Overview

overview

8

Static

static

1

tcgame_set...04.exe

windows7-x64

8

tcgame_set...04.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    tcgame_setup_popkart_20240104.exe

  • Size

    48.7MB

  • Sample

    240628-nqtwhszfjm

  • MD5

    fbf2b28ccd4712d59233d92f792c25a0

  • SHA1

    d152ef2e45c5375ba1cabfb210120f69d6b08370

  • SHA256

    34454301c8be5053273ed2772bd6bb76356b7e9b5e062e89ea4f12c0fe8d094e

  • SHA512

    467310da7ca79a9353c266d316dd91701777228658dd3d06d5b7cd1bdd1e6af3ec37a6ca2fba66131ae4f38b16443b4e43121df8e51aea5914e003bfb1b24446

  • SSDEEP

    1572864:7zorT2TaanSVC6J2uvYgq7RD0ZeBy4xAFVkkkWz:foH2eaSQ6J2Bgq7F0Z22VNz

Score
8/10
discoveryvmprotect

Malware Config

Targets

    • Target

      tcgame_setup_popkart_20240104.exe

    • Size

      48.7MB

    • MD5

      fbf2b28ccd4712d59233d92f792c25a0

    • SHA1

      d152ef2e45c5375ba1cabfb210120f69d6b08370

    • SHA256

      34454301c8be5053273ed2772bd6bb76356b7e9b5e062e89ea4f12c0fe8d094e

    • SHA512

      467310da7ca79a9353c266d316dd91701777228658dd3d06d5b7cd1bdd1e6af3ec37a6ca2fba66131ae4f38b16443b4e43121df8e51aea5914e003bfb1b24446

    • SSDEEP

      1572864:7zorT2TaanSVC6J2uvYgq7RD0ZeBy4xAFVkkkWz:foH2eaSQ6J2Bgq7F0Z22VNz

    Score
    8/10
    discoveryvmprotect

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

      vmprotect

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks