8dd013e412fb0b8ac54b2122447f475d5a649dc3962441efaaa64140a3fe563c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

PC_OnigaTownOfTheDead_1.3.0_uncen.7z
Size

359.8MB
Sample

240906-x2xwzsteml
MD5

aadd426da58459abcb06da016f7b26ce
SHA1

d67f45d3804e3bcf63ede518053b835c7890fe98
SHA256

8dd013e412fb0b8ac54b2122447f475d5a649dc3962441efaaa64140a3fe563c
SHA512

437646032f6f311c0a7ddcb2d4615888b76cac2d7519e131786d32fb171821a24c372e0a716505d61176e95dd49fddbce826250c74f5671b08fa1a29dabc9b9c
SSDEEP

6291456:CWjEf4rmlgDJrr7sEsaDV3q8XzLEooN2vUX+PXh1zSXkU2NVkHWads4IVY4C8/:CWjh62DhJX35XzLgAvUXaSXkU23kHWaE

Score

3^/10

discovery execution

Malware Config

Targets

- Target
  
  PC OnigaTownOfTheDead 1.3.0 uncen/OnigaTownOfTheDead.exe
- Size
  
  3.1MB
- MD5
  
  444adf9dc03dc1a39859475f892e4180
- SHA1
  
  315fe4f9f5b8667bb85342c875b099bc98bcd477
- SHA256
  
  2d975b4beca2e341c08d6255667f56cf5397f108fed923d3add5848c85d37615
- SHA512
  
  713a8400fcc33a1772b922afa720158cb4c17e7929af88efd6fc409c9aca45086d5ec2059565d5fbd7244efd973e879906e4b30a75c5b14bd2261bf4a1f508b8
- SSDEEP
  
  49152:R3EmpGS1mCCkcbJnHt8lujbOdsxuEtqgMneTWSCSiQ0C:RUG1mCC3b4YbOdsxT
Score

3^/10

discovery
behavioral1 behavioral2
- Target
  
  PC OnigaTownOfTheDead 1.3.0 uncen/OpenAL32.dll
- Size
  
  350KB
- MD5
  
  c0dbcf06d814579298d236c3628213c1
- SHA1
  
  7991b01920d44d85f2cfb56a9171a399d88e8033
- SHA256
  
  623e9bb8434b8791f7b021971a622d4dfbf3941c1cc3995bb21d539ebcda0fb5
- SHA512
  
  b1a615f0b0974fb9b18867a93a25c908320666f5baf82c586db508682cc05f5dca681905da30c8145bd5409d039177d4a94712dbf3c2946c1718af7c87b19443
- SSDEEP
  
  6144:wVVQvrOmAtVwPcVXVzWEpj946Y0XNSJUM2Cx43582OMxkt:EVgOmAAclV/Y0XNau4
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  PC OnigaTownOfTheDead 1.3.0 uncen/Resources/chara/real/03/hair_03_brown_back.dat
- Size
  
  47KB
- MD5
  
  c6207a4f1eac8d0495a6e830ad49e6ca
- SHA1
  
  3fa3705901b59d9c5506c3c61996908a857bdc56
- SHA256
  
  b41755928d108c9bcf95e86a2cd682c531355aa73502139302f9fc3ce21845c4
- SHA512
  
  93fa785735e97fd2b0463bc0e4001b168d0a94df0e969e817a9094b7232c5a4e715df7a9b6d53cba84415224ea0b2be4c46b1c646134e1eb1d8227d9ab8fa8e0
- SSDEEP
  
  768:oQDLtgoojrxL5ktPQw3JuyYvC3tWvNcGaWPr7V0AXl0ocjhrNcwvf2yXY3Tj:oQDxRurd52PQw3JNYvC30euT50AXl0DY
Score

3^/10

execution
behavioral5 behavioral6
- Target
  
  PC OnigaTownOfTheDead 1.3.0 uncen/Resources/chara/real/03/hair_06_ogre_front.dat
- Size
  
