8a30778288d5c28cfcfdc8811153b9ef192da7e65f6614432d37e1898cd8b7a3

Sharing

Copy URL

Twitter E-mail

General

Target

DDLC_russian_patch_3.2.exe
Size

14.2MB
Sample

241014-nzbrasvara
MD5

bc7900b11ee151ebe0933a8207e681bd
SHA1

edbd986032c3bb78b780aa8148cb2edf41b013c5
SHA256

8a30778288d5c28cfcfdc8811153b9ef192da7e65f6614432d37e1898cd8b7a3
SHA512

8f43f3047bf7c75cb2d5886e0f12ce25fd6535b701a9176614e0bc91c8e76448558d1cff01cd85329d8998a92b12fdd69d4bbe6e4345fea04009a2275225ad87
SSDEEP

393216:cSkBm0j0rABzrVuIn/9lexAZjUY6kQZKptwk8tg/:cJBYIn/9lATY6lZfO

Score

7^/10

Malware Config

Targets

- Target
  
  DDLC_russian_patch_3.2.exe
- Size
  
  14.2MB
- MD5
  
  bc7900b11ee151ebe0933a8207e681bd
- SHA1
  
  edbd986032c3bb78b780aa8148cb2edf41b013c5
- SHA256
  
  8a30778288d5c28cfcfdc8811153b9ef192da7e65f6614432d37e1898cd8b7a3
- SHA512
  
  8f43f3047bf7c75cb2d5886e0f12ce25fd6535b701a9176614e0bc91c8e76448558d1cff01cd85329d8998a92b12fdd69d4bbe6e4345fea04009a2275225ad87
- SSDEEP
  
  393216:cSkBm0j0rABzrVuIn/9lexAZjUY6kQZKptwk8tg/:cJBYIn/9lATY6lZfO
Score

7^/10

discovery
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/ioSpecial.ini
- Size
  
  211B
- MD5
  
  e2d5070bc28db1ac745613689ff86067
- SHA1
  
  282e080b4cf847174c5c11e4f9157b8c338ecb19
- SHA256
  
  d95aed234f932a1c48a2b1b0d98c60ca31f962310c03158e2884ab4ddd3ea1e0
- SHA512
  
  a50ca2014869629135b54e848f03cb4983ad8029cd811300d02b0fc54de0436185f418fea4d3db888eb0f3170e33a59d486aa885f024ab29e630e9bc0ae1a2de
Score

1^/10
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/modern-header.bmp
- Size
  
  25KB
- MD5
  
  d39ea663d3fb91c0bad278cfe905b3c8
- SHA1
  
  ad64bbd5d5bd605b80bedaea3126f4eb7c7cd41e
- SHA256
  
  6c17e96d99a39d33651105ce69c674eae910bc1cf2cbc27508adc74c4f58140e
- SHA512
  
  ace1b9d0dcdf64f0ae66bb87f40a6097d36632301a101df61e67f9135397e3ee791c3d785ef621e2f5651641424580656fd3198e03c1de48abed639dd96e7e41
- SSDEEP
  
  384:e5Bxbg2gaGdVDXfVo1/hY6gDityxktrCc:MgFa6VDXfIZPgK/trt
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/modern-wizard.bmp
- Size
  
  150KB
- MD5
  
  301964ff73628df4758131c20cb53671
- SHA1
  
  72d372e39a025bca45fa97fc4825685f9d93291d
- SHA256
  
  d0a7f9675fb4d8682bee2d6db14c9b3989c65b44c626ac7f41be7531311de87b
- SHA512
  
  15ec32cae859d68c98e3d5ab7193a5cd131c2922139aa5a0605e3fd0f9b528e9e458466d45277d43b718d1857379316ee24ddc68bf6a567f5fdb2b1b0f525234
- SSDEEP
  
  1536:ALYhsZUOOd9UeQienHQKZxdE/baHnFhpdyDcUouvPid3yKlWzJK39Rw:l7OM9UdiyHQKvdKbohmdP2zw
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral7 behavioral8
- Target
  
  characters/monika.chr
- Size
  
  830KB
- MD5
  
  5a999662e4ff653aebe91d2b4c3557f3
- SHA1
  
  d36efc3b101608f883087da5775839268dc1a975
- SHA256
  
  d493638ce090e851c4f3987cd674fd785fb349962c66f1475e9275958ac47bf3
- SHA512
  
  acf84bed6bd6137cdf18c3568ca0689941865dbf19da3d28a43b133a217ac1f6c45571dee305d6bfa2aab692b0614ac5e814670d76f689a4a32778d1e607e8fe
- SSDEEP
  
