af53d0484c188a97eb6b498cff2ecb80e1e8d2ad525458238bf5de4fcd6a4fa6 | Triage

Sharing

General

Target

PrismLauncher-Cracked-develop.zip
Size

5.3MB
Sample

240908-fl3c4axhmn
MD5

ffbbc7b5f6d7f6dbbee0385111e13bc3
SHA1

7b2ded66a1fe87eb564d48b1902301870993b79d
SHA256

af53d0484c188a97eb6b498cff2ecb80e1e8d2ad525458238bf5de4fcd6a4fa6
SHA512

ddeafba76f85d273568a362b9f7330e9cf35e1d90289af0e1eda6694d035af866fffea9dbdeff6572d89f9ba2d67d328d4d9e22056346886ed3617b3e1bde7d6
SSDEEP

98304:SjfDXQ5hLvxZkSDkvPIGvq5/F6AEOiRp8i6jsJNXxlYNT:SXXQjZaAEfp8vGN7W

Score

6^/10

defense_evasion discovery execution linux privilege_escalation

Malware Config

Targets

- Target
  
  PrismLauncher-Cracked-develop/.github/workflows/build.yml
- Size
  
  26KB
- MD5
  
  855eec9d484c0b0a201e5c303aa600a0
- SHA1
  
  cc2d69f35d978e4af446a3fa63e1576c4a036658
- SHA256
  
  3484559471c2c5e34ec4a66a5f5db9a5575e061a9f522e133ed71b9d8a43289f
- SHA512
  
  a7e355abe3d21cbd1c1452f76371eab3bd5436139d95167a9fb61f1b80f219e0a65ff8a5c3ff05931a7599aad6604ce056d3b731fb3f1793422cb65d0c21d1a0
- SSDEEP
  
  768:P6DyI6yutVQ3xS+Q3j/34ZzDXY6YcbGWBWkb5lU:P6Dobt+3+3j/6zHSWBWkU
Score

3^/10

execution
behavioral1 behavioral2
- Target
  
  PrismLauncher-Cracked-develop/flatpak/prime-run
- Size
  
  123B
- MD5
  
  2fa0f85baaa6039397ed72ceca93d940
- SHA1
  
  183bc6e2efc8df45059ba69c1998a2bf0e937b56
- SHA256
  
  f175fd8d3f96bd9144e51964c7449b3dacb3b926571c2451f2c21311d679aeb1
- SHA512
  
  4028c2c56ab7b67441aa6362c15f0a2d5f96272f18a95391b611a87146290f260e55d69c72917393500a86de806bb55d4b75c687001c5b0896229da05392ed6c
Score

1^/10
behavioral3 behavioral4 behavioral5 behavioral6
- Target
  
  PrismLauncher-Cracked-develop/flatpak/prismlauncher
- Size
  
  399B
- MD5
  
  a3fa1ad97e0457d9e69bf2bf7b5d285a
- SHA1
  
  d87f9fbbd76dd8d121ddb42e0024f79afee54863
- SHA256
  
  f25d08db86f0a458070a8a83810c196f64ad46b1d7864489b969befb7c31cfdb
- SHA512
  
  d30a6a618579fcec34fbe9ccb2b898a92c5995aab1d1c5d520f7221b9138de9bc2569ffa8c5ee6450fad78783e996984d5f705a84471431182b7c3b0a6bcf111
Score

1^/10
behavioral10 behavioral7 behavioral8 behavioral9
- Target
  
  PrismLauncher-Cracked-develop/launcher/CMakeLists.txt
- Size
  
  46KB
- MD5
  
  3690a6b2958c51d5c85327b2540a6fe4
- SHA1
  
  baeeb3c4baf34fa22088f267d9a1cda2245822fb
- SHA256
  
  ab365d417eccb653c8155af58886ea659161709fd44dc6d6788c6e59ac4f8c6d
- SHA512
  
  f66205d4acbc59aff40fa502fdf87b2adb91e4edba3179f17161cc6bca35dd00d8f951f433d04a707f83d3e2b1bd1a63dc0faeadb86589ffef4bb05722a4706a
- SSDEEP
  
  768:5rMKySMQtfGXQ5g6GodniI8ctQrori07jmB39qjRkJ3tLz4tY8w0E:gSM7XQ5Crori07jmBNJ99
Score

