Overview

overview

7

Static

static

3

Devil.May....am.exe

windows10-1703-x64

7

Devil.May....rd.url

windows10-1703-x64

7

Devil.May....er.url

windows10-1703-x64

7

Resubmissions

12-10-2024 13:06

241012-qb5qkswerl 7

12-10-2024 13:05

241012-qbs2saweqk 7

12-10-2024 13:00

241012-p8lhja1gqh 7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Devil.May.Cry.5.v1.2.By.AR.Team.rar

  • Size

    13.6MB

  • Sample

    241012-qbs2saweqk

  • MD5

    654278df70645d799dc531b1e35de6ba

  • SHA1

    e206ef8b2e1485ff1747d63aed4cefab540c8cf6

  • SHA256

    bf4490cb49439979b9df9a18d3597f8fd210468a5d15e90244bc2985ee712df3

  • SHA512

    7ae01aae25bcfd51a26c5a92caef5555b05059ec2103412a10b2b55aa44363a93dbd0aa6520e634c3837be7d690fd2bafe9d986aaaa845de31dcbd59bcd7958d

  • SSDEEP

    393216:XoZKDdhY8UoGWc1UAbTm0IaH/H5BmHlDJ5iWovfRK:44vUVDUGK0IafH/GlD/ok

Score
7/10
discovery

Malware Config

Targets

    • Target

      Devil.May.Cry.5.v1.2.By.AR.Team/Devil May Cry 5 Update 2 By AR Team.exe

    • Size

      15.2MB

    • MD5

      a37b76368f1eda1b5dac4689f6303a8b

    • SHA1

      6335464bc4f6aa8a1ff49f701e88ab7a4e9b9163

    • SHA256

      480454464088a5756ab25eb1445cb8de924bcbcc26e0ff79021adf91685ab784

    • SHA512

      8bdf476e4a92c4a45de40c1ee97a1531e14bbf2ad85a7de89be7e34079129eddbe172a3f2f21f8c6d20d270520deb12750696031f364782fd03efe49f4660299

    • SSDEEP

      393216:1mpJx3Llc6DJ/NlCGeuMW/fdpYhYhlYuOuXN:opJtFFcGbpfvYCEg

    Score
    7/10
    discovery

    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1

    • Target

      Devil.May.Cry.5.v1.2.By.AR.Team/Discord.url

    • Size

      120B

    • MD5

      2ddff0d6e4b813665ce32abb31405c3a

    • SHA1

      fe6d14f8f89d60e5e76c2b96cc6d399187a8c501

    • SHA256

      1ba5299325572ad4532e11b8c216bf058f3b9ab9d393e07f967bd49d75ca28df

    • SHA512

      af67535eab31cd00b073667531bab00a5cd5a6e8d79b8a6b4b420607a38d84582aeecb3fa58209bbab2a01e24faa2224d52f7fad0c3d1a86d64696260d6f1ab0

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Legitimate hosting services abused for malware hosting/C2

    behavioral2

    • Target

      Devil.May.Cry.5.v1.2.By.AR.Team/Twitter.url

    • Size

      128B

    • MD5

      63be057e07d57e8b8cdaf4444d295985

    • SHA1

      899bb764d3de2b611c4bb74a51bf121d671958c3

    • SHA256

      972c67b460deb9d37f404fb7aebe6225e46475bbe189e7851051b6f0bf5a704c

    • SHA512

      401887ebd8641183ecdf2f0c8c997b8a4de3e6f7925b730a2dfd6839af4f904a919a64b8366694e4f445db0997e8db514ea3a82a45ca6fa7c5bb9166fdbb48ba

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral3

MITRE ATT&CK Enterprise v15

Tasks