Overview
overview
7Static
static
7Colorful.Console.dll
windows10-1703-x64
1Colorful.Console.dll
windows7-x64
1Colorful.Console.dll
windows10-2004-x64
1Newtonsoft.Json.dll
windows10-1703-x64
1Newtonsoft.Json.dll
windows7-x64
1Newtonsoft.Json.dll
windows10-2004-x64
1Riot Cracker.exe
windows10-1703-x64
1Riot Cracker.exe
windows7-x64
3Riot Cracker.exe
windows10-2004-x64
1TrinitySeal.dll
windows10-1703-x64
1TrinitySeal.dll
windows7-x64
1TrinitySeal.dll
windows10-2004-x64
1WThreads.dll
windows10-1703-x64
1WThreads.dll
windows7-x64
1WThreads.dll
windows10-2004-x64
1Analysis
-
max time kernel
28s -
max time network
31s -
platform
windows7_x64 -
resource
win7-20230220-en -
resource tags
arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system -
submitted
05/04/2023, 19:24
Behavioral task
behavioral1
Sample
Colorful.Console.dll
Resource
win10-20230220-en
Behavioral task
behavioral2
Sample
Colorful.Console.dll
Resource
win7-20230220-en
Behavioral task
behavioral3
Sample
Colorful.Console.dll
Resource
win10v2004-20230220-en
Behavioral task
behavioral4
Sample
Newtonsoft.Json.dll
Resource
win10-20230220-en
Behavioral task
behavioral5
Sample
Newtonsoft.Json.dll
Resource
win7-20230220-en
Behavioral task
behavioral6
Sample
Newtonsoft.Json.dll
Resource
win10v2004-20230220-en
Behavioral task
behavioral7
Sample
Riot Cracker.exe
Resource
win10-20230220-en
Behavioral task
behavioral8
Sample
Riot Cracker.exe
Resource
win7-20230220-en
Behavioral task
behavioral9
Sample
Riot Cracker.exe
Resource
win10v2004-20230220-en
Behavioral task
behavioral10
Sample
TrinitySeal.dll
Resource
win10-20230220-en
Behavioral task
behavioral11
Sample
TrinitySeal.dll
Resource
win7-20230220-en
Behavioral task
behavioral12
Sample
TrinitySeal.dll
Resource
win10v2004-20230220-en
Behavioral task
behavioral13
Sample
WThreads.dll
Resource
win10-20230220-en
Behavioral task
behavioral14
Sample
WThreads.dll
Resource
win7-20230220-en
Behavioral task
behavioral15
Sample
WThreads.dll
Resource
win10v2004-20230220-en
General
-
Target
Riot Cracker.exe
-
Size
17KB
-
MD5
1b2a81f9a34c97a9ea5b3a10477628b7
-
SHA1
3fe2e652f8d7aa368e20539635264470f3aac935
-
SHA256
5c9d11d4dde405bb24ab8c2a7641a2b0eab2ac5cb303fb48e184ff3a8b48f101
-
SHA512
37461fa1d96783e73d40dc372613fd4c3ff303bc04fef41dd8eab6128964813a23a5f5249ef7a65a9d52c48e75e14920d95ec66b618e9deff9a1d51ff3be85c8
-
SSDEEP
384:2b+ZUrLdgYVYkjM1qw1Bg/dfk57mY3UwlsJT95bt:5+M1qw1BYcqlDbt
Malware Config
Signatures
-
Program crash 1 IoCs
pid pid_target Process procid_target 916 2024 WerFault.exe 27 -
Suspicious use of WriteProcessMemory 4 IoCs
description pid Process procid_target PID 2024 wrote to memory of 916 2024 Riot Cracker.exe 29 PID 2024 wrote to memory of 916 2024 Riot Cracker.exe 29 PID 2024 wrote to memory of 916 2024 Riot Cracker.exe 29 PID 2024 wrote to memory of 916 2024 Riot Cracker.exe 29