Overview

overview

3

Static

static

3

xvll.zip

windows7-x64

1

xvll.zip

windows10-2004-x64

1

AutoMax v1...er.exe

windows7-x64

1

AutoMax v1...er.exe

windows10-2004-x64

1

AutoMax v1...xe.xml

windows7-x64

1

AutoMax v1...xe.xml

windows10-2004-x64

1

AutoMax v1...ccount

windows7-x64

1

AutoMax v1...ccount

windows10-2004-x64

1

AutoMax v1...ntName

windows7-x64

1

AutoMax v1...ntName

windows10-2004-x64

1

AutoMax v1...VN.exe

windows7-x64

1

AutoMax v1...VN.exe

windows10-2004-x64

1

AutoMax v1...ources

windows7-x64

1

AutoMax v1...ources

windows10-2004-x64

1

AutoMax v1..._extra

windows7-x64

1

AutoMax v1..._extra

windows10-2004-x64

1

AutoMax v1...s.json

windows7-x64

3

AutoMax v1...s.json

windows10-2004-x64

3

AutoMax v1...config

windows7-x64

3

AutoMax v1...config

windows10-2004-x64

3

AutoMax v1...assets

windows7-x64

3

AutoMax v1...assets

windows10-2004-x64

3

AutoMax v1...es.dat

windows7-x64

3

AutoMax v1...es.dat

windows10-2004-x64

3

AutoMax v1...tor.js

windows7-x64

1

AutoMax v1...tor.js

windows10-2004-x64

1

AutoMax v1...ne.xml

windows7-x64

1

AutoMax v1...ne.xml

windows10-2004-x64

1

AutoMax v1...gs.xml

windows7-x64

1

AutoMax v1...gs.xml

windows10-2004-x64

1

AutoMax v1...rowser

windows7-x64

3

AutoMax v1...rowser

windows10-2004-x64

3

Analysis

  • max time kernel
    121s
  • max time network
    132s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    18/03/2024, 16:31

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    AutoMax v1.0.5 - Cracked by ElectroHeavenVN/Game/AutoMax_EHVN_Data/globalgamemanagers.assets

  • Size

    73KB

  • MD5

    95a3b2a9fbc5b928a09a4343d705a2b0

  • SHA1

    adacb9c7e74a9288f7426826a2cfeb20a87c288c

  • SHA256

    f887d428315321521f830c511c22647e5e3ae846b62d17637033c79879886df6

  • SHA512

    7b180748c56fe794425e334fe7df5e93f4df15fe119dec66c615a9b9750dc63581ed79c727be064ee110fd8836c8c2b187d65a2a67121cf151ade3a2cb47cd9e

  • SSDEEP

    1536:k4mpVzKIjT+tRioYGQSRdIcGEoOgWsebgnjakCU:krVzKIjvSpgvCU

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 9 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c "C:\Users\Admin\AppData\Local\Temp\AutoMax v1.0.5 - Cracked by ElectroHeavenVN\Game\AutoMax_EHVN_Data\globalgamemanagers.assets"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2100
    • C:\Windows\system32\rundll32.exe
      "C:\Windows\system32\rundll32.exe" C:\Windows\system32\shell32.dll,OpenAs_RunDLL C:\Users\Admin\AppData\Local\Temp\AutoMax v1.0.5 - Cracked by ElectroHeavenVN\Game\AutoMax_EHVN_Data\globalgamemanagers.assets
      2⤵
      • Modifies registry class
      • Suspicious use of WriteProcessMemory
      PID:2848
      • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
        "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\AutoMax v1.0.5 - Cracked by ElectroHeavenVN\Game\AutoMax_EHVN_Data\globalgamemanagers.assets"
        3⤵
        • Suspicious behavior: GetForegroundWindowSpam
        • Suspicious use of SetWindowsHookEx
        PID:2540

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
          Filesize

          3KB

          MD5

          7e53e2b8539762d413311955ee4dde73

          SHA1

          7eaf917b476f341a7b51da97c2cf7a084fbe54dd

          SHA256

          9b7f9d9cada61dd7f32a10969a6575dc4abb94530b98e2c5750ba096541e4c8d

          SHA512

          79d2e55e4a6c93fee35a2ec5e427dcd736252a7809c01f6c574a6e3d0ae032c5dec6252832899cb8e8c24dbad8684780d1cf2baf2781244be08241238bceb9e9

          Download Submit