  24576:jIdnkOUMs62hLSQEdsN0i3gLnQSmQ46v1YU9w/tfkO:+hUPWQEdsNfqnQx619KtfkO
Score

3^/10
behavioral10 behavioral9
- Target
  
  characters/natsuki.chr
- Size
  
  21KB
- MD5
  
  67cb78a5697a268ba5a045def8cd3654
- SHA1
  
  6e017db8521141bb126cb0797e4fcbad111b310f
- SHA256
  
  eeca05e8f7bcc7a04953cfb923490849200f53574b3ec0d14b44fd1a5be47672
- SHA512
  
  99c8ac355a5fa59d63e11e12d0515cd566ef74f2987e99ee6aebbace00b473541c122b9741a49b3b8e230964ef25fc23b569aa7b878fb17ecc3f08331897dad2
- SSDEEP
  
  384:7Ay32katHiSapDAhzrRwlP/agtrzGC1J4ehaIXLVPBwM7y9J9:kyYCSapDAhM/dNzGA3ha2iMup
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  characters/sayori.chr
- Size
  
  855B
- MD5
  
  353eb6a5616f7a06a83cc05e47223479
- SHA1
  
  912831ece19a9fe125d5baae7d08c6a062e6c349
- SHA256
  
  d196408a93a5d9e7f5b26dbd42e72abb5eb52b15ee288ec3287a859fc3cf4d28
- SHA512
  
  cde238c6cc51ef7cf8cc79a8cf92ac5d24438f8e36b303c7cfa62babaae0b503d7a5b97ebcafae688e9e0bd4382b7cf364fe1b123a995e30d14c9e7932bae2f9
Score

3^/10
behavioral13 behavioral14
- Target
  
  characters/yuri.chr
- Size
  
  22KB
- MD5
  
  9067e14776f57d96e4ae582838cf8282
- SHA1
  
  54c48cea142ce0ad4c427b878ef3555943711ac2
- SHA256
  
  61b8d1033218e3b1deaeeb6931b1605805f6f236887e60e3e4116648c8af1e4a
- SHA512
  
  08d4ea8590d0b0b5516a61117e863be47a14f69ec582f5c362f87abae1c0bef5ef2e3ce965b02c9455f4cdcbd049fb43a385d5bad30e513463ab550cd3a7290c
- SSDEEP
  
  384:0iwks450ZfeepAk0ZNI2fy45tz7WeMt+cxCtyjeavHjiVYpbFGXP878miNfhT:0/jVSk0JfyqNWeP2CtyiwjAibkk7IfR
Score

3^/10

discovery
behavioral15 behavioral16
- Target
  
  game/bgm/credits_ru.ogg
- Size
  
  2.9MB
- MD5
  
  50dd5ced325004d31ab39434007d90f4
- SHA1
  
  84ceb8f88328460c178e964b1927e64904665546
- SHA256
  
  95c0362086753aaa3c65238ce13f6456048b25c68001de223d0bd0d42a5a3348
- SHA512
  
  aaede8d2005342e40e72d75060ef06bc3835b5066c2f2bf1b2a15426a67eae224d811636b34579f3f7dc485230bc35cc0e4289b08dc46614ab4cb235fefeae8f
- SSDEEP
  
  49152:wqUktCDnBWV1bSVn+T4ZzsItowc0JrCqEJXOW22VetMLuCKZACNHr/i9JbBJ8bAw:xoBWV1u+T4u10QJNOW22VettCLCNHrKC
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral17 behavioral18
- Target
  
  game/bgm/end-voice_ru.ogg
- Size
  
  469KB
- MD5
  
  c477f88395e4cec3fada2f32e1b3a351
- SHA1
  
  fc896e0c455e9b14965eb20b1f4959d0cb983c15
- SHA256
  
  dc9585119b4265e1b1a02d7d2af85041b8c76de9768552bf6565e8c38aee7ffc
- SHA512
  
  1ff0639055e7b59afa3ee3a75940c7d3481162083b79bb2663e770152d439d174e1a54480a86dad669780d3ea70bbff2123d95389e1f0318567a82df877512f1
- SSDEEP
  
  12288:r7sgA5JJJiFjJ3E2/3NdGy2xKREg5hwyo0Ztvx:r7sgA5J3iFjJ3Cy2xKRb5uyRZ1x
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral19 behavioral20
- Target
  
  game/fonts.rpa
- Size
  
  2.2MB
- MD5
  
  fa2ea55fe5ffbdb65c32c6be913552b5
- SHA1
  
  a422048ebaa0a5f09632bba14da850233a095873
- SHA256
  
  84d2d7b9ab95a0e47915e91f77b00f7e32ef5fac246cf575b6fb5dee84e77e9b
- SHA512
  
  63f056fd95d9537df82fec4e9a70c1c6779679bda2c46319f3d4c4317adb3c2c330d557338db7a3c64e73ed17a94d113901483b0e7b25d0cdf1bd63099cbffbf
- SSDEEP
  
