87e875dbcb220c06eeef00fba2f38304cb3028641df26d1799c6b8534ec1ce1e

Sharing

Copy URL

Twitter E-mail

General

Target

ChessBot_demo.zip
Size

13.3MB
Sample

240826-bpbbkawhle
MD5

313be50835b5e5c16843acf447a2f6bf
SHA1

12d52f6e49b42788cc3916b1fcd30883f4181a06
SHA256

87e875dbcb220c06eeef00fba2f38304cb3028641df26d1799c6b8534ec1ce1e
SHA512

572a8aa6afe3c49380cf66d4c528da297f3b0fb49637670c8f4e77094f8e5b6d91544ad86c563cb8aef426f26a0a65b4e9698af7ff4ed2f476e8bf6d263b1561
SSDEEP

196608:z8L748SZCTcVWddxJsoX4OdN6g2O/zKv4SIiPAmAV5ft9+Ef/Cdqr8OMNYfd7GXl:z8/4qTFp7dNlOAFiohnfSMqOMNY9dsLV

Score

6^/10

discovery

Malware Config

Targets

- Target
  
  ChessBot_demo.zip
- Size
  
  13.3MB
- MD5
  
  313be50835b5e5c16843acf447a2f6bf
- SHA1
  
  12d52f6e49b42788cc3916b1fcd30883f4181a06
- SHA256
  
  87e875dbcb220c06eeef00fba2f38304cb3028641df26d1799c6b8534ec1ce1e
- SHA512
  
  572a8aa6afe3c49380cf66d4c528da297f3b0fb49637670c8f4e77094f8e5b6d91544ad86c563cb8aef426f26a0a65b4e9698af7ff4ed2f476e8bf6d263b1561
- SSDEEP
  
  196608:z8L748SZCTcVWddxJsoX4OdN6g2O/zKv4SIiPAmAV5ft9+Ef/Cdqr8OMNYfd7GXl:z8/4qTFp7dNlOAFiohnfSMqOMNY9dsLV
Score

1^/10
behavioral1 behavioral2
- Target
  
  ChessBotX Trial/Books/Basic.book
- Size
  
  103KB
- MD5
  
  a1c8e87c5852d13d050d4dbe08b43a94
- SHA1
  
  c24d3f51aa8e96f310e953cf807f2dd5a6565bce
- SHA256
  
  6097925ba0dc7280303a1bbad83f31912e6084f2badba859632c6ed2f5ebfa8b
- SHA512
  
  a6ca0949e6fbfb2964c6d9998eab2cd7c34505acb5e784b2e087fab8de9a96563cbc7d13fb076f8701bdd1724bab1969df9d6d426b8262e3457c3379d65209d0
- SSDEEP
  
  1536:iFVNWzXUVzoYxpOl5lNNfoHQ5VI6VVV2XUlZX/f5IKZVu2FPffscElnjgUYjQNr7:cWzXUVzoYxpOl5lNNfoHQ5VI6VVV2XJ
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  ChessBotX Trial/Books/GM.book
- Size
  
  4.7MB
- MD5
  
  5ccaa1dbf9174097cc7b77a1b555abe7
- SHA1
  
  d7e497980d2871457c9b87cc90bbfeee90c6c350
- SHA256
  
  0133f35e0d1e55c266fb16e68184b5922d148cdab1f038900526362591105c7e
- SHA512
  
  eeb825256eea48109e6ffcec891d74dd1237f0a6381958b3b615c628d1eb6ca0a0b719b90e4909daa2b81838f4347176bd9b857187746453abc27851b1e997b5
- SSDEEP
  
  6144:Lp36vRbTjeCHe85MMrtXu6Hu/em+W+vjC8YJPKw7XHPjnRDrVRWD8RQV6YCYVV3h:8x0jRU5kAAoDi8H
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  ChessBotX Trial/ChessBot.exe
- Size
  
  14.9MB
- MD5
  
  d777f5ecef75f5e4d3568d438d68401e
- SHA1
  
  62ff0fd1448805631d8d52f6806e000a9355fbb8
- SHA256
  
  30ce2ad402a3bdc311259d7af3b097c8c2eb6f15c4f76d4b5cbc71ca564cd4fa
- SHA512
  
  2b31aa087e60d57a5755d500f82cccb63fbd1daee6b344c19ba241214d49d263ab34ecd262bdff5e062cc821a6b0cd4ebb00c32dce66452fb6cca2d4a00ac993
- SSDEEP
  
