73baf66d229b0df777344c3ffe4f8d38fc8277733b79959dbb1312038b24f735 | Triage

Sharing

General

Target

73baf66d229b0df777344c3ffe4f8d38fc8277733b79959dbb1312038b24f735
Size

135KB
Sample

241011-2zs78stcqj
MD5

c42e3744397254a8b9a366a972f80532
SHA1

9a428fbfcfe19bad368040c1c49f751f715a3a53
SHA256

73baf66d229b0df777344c3ffe4f8d38fc8277733b79959dbb1312038b24f735
SHA512

0b9821e3f2f4aa2f2231572d0d720fae414a946aee9eb711e27d97a18aecda5ebffe5d389bd900f824967f6b56e0581f06bbb3566ed2ad733d1647896255f048
SSDEEP

3072:bOCUDXJ6JgOJ2Mxxzq65LNbn1aqWeidjfGlyXPabjho:+rO2ULNoq3idjfObjho

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  73baf66d229b0df777344c3ffe4f8d38fc8277733b79959dbb1312038b24f735
- Size
  
  135KB
- MD5
  
  c42e3744397254a8b9a366a972f80532
- SHA1
  
  9a428fbfcfe19bad368040c1c49f751f715a3a53
- SHA256
  
  73baf66d229b0df777344c3ffe4f8d38fc8277733b79959dbb1312038b24f735
- SHA512
  
  0b9821e3f2f4aa2f2231572d0d720fae414a946aee9eb711e27d97a18aecda5ebffe5d389bd900f824967f6b56e0581f06bbb3566ed2ad733d1647896255f048
- SSDEEP
  
  3072:bOCUDXJ6JgOJ2Mxxzq65LNbn1aqWeidjfGlyXPabjho:+rO2ULNoq3idjfObjho
Score

7^/10

discovery
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/NSISGameExplorerPlugin.dll
- Size
  
  72KB
- MD5
  
  e5bf9549e2b10dd4cb4891991506e36a
- SHA1
  
  1281b13b05aff71d1e1e511be9db07529b275185
- SHA256
  
  97c3172d55ccf3aab1c1ca1434196552633a0f0bb9970bfae8d3361d04fad42b
- SHA512
  
  23a50b6025c45528d6d67642dc9cc5a88fc7d3d0113d6da6d1909a155d90b6d431bb15fa36e34c8698b56b2d9e7673adcac634cec39d6188daaec0086171cccd
- SSDEEP
  
  768:0SEZD13V1RLhk4KH0L/TZmSZjCLKMyb1tlqUOY1fZ7h+E0KB6svMB/:0SW1R+Al9kabqUOYD8E0Ev0
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/UserInfo.dll
- Size
  
  4KB
- MD5
  
  419d642fe3436fda8bb22eea9c37a6ca
- SHA1
  
  c1644131b880c6e03f14de3c79efd27093a77908
- SHA256
  
  25c4f65b02eca4ad897d7a623b3ca1290bac836e98ab5ee5f6c527dfb6a41dd7
- SHA512
  
  29df088e3b5189efd6fbeebc2f23c5850303d40fe5331cd336bb852d986f9ab66f7bcd963ebf8c4e4eea7d49a6590027490d651a3e4781024c7983a2c456a337
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/WT_Plugin.dll
- Size
  
  164KB
- MD5
  
  a1441a452aac1bc88fdd87754e88b7f9
- SHA1
  
  1c9e2e5d7987c09c5e04575fd0fcfbfbaedbcfda
- SHA256
  
  c859023e58c7c0f1ecb82a00d79bef6d26280a26b7fcb4135594ee2b8cd3bbe1
- SHA512
  
  0cbc22d5497a1343373866a34397a0dfb11ed69aa57ec12ee083ad7bb2b41925673e15905d35e2808c0c688e6b31a43b3bdfd71252d4200d2fbb5abe6e981b65
- SSDEEP
  
  3072:8fVsuKQwAI+qDC9VK84fDXgnmKXYEJUyrlRJIUCXK9wcJlXeLiWAQJ:Vu9bA8mKXYEJRJ/H6L9
Score

3^/10

discovery
behavioral7 behavioral8

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8