97ecb8217d2c20b00045fc10351bd554c1b346fd8aad64aea8aae3ee0db230e4

Sharing

Copy URL

Twitter E-mail

General

Target

windows-latest.zip
Size

13.6MB
Sample

240901-r5qzystgra
MD5

fa20fb15ac3ad77f07e75645e3b506fe
SHA1

01b051460a4282e7c468b358a1c51763fa8fec07
SHA256

97ecb8217d2c20b00045fc10351bd554c1b346fd8aad64aea8aae3ee0db230e4
SHA512

502be60b2e9e307ebb5597a57a31bc439f3f004ff91b49cf40024bfcafe5c3843f918357a4f42ed30108453a46e36850bc69ddc30b9be382c1eab7bbc443f0d1
SSDEEP

393216:GGgU3AWSe8XOVbc3Y/H/Jlyy3FSojRni5b5/GQH:G7U3Ce8kbcCfJlHFSkhi5b5eG

Score

8^/10

discovery execution

Malware Config

Targets

- Target
  
  SDL2.dll
- Size
  
  2.4MB
- MD5
  
  f9a2d4366b0b137f625cab03ee4f0d8a
- SHA1
  
  f20602829e63d1a67acf29bb9adc26a1b4bcc46c
- SHA256
  
  ed9bb11fb27ba61c04d0165f299e053626665e9ab2b51afb74ae2c1dcff7ddef
- SHA512
  
  6b65fbcacc5978299085be530e74d66a2d9d9af484dd4ef00c79a7d88c5437e1803a2714ad9ba5e2f703697caf50d7256b61a688ff7d845ebb3b7974d5cac4d5
- SSDEEP
  
  49152:F5y65dkXJURFl4pZvKLQ+JvmAYj+/g+U1ZFVvXp7mASMpQr:TF5dFqpZvOk+I+U1bNVmhMpQr
Score

1^/10
behavioral1 behavioral2
- Target
  
  Vita3K.exe
- Size
  
  27.6MB
- MD5
  
  daf3e18bb15c78cf468366659ee75857
- SHA1
  
  450117590487a18ccb525718d577872964c9e20c
- SHA256
  
  61fc35a0b5e5814b8d4e80b5a6c0d54b82a4f41940d5cdf0779f58451e8ed344
- SHA512
  
  fc64d3887738af34c22bcf5ee048fef520d4af9d4d52833a65f30d1c1d20d7fca61d70720b7a5bf3c53ecdefa8c3a53064fbac3dddfe1a82f1b1d69c4f0c4140
- SSDEEP
  
  393216:Hdb367bDJOco1DxXNFAwYcJmfpuecZIqfB4e0wQ6E46YpSTJhF6kosD2vBFHZ39h:HgtOr9
Score

8^/10

discovery
- Downloads MZ/PE file
behavioral3 behavioral4
- Target
  
  discord_game_sdk.dll
- Size
  
  3.3MB
- MD5
  
  4402cd4891c256ee40046c6092afdcbf
- SHA1
  
  914e01743c7591beb79a61417b262caeb23e2c20
- SHA256
  
  a6b6d7df00a58dc50248d91048578d0fe52182286b487ef89a961fd10467dbd1
- SHA512
  
  78da4181132a02d7d17ba4b2839018dc43d7d691c8bb01d34e5f7439df9c92951ce687e9487df158c44e764275b45d6800f6629ec2a175cc4ecdf868292291e5
- SSDEEP
  
  24576:Q/NGmO/w02OFM7zWIyjQYS2tBMPfL+8T14rbXojA4F8eEcu2sqhA+cGRlZVIH06R:3oOiaQAtBMPfCn/WDcGRxIU6iIdAk
Score

1^/10
behavioral5 behavioral6
- Target
  
  shaders-builtin/vulkan/fsr_filter_easu.comp
- Size
  
  2KB
- MD5
  
  2d75db648cc4f3151c6e2f2ad1b70523
- SHA1
  
  a16205ad5f54696289193c7201bacc81783fb322
- SHA256
  
  5e34fb0d9bbc5c65ac513d6a684fac0233f5d76ad594b3b3319bea52219cfe3d
- SHA512
  
  4de4fc0e20831b784f8f581c7ec9d4739a457190511508521ce27695df9ba1b0d17c3c5a81bcc5e52500727a37a70caebef367fc5859bcc4bfbe74b36fad6724
Score

1^/10
behavioral7 behavioral8
- Target
  
  update-vita3k.bat
- Size
  
  2KB
- MD5
  
  3835ec952c7985bf0768658aacb6123d
- SHA1
  
  c86f211d67eb44dbed940746289f7a50a6396c8a
- SHA256
  
  8329ef6dcb8d266a0cbb722bdccdf582a59ef4fa034cf1617a8b44c6c66247a6
- SHA512
  
  9b11c5c0cea3644346680aecb581fcd5520c52713d66863cb249e8a2971c9c0997c45461e63b8490342b2faf332b7d2c397f0821e201bab45edd6f01801f738c
Score

8^/10

execution
- Blocklisted process makes network request
- Command and Scripting Interpreter: PowerShell
  Using powershell.exe command.
  execution
behavioral10 behavioral9

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

T1059

PowerShell

T1059.001

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Downloads MZ/PE file

Blocklisted process makes network request

Command and Scripting Interpreter: PowerShell

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10