Overview

overview

10

Static

static

10

ExitLag.rar

windows7-x64

3

ExitLag.rar

windows10-2004-x64

7

ExitLag-Cr...24.rar

windows7-x64

3

ExitLag-Cr...24.rar

windows10-2004-x64

7

ExitLag-Cr...tadata

windows7-x64

3

ExitLag-Cr...tadata

windows10-2004-x64

3

ExitLag-Cr...ag.exe

windows7-x64

7

ExitLag-Cr...ag.exe

windows10-2004-x64

7

Creal.pyc

windows7-x64

3

Creal.pyc

windows10-2004-x64

3

ExitLag-Cr...AL.txt

windows7-x64

1

ExitLag-Cr...AL.txt

windows10-2004-x64

1

ExitLag-Cr...i.dart

windows7-x64

3

ExitLag-Cr...i.dart

windows10-2004-x64

3

ExitLag-Cr...ege.js

windows7-x64

1

ExitLag-Cr...ege.js

windows10-2004-x64

1

ExitLag-Cr...n.dart

windows7-x64

3

ExitLag-Cr...n.dart

windows10-2004-x64

3

ExitLag-Cr...n.dart

windows7-x64

3

ExitLag-Cr...n.dart

windows10-2004-x64

3

ExitLag-Cr...get.js

windows7-x64

1

ExitLag-Cr...get.js

windows10-2004-x64

1

ExitLag-Cr...tadata

windows7-x64

3

ExitLag-Cr...tadata

windows10-2004-x64

3

ExitLag-Cr...tadata

windows7-x64

3

ExitLag-Cr...tadata

windows10-2004-x64

3

ExitLag-Cr...up.bat

windows7-x64

7

ExitLag-Cr...up.bat

windows10-2004-x64

7

Analysis

  • max time kernel
    128s
  • max time network
    134s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    27-02-2024 11:57

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ExitLag-Crack-2024/ExitLag-Main/lib/login.dart

  • Size

    5KB

  • MD5

    e5ddd907e0aacdd154ff6b297dd66799

  • SHA1

    8e7ce65579875fb367895a7534d550df9f104cd0

  • SHA256

    bdb1eee36ab0eede0e9bbba1255da46d5a4ea9fd04a6a2a510c6d1017c42d5d7

  • SHA512

    9eb56d23a1c4013c6fe8bd938d90b2aed21424f85afcc1fd67a2533536294debfc85a3f7c408e31c0abc16730ccffb82b6a0874d86cad241ef171c74e95b75f2

  • SSDEEP

    96:2eFuImd8LQwOv4KJhMxP8DUj4f4zB4X40MOwwLVu:2eFAdmQwR+UxpHwLVu

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 9 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\ExitLag-Crack-2024\ExitLag-Main\lib\login.dart
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2088
    • C:\Windows\system32\rundll32.exe
      "C:\Windows\system32\rundll32.exe" C:\Windows\system32\shell32.dll,OpenAs_RunDLL C:\Users\Admin\AppData\Local\Temp\ExitLag-Crack-2024\ExitLag-Main\lib\login.dart
      2⤵
      • Modifies registry class
      • Suspicious use of WriteProcessMemory
      PID:2472
      • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
        "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\ExitLag-Crack-2024\ExitLag-Main\lib\login.dart"
        3⤵
        • Suspicious behavior: GetForegroundWindowSpam
        • Suspicious use of SetWindowsHookEx
        PID:1772

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    290bbc9b47c71d25bc13924be4f151a2

    SHA1

    1a6e42ea5d30a03fced5fd4e59bd870776945c60

    SHA256

    6954880d5727bcfcfe43d8e3335c3e7c1f4c418da234d627165a3b906cf230d5

    SHA512

    8f9d0d58527d8ac2c16b8ff8abd43c157b50e9f959d6400dacda6b4d49ada39d54f250d9efecd7da8f42bbcffd0a05fde7063a4a51ae0e4c004fbc79c602a9de

    Download Submit