Overview
overview
6Static
static
3d048f1566e...f4.exe
windows7-x64
4d048f1566e...f4.exe
windows10-2004-x64
4$PLUGINSDIR/INetC.dll
windows7-x64
3$PLUGINSDIR/INetC.dll
windows10-2004-x64
3$TEMP/GMIn...er.exe
windows7-x64
4$TEMP/GMIn...er.exe
windows10-2004-x64
4$PLUGINSDIR/INetC.dll
windows7-x64
3$PLUGINSDIR/INetC.dll
windows10-2004-x64
3$PLUGINSDI...em.dll
windows7-x64
3$PLUGINSDI...em.dll
windows10-2004-x64
3$PLUGINSDI...ss.dll
windows7-x64
3$PLUGINSDI...ss.dll
windows10-2004-x64
3Firewall.exe
windows7-x64
6Firewall.exe
windows10-2004-x64
6GamesManager.exe
windows7-x64
3GamesManager.exe
windows10-2004-x64
3Uninstaller.exe
windows7-x64
4Uninstaller.exe
windows10-2004-x64
4$PLUGINSDI...ns.dll
windows7-x64
3$PLUGINSDI...ns.dll
windows10-2004-x64
3$PLUGINSDI...LL.dll
windows7-x64
3$PLUGINSDI...LL.dll
windows10-2004-x64
3$PLUGINSDI...ss.dll
windows7-x64
3$PLUGINSDI...ss.dll
windows10-2004-x64
3browser_cef_dll.dll
windows7-x64
3browser_cef_dll.dll
windows10-2004-x64
3browser_cef_exe.exe
windows7-x64
3browser_cef_exe.exe
windows10-2004-x64
3cef.js
windows7-x64
3cef.js
windows10-2004-x64
3cef_100_percent.js
windows7-x64
3cef_100_percent.js
windows10-2004-x64
3General
-
Target
d048f1566e130d44e21c475e24847b2614f29e2877a00f7d39997ab24d43ecf4.exe
-
Size
43.3MB
-
Sample
240927-b7snka1hpf
-
MD5
48eb6e52b1ba50c64e6446da58b11c94
-
SHA1
76d6c51a4ec7c8ba803c1d775106493ad58bdccf
-
SHA256
d048f1566e130d44e21c475e24847b2614f29e2877a00f7d39997ab24d43ecf4
-
SHA512
bc27f8e17a0a7581882563beff2da6a7fcedad58b43cdb988a2d6a3baf0560b4bd0b263b0836d75bd56a36a5e456f2489ac29e6fb2264b328bb0502f8d4d8cbc
-
SSDEEP
786432:07MTTN3VZFUwsX0GMZNHCvFh6ylXVijevA3nwjDcLdMn/TP/:jfN3VZy0GMrHCth6iXwA28P/
Static task
static1
Behavioral task
behavioral1
Sample
d048f1566e130d44e21c475e24847b2614f29e2877a00f7d39997ab24d43ecf4.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
d048f1566e130d44e21c475e24847b2614f29e2877a00f7d39997ab24d43ecf4.exe
Resource
win10v2004-20240802-en
Behavioral task
behavioral3
Sample
$PLUGINSDIR/INetC.dll
Resource
win7-20240903-en
Behavioral task
behavioral4
Sample
$PLUGINSDIR/INetC.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral5
Sample
$TEMP/GMInstaller/GamesManagerInstaller.exe
Resource
win7-20240903-en
Behavioral task
behavioral6
Sample
$TEMP/GMInstaller/GamesManagerInstaller.exe
Resource
win10v2004-20240802-en
Behavioral task
behavioral7
Sample
$PLUGINSDIR/INetC.dll
Resource
