f56ec04d8fa2968c7afe11afdea1ceda1f300409a875c939308ccae7799aa75b

Resubmissions

28/09/2024, 22:17

240928-17j4vs1fpg 8

28/09/2024, 22:07

240928-115f8a1dpg 8

Sharing

Copy URL Twitter E-mail

General

Target

TLD_Fix_Repair_Steam_V3_Generic.rar
Size

9.3MB
Sample

240928-115f8a1dpg
MD5

1970d73dfe67fb7feacf815952a35c17
SHA1

61fc0b904a1bd7de4d4a1320f8203e041a00cb0b
SHA256

f56ec04d8fa2968c7afe11afdea1ceda1f300409a875c939308ccae7799aa75b
SHA512

eebacfdc5d81b16996dd2f271b5171f615809489ae566e53ae7778c1a288925e0df84b49f8d382faa46b6cbba7104ec30c05d0164f42907fc442f7f755636152
SSDEEP

196608:m8AYPsO1s/A7kJIIY/VQpb4Fke4/F+VbVo1BUmoU/IHDY2C34g5z:mqK/A4K/Vcb4e7CbOTGDYR342z

Score

8^/10

discovery

Malware Config

Targets

- Target
  
  TLD_Fix_Repair_Steam_V3_Generic.rar
- Size
  
  9.3MB
- MD5
  
  1970d73dfe67fb7feacf815952a35c17
- SHA1
  
  61fc0b904a1bd7de4d4a1320f8203e041a00cb0b
- SHA256
  
  f56ec04d8fa2968c7afe11afdea1ceda1f300409a875c939308ccae7799aa75b
- SHA512
  
  eebacfdc5d81b16996dd2f271b5171f615809489ae566e53ae7778c1a288925e0df84b49f8d382faa46b6cbba7104ec30c05d0164f42907fc442f7f755636152
- SSDEEP
  
  196608:m8AYPsO1s/A7kJIIY/VQpb4Fke4/F+VbVo1BUmoU/IHDY2C34g5z:mqK/A4K/Vcb4e7CbOTGDYR342z
Score

8^/10

discovery
- Downloads MZ/PE file
- Executes dropped EXE
- Loads dropped DLL
behavioral1
- Target
  
  OnlineFix.ini
- Size
  
  542B
- MD5
  
  06d89805a21b85f10e6570ec88948c4a
- SHA1
  
  d9605a27c02845ad312dabb8cefec1085d34591e
- SHA256
  
  b89b7237ae9c2e376b630721dc0a1bc21f86192b78b637c681c80fd0800a9a22
- SHA512
  
  a12344db849a6531f48388c3a9f77d18af22ac84b110adcbc1ce8192081323fa389ac6c8b05aa8e7c358fc64091ee26cc20b06995613f4894ba2f9239e5bde19
Score

1^/10
behavioral2
- Target
  
  OnlineFix.url
- Size
  
  46B
- MD5
  
  59bf167dc52a52f6e45f418f8c73ffa1
- SHA1
  
  fa006950a6a971e89d4a1c23070d458a30463999
- SHA256
  
  3cb526cccccc54af4c006fff00d1f48f830d08cdd4a2f21213856065666ef38e
- SHA512
  
  00005820f0418d4a3b802de4a7055475c88d79c2ee3ebfa580b7ae66a12c6966e5b092a02dc0f40db0fd3b821ea28d4aec14d7d404ead4ea88dc54a1815ffe26
Score

6^/10

discovery
- Legitimate hosting services abused for malware hosting/C2
behavioral3
- Target
  
  OnlineFix64.dll
- Size
  
  10.5MB
- MD5
  
  539956c25297134e28e82ef79dd06f5d
- SHA1
  
  d0c6833ab7a832cbf7582d2e80f654cc746d995b
- SHA256
  
  0faf4a397cbc7828a29313447684d2300794d48bdb9b21cf539e5f1320f43436
- SHA512
  
  fe4aa756abce70166fc53518da319eff8041271c3798b3acfed38aceb65c49900ec83f81e696ade10b5a18d62bb0413a9796c511039a1f01e061565bd33342a6
- SSDEEP
  
