General

  • Target

    Battly-Launcher-win.exe

  • Size

    255.3MB

  • Sample

    241022-amx7waxepl

  • MD5

    673b49b3ef5b6efc4254c29f3478bd93

  • SHA1

    5e7d5b6e0a1c9b8ec64b3522d6ffdc27e18aed1f

  • SHA256

    11c9d470187bab5a6176089d7d1a5dc99551ee9fb049b96cd7ca91312b3df8f4

  • SHA512

    cce24c3cf88b01800ac6aafb78a146ca10e3c44db17ab9ab7a6152a66f369f68ea2a2ed4ab649001ae1aa9dd91017916b5520bbf914e6f43873e54631cad4d23

  • SSDEEP

    6291456:a4roODYytuYUWT2/yWnG8QSOXDyCGQxGAOpuJp2gpJUaN6:a4PkCW3QSOXDAYFZJwgnUaN6

Malware Config

Targets

    • Target

      Battly-Launcher-win.exe

    • Size

      255.3MB

    • MD5

      673b49b3ef5b6efc4254c29f3478bd93

    • SHA1

      5e7d5b6e0a1c9b8ec64b3522d6ffdc27e18aed1f

    • SHA256

      11c9d470187bab5a6176089d7d1a5dc99551ee9fb049b96cd7ca91312b3df8f4

    • SHA512

      cce24c3cf88b01800ac6aafb78a146ca10e3c44db17ab9ab7a6152a66f369f68ea2a2ed4ab649001ae1aa9dd91017916b5520bbf914e6f43873e54631cad4d23

    • SSDEEP

      6291456:a4roODYytuYUWT2/yWnG8QSOXDyCGQxGAOpuJp2gpJUaN6:a4PkCW3QSOXDAYFZJwgnUaN6

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Target

      resources/app/node_modules/ejs-electron/index.js

    • Size

      4KB

    • MD5

      d441fba9399d196f943308f66d215d95

    • SHA1

      76557f8a00782c3503b62784098b7832256c136b

    • SHA256

      4574224bdcf1a47aab456dbec7b485d7cb8bd62bea5295f85db622b3ebab0c1b

    • SHA512

      7f11d59d870c0ae386b6c0ae4a65b2ab49445ce8b36528323bb2a03a8a55611c8e71d2c7439f0a57c69fb7cfdc2d05fde59e535e0da36adf24947a131db18a0f

    • SSDEEP

      96:Px5TgcV51Bi0BT/ddv6KEAHTD9MJ4ZVM2:PjrVfjPdPpk4Z1

    Score
    3/10
    • Target

      resources/app/node_modules/ejs/bin/cli.js

    • Size

      4KB

    • MD5

      c104b7f45946c47a7c80abcf2eeada49

    • SHA1

      ca407aa696a8fde9c7ecbdc20178af41def19c01

    • SHA256

      565df8144924d86535189192b207178eea934962d4c3b29498a4e8fe7f49e8ac

    • SHA512

      3ffabc5d5d7216e787515c2a801cc0acda59f0b4383bf29b9082c66d93396c740f5f55a47a029e6c5e1da3d56a9875588acfa59249f0e582c6ff7c149643fa9c

    • SSDEEP

      96:O4S/XHFCkJibCgM1GLyHfQIWtroMaPLAnJQr9ieikVzx9Vz1nFqAxUEtgvwjc+Ig:O/XHxK4Toazx9Vz1nFdxUEG6IpctMcD9

    • Target

      resources/app/node_modules/ejs/ejs.js

    • Size

      48KB

    • MD5

      51e467d6ca2eb8b3de11c3d44a261afc

    • SHA1

      d59af95aade64ef307a7c729b8f998d4ccee2e9c

    • SHA256

      ca5030513da8b479d35885c78286647652e30516f1111f8540f7921877e9c83d

    • SHA512

      e15eacdabeb83ca4435585f63f003079e6cd92577a0185ec90b9fe805ae8cb03ed28b5d3bfd919ffab100ee5db6e6a8df33935c3882f120121ae196ed29c43a1

    • SSDEEP

      1536:MPhCNMtn6viZeq4itAHTf4ZIHquM8LuLGEFvM:IhCNMt6viZe3iof80LuLGEFvM

    Score
    3/10
    • Target

      resources/app/node_modules/ejs/ejs.min.js

    • Size

      23KB

    • MD5

      8c2b0c8bc7ea814fc141bfd264d222ad

    • SHA1

      02d1a367026613706b25066d7811f0d7d73a6eb0

    • SHA256

      14c83c9d64fbfe35a8c0b74338534dc6d3bc01c64cd07ae2e2555eed69780ed3

    • SHA512

      a26a1ecda988240c8fb4cdd9d5ccca6249260f9e88f628571d802e2b42539a35d301af3639a3050338a8443043384821203b83a3eafbcd1fe163a3c586404c9d

