General
-
Target
CheatEngine75.exe
-
Size
28.6MB
-
Sample
230731-sr3x2aha32
-
MD5
c1b4681a48b60f4564efea5b01a969b6
-
SHA1
91a4fdd6d61d715bb27038f6be56204a2a9f1967
-
SHA256
5afab3f026d198ed6a6c03f72644a62ef066c320d68c124c6250d4f18f285c00
-
SHA512
e9f8b46ba0693ee6f07266679df5bced9c070bfd6b1169e54027a3cf7bdf9bd479ac3d05b703868bfecfa0691a6e0dc32f142e4e6207818d3a4207c0ca8902ca
-
SSDEEP
786432:pCxuEnwFho+zM77UDZiZCd08jFZJAI5E70TZFHcU:AEXFhV0KAcNjxAItjcU
Static task
static1
Behavioral task
behavioral1
Sample
CheatEngine75.exe
Resource
win7-20230712-en
Behavioral task
behavioral2
Sample
CheatEngine75.exe
Resource
win10v2004-20230703-en
Malware Config
Targets
-
-
Target
CheatEngine75.exe
-
Size
28.6MB
-
MD5
c1b4681a48b60f4564efea5b01a969b6
-
SHA1
91a4fdd6d61d715bb27038f6be56204a2a9f1967
-
SHA256
5afab3f026d198ed6a6c03f72644a62ef066c320d68c124c6250d4f18f285c00
-
SHA512
e9f8b46ba0693ee6f07266679df5bced9c070bfd6b1169e54027a3cf7bdf9bd479ac3d05b703868bfecfa0691a6e0dc32f142e4e6207818d3a4207c0ca8902ca
-
SSDEEP
786432:pCxuEnwFho+zM77UDZiZCd08jFZJAI5E70TZFHcU:AEXFhV0KAcNjxAItjcU
Score9/10-
CoreEntity .NET Packer
A .NET packer called CoreEntity where it has embedded the payload as a BitMap object which is later decrypted.
-
Creates new service(s)
-
Downloads MZ/PE file
-
Stops running service(s)
-
Modifies file permissions
-
MITRE ATT&CK Matrix ATT&CK v13
Persistence
Create or Modify System Process
2Windows Service
2Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Privilege Escalation
Create or Modify System Process
2Windows Service
2Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1