98b52813707d4293c6150cd7e602240ad1ca266807c3c7225f2a3dbf6de7a13d

Sharing

Copy URL

Twitter E-mail

General

Target

MerekV3.08_Lite.rar
Size

6.0MB
Sample

240409-r2xy4ada7y
MD5

f2bd1f51b61709643431a7b76fe711d3
SHA1

6a2b399f69060f506b57e9086cd885f5a97e53b3
SHA256

98b52813707d4293c6150cd7e602240ad1ca266807c3c7225f2a3dbf6de7a13d
SHA512

473bd23c632b6153e670b0576e56d842eef2fac7efd2622c6205e478c41d34f525dc50b7ad7a7f6c62e131d6d45ece2f982bbb15291b3aff8262a0f95400396c
SSDEEP

98304:/1nBT6FapjeZ+FOT5YFUbnppHpMlr5QwlUPwR6KF8IlSezJZQIDb+3wrahHR/w4a:/1nBXqZ+MlsUbppH21lU4R6KFjxVZHz5

Score

7^/10

Malware Config

Targets

- Target
  
  MerekV3.08_Lite.rar
- Size
  
  6.0MB
- MD5
  
  f2bd1f51b61709643431a7b76fe711d3
- SHA1
  
  6a2b399f69060f506b57e9086cd885f5a97e53b3
- SHA256
  
  98b52813707d4293c6150cd7e602240ad1ca266807c3c7225f2a3dbf6de7a13d
- SHA512
  
  473bd23c632b6153e670b0576e56d842eef2fac7efd2622c6205e478c41d34f525dc50b7ad7a7f6c62e131d6d45ece2f982bbb15291b3aff8262a0f95400396c
- SSDEEP
  
  98304:/1nBT6FapjeZ+FOT5YFUbnppHpMlr5QwlUPwR6KF8IlSezJZQIDb+3wrahHR/w4a:/1nBXqZ+MlsUbppH21lU4R6KFjxVZHz5
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2
- Target
  
  MerekV3.08 Lite/Merek Aimbot/README.md
- Size
  
  752B
- MD5
  
  f8238688955ceec65b8a30c8c803d942
- SHA1
  
  e03ecc55bcf254bae6801cdb0d351854b21a7739
- SHA256
  
  38c0d0c16fb615672b9c5635bfcdc569670deb4194d16fdb87585a7a813aac21
- SHA512
  
  d55794aee2beae7e892b03843b3837ffd4de91f72b33054c9516e8c5434f106e732800a1ded9f40d3445f469fad808815695956fe374a6a0da927dda1175b740
Score

3^/10
behavioral3 behavioral4
- Target
  
  MerekV3.08 Lite/Merek Aimbot/__pycache__/keyauth.cpython-310.pyc
- Size
  
  19KB
- MD5
  
  03913d5dcd09637c06deba35d3cf8ab6
- SHA1
  
  3c49ea419bcd02e50a5102e60387d09a079b7d57
- SHA256
  
  f97e0981bbfec62065e9101300ab345f2389c6b94606a2ea655b8c38e11aa575
- SHA512
  
  8be7da1ba56dd7b2e62e7f4db6d96fa0ac04bcddb231c36a79d3cdf55a5af5f5808b1604ee5552943665cb39298fc1f9c163f796284c8268606a8782f688a8ba
- SSDEEP
  
  384:8PZGJybYD3edL4xzhmp2Ugcem86Rv+dxbpqYSLDYmG0iLnOVy:qjNk7mp2GeX6RvKbpqYSAmH0nCy
Score

3^/10
behavioral5 behavioral6
- Target
  
  MerekV3.08 Lite/Merek Aimbot/install_requirements.bat
- Size
  
  38B
- MD5
  
  4dcef1a00fab20e9bc78bf6604610423
- SHA1
  
  dd6713f82e6b5db2b228ff82df9c02f8cf66943a
- SHA256
  
  951f2e24c2a3f7ec40b2c8b12b984c72c1c98acc6489ec33d8f0f065ef877130
- SHA512
  
  3cc1cab42b3d3827298449976532da31468fcc2533769a51c96d3b1276b132daee2e2cd62f1c1bacae804786c44fb55f98f9b2de1ca9b124b2130bfa2f5a7cc6
Score