win7-20240903-en
Behavioral task
behavioral8
Sample
$PLUGINSDIR/INetC.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral9
Sample
$PLUGINSDIR/System.dll
Resource
win7-20240903-en
Behavioral task
behavioral10
Sample
$PLUGINSDIR/System.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral11
Sample
$PLUGINSDIR/nsProcess.dll
Resource
win7-20240903-en
Behavioral task
behavioral12
Sample
$PLUGINSDIR/nsProcess.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral13
Sample
Firewall.exe
Resource
win7-20240708-en
Behavioral task
behavioral14
Sample
Firewall.exe
Resource
win10v2004-20240802-en
Behavioral task
behavioral15
Sample
GamesManager.exe
Resource
win7-20240903-en
Behavioral task
behavioral16
Sample
GamesManager.exe
Resource
win10v2004-20240802-en
Behavioral task
behavioral17
Sample
Uninstaller.exe
Resource
win7-20240708-en
Behavioral task
behavioral18
Sample
Uninstaller.exe
Resource
win10v2004-20240802-en
Behavioral task
behavioral19
Sample
$PLUGINSDIR/InstallOptions.dll
Resource
win7-20240903-en
Behavioral task
behavioral20
Sample
$PLUGINSDIR/InstallOptions.dll
Resource
win10v2004-20240910-en
Behavioral task
behavioral21
Sample
$PLUGINSDIR/LangDLL.dll
Resource
win7-20240903-en
Behavioral task
behavioral22
Sample
$PLUGINSDIR/LangDLL.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral23
Sample
$PLUGINSDIR/nsProcess.dll
Resource
win7-20240903-en
Behavioral task
behavioral24
Sample
$PLUGINSDIR/nsProcess.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral25
Sample
browser_cef_dll.dll
Resource
win7-20240903-en
Behavioral task
behavioral26
Sample
browser_cef_dll.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral27
Sample
browser_cef_exe.exe
Resource
win7-20240729-en
Behavioral task
behavioral28
Sample
browser_cef_exe.exe
Resource
win10v2004-20240802-en
Behavioral task
behavioral29
Sample
cef.js
Resource
win7-20240903-en
Behavioral task
behavioral30
Sample
cef.js
Resource
win10v2004-20240802-en
Behavioral task
behavioral31
Sample
cef_100_percent.js
Resource
win7-20240704-en
Behavioral task
behavioral32
Sample
cef_100_percent.js
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
d048f1566e130d44e21c475e24847b2614f29e2877a00f7d39997ab24d43ecf4.exe
-
Size
43.3MB
-
MD5
48eb6e52b1ba50c64e6446da58b11c94
-
SHA1
76d6c51a4ec7c8ba803c1d775106493ad58bdccf
-
SHA256
d048f1566e130d44e21c475e24847b2614f29e2877a00f7d39997ab24d43ecf4
-
SHA512