    • SSDEEP

      384:ib76PNCGfib1/py/+DhamEDK6cz4/tlE0LSeFYmAkCeSJLsNhkqo3zo3ZloERP49:8768vyWDsXFYreWo7Ho3c3ZloERP4yd0

    Score
    3/10
    • Target

      resources/app/node_modules/ejs/jakefile.js

    • Size

      2KB

    • MD5

      9d656847a4e28eb937f15b4d369338c7

    • SHA1

      9bfcd673222f1f1d554ddd7a80bf3f9e3fb91d1f

    • SHA256

      869cf7f210da77b83143a0ebe58ba4d338846a2d89cc8216a7eb5370c0dd6f31

    • SHA512

      b13ad7029b7fd5df1584c87be075e42f2a6a5615c57f9fe4b932e2f8721c6aa41a2f8d9cea3507ac708494773c207ea613a4a5723cb6e0b87b9e117353541162

    Score
    3/10
    • Target

      resources/app/node_modules/ejs/lib/ejs.js

    • Size

      26KB

    • MD5

      edf0966f22f5f9fd70d37ff7fb471444

    • SHA1

      34882abaf0af9442df7a875abfe34c43fbcb0e8e

    • SHA256

      654f258d33a5885a5699215e36fce008f0e3aaa765676fe8fb232e33e8e99f80

    • SHA512

      5c51bd9d214211494383206a6b85449ef25800c397aca41c3ba3ba4519419a7ba1e3a3d425f521dca34540df3b0bd8f7becb4c7973574d3f132a571d11844e78

    • SSDEEP

      768:5hrmiaBpEtn+vviZLewv4ikIkuWk/h3AHTPfe:5hCNMtn6viZeq4itAHT+

    Score
    3/10
    • Target

      resources/app/node_modules/ejs/lib/utils.js

    • Size

      6KB

    • MD5

      679d6a129fcf43fba138c8b75669193b

    • SHA1

      c602b7bc9bb628709b0b62d1d00dfed154523bc9

    • SHA256

      7c5d31f310884e33525c6f4def40871ff8d5a997547de4bb06814b5cd637815a

    • SHA512

      4b155b70459527356088d7afdd5ad9c7dfe3441928906537073e01d15ae95c3da16657464fd14c1b4022b30890b9eaaa8f74a2da5876730baf9b62104c10416e

    • SSDEEP

      192:5/XHoDdyJHDTL9Y1WZizh/A2qRXXNrG6FUy:5/4YHDP9Y1WZiOPn

    Score
    3/10
    • Target

      resources/app/node_modules/filelist/index.js

    • Size

      12KB

    • MD5

      7d64adba4f9f7c9c4636542412950768

    • SHA1

      ffb8550591eff7cc6dbbbca91042c7bb33f45a87

    • SHA256

      cae1deb98621f487d8da5fd2f77c4cdd2f0312ecd3ee9c7ff2021defec89c9af

    • SHA512

      7898bc7dc2591921003530af9ded683a3f7be75c3ae96ef18f7b7a0f218868487b253ea41e48950f514662bf38065f4add5db7a82353bf216f002d4895f79158

    • SSDEEP

      384:F/EXWM1KAemrme72AsYC4R4G23sXD0VodHf0:FuNrm1AsYC3ydc

    Score
    3/10
    • Target

      resources/app/node_modules/filelist/jakefile.js

    • Size

      238B

    • MD5

      aef904cd1fafe80cbf182b62f1976126

    • SHA1

      d39cfc2a743ef6914be5d4c8e7cba09bb0b4cb6c

    • SHA256

      39a40898fe386a6586937ce2a52b5afd0d410d151794be81ba5709323cad1481

    • SHA512

      cccb7335fd006f05c74ec30c75c6dc89f878c9db5e1ad5825981272688a8eb7ccfa9bace82573b38a45b01e0dd753db17be7560c9c60b38592cc47ab2b4088a9

    Score
    3/10
    • Target

      resources/app/node_modules/filelist/node_modules/brace-expansion/index.js

    • Size

      4KB

    • MD5

      795f787be90f6daf96d64087f2428723

    • SHA1

      6c479385902b5adc1b4343472922324aa312296c

    • SHA256

      6f6a12f42623bf53b6561d46c5e37c0f26b6471ba53e83c3b933fb2c2f139742

    • SHA512

      f093a66ef5f0e79085195571421a3ebc7681bbe41add742fb5a7efbd660fc3f6ccd6e6c8a95c4334a91232b6e0a45aebb84539ef7fef05fa21c63e36d2757175