  393216:+Dma17FSQM1DycoyhU2TbH4dGUKzQlUavKaOr:4jSQPzCxbEGfzivpOr
Score

5^/10

discovery
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral7 behavioral8
- Target
  
  ChessBotX Trial/Config/Delays for bullet 1+0.cfg
- Size
  
  84B
- MD5
  
  af2e825ea6e80fb5e10d9da97a31f39c
- SHA1
  
  077fe6842541729adf3efef673c338bafa724fcf
- SHA256
  
  d6e1a4435c11e493c4ab3f8c9a2e0f0615463e1e04516c2f9009438ee4cfc76a
- SHA512
  
  2028237f533bd97c679109c5a131ddd22e287683f5c817379c7e19643a18d97b4d95d36da987cf7fad16050ecd73c20e3ea3a6b89b4bb70f23452d7d6b9d8ba7
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  ChessBotX Trial/Config/Instant (without delay).cfg
- Size
  
  48B
- MD5
  
  f010618e4182af042a52a43842133d63
- SHA1
  
  d40391a711a6bf31c7eb691659322c7d28db878a
- SHA256
  
  bdf694978e13bebe3e4987d888a119ca76ac36f8ecb5033dd2d6ece5c42687ae
- SHA512
  
  7cc92549e5b6e2e1e77e6a374682339fc5aee8aac637f111747f88111a77dfddaf155c0047ba6b4f884d0dbd7632e105eb3df2ca805a37ceb47295eb412da922
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  ChessBotX Trial/Config/system.cfg
- Size
  
  28KB
- MD5
  
  f2d495f2d48fa663dddd3e7854bdd090
- SHA1
  
  e11753d83d66ae0e2192ec87de4787c09d377d1d
- SHA256
  
  41781b442fc1d620ad58f59e2797dec3756f4cb817482339240fbc90ff2d8089
- SHA512
  
  23fce4d25818589a4179ab3344a04848c7a859288fd2a5951ea16e101dbbba2b670cfc7b7ac98d45d1c8d8f5e5f259d07747e679d3b45eb7749f7c6e340ad206
- SSDEEP
  
  384:FJdzwzoMZSFbnJn5lJxTAE5ruZfeqxrkf8myv5z:i
Score

3^/10

discovery
behavioral13 behavioral14
- Target
  
  ChessBotX Trial/EngineList.ini
- Size
  
  64B
- MD5
  
  ab37c694cfa32d45f1614f210ec1bfcf
- SHA1
  
  a5c62225fb613c9274bf99852f7162ec256f5c06
- SHA256
  
  0f5ed6db005cdc76f218bade56a53a18ccbc65ea006f23467961ea5f34c8b7e3
- SHA512
  
  a47038dee7040e7668506e3edea3bf81b49e002deafdc9bc918d20c9c52341c4d7f6fe8eaf644c54d4762bfc6ffbb692344c098bdceb2cb55fd6ac91582e7200
Score

1^/10
behavioral15 behavioral16
- Target
  
  ChessBotX Trial/Engines Settings/stockfish.cfg
- Size
  
  419B
- MD5
  
  4471249005b5ddddc2f630f271ce946a
- SHA1
  
  56792bde67d0c17fdbd99265e5588577a1b8a235
- SHA256
  
  4ebeac84f38ec2931c6edcd9388e696693a32863d49ac3ca55d519a0d54c77d0
- SHA512
  
  49dcab5f4d56d73b84419647e6e3ddec73a2f8de676224f0ea4edc71052f42976add8eaa0b8872f516bec6c5695be30ec8d1985477a49bff36cc738e96bafa78
Score

3^/10

discovery
behavioral17 behavioral18
- Target
  
  ChessBotX Trial/Engines Settings/stockfish_10_x32.cfg
- Size
  
  419B
- MD5
  
  e2942405d2a4ecbf21c5bb8aa13fec42
- SHA1
  
  b8fd99b2ad84689dab7fc380ecda0914e5a45569
- SHA256
  
  21f5a31aab15a3ee6fa01ba98ef3a2b55a40172aa518aaf0b4957e36adde7c58
- SHA512
  
  a4c6e6c1c89876337990abdc645b76b6aafe103d3c73ade9f4d1d13e6da9e4af75c2aa8b88ae5b72330146a8f3fb6ebaee1c5db724bc7d50b3809438c752d56a
Score