1^/10
behavioral7 behavioral8
- Target
  
  MerekV3.08 Lite/Merek Aimbot/lib/__pycache__/aimbot.cpython-310.pyc
- Size
  
  7KB
- MD5
  
  1600e4aa01c3395c20c32e50376a8eb8
- SHA1
  
  6097a7d5eb71bf374d4b9fd78ed2f4f7497fece8
- SHA256
  
  fb3ddedf915a53ca980945bf47c19919ca9715121cc962de3d04fa11be5b5d87
- SHA512
  
  8dc852cd6f7edf15d6efa07ac8887ce0c3cfc597fc2bae351acb289b69538dee10b3a320754068a2e04c074df8355a1a5f6ed260afc1459d3b181b1e7831287e
- SSDEEP
  
  192:MwL7DLzlxs2eNKSLcJm23DqHpQguEANeLIvjS+zQWe5mwH+jD7OW/NZO9qGP+xO9:Ms7DLzD1eNKSL4yMND/G+KWkq6+09
Score

3^/10
behavioral10 behavioral9
- Target
  
  MerekV3.08 Lite/Merek Aimbot/lib/aimbot.py
- Size
  
  34KB
- MD5
  
  04e7fdcd4824b4926faf0672c6184669
- SHA1
  
  32dfc09985a2a08e0902fa32167a3792ea5a84a5
- SHA256
  
  eee9a338a1c8abdb35f2bc3dec224e803f7392625590369c361a177206a9dd1f
- SHA512
  
  bdff9f007288bb62a6ba8b8c4ad4ad5abd81be1e5258466a9e762591dd679280b29d11c0c79912721d4de5473f72cc4e53467ed0fa774bd3148a06b8152e16a9
- SSDEEP
  
  768:RS7dB1VkMpBJhcY3ZNBIHNNgmTns+2YxxM5L0s2YfuIb2eQETf4swoK27:RyvVkM42u7guxM5I7aSeQEfGoD
Score

3^/10
behavioral11 behavioral12
- Target
  
  MerekV3.08 Lite/Merek Aimbot/lib/best.pt
- Size
  
  6.3MB
- MD5
  
  af3c08402ed7adce6509a46e14e80404
- SHA1
  
  3366b883a2867fea070dda6341521b0e47d3e58e
- SHA256
  
  298525255ca2fc00aebf18d3168bcec0a9ec04430de6ed8253e61c58a3a81870
- SHA512
  
  94e1d98b84b677ec710f1d753fb89a86dd43a8a9132156cb8032fdeeb62d2a1ccea8e771aa0744e490b13167ff3b27d3dff420f44d5757b46c74ad31b1868218
- SSDEEP
  
  196608:6fe92BxI8qxa6Z+FPdHiamU3XApQF29Jws2mjakp:MisG+FFXAY2rH2muY
Score

1^/10
behavioral13 behavioral14
- Target
  
  best/.data/serialization_id
- Size
  
  40B
- MD5
  
  9dde396202afc97ead0d54cb4128e63e
- SHA1
  
  2d8ebffc9b2c0dbaba7dbe99c44266b03a5640c6
- SHA256
  
  ecb2d5d775731fd39140b178de068382adab58e875604ff5ecf226d42d83f17e
- SHA512
  
  7616f9c440fa3fa508534fad5bc2fb08154b11b2962a6e563d59c57c081bd4cd18d82d39627a2fedbfd98d9501471df5986f35993ba1e9a22abc0b49593daded
Score

1^/10
behavioral15 behavioral16
- Target
  
  best/byteorder
- Size
  
  6B
- MD5
  
  aae6635e044ac56046b2893a529b5114
- SHA1
  
  4502229742dda5345d35a1c216dfadb1a96b3c68
- SHA256
  
  180ca01b95f0dfdd36fbb600e51cf6e46c8ef468de56b017847886fefaf7b6f9
- SHA512
  
  fdf15fe5cbcdcbc23d690a659855d564addea079e45456d66ebb5574bdf65902a4aa7cc184a3a606d5e5948d1da7b37e872c793074eddffc2974bf63cbb09ebc
Score

1^/10
behavioral17 behavioral18
- Target
  
  best/data.pkl
- Size
  
  114KB
- MD5
  
  3a9f943d6da55be64c0692ba897c7bac
- SHA1
  
  6257ec35f5e8bdc29655704c26a2c8ec3c1e4999
- SHA256
  
  9666a679353968e69c27f3a8cb21003311fec7b217ef0f95e6e7d659aaf17530
- SHA512
  
  aba7f27dcfe5e44aff819e39ced6690482e4e09f07c3c789a46a4380718e97be872be1b62df8fa52c989f23213fc0f2838afb17604f4e719924675b070488a16
- SSDEEP
  
