Overview

overview

10

Static

static

10

ExitLag.rar

windows7-x64

3

ExitLag.rar

windows10-2004-x64

7

ExitLag-Cr...24.rar

windows7-x64

3

ExitLag-Cr...24.rar

windows10-2004-x64

7

ExitLag-Cr...tadata

windows7-x64

3

ExitLag-Cr...tadata

windows10-2004-x64

3

ExitLag-Cr...ag.exe

windows7-x64

7

ExitLag-Cr...ag.exe

windows10-2004-x64

7

Creal.pyc

windows7-x64

3

Creal.pyc

windows10-2004-x64

3

ExitLag-Cr...AL.txt

windows7-x64

1

ExitLag-Cr...AL.txt

windows10-2004-x64

1

ExitLag-Cr...i.dart

windows7-x64

3

ExitLag-Cr...i.dart

windows10-2004-x64

3

ExitLag-Cr...ege.js

windows7-x64

1

ExitLag-Cr...ege.js

windows10-2004-x64

1

ExitLag-Cr...n.dart

windows7-x64

3

ExitLag-Cr...n.dart

windows10-2004-x64

3

ExitLag-Cr...n.dart

windows7-x64

3

ExitLag-Cr...n.dart

windows10-2004-x64

3

ExitLag-Cr...get.js

windows7-x64

1

ExitLag-Cr...get.js

windows10-2004-x64

1

ExitLag-Cr...tadata

windows7-x64

3

ExitLag-Cr...tadata

windows10-2004-x64

3

ExitLag-Cr...tadata

windows7-x64

3

ExitLag-Cr...tadata

windows10-2004-x64

3

ExitLag-Cr...up.bat

windows7-x64

7

ExitLag-Cr...up.bat

windows10-2004-x64

7

Analysis

  • max time kernel
    118s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    27-02-2024 11:57

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ExitLag-Crack-2024/ExitLag-Main/lib/main.dart

  • Size

    388B

  • MD5

    4157e54d00fbda4633e1126b6076a1ec

  • SHA1

    d6a1cc3d2e27328a0f240a73d2ee906a68e9eedd

  • SHA256

    9fe2b16628aa5a49a37fc7aab3d97b834da9166d09b839bd392047d4ebc78368

  • SHA512

    a23942ae474fb7dd0020b04940eab8bec796a13cbfc7e955777c3224a50c13bba20d3e13fecf49d4bdce93cbeab1b016f99bc787f5e6b118f3b65fd410839e0d

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 9 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\ExitLag-Crack-2024\ExitLag-Main\lib\main.dart
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2844
    • C:\Windows\system32\rundll32.exe
      "C:\Windows\system32\rundll32.exe" C:\Windows\system32\shell32.dll,OpenAs_RunDLL C:\Users\Admin\AppData\Local\Temp\ExitLag-Crack-2024\ExitLag-Main\lib\main.dart
      2⤵
      • Modifies registry class
      • Suspicious use of WriteProcessMemory
      PID:2588
      • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
        "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\ExitLag-Crack-2024\ExitLag-Main\lib\main.dart"
        3⤵
        • Suspicious behavior: GetForegroundWindowSpam
        • Suspicious use of SetWindowsHookEx
        PID:2560

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    10f02f153549d2f6738e6150b3cc3c5a

    SHA1

    1750c23f7e4c054d969d0a9f8d2ce1cfd858ce2e

    SHA256

    0551e881e9bc065c3dad00a97da2d1765a21c6336c4d163d7e23195e900550a7

    SHA512

    d193477776533e4f9a381cde70013a803fa1b88f2279bffa58ffe88916632d9f4e37f598090539d7980e8379c8ce38dad711f1def47a353011ef83a1b796b56b

    Download Submit