cb73a9806e39e7c694cd79bbdb0fd3c836ec82810f6ded1852aa1ac9c7b3012c | Triage

Sharing

General

Target

CheatEngine75.exe
Size

28.5MB
Sample

240221-zkdswsfb4z
MD5

8cef61e2080c38400698bc3265fd7f95
SHA1

a174b7dd8bd1eacfa6a9accd878c16bdc8aa1936
SHA256

cb73a9806e39e7c694cd79bbdb0fd3c836ec82810f6ded1852aa1ac9c7b3012c
SHA512

81781fdb49a3b949725ff508a96eef01599ff90c2fd42f104dda311cfb37dfb90d4aa38d0d4694634c3a469fbdac4c7421a5aee99067536848bbc50bda4658cb
SSDEEP

786432:0TCxuEnwFho+zM77UDZiZCd08jFZJAI5E70TZFH:02EXFhV0KAcNjxAItj

Score

8^/10

discovery evasion

Malware Config

Targets

- Target
  
  CheatEngine75.exe
- Size
  
  28.5MB
- MD5
  
  8cef61e2080c38400698bc3265fd7f95
- SHA1
  
  a174b7dd8bd1eacfa6a9accd878c16bdc8aa1936
- SHA256
  
  cb73a9806e39e7c694cd79bbdb0fd3c836ec82810f6ded1852aa1ac9c7b3012c
- SHA512
  
  81781fdb49a3b949725ff508a96eef01599ff90c2fd42f104dda311cfb37dfb90d4aa38d0d4694634c3a469fbdac4c7421a5aee99067536848bbc50bda4658cb
- SSDEEP
  
  786432:0TCxuEnwFho+zM77UDZiZCd08jFZJAI5E70TZFH:02EXFhV0KAcNjxAItj
Score

8^/10

discovery evasion
- Stops running service(s)
  evasion
- Modifies file permissions
  discovery
- Checks for any installed AV software in registry
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

File and Directory Permissions Modification

Impair Defenses

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

Software Discovery

Security Software Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Service Stop

Tasks

static1

behavioral1

discoveryevasion

behavioral2