5a70bb17f65024a56a861fade9b347eed5a3917e9c6b6480de0c4574a313cea6 | Triage

Resubmissions

12/09/2024, 16:33

240912-t2tyjsteqp 7

12/09/2024, 16:23

240912-tv8hcstcrk 6

Sharing

General

Target

Undertale Sin Virus.rar
Size

416.1MB
Sample

240912-t2tyjsteqp
MD5

f35e66cbe4d4f2e85313c85ff1f1fa1c
SHA1

75ed50bd755a1d7697582573852f6d8123f49402
SHA256

5a70bb17f65024a56a861fade9b347eed5a3917e9c6b6480de0c4574a313cea6
SHA512

1da8ed216fe14303e6ea686450f9b8a66c891af9ea8b82764b2bf334076d66b805014d2e82dbfdb3a15e82ba96b90b49be7e0fe1176ea97516c4b77cf1eb5d6e
SSDEEP

12582912:tF6OMdC2/vZGIwuE8WW6HpHdSxSh4okixJgUQnzt3s:tsP1GnuEAx01x2za

Score

7^/10

discovery evasion trojan

Malware Config

Targets

- Target
  
  Undertale Sin Virus.rar
- Size
  
  416.1MB
- MD5
  
  f35e66cbe4d4f2e85313c85ff1f1fa1c
- SHA1
  
  75ed50bd755a1d7697582573852f6d8123f49402
- SHA256
  
  5a70bb17f65024a56a861fade9b347eed5a3917e9c6b6480de0c4574a313cea6
- SHA512
  
  1da8ed216fe14303e6ea686450f9b8a66c891af9ea8b82764b2bf334076d66b805014d2e82dbfdb3a15e82ba96b90b49be7e0fe1176ea97516c4b77cf1eb5d6e
- SSDEEP
  
  12582912:tF6OMdC2/vZGIwuE8WW6HpHdSxSh4okixJgUQnzt3s:tsP1GnuEAx01x2za
Score

7^/10

discovery
- Executes dropped EXE
- Loads dropped DLL
- Drops desktop.ini file(s)
- Network Service Discovery
  Attempt to gather information on host's network.
  discovery
behavioral1 behavioral2
- Target
  
  D3DX9_43.dll
- Size
  
  1.9MB
- MD5
  
  86e39e9161c3d930d93822f1563c280d
- SHA1
  
  f5944df4142983714a6d9955e6e393d9876c1e11
- SHA256
  
  0b28546be22c71834501f7d7185ede5d79742457331c7ee09efc14490dd64f5f
- SHA512
  
  0a3e311c4fd5c2194a8807469e47156af35502e10aeb8a3f64a01ff802cd8669c7e668cc87b593b182fd830a126d002b5d5d7b6c77991158bffdb0b5b997f6b3
- SSDEEP
  
  24576:8UtU6OIyl2Wy9M3bJ45fPS0zFZghQ6aOiFaKOE31GrvFXl74YZ29X1MDd6olmrBs:8566l2u45BiNYFrz31Cv3D29kd6kWa
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  GAMESTORRENT.CO.url
- Size
  
  196B
- MD5
  
  22418db266e93f3d2325a86817a6fc09
- SHA1
  
  56fad950b78092feccde4d2d8eeed9eca7eaafca
- SHA256
  
  05658194e8de811116b86d073fbf95d0831f8a05b26e97908a44cad5cd8470af
- SHA512
  
  9bbe646d3254d769df6e53e884a0a717c8ea68e2b47ff647aa4382f66c597b22f950c1a7d2be9a2a0720506c7964eb4912f22a7c1e02ae6a48bdc13756195a33
Score

6^/10

discovery evasion trojan
- Checks whether UAC is enabled
  evasion trojan
behavioral5 behavioral6
- Target
  
  IGG-GAMES.COM.url
- Size
  
  198B
- MD5
  
  e4aeaaca90fce67661f114822a05821c
- SHA1
  
  383566802ada60fa79899fafd8965787165cc9a3
- SHA256
  
  6626bfe6c288b998647273217e711fc913371597756601d88b4352a57215d591
- SHA512
  
  6c53520d70d03ef00526648fd282b83b4faa21d8784aa848682fc023df0173142403723c2e932590d53cb1ff5439b63cc20cc640333c0e646952855436c7282c
Score

6^/10

discovery evasion trojan
- Checks whether UAC is enabled
  evasion trojan
behavioral7 behavioral8
- Target
  
  UNDERTALE.exe
- Size
  
  3.6MB
- MD5
  
  93d87952773a2bb59a8667d0bc06c2c0
- SHA1
  
  480c87f42e8ecbcde1104f4a61de5dee6a9cb3c5
- SHA256
  
  9ec41f5094544c938fc075f5506c089d0c1e11fb93afba79a196981bef81d19b
- SHA512
  
  d9fce47e5c037e4954437c95abea6959e39c91d0bcd596f1c3267e5c09e5a0defade4c63617609b5386879bcae06e3c60e909fcf2476e250bc960eea0c2d1c6d
- SSDEEP
  
  49152:LKmEDcfY7y7tinhmShHrfh/mX2KiKwmFT7MvTyA:y7K6HrfdmX2KiUFT7M2A
Score

6^/10

discovery
- Drops desktop.ini file(s)
- Network Service Discovery
  Attempt to gather information on host's network.
  discovery
behavioral10 behavioral9
- Target
  
  UTES_v2.exe
- Size
  
  9.9MB
- MD5
  
  6647145d121243aa0afa229377a1d1d1
- SHA1
  
  9edc3153a277748103d1a4188f446c0e4e526103
- SHA256
  
  e37e702b4d93bd70a885e46ef20ec5d2d7129255fc12e747bb7a7687e29bb520
- SHA512
  
  675ae196b05657a0fcf28749fdcff383351272a1bf02bffc1d52d6d4928f855f167ace2b914b686282483f60cdd26d80f787370445fc784605b568c30bb4b2d2
- SSDEEP
  
  196608:Zy5x+pMmmd6dp40+pkssG1lhuNrmBr4/4dS/cj1BL5LvBI:gSpMmmM4PksEMrqISkj1BL5LJI
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral11 behavioral12

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Browser Information Discovery

Network Service Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

discoveryevasiontrojan

behavioral6

behavioral7

discoveryevasiontrojan

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12