1^/10
behavioral11 behavioral12
- Target
  
  PrismLauncher-Cracked-develop/launcher/FileSystem.cpp
- Size
  
  55KB
- MD5
  
  5d2f40a24a67842513d3d0442084f135
- SHA1
  
  a523ff5632a8746ed95d076142970f8a33703968
- SHA256
  
  3770a6b24ccf9a383b112eff81975941bc5f5d54d2b006381b25cbf8b92bc1f1
- SHA512
  
  ae09f0a9d63586de2d2e2f3087eecd4f2968df0f1726b6e6526cec94170fd3fdea717f186bb723c1809a4aa47a3fa6a4eb57124c4f35488f558eb98ba2c7cf80
- SSDEEP
  
  1536:PloMuOCbfjI7mMuDMKMDjwRFcMJNPiBSQJPc0SRERc5:PloNmmMuDMSRFcMJ8x+
Score

3^/10

execution
behavioral13 behavioral14
- Target
  
  PrismLauncher-Cracked-develop/launcher/InstanceList.cpp
- Size
  
  30KB
- MD5
  
  57576f1d5709467135e2c1a0321d0393
- SHA1
  
  08be09d9300838cb123cb02deab34b7f85951b4d
- SHA256
  
  6ab632f103b0af7caf279c36b02b7d127fc24ec5c7f6d0a28b8118f6ee433174
- SHA512
  
  ed830554ef7ceba859baa069b479ee02c249bbb6e1b84fd830999a7d8595587183d7a83b9886981ad2adc10896191f8cf917a48fe3b7564315934efa2ccc4ab4
- SSDEEP
  
  768:Kxv4S5UgAypIXDux9BJCVxU1WufjIkthw1o:KVeypHTC1ub3tR
Score

3^/10

execution
behavioral15 behavioral16
- Target
  
  PrismLauncher-Cracked-develop/launcher/Json.h
- Size
  
  10KB
- MD5
  
  3e4bda59126561c363c4167bad8fc17f
- SHA1
  
  e78936a221a2d2d651a86e3a6e21117b2ff582a4
- SHA256
  
  39de7aad19de87f5a12c7f3483b3b609122838f40a150cd52fe3c7d99b24f6e7
- SHA512
  
  07fc1dcdf1958ac1ba0b4f17ee86de6b8958a1a93b765fe1b31c5174d45e911a5ccafeea0b50dce2b4c3357b1f15d8c3e1d4d30c3e540d4a1f64366ee03f9cd1
- SSDEEP
  
  192:ah9bbHM9gJLHAUec2cch3QOAZtZNZnZ7ZZZJZ9ZvZhZjZzZZZxZFK6Bs++LQ5p+M:avbg+eB+
Score

3^/10

execution
behavioral17 behavioral18
- Target
  
  PrismLauncher-Cracked-develop/launcher/Launcher.in
- Size
  
  4KB
- MD5
  
  28eea473f96af068fbc412008450be75
- SHA1
  
  32f41845852b4beb01d59fcebeb5f7bcc0cb2d4a
- SHA256
  
  57c87229ee331cbc471172d9eb07dfdf8c9752b9a76ca1f474058ba9d9aeeccf
- SHA512
  
  c0fa0ce10085cbe082f7d46ec9d575c6e3c38635514666d3caf607f14e7fcc940cf77992a5d12f6f941c820eb7cd2862a1c4c758173f65235581c42702cf083f
- SSDEEP
  
  96:vOMqGHGX5NPBi/I2xNMiIwliXAQdEG2vS6xEjJ8s52l8Kl5qHAv:vOMqrAQdEG2vS6xAJ8s52l88wO
Score

6^/10

defense_evasion discovery privilege_escalation
- Abuse Elevation Control Mechanism: Sudo and Sudo Caching
  Abuse sudo or cached sudo credentials to execute code.
  privilege_escalation defense_evasion
behavioral19 behavioral20 behavioral21 behavioral22
- Target
  
  PrismLauncher-Cracked-develop/launcher/java/JavaInstall.cpp
- Size
  
  1KB
- MD5
  
  66a0f8f0167725c5037086a2567f1d58
- SHA1
  
  ab7be49f67910a2ae63ede6572e546bc9e0ee322
- SHA256
  
  97108b1d9e92e7e819148332578bcf89b3c954b298502519930e6856fe0dbde8
- SHA512
  
  45b7882e207826ce60b6c3857d1d17493a6ca109d70422e5f7f503b8f2d11e70d7f5cc6dfaed8a672b5f667713d08766c6bc84b2e0310cf84c6fbe8cafd5c590
Score

