Overview

overview

10

Static

static

修改器/...er.exe

windows7-x64

1

修改器/...er.exe

windows10-2004-x64

1

修改器/...��.exe

windows7-x64

10

修改器/...��.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1a33f9068e0231e2e283649948e95818168641c0dcde5ac59ffa8de5c0049381

  • Size

    5.0MB

  • Sample

    220830-sek7fsaehm

  • MD5

    706770cfb31720d0edcea252dfb83d3e

  • SHA1

    7de7f32c5e7ef9bb7c19c6a8a2e9016e67a493c9

  • SHA256

    1a33f9068e0231e2e283649948e95818168641c0dcde5ac59ffa8de5c0049381

  • SHA512

    f30bfbd7a24892af33e238361d70e6f88c942eb4073fddf79e02dd3682a8d05fc09d7b48aac970c321110b7cfc6d76dff636cade8fea169015c202577e4b91d7

  • SSDEEP

    98304:pFHjNCOMEsFkAZhYy0JlFHYGRHmSFxNkBo785K4VubztcgEaG:TjUJrFqFHjFxNfYRVYGgO

Score
10/10
jokerdiscoveryinfostealertrojan

Malware Config

Targets

    • Target

      修改器/Rise of the Tomb Raider v1.0-v1.0.820.0 Plus 19 Trainer.exe

    • Size

      1.5MB

    • MD5

      63ed18ef769a307155658b6fec7442f8

    • SHA1

      12120ba54d4937447bd441acd0f34359fdeb4dc6

    • SHA256

      50c4ed7653504cb9195b1c827358bbcb47acea7b50ef1a54c52b079544b40667

    • SHA512

      0338f582e3d0fa00ce7f98a8274c9b5b9ce0b32ecfd82c99460ee764b99cef62a83d915b49dcdc29e258e013d21cc6334ffbfd93f5451c6ec1398f523f2206cd

    • SSDEEP

      24576:x0MYFGMz0tdzZbY0Ml0khqODSu4tI5jM7PhESPE8mYL:uMYCJRMl9hqJIKhEk

    Score
    1/10
    behavioral1behavioral2

    • Target

      修改器/游戏.电影菜单.exe

    • Size

      4.3MB

    • MD5

      723fac5412b21bd330f029f25394940f

    • SHA1

      518448403cbdc762981d04c1267f95cf1f3a7c81

    • SHA256

      e4b04016d16b94c4822d501ccce906c2119bfe7f535b15985eb070af2aef6cf6

    • SHA512

      54ca7b4fd23d5e2a6c23828aa54eac52f4931f94ecf4acd387e12917142287305035752d227e3cf746489fef9332e18437427b7efc667ce919d66fea95ae8af0

    • SSDEEP

      98304:N8XJC/xyLVUuzA2aJQd2zd5KseDtdD6Pq9L9vnoPGWzC+2vIHD:NUJC2VUcamUpMT6yL9voPGCCLY

    Score
    10/10
    jokerdiscoveryinfostealertrojan

    • joker

      Joker is an Android malware that targets billing and SMS fraud.

      infostealertrojanjoker

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral3behavioral4

MITRE ATT&CK Enterprise v6

Tasks