bc27f8e17a0a7581882563beff2da6a7fcedad58b43cdb988a2d6a3baf0560b4bd0b263b0836d75bd56a36a5e456f2489ac29e6fb2264b328bb0502f8d4d8cbc
-
SSDEEP
786432:07MTTN3VZFUwsX0GMZNHCvFh6ylXVijevA3nwjDcLdMn/TP/:jfN3VZy0GMrHCth6iXwA28P/
-
-
-
Target
$PLUGINSDIR/INetC.dll
-
Size
25KB
-
MD5
e7ebd034dacf96fcc0c7a35c62477d21
-
SHA1
cd372d0607d94b48ac84a1738ed434df4d882f22
-
SHA256
dc84aa66f398781fe76eecf90fc6613f729076552d4b268269228b754bfd70d2
-
SHA512
df367b39c7c62ba2df1d50cbe3dbc97a7a2719fae7684330b4df971f0742c3447f0beb2d295a206522bbce6fbd0053d188d159f7236b6953d35cbf51aecc1bf3
-
SSDEEP
384:N8H7SlBWLj3TKkbZvnprdzke+Bj9e9dEaY/ZwceyekskO5GmO8V:NkrKABprOeQAvEassk+GmO8V
Score3/10 -
-
-
Target
$TEMP/GMInstaller/GamesManagerInstaller.exe
-
Size
43.2MB
-
MD5
fc633da3b56a184f90c207cd2a83093e
-
SHA1
1f1f7da7fbdbe4f9149a92a4e43e33010127a3e6
-
SHA256
6b8f12f25efdd9e6c9b2dc88035ba03de5568753fde37a1d551d6d45bb867705
-
SHA512
b385842e3c28ecb1acaaa52dfef9a1d1e87bb9bfb94c68a4a02d07f2bfc59fda2b929f11a07fa7f4475b7935d6bf814eedc6da7bf4fe804e540e4568d4984cb6
-
SSDEEP
786432:Y3n1671aoxbsaqDX8SoZhYEYOvHcq0HDukMqXrPOLPIte0z9:4w71aoheX8xZhbYOvcXnicz9
Score4/10 -
-
-
Target
$PLUGINSDIR/INetC.dll
-
Size
25KB
-
MD5
e7ebd034dacf96fcc0c7a35c62477d21
-
SHA1
cd372d0607d94b48ac84a1738ed434df4d882f22
-
SHA256
dc84aa66f398781fe76eecf90fc6613f729076552d4b268269228b754bfd70d2
-
SHA512
df367b39c7c62ba2df1d50cbe3dbc97a7a2719fae7684330b4df971f0742c3447f0beb2d295a206522bbce6fbd0053d188d159f7236b6953d35cbf51aecc1bf3
-
SSDEEP
384:N8H7SlBWLj3TKkbZvnprdzke+Bj9e9dEaY/ZwceyekskO5GmO8V:NkrKABprOeQAvEassk+GmO8V
Score3/10 -
-
-
Target
$PLUGINSDIR/System.dll
-
Size
11KB
-
MD5
bf712f32249029466fa86756f5546950
-
SHA1
75ac4dc4808ac148ddd78f6b89a51afbd4091c2e
-
SHA256
7851cb12fa4131f1fee5de390d650ef65cac561279f1cfe70ad16cc9780210af
-
SHA512
13f69959b28416e0b8811c962a49309dca3f048a165457051a28a3eb51377dcaf99a15e86d7eee8f867a9e25ecf8c44da370ac8f530eeae7b5252eaba64b96f4
-
SSDEEP
192:0N2gQuUwXzioj4KALV2upWzVd7q1QDXEbBZ8KxHdGzyS/Kx:rJoiO8V2upW7vQjS/
Score3/10 -
-
-
Target
$PLUGINSDIR/nsProcess.dll
-
Size
4KB
-
MD5
f0438a894f3a7e01a4aae8d1b5dd0289
-
SHA1
b058e3fcfb7b550041da16bf10d8837024c38bf6
-
SHA256
30c6c3dd3cc7fcea6e6081ce821adc7b2888542dae30bf00e881c0a105eb4d11
-
SHA512
f91fcea19cbddf8086affcb63fe599dc2b36351fc81ac144f58a80a524043ddeaa3943f36c86ebae45dd82e8faf622ea7b7c9b776e74c54b93df2963cfe66cc7
-
SSDEEP
48:Sz4joMeH+Iwdf8Rom/L+rOnnk5/OCnXeAdbdOAa4GPI+CJ87eILzlq7gthwIsEQW:64c/eFdfS/SSnkxNa4G+ueqPuCtGsj
