Overview

overview

8

Static

static

1

Fluffin-Pu...ll.zip

windows11-21h2-x64

1

fancyflopb...e.json

windows11-21h2-x64

8

fancyflopb...st.png

windows11-21h2-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Fluffin-Puffin-Cat-Ball.zip

  • Size

    1.9MB

  • Sample

    250417-p6tq5atzft

  • MD5

    a024bb90834e8a59a710cac66fa34bb5

  • SHA1

    c4cb05704f56fcefe956b951b5434e222e14062a

  • SHA256

    d8978d708c48eaf3f601f2f3be4dee6acd8dc785ad38bc9f90f8405a49f889a4

  • SHA512

    846ec03b980e8902d147ef23a1fd90f025cba2cb5648b9e1e33d39dc909ea668bda1eea536e078b64dbaffca9861861a20b9e2f3ed844ecaf692015bf4200cee

  • SSDEEP

    49152:znES7/LA9tSqS11wTHQdFR6SFIwALjRG0886:znrHixS11wTOFn+wqJK

Score
8/10
steamdefense_evasiondiscoveryphishing

Malware Config

Targets

    • Target

      Fluffin-Puffin-Cat-Ball.zip

    • Size

      1.9MB

    • MD5

      a024bb90834e8a59a710cac66fa34bb5

    • SHA1

      c4cb05704f56fcefe956b951b5434e222e14062a

    • SHA256

      d8978d708c48eaf3f601f2f3be4dee6acd8dc785ad38bc9f90f8405a49f889a4

    • SHA512

      846ec03b980e8902d147ef23a1fd90f025cba2cb5648b9e1e33d39dc909ea668bda1eea536e078b64dbaffca9861861a20b9e2f3ed844ecaf692015bf4200cee

    • SSDEEP

      49152:znES7/LA9tSqS11wTHQdFR6SFIwALjRG0886:znrHixS11wTOFn+wqJK

    Score
    1/10
    behavioral1

    • Target

      fancyflopball/_TexturesPackage.json

    • Size

      115B

    • MD5

      8fa54a63933d04868500b1106319032d

    • SHA1

      970410608f00f34ca9e2b8aa2e8c6de41a5866a7

    • SHA256

      e426f6653ec3c4cd1f765eca1d39584a2c88278073492aa06693f682e124a575

    • SHA512

      d787cd92599d8d5380470211e9b743478f96ef7b4a0dffecc3a68a74785dd8eeb2201981e6a20a832b0a93211f3d263cc7fc03738696313404067077ecb170d8

    Score
    8/10
    steamdefense_evasiondiscoveryphishing

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops desktop.ini file(s)

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Detected potential entity reuse from brand STEAM.

      phishingsteam
    behavioral2

    • Target

      fancyflopball/fancyflopballtest.png

    • Size

      1.9MB

    • MD5

      5b8f6d56ed7d928607df1fb89c37f4ba

    • SHA1

      bb5bd42e1335e95291df51f70176dea682d4cf27

    • SHA256

      ed8ef17a3b9eef0ab255527497817da2d77bfe55d79433c326987c52c97d30ad

    • SHA512

      57a5a718a19e23e09ed4ad8b796c6f9275d57749b1eb70355ca1f2a5bf2d4707a6c119e7aff9b25aa2d3c3912831f974813020881d20b6a63f7a3238c5de1100

    • SSDEEP

      49152:VUAPATjaqskfKh/gEqYDf2R9JDZvKDtxjf:VUAPA9sZh/gEJfg9JDZ6J

    Score
    1/10
    behavioral3

MITRE ATT&CK Enterprise v16

Tasks