Overview

overview

10

Static

static

3

Kiddions_m...nu.exe

windows7-x64

10

Kiddions_m...nu.exe

windows10-2004-x64

10

Kiddions_m...d.html

windows7-x64

1

Kiddions_m...d.html

windows10-2004-x64

1

Kiddions_m...typing

ubuntu-18.04-amd64

1

Kiddions_m...typing

debian-9-armhf

1

Kiddions_m...typing

debian-9-mips

1

Kiddions_m...typing

debian-9-mipsel

1

Kiddions_m...ry.pdf

windows7-x64

1

Kiddions_m...ry.pdf

windows10-2004-x64

1

Kiddions_m...ck.exe

windows7-x64

7

Kiddions_m...ck.exe

windows10-2004-x64

7

Kiddions_m...ng.pdf

windows7-x64

1

Kiddions_m...ng.pdf

windows10-2004-x64

1

Kiddions_m...er.pdf

windows7-x64

1

Kiddions_m...er.pdf

windows10-2004-x64

1

Kiddions_m...er.pdf

windows7-x64

1

Kiddions_m...er.pdf

windows10-2004-x64

1

Kiddions_m...ic.pdf

windows7-x64

1

Kiddions_m...ic.pdf

windows10-2004-x64

1

Kiddions_m...ne.pdf

windows7-x64

1

Kiddions_m...ne.pdf

windows10-2004-x64

1

Kiddions_m...rt.pdf

windows7-x64

1

Kiddions_m...rt.pdf

windows10-2004-x64

1

Kiddions_m...ed.pdf

windows7-x64

1

Kiddions_m...ed.pdf

windows10-2004-x64

1

Kiddions_m...an.pdf

windows7-x64

1

Kiddions_m...an.pdf

windows10-2004-x64

1

Kiddions_m...on.pdf

windows7-x64

1

Kiddions_m...on.pdf

windows10-2004-x64

1

Kiddions_m...ne.pdf

windows7-x64

1

Kiddions_m...ne.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    185s
  • max time network
    32s
  • platform
    windows7_x64
  • resource
    win7-20221111-en
  • resource tags

    arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
  • submitted
    02-12-2022 06:51

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Kiddions_menu/Readme.md/spec/data/Genshin Impact hack.exe

  • Size

    34.7MB

  • MD5

    40c648be1cdb914d5f2532158b6949fe

  • SHA1

    911d373736159ba5e8155f219304ad2d5e22ca5c

  • SHA256

    4932fff36f5d65e1921ac16656ed579e851a5df412565efb09720a14d6d622af

  • SHA512

    8e2e6dd69bc73edcc343cdcb5af635a9e8c7a2a2309944487cd503cf59a74bfb0c1030c719f9e2192a51ded6b390ef0dd07ef8b8c670d32ef862e40c83029de5

  • SSDEEP

    786432:g+gX4BMdhwzTQXR5FbPp6FcSS5U/LT2KLVy45S31gDvl5dQF3MGsc:mXGMK4XR3bLSCU/+Iy45SSDvTIMGL

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Kiddions_menu\Readme.md\spec\data\Genshin Impact hack.exe
    "C:\Users\Admin\AppData\Local\Temp\Kiddions_menu\Readme.md\spec\data\Genshin Impact hack.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:564
    • C:\Users\Admin\AppData\Local\Temp\Kiddions_menu\Readme.md\spec\data\Genshin Impact hack.exe
      "C:\Users\Admin\AppData\Local\Temp\Kiddions_menu\Readme.md\spec\data\Genshin Impact hack.exe"
      2⤵
      • Loads dropped DLL
      PID:660

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\_MEI5642\python311.dll
    Filesize

    5.5MB

    MD5

    9a24c8c35e4ac4b1597124c1dcbebe0f

    SHA1

    f59782a4923a30118b97e01a7f8db69b92d8382a

    SHA256

    a0cf640e756875c25c12b4a38ba5f2772e8e512036e2ac59eb8567bf05ffbfb7

    SHA512

    9d9336bf1f0d3bc9ce4a636a5f4e52c5f9487f51f00614fc4a34854a315ce7ea8be328153812dbd67c45c75001818fa63317eba15a6c9a024fa9f2cab163165b

    Download Submit
  • \Users\Admin\AppData\Local\Temp\_MEI5642\python311.dll
    Filesize

    5.5MB

    MD5

    9a24c8c35e4ac4b1597124c1dcbebe0f

    SHA1

    f59782a4923a30118b97e01a7f8db69b92d8382a

    SHA256

    a0cf640e756875c25c12b4a38ba5f2772e8e512036e2ac59eb8567bf05ffbfb7

    SHA512

    9d9336bf1f0d3bc9ce4a636a5f4e52c5f9487f51f00614fc4a34854a315ce7ea8be328153812dbd67c45c75001818fa63317eba15a6c9a024fa9f2cab163165b

    Download Submit
  • memory/564-54-0x000007FEFBB31000-0x000007FEFBB33000-memory.dmp
    Filesize

    8KB

    Download
  • memory/660-55-0x0000000000000000-mapping.dmp
    Download