3974aa507fed5303b0632c268cdb9ea82de4ca7ab4ab7184e361d58ebb912b4b

Submit
Reports

Overview

overview

Static

static

Changed.v0...21.rar

windows7-x64

Changed.v0...21.rar

windows10-2004-x64

Changed Sp...er.ini

windows7-x64

Changed Sp...er.ini

windows10-2004-x64

Changed Sp...ve.txt

windows7-x64

Changed Sp...ve.txt

windows10-2004-x64

Changed Sp...me.txt

windows7-x64

Changed Sp...me.txt

windows10-2004-x64

Changed Sp...ge.txt

windows7-x64

Changed Sp...ge.txt

windows10-2004-x64

Changed Sp...rt.txt

windows7-x64

Changed Sp...rt.txt

windows10-2004-x64

Changed Sp...id.txt

windows7-x64

Changed Sp...id.txt

windows10-2004-x64

Changed Sp...id.txt

windows7-x64

Changed Sp...id.txt

windows10-2004-x64

Changed Sp.../1.wav

windows7-x64

Changed Sp.../1.wav

windows10-2004-x64

Changed Sp...10.wav

windows7-x64

Changed Sp...10.wav

windows10-2004-x64

Changed Sp...11.wav

windows7-x64

Changed Sp...11.wav

windows10-2004-x64

Changed Sp...12.wav

windows7-x64

Changed Sp...12.wav

windows10-2004-x64

Changed Sp...13.wav

windows7-x64

Changed Sp...13.wav

windows10-2004-x64

Changed Sp...14.wav

windows7-x64

Changed Sp...14.wav

windows10-2004-x64

Changed Sp...15.wav

windows7-x64

Changed Sp...15.wav

windows10-2004-x64

Changed Sp...16.wav

windows7-x64

Changed Sp...16.wav

windows10-2004-x64

Analysis

max time kernel
12s
max time network
35s
platform
windows7_x64
resource
win7-20230220-en
resource tags

arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
submitted
10-06-2023 13:46

Sharing

Copy URL

Twitter E-mail

Static task

static1

aspackv2

2 signatures

Behavioral task

behavioral1

Sample

Changed.v01.02.2021.rar

Resource

win7-20230220-en

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

Changed.v01.02.2021.rar

Resource

win10v2004-20230220-en

windows10-2004-x64

9 signatures

150 seconds

Behavioral task

behavioral3

Sample

Changed Special/coldclientloader.ini

Resource

win7-20230220-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral4

Sample

Changed Special/coldclientloader.ini

Resource

win10v2004-20230221-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral5

Sample

Changed Special/local_save.txt

Resource

win7-20230220-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral6

Sample

Changed Special/local_save.txt

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral7

Sample

Changed Special/steam_settings/settings/account_name.txt

Resource

win7-20230220-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral8

Sample

Changed Special/steam_settings/settings/account_name.txt

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral9

Sample

Changed Special/steam_settings/settings/language.txt

Resource

win7-20230220-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral10

Sample

Changed Special/steam_settings/settings/language.txt

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral11

Sample

Changed Special/steam_settings/settings/listen_port.txt

Resource

win7-20230220-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral12

Sample

Changed Special/steam_settings/settings/listen_port.txt

Resource

win10v2004-20230221-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral13

Sample

Changed Special/steam_settings/settings/user_steam_id.txt

Resource

win7-20230220-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral14

Sample

Changed Special/steam_settings/settings/user_steam_id.txt

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral15

Sample

Changed Special/steam_settings/steam_appid.txt

Resource

win7-20230220-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral16

Sample

Changed Special/steam_settings/steam_appid.txt

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral17

Sample

Changed Special/steamapps/common/Changed Special/Audio/BGM/1.wav

Resource

win7-20230220-en

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral18

Sample

Changed Special/steamapps/common/Changed Special/Audio/BGM/1.wav

Resource

win10v2004-20230220-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral19

Sample

Changed Special/steamapps/common/Changed Special/Audio/BGM/10.wav

Resource

win7-20230220-en

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral20

Sample

Changed Special/steamapps/common/Changed Special/Audio/BGM/10.wav

Resource

win10v2004-20230220-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral21

Sample

Changed Special/steamapps/common/Changed Special/Audio/BGM/11.wav

Resource

win7-20230220-en

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral22

Sample

Changed Special/steamapps/common/Changed Special/Audio/BGM/11.wav

Resource

win10v2004-20230220-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral23

Sample

Changed Special/steamapps/common/Changed Special/Audio/BGM/12.wav

Resource

win7-20230220-en

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral24

Sample

Changed Special/steamapps/common/Changed Special/Audio/BGM/12.wav

Resource

win10v2004-20230220-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral25

Sample

Changed Special/steamapps/common/Changed Special/Audio/BGM/13.wav

Resource

win7-20230220-en

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral26

Sample

Changed Special/steamapps/common/Changed Special/Audio/BGM/13.wav

Resource

win10v2004-20230220-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral27

Sample

Changed Special/steamapps/common/Changed Special/Audio/BGM/14.wav

Resource

win7-20230220-en

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral28

Sample

Changed Special/steamapps/common/Changed Special/Audio/BGM/14.wav

Resource

win10v2004-20230220-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral29

Sample

Changed Special/steamapps/common/Changed Special/Audio/BGM/15.wav

Resource

win7-20230220-en

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral30

Sample

Changed Special/steamapps/common/Changed Special/Audio/BGM/15.wav

Resource

win10v2004-20230221-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral31

Sample

Changed Special/steamapps/common/Changed Special/Audio/BGM/16.wav

Resource

win7-20230220-en

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral32

Sample

Changed Special/steamapps/common/Changed Special/Audio/BGM/16.wav

Resource

win10v2004-20230220-en

windows10-2004-x64

3 signatures

150 seconds

Report Analysis Logs

General

Target

Changed Special/coldclientloader.ini
Size

182B
MD5

4b68c38ca9df1678fd3ff4af404be8e9
SHA1

fc9d0c7ae6fa1b9ac8513f2a410e16332e6f1ad2
SHA256

a1d43006091749f87c7981544672d2993e7c33057e0971b75f4782841e8c68ef
SHA512

787abdc199437fefba40adab9808cab7ee5661d918749fe6838722dba0fd4e54b4467e6effdd68f7ed2fc7aa836b4783e7159c44bfb326bb3ea0711d7b59167c

Score

1^/10

Malware Config

Signatures

Processes

C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\NOTEPAD.EXE "C:\Users\Admin\AppData\Local\Temp\Changed Special\coldclientloader.ini"
1⤵
PID:1628

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads