Overview

overview

7

Static

static

3

Valorant T...1).rar

windows10-1703-x64

7

Valorant T...g.json

windows10-1703-x64

3

Valorant T...in.exe

windows10-1703-x64

7

Valorant T...ain.py

windows10-1703-x64

3

Analysis

  • max time kernel
    135s
  • max time network
    140s
  • platform
    windows10-1703_x64
  • resource
    win10-20240221-en
  • resource tags

    arch:x64arch:x86image:win10-20240221-enlocale:en-usos:windows10-1703-x64system
  • submitted
    05/03/2024, 14:17

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    Valorant Triggerbot/main.py

  • Size

    3KB

  • MD5

    6a7506e226903d8f9132c6ad97088d26

  • SHA1

    399a1e88f08467b19cd52b367efcb6c717552af3

  • SHA256

    2ec9745da929ba830dd3539b7c1aa51847b1d9393401ce07361e3622c1908d3f

  • SHA512

    c1b26114e8cc509f505f6888c7883cec6c8f55a219594d8163b5ae43ba3728d2e7102eaf726ec9ccd3ef08c5fcabe1b570af2304e94d043ea0d64a4dc9ea5a51

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 2 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 15 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c "C:\Users\Admin\AppData\Local\Temp\Valorant Triggerbot\main.py"
    1⤵
    • Modifies registry class
    PID:3980
  • C:\Windows\system32\OpenWith.exe
    C:\Windows\system32\OpenWith.exe -Embedding
    1⤵
    • Modifies registry class
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:436

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads