Overview

overview

3

Static

static

1

AIMi - AI Aimbot.zip

windows7-x64

1

AIMi - AI Aimbot.zip

windows10-2004-x64

1

AIMi - AI ...ts.txt

windows7-x64

1

AIMi - AI ...ts.txt

windows10-2004-x64

1

AIMi - AI ...est.py

windows7-x64

3

AIMi - AI ...est.py

windows10-2004-x64

3

AIMi - AI ...ect.py

windows7-x64

3

AIMi - AI ...ect.py

windows10-2004-x64

3

AIMi - AI ...labels

windows7-x64

3

AIMi - AI ...labels

windows10-2004-x64

3

AIMi - AI ...ny.cfg

windows7-x64

3

AIMi - AI ...ny.cfg

windows10-2004-x64

3

AIMi - AI ...eights

windows7-x64

3

AIMi - AI ...eights

windows10-2004-x64

3

AIMi - AI ...nsfile

windows7-x64

1

AIMi - AI ...nsfile

windows10-2004-x64

1

AIMi - AI ...kefile

windows7-x64

1

AIMi - AI ...kefile

windows10-2004-x64

1

AIMi - AI ...n.json

windows7-x64

3

AIMi - AI ...n.json

windows10-2004-x64

3

AIMi - AI ...og.old

windows7-x64

3

AIMi - AI ...og.old

windows10-2004-x64

3

AIMi - AI ...compat

windows7-x64

1

AIMi - AI ...compat

windows10-2004-x64

1

AIMi - AI ...ontrol

windows7-x64

1

AIMi - AI ...ontrol

windows10-2004-x64

1

AIMi - AI ...yright

windows7-x64

1

AIMi - AI ...yright

windows10-2004-x64

1

AIMi - AI ...nstall

windows7-x64

3

AIMi - AI ...nstall

windows10-2004-x64

3

AIMi - AI ...rrides

windows7-x64

3

AIMi - AI ...rrides

windows10-2004-x64

3

Analysis

  • max time kernel
    152s
  • max time network
    43s
  • platform
    windows7_x64
  • resource
    win7-20231020-en
  • resource tags

    arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
  • submitted
    15-11-2023 16:37

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    AIMi - AI Aimbot/nvidia docker/debian/nvidia-docker2.install

  • Size

    41B

  • MD5

    c4920cba07242c6e940f5ef067aba3f1

  • SHA1

    6441d3f948baad80ab08dc5432e7bf24e42d38f3

  • SHA256

    f3034842d33d1c1cf4a9f459b9f2dce2cfe3a5b26881883f8691a681b969372a

  • SHA512

    38326defd5c9def83f20667f63cc63f11e5c2e5b8a5dcdca7d7dc471340d6bc61cddb0fb1a03a7b7a7f74589c230f6a0e75ff9dce760f01ca716ea93dce5ce00

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 9 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c "C:\Users\Admin\AppData\Local\Temp\AIMi - AI Aimbot\nvidia docker\debian\nvidia-docker2.install"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:764
    • C:\Windows\system32\rundll32.exe
      "C:\Windows\system32\rundll32.exe" C:\Windows\system32\shell32.dll,OpenAs_RunDLL C:\Users\Admin\AppData\Local\Temp\AIMi - AI Aimbot\nvidia docker\debian\nvidia-docker2.install
      2⤵
      • Modifies registry class
      • Suspicious use of WriteProcessMemory
      PID:1692
      • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
        "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\AIMi - AI Aimbot\nvidia docker\debian\nvidia-docker2.install"
        3⤵
        • Suspicious behavior: GetForegroundWindowSpam
        • Suspicious use of SetWindowsHookEx
        PID:2896

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    725c2e856dff3937fd9df9991820625e

    SHA1

    84ac4163c8335df84c652654b3b9411de50f466a

    SHA256

    c315f043b0d30de854d8890187bc376b7ad4dc55377e5d1ae5cbf494c4deb80d

    SHA512

    e4f2e491415d83c383f933e26addaf1f2e60ef687600a4c93dfaebc23248113b8818c659d2675ec295a81c5b803a7d4b33572f99b33cf9b58c86471d1bfad5ba

    Download Submit