03910a7bb2e6fec8fbd79c208f027b5b82ed4b089980590b241913202fa6ddc4 | Triage

Submit
Reports

Overview

overview

6

Static

static

1

GTA_Launcher.exe

windows10-2004-x64

6

Sharing

General

Target

GTA_Launcher.exe
Size

311.1MB
Sample

241119-sph5vasmfr
MD5

69afcc53f92e8aabca3e9cebd482fcc7
SHA1

2c3581e5208280e5322485edbf90bfd6c4ee78e2
SHA256

03910a7bb2e6fec8fbd79c208f027b5b82ed4b089980590b241913202fa6ddc4
SHA512

b8a9ce159a3a5637d2bc4b5d2de747268d1c2dbd02c4327156e59326a0d10070efc2058e47b677ed8bfde00a7a9653f550f91b9975ddd69fb606bf265a2ca65a
SSDEEP

6291456:H/OL7/9mKyKa+lc4S5toGnoM+pbTMDBGhH+1I5D487iNoJ1cgVd:mmKWuXS4A2bTbH+oxiNIbV

Score

6^/10

discovery persistence privilege_escalation

Static task

static1

Behavioral task

behavioral1

Sample

GTA_Launcher.exe

Resource

win10v2004-20241007-es

discovery persistence privilege_escalation

windows10-2004-x64

27 signatures

1800 seconds

Malware Config

Targets

- Target
  
  GTA_Launcher.exe
- Size
  
  311.1MB
- MD5
  
  69afcc53f92e8aabca3e9cebd482fcc7
- SHA1
  
  2c3581e5208280e5322485edbf90bfd6c4ee78e2
- SHA256
  
  03910a7bb2e6fec8fbd79c208f027b5b82ed4b089980590b241913202fa6ddc4
- SHA512
  
  b8a9ce159a3a5637d2bc4b5d2de747268d1c2dbd02c4327156e59326a0d10070efc2058e47b677ed8bfde00a7a9653f550f91b9975ddd69fb606bf265a2ca65a
- SSDEEP
  
  6291456:H/OL7/9mKyKa+lc4S5toGnoM+pbTMDBGhH+1I5D487iNoJ1cgVd:mmKWuXS4A2bTbH+oxiNIbV
Score

6^/10

discovery persistence privilege_escalation
- Drops desktop.ini file(s)
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Network Service Discovery
  Attempt to gather information on host's network.
  discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Drops file in System32 directory
- Event Triggered Execution: Component Object Model Hijacking
  Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
  persistence privilege_escalation
- Probable phishing domain
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Phishing

Execution

Persistence

Event Triggered Execution

Component Object Model Hijacking

Privilege Escalation

Event Triggered Execution

Component Object Model Hijacking

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Browser Information Discovery

Network Service Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

System Time Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistenceprivilege_escalation

© 2018-2025

Terms | Privacy