Overview
overview
10Static
static
10[FIX] CRAC...ED.rar
windows7-x64
10[FIX] CRAC...ED.rar
windows10-2004-x64
10[FIX] CRAC...ld.exe
windows7-x64
10[FIX] CRAC...ld.exe
windows10-2004-x64
10[FIX] CRAC...ub.exe
windows7-x64
1[FIX] CRAC...ub.exe
windows10-2004-x64
10[FIX] CRAC...config
windows7-x64
3[FIX] CRAC...config
windows10-2004-x64
3General
-
Target
[FIX] CRACKED PAID HACK CS2 BY CRACOVSKYCRACKED.rar
-
Size
2.9MB
-
Sample
240210-wgm1lsef91
-
MD5
c946773c99bea60b0e53b48077834a28
-
SHA1
352fbd09addec454588e59646d47d73b6cc51a15
-
SHA256
f4a51acc204ac990bee74fd4347d127d3bced5220432d2bd06717d715dd0477b
-
SHA512
bbd34f5dbb2e1bf2ea38fa6947c8679d66c612fa88ea46cd9f614fae31a4e106c5aa4b9c446491e5327f8c9ff16f999040f6bf390004691c7825928b23b843bb
-
SSDEEP
49152:AvIYFeUt0lhMgJFVDccrsdp4k9MvIU3INMZlrc5bOMLTk/ds4RtyMrx6T:orltAMmtfrs6IU3DZlrqbpLTiZk
Behavioral task
behavioral1
Sample
[FIX] CRACKED PAID HACK CS2 BY CRACOVSKYCRACKED.rar
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
[FIX] CRACKED PAID HACK CS2 BY CRACOVSKYCRACKED.rar
Resource
win10v2004-20231215-en
Behavioral task
behavioral3
Sample
[FIX] CRACKED PAID HACK CS2 BY CRACOVSKYCRACKED/build.exe
Resource
win7-20231215-en
Behavioral task
behavioral4
Sample
[FIX] CRACKED PAID HACK CS2 BY CRACOVSKYCRACKED/build.exe
Resource
win10v2004-20231215-en
Behavioral task
behavioral5
Sample
[FIX] CRACKED PAID HACK CS2 BY CRACOVSKYCRACKED/stub.exe
Resource
win7-20231215-en
Behavioral task
behavioral6
Sample
[FIX] CRACKED PAID HACK CS2 BY CRACOVSKYCRACKED/stub.exe
Resource
win10v2004-20231215-en
Behavioral task
behavioral7
Sample
[FIX] CRACKED PAID HACK CS2 BY CRACOVSKYCRACKED/stub.exe.config
Resource
win7-20231215-en
Behavioral task
behavioral8
Sample
[FIX] CRACKED PAID HACK CS2 BY CRACOVSKYCRACKED/stub.exe.config
Resource
win10v2004-20231222-en
Malware Config
Extracted
stealerium
https://discord.com/api/webhooks/1205901725802692638/UVnL8Qrlmojma558IO1PU9iOVujZ6xnKbqIqwrNCvOKGVDLUEGt9vBJ61dAJep2p-o6K
Targets
-
-
Target
[FIX] CRACKED PAID HACK CS2 BY CRACOVSKYCRACKED.rar
-
Size
2.9MB
-
MD5
c946773c99bea60b0e53b48077834a28
-
SHA1
352fbd09addec454588e59646d47d73b6cc51a15
-
SHA256
f4a51acc204ac990bee74fd4347d127d3bced5220432d2bd06717d715dd0477b
-
SHA512
bbd34f5dbb2e1bf2ea38fa6947c8679d66c612fa88ea46cd9f614fae31a4e106c5aa4b9c446491e5327f8c9ff16f999040f6bf390004691c7825928b23b843bb
-
SSDEEP
49152:AvIYFeUt0lhMgJFVDccrsdp4k9MvIU3INMZlrc5bOMLTk/ds4RtyMrx6T:orltAMmtfrs6IU3DZlrqbpLTiZk
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Accesses Microsoft Outlook profiles
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
-
-
Target
[FIX] CRACKED PAID HACK CS2 BY CRACOVSKYCRACKED/build.exe
-
Size
1.6MB
-
MD5
98f13a16a53f3bf94798a9e507e58414
-
SHA1
46c4dd09e4bc57e608a5124153df51b13e8cafad
-
SHA256
27ec76e8c70b764fbe7e0a16999959a7f56c22069b287ceb8f2e4ff4814f10cb
-
SHA512
332acedb3b7177d4f83e7b43892eff23c222813af6c9f799473b9d2ae3e2985176074ae1edff494c226a0b36ab2ad1480edffb6fc9180fe62bb11c5aa942e036
-
SSDEEP
49152:tcTq24GjdGSiqkqXfd+/9AqYanieKdYy:t9EjdGSiqkqXf0FLYW
Score10/10-
Accesses Microsoft Outlook profiles
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
-
-
Target
[FIX] CRACKED PAID HACK CS2 BY CRACOVSKYCRACKED/stub.exe
-
Size
1.6MB
-
MD5
6627adf7167ee571e8fd6c8b1a0e8ae3
-
SHA1
03b9112660ee73c59d84e219f15bf24ae9df48db
-
SHA256
6c5935bcddaa1d4f809487f66db758e892cc0a7fd7704d138904bc879644ea1f
-
SHA512
e05896a6e0d09d4dafeb2467395ca06ae1e728a4aa079041dea82940caeb71646984604fdeea482748423b10257b8462db4f573682f9f719939143fdb5691c60
-
SSDEEP
49152:19Tq24GjdGSiqkqXfd+/9AqYanieKd0U:1YEjdGSiqkqXf0FLYW
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
-
-
Target
[FIX] CRACKED PAID HACK CS2 BY CRACOVSKYCRACKED/stub.exe.config
-
Size
759B
-
MD5
a40b70b19e717b2628d2662b61e69f99
-
SHA1
c3d59349659cd82fb6b8c093a3df72846541573a
-
SHA256
67818858dae8a4d85a158d68ca50bfef345a730dbf12461cfb700f30edee460c
-
SHA512
2dfca6af0d7daeafa4803fbf971843e70678eb2ecc73f8559d39a617721c3a9362eba9fd4d158a1227a50d96b6711a9bd9f694eb10532e7caa9694aefa81b794
Score3/10 -