3^/10

discovery
behavioral19 behavioral20
- Target
  
  ChessBotX Trial/Settings.ini
- Size
  
  397B
- MD5
  
  e57128c27ed919d906ba6a4f35f11654
- SHA1
  
  6aa0cd7ac6bf0ef481a0472bb7557c6d7d46021c
- SHA256
  
  699da45b8ab6181f140b24d59f9098028ae1842ee3ecbe1edde992fb8f22ec17
- SHA512
  
  02d076cff74da05307e8ecc65b390fb1a619baf030189e684f0ffedbccd69e8b4a32a0a6e2d5b32913312566d43dbef9d7f42c14cab8f29525e7a7fedd590c4b
Score

1^/10
behavioral21 behavioral22
- Target
  
  ChessBotX Trial/System/SystemDelays.cfg
- Size
  
  558B
- MD5
  
  d81880d6d0e952c2e776564f899aebdb
- SHA1
  
  3805b1324015283e8d24c83f7575b66ac8fbdd94
- SHA256
  
  e85419d5d8578bb6ddef104e155861995ba08733a6d4ef7683d9f21422983d97
- SHA512
  
  1d172eb7dfa4e674d66fc9a7cf2a11d132ddb88f378e2c91bba355ef2728ad8cdcf401ddd00203adadd052f26ea2aaf0b499fab9476bfad036596bdad42b842e
Score

3^/10

discovery
behavioral23 behavioral24
- Target
  
  ChessBotX Trial/System/defaults.cfg
- Size
  
  556B
- MD5
  
  7b4f867cff795248d741ced466b3908c
- SHA1
  
  81fd49769ad19d5ad9dfbc1f4d4c37c27b68d53e
- SHA256
  
  bb4f4c3a0a088329ff6b0ab6cea8dc570fe86aca390c6082b1fb9ed37b8e84d1
- SHA512
  
  4ac63e502978e0321387e39d4cc05951963646f30ef592d912b04cea1d25c278b277064894f473944a039e1aacf0982904ef30dce8c4ba44472db5bc61d0ba58
Score

3^/10

discovery
behavioral25 behavioral26
- Target
  
  ChessBotX Trial/System/sys.dcfg
- Size
  
  104KB
- MD5
  
  9f7ad68d93118381b6d8e619363fdf01
- SHA1
  
  035675334e06d87c16595d77ba27fde99c22f6e7
- SHA256
  
  0aa24a6c99943d742c3a7fcc958412c7549f5e6f30d49a88786ed55688e72510
- SHA512
  
  7f58476f78a9d980d604ce51ece8bb3beced1a3a7b45492c85dc43097eef3adf7dd8a21736ad8b5c487cb87c697f593b97cb3f7f1d45446bc89a7b7641d8aca0
- SSDEEP
  
  1536:pPAcovGSf9Oipoeh14KP5waOevWuzw7YAMh6Hh9P:pIdvHDVv4KBwRVuq/mK
Score

3^/10

discovery
behavioral27 behavioral28
- Target
  
  ChessBotX Trial/voiceover/a1.mp3
- Size
  
  2KB
- MD5
  
  ced1aa96b588829bb1c912b93b09882f
- SHA1
  
  1f9b35d87bfe06d0f6c04a9b54dffa4723350e80
- SHA256
  
  2a256643b2387848eac75a6af0b5e9f861ee552255525edf1cc0455c6870830d
- SHA512
  
  defa510c092c30af42fab5f76dc78d5e76b5ad7a862f7b6348309518c4e81728023f0f9e5273c6b4b6f333f87c7d02dd7a10b4d774d18839362ee75440f1cee6
Score

6^/10

discovery
- Drops desktop.ini file(s)
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral29 behavioral30
- Target
  
  ChessBotX Trial/voiceover/a2.mp3
- Size
  
  2KB
- MD5
  
  a000d7ebd6c6549cc66720e8f520470a
- SHA1
  
  3f76224c5a0c0be24078e61471156532b5ee742d
- SHA256
  
  990a8a68237f5620ebd2ed383b347f33674b89ded2ef04e05a6bace20fa3d189
- SHA512
  
  61c249987ace0cb8144ebe897193b8f3792eb8e101833123e198849a5644bb9e1142976ec9c57c96ec352dc43d7bd547d9c2606a35d0b2afef0b5ad7854df5cb
Score

6^/10

discovery
- Drops desktop.ini file(s)
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

T1120

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Suspicious use of NtSetInformationThreadHideFromDebugger

Drops desktop.ini file(s)

Enumerates connected drives

Drops desktop.ini file(s)

Enumerates connected drives

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32