  1536:2lBrbLLAm5kG5BFgBCaEbehLr8z2ildu9Jr7y+aZ/7NjaR/97o9JcCZee4zr3ZFa:2rvL5HbehLr8z2iWc0beuJ7sjBz3j
Score

3^/10
behavioral19 behavioral20
- Target
  
  best/data/0
- Size
  
  3KB
- MD5
  
  cc57c80a309157575c6fddfd6aa45271
- SHA1
  
  0fa18c4baf860c6c317d850e6fcf3254971d0ee7
- SHA256
  
  7a5a259af2830d09432e6c0143447ba85a20d1019860665dcbdd1d729cf50947
- SHA512
  
  beb6fc39a7e95c84d7746d68f51af9970ca70216ff4f96801968918b5967c48bb203dd98434f1734f40322e650f3b34ed8ef904bb22b05126ef1a603fc64f929
Score

1^/10
behavioral21 behavioral22
- Target
  
  best/data/1
- Size
  
  32B
- MD5
  
  dbf750386a1ba91d25c3d8f745124111
- SHA1
  
  9b0f80bec510b3b5fcf78f363596e808568ba09c
- SHA256
  
  de49d2e3ccc6cc8099cabe804110980a167b37e3e2855c70a8cbfb30cda05db7
- SHA512
  
  2b490697d83e50a0dddee118873ce9f95aa399809a149314b30e28d8874a065c9303d779595f54850158e0d16257d4ada498b257c98fb2a385fbaa6342b694e9
Score

1^/10
behavioral23 behavioral24
- Target
  
  best/data/10
- Size
  
  64B
- MD5
  
  3d353813e080f04e0f0f8c8ddc0016f1
- SHA1
  
  1b87d0fdb3def194e023eb206cfa811d68a80832
- SHA256
  
  564842e3ba687085485d1af2527175fe7df9ced15596402fc3f74c773ccd67da
- SHA512
  
  2b9f48bec34b57848ce12e82bcacc6467172fecc98bfc4196ef80b8cb9f9f8143d73d7dea19f0684dc66f8c1223be39bcc420f992689a1f8eec7e3e36224dfe7
Score

1^/10
behavioral25 behavioral26
- Target
  
  best/data/100
- Size
  
  128B
- MD5
  
  9f90f59e6a99e24b49d79507067f77f7
- SHA1
  
  d618acd7bc41bfd13fec2efa2a962c11ddc577f3
- SHA256
  
  64a3c1d59053fee43a797bba5b47f41417762affa0c9adbe22f97b8701453726
- SHA512
  
  5fc1d3c4953a68fb1f5946084538daf60e1f4f8062b29e5d56dcb1443cbc7b3991174bd2183d15af46619c1170643afd0941fc0740d5d5da1b384b7e4f6fb27a
Score

1^/10
behavioral27 behavioral28
- Target
  
  best/data/101
- Size
  
  8B
- MD5
  
  33cdeccccebe80329f1fdbee7f5874cb
- SHA1
  
  3da89ee273be13437e7ecf760f3fbd4dc0e8d1fe
- SHA256
  
  7c9fa136d4413fa6173637e883b6998d32e1d675f88cddff9dcbcf331820f4b8
- SHA512
  
  991294f43425a5b80f8a5907ca7cdbb611401282585a58bb415077005428e3b4c0f661fc07ba5c45f627bd8bdcb172389ce2fda461c029b837abc70f0abbea20
Score

1^/10
behavioral29 behavioral30
- Target
  
  best/data/102
- Size
  
  16KB
- MD5
  
  365df78387b9e635bb0dd1e194003b1c
- SHA1
  
  8d6ccb116a73565d9be6bc83c6d36f06cabb831b
- SHA256
  
  e1a6056eef7f09cef6b92727b5ca99f8a51b2716be38bc1c4cc3c4614c404d16
- SHA512
  
  53d0f77ab798bc61bc38c7652047ce9b21a175f459fe71791d6c0beaa6cc92843fd56c60b122e9b3f982592de96a809b438d51543f0ae85d1d468347acdd1739
- SSDEEP
  
  384:SyW1n9+fDkBQPAf/eUgLYf5J+DQAMGIEs6NYnSK4w2:SyEeDVPaeUgqEMGI56NnE2
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Checks computer location settings

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32