3^/10

execution
behavioral23 behavioral24
- Target
  
  PrismLauncher-Cracked-develop/launcher/meta/BaseEntity.cpp
- Size
  
  4KB
- MD5
  
  5d1ad2d04f70428b9ca253cc0b6d2484
- SHA1
  
  64c594a162c259592f5bb3083e50991e0d38c4d6
- SHA256
  
  32c62159d7c0632b65e761867d25e123ceefb2ba7cbd290d7833c2dda742195f
- SHA512
  
  68bf57471c97bd3f1e0a4ee71972650b9d1fc6b840142b25aa79a9cd7ff564ac45157000535ad9cdae2112b353c0b69ef215f39a07212e81a0a560e8c9c8f859
- SSDEEP
  
  96:t4y/XHFCh4vnpbm4Gbq1uCOvFT8MvhInAg0HseSiqyqVxATe2us8oXHQD:tvXHQcpK4GbqPeFT8Mg0HZSijIxATejD
Score

3^/10

execution
behavioral25 behavioral26
- Target
  
  PrismLauncher-Cracked-develop/launcher/minecraft/Component.cpp
- Size
  
  10KB
- MD5
  
  bab7e80ecd4242b0a1fe19f47554a3de
- SHA1
  
  5c8461eaac02955ac25f93cb8321ec6467e2c781
- SHA256
  
  bd096b8b9cf41f0bf66d097e60f3d53971131981354249699fa3cdcdf09e1849
- SHA512
  
  6eb37ed752f918b81171d0467d2be68380a85430cdea5663e9bee19b39ef1b506aea0187db0ab5fbdffb7a1d85be087578a57cf9a884899e18a4ab01499bff03
- SSDEEP
  
  192:ah9bbHDX2KD96gVLLzFzgvAcrAtQ+vFQmtDleRRm7WVpceHhWJuuXQQqBeiQsJNo:avbIAmmQRVgRbRF6fty
Score

3^/10

execution
behavioral27 behavioral28
- Target
  
  PrismLauncher-Cracked-develop/launcher/ui/dialogs/ExportInstanceDialog.cpp
- Size
  
  7KB
- MD5
  
  e11cd727bc800f04962a12453ec08924
- SHA1
  
  0391352fcb0b7258e425ff00667a4dd43b791edd
- SHA256
  
  72b33864ea1ee66937ea874d7ce7d5d5aea33c3f66df1930985da2d912653b02
- SHA512
  
  5472feb01ad9e7658e3aeb2e22a4fbac5166302432c984d4c8a572aa459589265376dbc7e12b1c4d44d7271c4e7a5bba7e1ed726fe579baa84414577c232ca97
- SSDEEP
  
  192:KSh9bbH9MJAHR26fy7vaNT3byiZaf0XNDgWNlbiHgCeBsCirP:KSvbZMJAHffy7mVafOZgWRelT
Score

3^/10

execution
behavioral29 behavioral30
- Target
  
  PrismLauncher-Cracked-develop/launcher/ui/dialogs/skins/SkinManageDialog.cpp
- Size
  
  17KB
- MD5
  
  4920953b4b89b9ae611e1b6b5377ae2c
- SHA1
  
  9c20057b81dbf3ffe923a1fb85c89feb9a5d2a9c
- SHA256
  
  2abc2301bcca8e199044de8273d7a5bd9888d09aadd524762291223ff8fda4f9
- SHA512
  
  2d2c65574072f82dc42f0776819d417ff1f8b8006604dd5eed6aaa5df44014d5891e3a3f6707cf24c02dd6effd9eb32c60c768fef9890a6e9e726930e3b725ef
- SSDEEP
  
  384:D2PJbHasdOyCeSW9uOph7I9+0Nq3yh2Etqas1znx9yIAtzdGcd71gXK18f9:DmHacOheS81X7IkMq34X8as1aIAFdG4E
Score

3^/10

execution
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

PowerShell

Persistence

Privilege Escalation

Abuse Elevation Control Mechanism

Sudo and Sudo Caching

Defense Evasion

Abuse Elevation Control Mechanism

Sudo and Sudo Caching

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

defense_evasiondiscoveryprivilege_escalation

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32