

behavioral28

execution
Score
3/10

behavioral29

execution
Score
3/10

behavioral30

execution
Score
3/10

behavioral31

execution
Score
3/10

behavioral32

execution
Score
3/10