Gaming Engines: An Undetected Playground for Malware Loaders
Tags
cmtmf-attack-pattern: Masquerading
country: Russia
maec-delivery-vectors: Watering Hole
attack-pattern: Data Credentials - T1589.001 Hardware - T1592.001 Malicious File - T1204.002 Malware - T1587.001 Malware - T1588.001 Masquerading - T1655 Powershell - T1059.001 Python - T1059.006 Server - T1583.004 Server - T1584.004 Social Media - T1593.001 Software - T1592.002 Tool - T1588.002 Masquerading - T1036 Powershell - T1086 Scripting - T1064 Masquerading Scripting
Show in Graph
Common Information
Type Value
UUID 6ec6cd21-9670-4568-b43a-1121a98c2995
Fingerprint 25aa197b8fec8691
Analysis status DONE
Considered CTI value 2
Text language
Published Nov. 27, 2024, 1:20 p.m.
Added to db Nov. 27, 2024, 2:40 p.m.
Last updated Dec. 24, 2024, 5:56 a.m.
Headline Gaming Engines: An Undetected Playground for Malware Loaders
Title Gaming Engines: An Undetected Playground for Malware Loaders
Detected Hints/Tags/Attributes 87/4/50
Source URLs
Redirection Url
Details Source https://malware.news/t/gaming-engines-an-undetected-playground-for-malware-loaders/88781
Details Source https://research.checkpoint.com/2024/gaming-engines-an-undetected-playground-for-malware-loaders/
URL Provider
Details Provider Source level domain
Details checkpoint.com research.checkpoint.com
Details malware.news malware.news
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 158 Malware Analysis, News and Indicators - Latest topics https://malware.news/latest.rss 2024-08-30 22:08
Details 515 Check Point Research https://research.checkpoint.com/feed/ 2024-09-01 15:09
Attributes
Details Type #Events CTI Value
Details Domain 1 
control.gd
Details Domain 97 
bitbucket.org
Details Domain 10 
technique.win
Details Domain 11 
dropper.win
Details File 36 
os.exe
Details File 1 
launcherkks.exe
Details File 1 
laucnherkks.exe
Details File 8 
1.py
Details File 1 
global_script_class_cache.cfg
Details File 1 
icon.svg
Details File 1 
iconka.png
Details File 1 
saaasf.png
Details File 1 
uid_cache.bin
Details File 1 
iconka.ico
Details File 1 
project.bin
Details File 1357 
powershell.exe
Details File 1 
updatemmmm.exe
Details File 1 
updatessss.exe
Details File 1 
asdz2.png
Details File 1 
sdadsasad.png
Details md5 1 
480c9ce7b6f60aa42e9a5886da844b67
Details md5 1 
e66311c87c39ec8c25379305b5ae724b
Details md5 1 
9984d0a0b5388a08ddd4387e247d50da
Details md5 1 
efbc9a5174dc45bf0d631c4faedd17a8
Details md5 1 
218a8f2b3041327d8a5756f3a245f83b
Details md5 1 
2078f4397407b82d92a9aec7ca409726
Details md5 1 
33ab33dfde13e2f89482bff662349c82
Details md5 1 
d3575a49bea6bd54a543d720412134b3
Details md5 1 
5b88526524374dc75cb75ac9dda020f8
Details md5 1 
bef08eff4910a50e6997fbe21bb8b594
Details md5 1 
c7d5a8188ea302ab78d6a529e90d43b8
Details md5 1 
6501ebb8f3472c28c2396b32dee370f7
Details md5 1 
e41f0625a4574d3424e7bfa11a1f6416
Details md5 1 
9a4ac6322a57b14acb3157c9cd83cd76
Details md5 1 
ee60134b5708931be25b58780c0ff8a5
Details md5 1 
8e09c87e2e69a9b58341050b5e38134d
Details md5 1 
7c91efbcaa02854d951ac79000b77017
Details md5 1 
639864b85bd3ec6d8bb00f7e08d145d9
Details sha256 2 
260f06f0c6c1544afcdd9a380a114489ebdd041b846b68703158e207b7c983d6
Details sha256 2 
b1a351ee61443b8558934dca6b2fa9efb0a6d2d18bae61ace5a761596604dbfa
Details sha256 2 
6be9c015c82645a448831d9dc8fcae4360228f76dff000953a76e3bf203d3ec8
Details sha256 2 
604fa32b76dbe266da3979b7a49e3100301da56f0b58c13041ab5febe55354d2
Details sha256 2 
3317b8e19e19218e5a7c77a47a76f36e37319f383b314b30179b837e46c87c45
Details sha256 2 
0d03c7c6335e06c45dd810fba6c52cdb9eafe02111da897696b83811bff0be92
Details IPv4 3 
192.168.56.103
Details IPv4 2 
192.168.15.10
Details IPv4 2 
147.45.44.83
Details IPv4 3 
185.196.9.26
Details Url 1 
http://192.168.56.103:9000/l.sh
Details Url 1 
http://192.168.15.10:9000/c.sh