General
-
Target
LDPlayer9_es_com.activision.callofduty.shooter_3210_ld.exe
-
Size
3.3MB
-
Sample
240318-psrdvagg73
-
MD5
7c2e5ef59e9589422bcd5bf3726fbcb1
-
SHA1
c4dac6966ac4cd3500d6a7fe44138a0db639d507
-
SHA256
6870e8dbcfaf543500add1d303de528c34e3b1f4d4424b0097c4ffb408a44fcd
-
SHA512
28870d9cb07f964ba0ecedfb25762cb4530bda869cc717dd4fffcd176085f03c05fd129b23e826dd6ac33ae6af8132bf9dc317ebffb52448b83236ad2349ca45
-
SSDEEP
49152:XZi5hu7I/BzfK/ZHg1pHtOUYqP3CFOrtG/RR9sXafgkDFMVR9C1UhPJXMK701hOw:XI5ht/BzfKW1t0xOouBiCV2Ht
Malware Config
Targets
-
-
Target
LDPlayer9_es_com.activision.callofduty.shooter_3210_ld.exe
-
Size
3.3MB
-
MD5
7c2e5ef59e9589422bcd5bf3726fbcb1
-
SHA1
c4dac6966ac4cd3500d6a7fe44138a0db639d507
-
SHA256
6870e8dbcfaf543500add1d303de528c34e3b1f4d4424b0097c4ffb408a44fcd
-
SHA512
28870d9cb07f964ba0ecedfb25762cb4530bda869cc717dd4fffcd176085f03c05fd129b23e826dd6ac33ae6af8132bf9dc317ebffb52448b83236ad2349ca45
-
SSDEEP
49152:XZi5hu7I/BzfK/ZHg1pHtOUYqP3CFOrtG/RR9sXafgkDFMVR9C1UhPJXMK701hOw:XI5ht/BzfKW1t0xOouBiCV2Ht
Score10/10-
Cobalt Strike reflective loader
Detects the reflective loader used by Cobalt Strike.
-
Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
-
Detect ZGRat V1
-
Guerrilla
Guerrilla is an Android malware used by the Lemon Group threat actor.
-
Guerrilla payload
-
ZGRat
ZGRat is remote access trojan written in C#.
-
Creates new service(s)
-
Possible privilege escalation attempt
-
Modifies file permissions
-
Checks for any installed AV software in registry
-
Downloads MZ/PE file
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-