  62KB
- MD5
  
  50f9ff216288d426bf5cee694bb94a7a
- SHA1
  
  254aa509d2bdf82ad4e41f8409cf94476a90547d
- SHA256
  
  713c7415b36372466acb588a5ef4f783a49e7935ca4d5fb993e9e9abac5c2741
- SHA512
  
  b3dbc5e621b012f5601ff9daf9bc82fb1cb5a64a8d205c44d70c19082e9c51edabcde5ad223b80f9bb7173730b1b55dea2c206cefb432577b56a8a2cefb7d137
- SSDEEP
  
  1536:KRYqTJLWP/cLrCy9mqzM0ZIAT8ELY2zWNyqkcl+M1xhtl:+FnCy9mqdKAAiKkDsRhtl
Score

3^/10

execution
behavioral7 behavioral8
- Target
  
  PC OnigaTownOfTheDead 1.3.0 uncen/Resources/chara/real/10/clothes_top_e_27.dat
- Size
  
  59KB
- MD5
  
  25bebebfddc5a98fd83d8c4d6a9ba307
- SHA1
  
  167001bf9202e403862b6f3279634ff0b1e29943
- SHA256
  
  9f9cab4788530306e5c326882f645bb305abb2583d7ff1544e59582142d20cb9
- SHA512
  
  afd497c6dfd8430bda5af4835eecfad351006e11f9781b7bd895866362c384f84aa319d0f2b3a17ebc9bf07575e0b465f315bfee6522dde9fc7a5315b615d421
- SSDEEP
  
  1536:bkWbo6TsAqaFxh4/QKyN30EebERgCBAZThnIwiy1A:bkWMJaOm5ebp6kTJRiy1A
Score

3^/10

execution
behavioral10 behavioral9
- Target
  
  PC OnigaTownOfTheDead 1.3.0 uncen/Resources/chara/real/12/hair_02_blue_front.dat
- Size
  
  59KB
- MD5
  
  dc935976dc19ce436e6f19b62733db4d
- SHA1
  
  8610c9f589cfd1852fadef284ba96f9b74c3c6b5
- SHA256
  
  c397c249ed7a22f8137a9e374b3dab9a15f58719c15c71d736a81bbd6e832c55
- SHA512
  
  d6cac6e086aaab08fae981f159e6daacdf2eb055b4ba5e412ad9275e04438d9ceb3339a7ce2e7be78dfdfdabe9411eb64afbc69ea2d6ed47b4c2abbe9d782203
- SSDEEP
  
  1536:59TZ5wsy/FiBt+aYIXeV6u00aUTHGaej+GIjXkrwX0gyW8O8y:RnyUBk2eLBHXS+vjXkrwX0gybW
Score

3^/10

execution
behavioral11 behavioral12
- Target
  
  PC OnigaTownOfTheDead 1.3.0 uncen/glew32.dll
- Size
  
  324KB
- MD5
  
  7399bc6fcbcfe81b6437d37d45d27e00
- SHA1
  
  254ac4f5e56cd5ce14d31f824de7949b09597c78
- SHA256
  
  1ea8aedc46418e08aeabcb91c16fb4a0ab669924dd0a6071d143f13cd932a022
- SHA512
  
  bfffdd518b1a7a4890762e38861db465e187dc197aa6b02f2644ac798e0e03e6f6b2543e24e92e3a16a82ee3d9f795ff12845caf174b2d1b5f6800d7ae1941ea
- SSDEEP
  
  6144:GzLQ5Ht2YVVlGSAkApyg8YifaTzaOAz7Du:6Q5HkUVzH
Score

3^/10

discovery
behavioral13 behavioral14
- Target
  
  PC OnigaTownOfTheDead 1.3.0 uncen/glfw3.dll
- Size
  
  201KB
- MD5
  
  eba0b2972a830fed681ff69f2f1cb953
- SHA1
  
  afe2a57ce38c651f8e600d1b51b88842ef6b8dd2
- SHA256
  
  59298bc897b077422aa2ff1d3f41f6204fdf40430eb675a72f34ba38a4d09633
- SHA512
  
  3b81d1cb4991eed86c2d72bfb4b7297bf8b406c359cdaba7328f522af2be7c266ddf273c43940168c14ef878ad43be3f6b57697666221f14417866405c127947
- SSDEEP
  