    • SSDEEP

      96:wjyn2N05ZTCGQNYonQFRyJ+gELyx/0jlMnlL1RnOTASWabCWQ9tfjiC/qCqyy0jE:W7GAfNNQF6+3gcjOnh1wToabCtfjiC/w

    Score
    3/10
    • Target

      resources/app/node_modules/filelist/node_modules/minimatch/lib/path.js

    • Size

      151B

    • MD5

      e7fe91ccb2382f2096b53e2d6d078ee7

    • SHA1

      384d57a1257948bcfed57f7c64a65259f304b9b6

    • SHA256

      ac5d377288c45e5c5ea8b2deb593a5083a71d672099b52a9bf4a75d35de69e54

    • SHA512

      a7cb574a68a2e741a41f9df7706872927a715621c181ca3deaa26ef93c809ad3f79f3765309acf57eeaa63503929cb9c5690f4d57eba328cffbffd61d8cc0cda

    Score
    3/10
    • Target

      resources/app/node_modules/filelist/node_modules/minimatch/minimatch.js

    • Size

      28KB

    • MD5

      7b870d84e7da3c3bfc98ad23209671ad

    • SHA1

      58831ffeba6ccd047058a4ae5c49c9f08d4ba334

    • SHA256

      e9df58a4858afff5daa3648a9b85707429de195289b88629929c737472cbbf87

    • SHA512

      3b639c5f5b9ee08d1d3f4dd7b08cb6cb8767fa215a6b0eb2c738e6e531680a57cbe4a7d7dbbed882df7b3ffa1b3fb609a943b37cdc463317b396dbdee75987bc

    • SSDEEP

      768:dV2Gurzc9Q+1nC09aLkYcXw1HsRuS57AV1:QMYBywz1

    Score
    3/10
    • Target

      resources/app/node_modules/has-flag/index.js

    • Size

      330B

    • MD5

      ae34ee9218293c9ef39946574f96ffeb

    • SHA1

      74ec980a20fb60d8774b46096a70b7ab9246d743

    • SHA256

      e9e921d4734fee9405bef5886c010c80a8f10fe958e5d71bd5d8eed5e616e78d

    • SHA512

      174b5d7ec4108f929bfe28012503ef50a56e823a3dd8133d58b9f5fa18870d0f8b890edb9ab4d654e27cf6cf659a09ff4b005ee1edf5bfe1afbc89f27bc4e2c0

    Score
    3/10
    • Target

      resources/app/node_modules/jake/bin/bash_completion.sh

    • Size

      1KB

    • MD5

      9c7a778c44c594f09443f96fbffb282d

    • SHA1

      35d186f2983a375cad36236ea030fcad42349529

    • SHA256

      246b7b6cd2ba1a3f32ec104f57716e9e7aae440739fec8e4daf528b4c910fcf7

    • SHA512

      3c87e95d9cfab4a812cd2d241f96cad5966f3172cd6806b0c908239e3e6c7924061e65200193e79e757319ecd81ec03840615168bcc8fa6fdd665ba150b07f32

    Score
    1/10

MITRE ATT&CK Enterprise v15

Tasks

static1

Score
3/10

behavioral1

discovery
Score
7/10

behavioral2

discovery
Score
7/10

behavioral3

execution
Score
3/10

behavioral4

execution
Score
3/10

behavioral5

discoveryexecution
Score
3/10

behavioral6

antivmdiscoveryexecution
Score
4/10

behavioral7

execution
Score
3/10

behavioral8

execution
Score
3/10

behavioral9

execution
Score
3/10

behavioral10

execution
Score
3/10

behavioral11

execution
Score
3/10

behavioral12

execution
Score
3/10

behavioral13

execution
Score
3/10

behavioral14

execution
Score
3/10

behavioral15

execution
Score
3/10

behavioral16

execution
Score
3/10

behavioral17

execution
Score
3/10

behavioral18

execution
Score
3/10

behavioral19

execution
Score
3/10

behavioral20

execution
Score
3/10

behavioral21

execution
Score
3/10

behavioral22

execution
Score
3/10

behavioral23

execution
Score
3/10

behavioral24

execution
Score
3/10

behavioral25

execution
Score
3/10

behavioral26

execution
Score
3/10

behavioral27

execution
Score
3/10

behavioral28

execution
Score
3/10

behavioral29

execution
Score
3/10

behavioral30

execution
Score
3/10

behavioral31

Score
1/10

behavioral32

Score
1/10