8aded7b81786c3f26f36b0c162f13934c0c8310f1e8d78c3dfe90ad87b50a9c2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

PrismLauncher-Windows-MSVC-Setup-v8.4.1.exe
Size

18.7MB
Sample

240824-a23e5swfnh
MD5

35a1ca8c9d401b577b0dc2d636e79bb4
SHA1

3bc219e88c3a0e722ea5fcb7076d95bd1e61daa8
SHA256

8aded7b81786c3f26f36b0c162f13934c0c8310f1e8d78c3dfe90ad87b50a9c2
SHA512

d45b0476ea2a79f42cfe90f5cfd7e5a2b308ec02c412a80800d0772adc340762aff12b54941f10b46a7e0284af304f7aec03344c25b4484f2a0d6822608bf570
SSDEEP

393216:tV9AODS6SYsDPUG5EAV5VBnD+tvJvZc3UcdIRYA0cVe+J/dG9skoF+cfY:torfR5EU5VBnDaZ2Yl0cVjpdkskoF+cA

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  PrismLauncher-Windows-MSVC-Setup-v8.4.1.exe
- Size
  
  18.7MB
- MD5
  
  35a1ca8c9d401b577b0dc2d636e79bb4
- SHA1
  
  3bc219e88c3a0e722ea5fcb7076d95bd1e61daa8
- SHA256
  
  8aded7b81786c3f26f36b0c162f13934c0c8310f1e8d78c3dfe90ad87b50a9c2
- SHA512
  
  d45b0476ea2a79f42cfe90f5cfd7e5a2b308ec02c412a80800d0772adc340762aff12b54941f10b46a7e0284af304f7aec03344c25b4484f2a0d6822608bf570
- SSDEEP
  
  393216:tV9AODS6SYsDPUG5EAV5VBnD+tvJvZc3UcdIRYA0cVe+J/dG9skoF+cfY:torfR5EU5VBnDaZ2Yl0cVjpdkskoF+cA
Score

7^/10

discovery
- Executes dropped EXE
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2
- Target
  
  prismlauncher.exe
- Size
  
  9.9MB
- MD5
  
  fb3719acf328daabe0ac02aa2a542d84
- SHA1
  
  4307aaf23b76956f0224a7798fc0afc4a98284d3
- SHA256
  
  4042b303733277cb6c641a71706ee5ca81b20baad83eeeed9b24536e2e711b86
- SHA512
  
  cbef010b80d95e4f4d622f89e60eadf4dd612fab038e02404378e13804ae84c863de2ff1470f77dd843c8323783ee947557912d01e29b00b6a0db4ba6a8c43b0
- SSDEEP
  
  98304:8VR3jW5wBBO3CODuGKIHDno6TRoUNxOKX8S0ZO:03AwIp06nxdd0ZO
Score

1^/10
behavioral3 behavioral4
- Target
  
  prismlauncher_filelink.exe
- Size
  
  101KB
- MD5
  
  a7173360451fcc01402c6cf2cb8954cf
- SHA1
  
  6bb8a490e76ad5c3d4b8b114df16cd600e5b734b
- SHA256
  
  7c0cfc3013620f8d6e022740e8581b21e4dc57fce1c31b1be5a728f6adeea76b
- SHA512
  
  9d4483966c593937d9c620ecc9cfbdb0fe3ce5c73027fdb74891dc5ed6993377b717829d22001b3853c34f299fee9925382a26098f8cb206099d17acd0bd2c20
- SSDEEP
  
  1536:G3Yt1Il7ksU5RDBdZAR4E0f+zDlxuajoZ3yN+IbGdcxFMITG5EuTur+:7t1IlabjaRn0fsDenyN+oY/hRk
Score

1^/10
behavioral5 behavioral6
- Target
  
  prismlauncher_updater.exe
- Size
  
  723KB
- MD5
  
  22930ee300b20796a7cac1f2416cc89f
- SHA1
  
  81ac7b07d391b0256e74a3c108b72e8f7f839a75
- SHA256
  
  3261f546830bb6889e579c3d39fb99ae23c3730f9d53d7df26d89f21ef5ccc0f
- SHA512
  
  e60cfc74e9cfe885e55bcac4e378e048760bce1e957d3bac4e67821a2474d256b3ad8b21a07a81b59e83a4657b58b47ff4f99d60ffd2d0a03bdd2478ebfdd884
- SSDEEP
  
  12288:kPYu/daBiMxRCK7MUQPb66zGvg834EiaEMFO+QSWe:yYOdaBiQCK7MUQPbdzGvl34ZgOCb
Score

1^/10
behavioral7 behavioral8

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8