  1536:Yu2/9v4PqOfda3P+K9w9ThfUoznn9oqhAWFDOxHTtFPoRKLSFLvvtIePYTh4i3cF:Yu2/9vqZbhfjnntYoRKLS37nGTIU2
Score

3^/10

discovery
behavioral15 behavioral16
- Target
  
  PC OnigaTownOfTheDead 1.3.0 uncen/iconv.dll
- Size
  
  868KB
- MD5
  
  73af5773bf5627fe771bf6809ec839f9
- SHA1
  
  69d9597991dd0d1c6b478174aaa85b0e8175d0a7
- SHA256
  
  6cd69191469bf13f0cea70837bac9b1e7871c116f5f6f18bef5a6a9575c020c9
- SHA512
  
  64b631454d1d16709ae96cca95e8e3dd6049841c53ef6c4643b1a5b28a32fe6bfacb86337e93b5f9f2abf43d0233b094646b8065d3c1fafeaab7c3d6e371b864
- SSDEEP
  
  24576:Vf2VfWlcKu6Gavkg3NydIbbbI4IBAUZLY:ZuscKu6GaXUT4IBAUZLY
Score

3^/10

discovery
behavioral17 behavioral18
- Target
  
  PC OnigaTownOfTheDead 1.3.0 uncen/libcocos2d.dll
- Size
  
  5.9MB
- MD5
  
  6df97e1dce84068602a12cf6930c7b13
- SHA1
  
  544824bf5846352dedac912bc25db24d3d68a61f
- SHA256
  
  8fb2a96c3987d49f53803e7988748526da9fd4b782470f3f4c63636fcbb788d0
- SHA512
  
  5668da624b46d2cf8c825c47aa5e2450179cace649ee14b9d7037bb45e075da888ba198d73bb406d764e5ae263c514d97b7ab65cf5093e44f5f193e76f7c39f4
- SSDEEP
  
  98304:3CrLWKz4Wj9FiFBROnvrJARCUs+tkkafgHtxgn91lPxtd9:3CrLvJ93vrJ/25aEtxgn917td9
Score

3^/10

discovery
behavioral19 behavioral20
- Target
  
  PC OnigaTownOfTheDead 1.3.0 uncen/libcrypto-1_1.dll
- Size
  
  2.0MB
- MD5
  
  d8500eb6ca6563bca28a8b2fb8945f64
- SHA1
  
  e5157dfba5d456035e31b66b88df82e3bbf9181d
- SHA256
  
  d57b97e188783c5d886d0923f395cce53a98acef34f1e420790d655b51ee4ed4
- SHA512
  
  abd40836c5fed28991f8a7a0e346255d6e44529c53e934bf30228f99292d47cc0ed249b752c57293d66ead58a9769f9ebf0e414c841cbe2f8c31c7f7aa0d162d
- SSDEEP
  
  49152:0g/yvo2vQ/qpyr0k2mwBp1kFv82hlY1CPwv3uguGHU5:0g/d2vQ/qpyr0k2FT2hK1CPwv3ugu
Score

3^/10

discovery
behavioral21 behavioral22
- Target
  
  PC OnigaTownOfTheDead 1.3.0 uncen/libcurl.dll
- Size
  
  308KB
- MD5
  
  f75552eee8bb6db2dc4da7074076dc8d
- SHA1
  
  bb55774e7f352003bfa526d9e7c43f535b0ed14b
- SHA256
  
  06a7c985a09a4ccd7ae423a644fd00c5e282504b5f711daed678c0485d50a14f
- SHA512
  
  75186864577307d75cc85fb798d96caed29a6069db3ad79e5079156de2902fa87d6b5991f17ed139b1eff99969efcca3c93297c216260dd32b259d0eb33fc397
- SSDEEP
  