Score3/10 -
-
-
Target
Firewall.exe
-
Size
101KB
-
MD5
6c38755392d50a1fd40339a1e0c890b6
-
SHA1
ccbd98910147e1b4d3d8c1c99c03e6b03480e923
-
SHA256
e39b2ddc59e30fd880d3bb1ad7bac4b7f03b66f84f948fe5c158b291ab8b25e4
-
SHA512
c2c926151226ccc93ca34a049c984e7696f0ba83863bbcd32fead26d9d3fd1a5913f3a4f1f8cb6588edd17e421743a682744569012d0c3a8d2d5925cadf9acd3
-
SSDEEP
1536:lGarUa6LowvuhdNYh2Gf9rg6hzGPnJCw1Zdr7HiNTXYlZ63uCk7U1Xap24KOQ+8n:b5BuYAVrgUCPnJCidvKTXnuXoaKlDb
-
Modifies Windows Firewall
-
-
-
Target
GamesManager.exe
-
Size
3.7MB
-
MD5
ff948b22cb83729c3825101e506319f2
-
SHA1
c1f8f7f7241465a378740cf14c3003818855d8c2
-
SHA256
4498cac4be3beb2f0733ab6e0d5a3add87270920a4ef08a7f82f46f98fa1cc2a
-
SHA512
81cf71f9571df6905309edd770ebdb9170b1a1d678bd1187100e43e8f336934080cfeb59558c2d18f05a110d6be2e9860d29419bf2831cb9108495af6538cfd7
-
SSDEEP
49152:eoG0mRnBkkHKcLHrJHiUaXaUaB5Er1DchTPbuG1FIU93a/+DhxYmQ6:eoG0hkHK69XUWMG1FIU93a/6
Score3/10 -
-
-
Target
Uninstaller.exe
-
Size
254KB
-
MD5
4bb4437671cf20d1e664c20ec1fc1ed9
-
SHA1
b0254bc629a0d173b30ea9ac6c3c059e5bb3cdd5
-
SHA256
bbd535e9e5de50297eeb3dff5ea6368dda6f6cd5887eddadb529f2f6cbd1046f
-
SHA512
d42839eecc83be0ff83c0169caa2e1dae867af6f70efc9b5bfd3f49061ca1dad98df9eeba65b6a34ba7079cecf227ad0767e7d98e62dfdad01ed539030487bae
-
SSDEEP
3072:z5BuYAVrgUCPnKOfKjMbE4AuiU4ZwR+ORD52dtLjQXIygn1gxAJ811xQ1K9MwLTr:z50gUC5iYbE4A9xZwIkwXLjQPRXnU+N
Score4/10 -
-
-
Target
$PLUGINSDIR/InstallOptions.dll
-
Size
15KB
-
MD5
89351a0a6a89519c86c5531e20dab9ea
-
SHA1
9e801aaaae9e70d8f7fc52f6f12cedc55e4c8a00
-
SHA256
f530069ef87a1c163c4fd63a3d5b053420ce3d7a98739c70211b4a99f90d6277
-
SHA512
13168fa828b581383e5f64d3b54be357e98d2eb9362b45685e7426ffc2f0696ab432cc8a3f374ce8abd03c096f1662d954877afa886fc4aa74709e6044b75c08
-
SSDEEP
384:/MnT0MKT/Xwr2izZQ86mpAT8F9lN8Ov0J:EQMKzwTFnVX8i0
Score3/10 -
-
-
Target
$PLUGINSDIR/LangDLL.dll
-
Size
5KB
-
MD5
a1cd3f159ef78d9ace162f067b544fd9
-
SHA1
72671fdf4bfeeb99b392685bf01081b4a0b3ae66
-
SHA256
47b9e251c9c90f43e3524965aecc07bd53c8e09c5b9f9862b44c306667e2b0b6
-
SHA512
ccc70166c7d7746cd42cd0cec322b2adf4a478ff67c35d465f0f0f5b2b369c996a95557b678c09cb21b8311d8a91eed4196ddc218ea7d510f81464669b911362
-
SSDEEP
48:apTVWFeApYx2lxaKe3yfeEIWCGWNpBWLGGrx3pMt4z8mtJ7HofYZVSLa:RFG0xaKkyfjIWTW7BYrhSbmtJ7/V
Score3/10 -
-
-
Target
$PLUGINSDIR/nsProcess.dll
-
Size
4KB
-
MD5
f0438a894f3a7e01a4aae8d1b5dd0289