  24576:mtt6RCfj+bqisszmM+HA8EWJE/LpA9XlCqmji306z72OYAuR5vAijHI:yjzM+HLyAKqmg062NjHI
Score

3^/10

discovery
behavioral21 behavioral22
- Target
  
  game/gui/end_ru.png
- Size
  
  10KB
- MD5
  
  4b099b0fc82db35c972ae234ec5d418c
- SHA1
  
  027f2a67fe59733e6a8768c3ea10c89cf4a49695
- SHA256
  
  14cbf458196c64e630cdcc067bf53d08ba0d5033f6cb9cfc5e2ffa8f64f8177f
- SHA512
  
  599e79ec14f2f098ac3a11e287e21d10bb8f99904585e5ff35dc51c9009258f9668019cf3b506014f5b0ac18edafd133c2939a56986c3ac3567be459f736b663
- SSDEEP
  
  192:DSDS0tKg9E05TG6666666666666666666666666666666666666666BJBimPvr/H:2JXE05mJYN7FZkGBw
Score

3^/10
behavioral23 behavioral24
- Target
  
  game/gui/icon_mac_ru.png
- Size
  
  139KB
- MD5
  
  77aa901be03cd4a200981f31f2f0dfc0
- SHA1
  
  dc1a2468b958ec1ccd0112ec5b5fbb226408d861
- SHA256
  
  d17c2c44dd8886791c7e19fbeafc74b66f093d883b3fa06b42bb5114ebae7097
- SHA512
  
  adad75a8fea92dffbae8d9429325ae80b6d7b7c4f177a5e0bd7c5921c42c8f924759adb71b5049845137fe6a2f3cb4b795772f5d69241014825ca46a4e803d47
- SSDEEP
  
  3072:mgazpTAP+pny57m9U6LbKKhQeiiP7LjqAPtMLm70DNhVfgGExj2X:ZwTAP+pnYAU6Pviy7nqqtMLk0phCGGjm
Score

3^/10
behavioral25 behavioral26
- Target
  
  game/gui/icon_win_ru.png
- Size
  
  4KB
- MD5
  
  aeb0f672388977f1ac843e3e01f44404
- SHA1
  
  69f960538d7e74c7b75cfd34e1bc7edcb5415123
- SHA256
  
  df7fc6b24112faad646532338b5ec9b70832ff1bbcf0bccba1d9c0b0770111e4
- SHA512
  
  d5667eb34c0a7636bcc6ff3312230f9a8bf3c58d0fe97e8a94df9027ffc6d1d70e6e7c7b685bc91f934a9f17bc6d15305e104b573fb631c9d6ff0f99a9e1062c
- SSDEEP
  
  96:27SDZ/I09Da01l+gmkyTt6Hk8nTm9/ksKHZqv5ceJjxVaGctAcmK:oSDS0tKg9E05Tm9s9qNjMtAc9
Score

3^/10
behavioral27 behavioral28
- Target
  
  game/gui/logo_ru.png
- Size
  
  139KB
- MD5
  
  77aa901be03cd4a200981f31f2f0dfc0
- SHA1
  
  dc1a2468b958ec1ccd0112ec5b5fbb226408d861
- SHA256
  
  d17c2c44dd8886791c7e19fbeafc74b66f093d883b3fa06b42bb5114ebae7097
- SHA512
  
  adad75a8fea92dffbae8d9429325ae80b6d7b7c4f177a5e0bd7c5921c42c8f924759adb71b5049845137fe6a2f3cb4b795772f5d69241014825ca46a4e803d47
- SSDEEP
  
  3072:mgazpTAP+pny57m9U6LbKKhQeiiP7LjqAPtMLm70DNhVfgGExj2X:ZwTAP+pnYAU6Pviy7nqqtMLk0phCGGjm
Score

3^/10
behavioral29 behavioral30
- Target
  
  game/gui/namebox_big_ru.png
- Size
  
  3KB
- MD5
  
  ed6ce41a0d3668379e84a252b667cc0d
- SHA1
  
  402dc9ba6c1d06f15f45cbefb797d522e0575078
- SHA256
  
  0c07ccf016fabba1bfdd333d40332c3fd27e159fd529a3fcc8dbe99f464cea24
- SHA512
  
  9dc44b9a73429615de881f30bf7f65e0c6d47bd53cbe15c345bfd590bb7ace196c1870d48630d2d476d6b4642458bb334a5d9409370bdca8068c919d360b63e2
Score

3^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Loads dropped DLL

Checks computer location settings

Checks computer location settings

Checks computer location settings

Checks computer location settings

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32