  6144:OkgBoQ21L+vyuypdvCYI9UylT6bpVxKGPEugL4vjhNWmNzaLqJOr:OkgG7V7l329ll2bpVxKG8HL4vgr
Score

3^/10

discovery
behavioral23 behavioral24
- Target
  
  PC OnigaTownOfTheDead 1.3.0 uncen/libmpg123.dll
- Size
  
  146KB
- MD5
  
  a76984371a551e5db6b5d739134b2feb
- SHA1
  
  763ef7eba5bbc8aa52b44f92e755ba8e0502d1e0
- SHA256
  
  8b70c69abc622941099393f9fdc63911e84ae5782f27945decc1c739a8543d17
- SHA512
  
  5cbbdbfad84101de0b110a30eac9ac5e1733c4c1d545c2992b9a0a77dd1b0b091c823859b5ea4a2544c3b1fd5b0c261d37c6f7f1b416d7cb0aefd7825198c8eb
- SSDEEP
  
  3072:l3dwsPSDEq0p2hTVg6cOFwsAXM4nJaclafOdBvWbsBRXxI:l3OsP5p2hTVg6cOFwsgMUxBa8
Score

3^/10

discovery
behavioral25 behavioral26
- Target
  
  PC OnigaTownOfTheDead 1.3.0 uncen/libogg.dll
- Size
  
  17KB
- MD5
  
  44ce4eaa36252e28d60956806d1398c5
- SHA1
  
  f44357c41b9c23a537eb1949e4c3454517bc9e6e
- SHA256
  
  f94d7a034195263284a1e493b83e71191d7057095fe7ead1de0ceaffc626c81b
- SHA512
  
  8dd1ad2bac78d88b3151843ecfe1dbef8ad43933a1db8bf2fced1d46798baf3dcb89871ecd0143e7e87c78f6ade7af6647915b4e662adf882e07798a9d44340d
- SSDEEP
  
  384:oofaVsBKcJA61ugCggmIxbR86MzwZgFN:ooOsBKcJHvNgmKZyuu
Score

3^/10

discovery
behavioral27 behavioral28
- Target
  
  PC OnigaTownOfTheDead 1.3.0 uncen/libssl-1_1.dll
- Size
  
  363KB
- MD5
  
  a6b35c077a134aebabc0b4e65537a400
- SHA1
  
  0ef28006a8f3d69d543ab925805c38b02921daf6
- SHA256
  
  a3040f0b6675fa280494dd5ea7e4b9e91652e371f6b743b5005e55dbf2a21fd5
- SHA512
  
  bab8ab087dc0def35ae23fb5101e7dbfc0f1388de10b6bf490d2befa1d921a586e248eff37855bfbd1b6ac8bdeb1b8bdda65aba125d9050dff3f9aa9492c8b8f
- SSDEEP
  
  6144:BcnnarqfwXLKggaAeFrD8XgMTewvR/KtWC68WU1btZGsjJ5M5OOK7pp+0qfv6UfR:BUaeYXGggalFrD8XgMTewvR/KtWC68WL
Score

3^/10

discovery
behavioral29 behavioral30
- Target
  
  PC OnigaTownOfTheDead 1.3.0 uncen/libvorbis.dll
- Size
  
  651KB
- MD5
  
  745289d6429c25ae7599d76bd73d2bf2
- SHA1
  
  cb8a7fbc8dcffc83f27a549a811a4c2004eefd7c
- SHA256
  
  2c28ebd863078a15653ec8e2f83e2dab2bec1ea18e6c8095d23b0ac48fb86497
- SHA512
  
  440e8603d9ee9ea33603f6a77973ea155001b33f1801418dace8cdd1aa2cf8e471e61bdecfc9fad468dfafad52eab71a06e8617592d3b087aabed41421985db8
- SSDEEP
  
  12288:+NvFpnIyTExOrz8FWoGeuEURc484cQ3PWk:+NbIyTExOrzjoG/EURcScQ3PWk
Score

3^/10

discovery
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32