-
SHA1
b058e3fcfb7b550041da16bf10d8837024c38bf6
-
SHA256
30c6c3dd3cc7fcea6e6081ce821adc7b2888542dae30bf00e881c0a105eb4d11
-
SHA512
f91fcea19cbddf8086affcb63fe599dc2b36351fc81ac144f58a80a524043ddeaa3943f36c86ebae45dd82e8faf622ea7b7c9b776e74c54b93df2963cfe66cc7
-
SSDEEP
48:Sz4joMeH+Iwdf8Rom/L+rOnnk5/OCnXeAdbdOAa4GPI+CJ87eILzlq7gthwIsEQW:64c/eFdfS/SSnkxNa4G+ueqPuCtGsj
Score3/10 -
-
-
Target
browser_cef_dll.dll
-
Size
601KB
-
MD5
2886539265edda0fbc220a5ee7df3236
-
SHA1
a7675360a37eccf8543c76b9293763c81ef19096
-
SHA256
d39dfed8b0e55be1681dceafbced7cbb485e5336d4618b08d878e32ff9ed4ddc
-
SHA512
9b4fbd0019370ba214ef316364a22015cabd92338dc22b3aac300b8e052dc1b7ab1237b0d3c2110c05c8df9014c2ba0e3a83c7166345dc7faf52a24f7a4c3b60
-
SSDEEP
12288:sNAJx1t2HOC4N18+ygpZimw8e5DxI1pRfr:mAv2uCQ18LpFINfr
Score3/10 -
-
-
Target
browser_cef_exe.exe
-
Size
545KB
-
MD5
2e965cab13feaf3594366eac83181896
-
SHA1
7eeca2aeef4202790d4d7dc4576f9d98311a7e1d
-
SHA256
bff3225a85cc239fa44ba988025dfc63c368e16e3218c528139513e1328b0a37
-
SHA512
a77fe8bbe5dda259702aacab49acd2b3bc27759ccc00e0a0fb249f639d60af147e95b4db3ab19e6f7d22b25032bdbb0d09cf4806b9cd42ea0ccfb60fc6fb8062
-
SSDEEP
6144:Jj6z6ocKeUB+GsU2P3AOZXH1DDYr+ZMgpZimw8e5DxIwDP1uBm:JC6tKBtB2/718+ygpZimw8e5DxIcQBm
Score3/10 -
-
-
Target
cef.pak
-
Size
3.9MB
-
MD5
b821bc1fad6081ce1ede779c7b239d0a
-
SHA1
3ddce293acea7ecad12ac6c7d33fb817154b61cb
-
SHA256
defe5e079533ea9c2634e13621734ab3f773d402ca61a4e6360026ef2bf1d9e2
-
SHA512
087aff63cc51b7080086a9fade2947abfa53f4d435ef4ef007e16c1d620287b6818e7609d996143b6cfc28d5d7a71ad666bc872f07bac534f2c39192e94543cd
-
SSDEEP
49152:cI5ifRQsYa2qSdHfick5qkJoYA4+uug+UwJbeuR/oSHPFolWhHPeJ5RSzWavXUgE:ZQeuur9v2LxYz5v8j2ohP
Score3/10 -
-
-
Target
cef_100_percent.pak
-
Size
557KB
-
MD5
b025965acef260b5eb1b437c6299fdde
-
SHA1
1cca2181ae80e3780100b810554181481cb8cc5e
-
SHA256
18418cf413ce931872d7709b06c72c6038ebcaa24b7cd65077bc76a7460adc6d
-
SHA512
93ac74fa29e1b34563871ac4b73916d0b7912a90bae55b7caa3e6a8f78e93c101bdf3197c929f20031b3f45676f00020ea5c6b241d2cefad91f7c848cdbf692b
-
SSDEEP
6144:J6z/PPQ1MHMvfTm7bDlIdM/7OV71Ywlst+:g/SLeDFj8ct+
Score3/10 -
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1Defense Evasion
Impair Defenses
1Disable or Modify System Firewall
1Modify Registry
1Subvert Trust Controls
1Install Root Certificate
1Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Unsecured Credentials
1Credentials In Files
1