  196608:5QViBePwq4HldJYE9Acp9lhgUwYlBUWnHOBfMnvsQQFXvYrDAeNrRoJi6:5QoLb9BHhgVYFnQfMvgYPAexu9
Score

1^/10
behavioral4
- Target
  
  SteamOverlay64.dll
- Size
  
  96KB
- MD5
  
  549eb651023fa847d2212bebe29c6f9e
- SHA1
  
  f70fbe8f46cbd90c185eac2a2df843e2c3405a8f
- SHA256
  
  9edeba9df599d65fb378d4bcbe16e9ac2ea3b7850491e662e8ddaf6f1d74849e
- SHA512
  
  9e249b8d589c52857362b0611c265c21d1f715749e6b7a75e112d28aec89975655a8ef62ad1de812fadd39a48f0e01cc8eef9e33bbb5e30da827020c77247c68
- SSDEEP
  
  3072:YV/XjVTzI4OC9cFnlHB6innA2ezcqSn4ueM+GLSD:iTi4OUc7Kt
Score

1^/10
behavioral5
- Target
  
  TheLongDrive_Data/Plugins/x86_64/steam_api64.dll
- Size
  
  256KB
- MD5
  
  8afde2d19c89d0bf1a9f6ec475aa0ebb
- SHA1
  
  7d1453b841dfb1101ab45f63d3b4294b6c5d0cb6
- SHA256
  
  473f5a312b56519f347741b63f3dea590946b96ea40ef3803d5f452c39af2f1e
- SHA512
  
  4166361eead938b1a01f110ae3acd3660f5123ccf97b4504ed0577b3eedbe57cee5222aef037524de6051a6727c88161a4aa250b4ae60fd84ccfb2591d1b2090
- SSDEEP
  
  3072:NfpmprkbwQzAVsCeOTdmTxMezfOLgSbew/N65lhTbC66rpFvwLdyN+Qe2UvMxCbh:mprksQUVsCeOTdmTxDSLGnpynxCbmyx
Score

1^/10
behavioral6
- Target
  
  dlllist.txt
- Size
  
  35B
- MD5
  
  ff98c62757cb7c9f5dbedcd67d3781f6
- SHA1
  
  82076991ee9a824bcf9969b416fcc163d02a6160
- SHA256
  
  662dd415e2796635702c49586fb99ae62a3c6f595976d6923ec8a4e7c23fa8fe
- SHA512
  
  42973bbb4feb375354684c0356c45bfa7f0bf63056906244c2c0ac89720326cfa41c9aa51e2522d1d9da66c019ccf3dba570a732007e8b3306e66920faaae791
Score

1^/10
behavioral7
- Target
  
  winmm.dll
- Size
  
  512KB
- MD5
  
  e59aac558d9f9c5d1312ac24d09c51d5
- SHA1
  
  2f11c4b00f5f92d4466348f9501aa657c9bf6fa7
- SHA256
  
  ba37009eef6c041bc6d0a271c13679fb9e14a005bd7e038cee596cd4064cf8b3
- SHA512
  
  1c3b357074d62d5ca11c92d71ffdacb4a7e3d6fb17cbd4b489e5bea0032cea43650a6809388e98e4b98256b477c6b5dbd8fd2c7f4e3e08af00ef68e0ed4406d0
- SSDEEP
  
  12288:XQxOD9ZC0WKOy8zMtJKpBmpMgBNwQuQmMzWq0hNwnoAZwl:XQxOD9ZFKpB+N7JmMzWq0hNwnBZ
Score

1^/10
behavioral8

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Peripheral Device Discovery

T1120

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Tasks

Resubmissions

Sharing

General

Malware Config

Targets

Downloads MZ/PE file

Executes dropped EXE

Loads dropped DLL

Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8