Overview
overview
9Static
static
7Verse crac...or.exe
windows11-21h2-x64
1Verse crac...RU.exe
windows11-21h2-x64
1Verse crac...ll.exe
windows11-21h2-x64
1Verse crac...rt.exe
windows11-21h2-x64
5Verse crac...64.exe
windows11-21h2-x64
5Verse crac...er.bat
windows11-21h2-x64
1Verse crac...er.exe
windows11-21h2-x64
9Verse crac...er.exe
windows11-21h2-x64
7Verse crac...n].bat
windows11-21h2-x64
1Verse crac...15.exe
windows11-21h2-x64
9Verse crac...ip.dll
windows11-21h2-x64
1General
-
Target
Verse_crack_from_feds_and_nex.rar
-
Size
44.9MB
-
Sample
240420-d589msgb8w
-
MD5
ecc7330ca08f495670054173617861d6
-
SHA1
754203f2f19596ff59437ce0b271674e3efa1475
-
SHA256
2c6a1adc320f8512e7163ea1f624a248f323bd5d4c73eb14ba84f463b6b8f3e7
-
SHA512
ec4670b6340e9c5269d15de855efcac12f5e3c4911d0729eafd664bfd4fb2270dd7c4d02829e546d32b38fca58aa759ebb2402dd00d578120a9928e8cc2b3998
-
SSDEEP
786432:h+Xffdv0lEEnyNXloQk8fLgVXcqzJjnK7O0T378jDkV94zQBAtc0YZMh7CCQqVln:afdva8DfHfLgVMeKLT3OkTYiASlZIBK6
Behavioral task
behavioral1
Sample
Verse crack from feds and nex/Injector.exe
Resource
win11-20240412-en
Behavioral task
behavioral2
Sample
Verse crack from feds and nex/Monitor Spoof/CRU.exe
Resource
win11-20240412-en
Behavioral task
behavioral3
Sample
Verse crack from feds and nex/Monitor Spoof/reset-all.exe
Resource
win11-20240412-en
Behavioral task
behavioral4
Sample
Verse crack from feds and nex/Monitor Spoof/restart.exe
Resource
win11-20240412-en
Behavioral task
behavioral5
Sample
Verse crack from feds and nex/Monitor Spoof/restart64.exe
Resource
win11-20240412-en
Behavioral task
behavioral6
Sample
Verse crack from feds and nex/Serialcheckers/Backup serialchecker/Serialchecker.bat
Resource
win11-20240412-en
Behavioral task
behavioral7
Sample
Verse crack from feds and nex/Serialcheckers/Mac-checker.exe
Resource
win11-20240412-en
Behavioral task
behavioral8
Sample
Verse crack from feds and nex/Serialcheckers/Serialchecker.exe
Resource
win11-20240412-en
Behavioral task
behavioral9
Sample
Verse crack from feds and nex/Serialcheckers/Wifi & Bluetooth disabler/Disabler [Run Admin].bat
Resource
win11-20240412-en
Behavioral task
behavioral10
Sample
Verse crack from feds and nex/Verse V4.15.exe
Resource
win11-20240412-en
Behavioral task
behavioral11
Sample
Verse crack from feds and nex/rip.dll
Resource
win11-20240412-en
Malware Config
Targets
-
-
Target
Verse crack from feds and nex/Injector.exe
-
Size
38KB
-
MD5
a19948457af73fe0f3c49b49badf6abd
-
SHA1
4ea1c82444ba61bcb7dfa189acbfc80847fe42da
-
SHA256
3b6136a46763fc80aa5e6bcffd52023ec36678bc9d2dbf87f1f8527861a67a86
-
SHA512
d035be1546ae86a33aaf682dfa20aa35d3d5ea350e11ef61849e4ec03d63673e1726b18b3f9abfa8e7b4d4d76cca45411bf106bb6425c2da048601ccaf2848f0
-
SSDEEP
768:agK4Vns9VKClWwy0pGtqXnF/PME2+0nhMkTdhKVlD7+ZsRID6+:agWLKCl9yYW5TikTdQVlD7JID
Score1/10 -
-
-
Target
Verse crack from feds and nex/Monitor Spoof/CRU.exe
-
Size
1.2MB
-
MD5
0f69af48c32613f73c6acb87a7d18661
-
SHA1
0756ae84f3b58aec29f4b9a2888624ca879f7856
-
SHA256
0351a943ca93558ff36f74c3f0c768dceb724e833e282abcf1be5b2e71d5c67b
-
SHA512
2b30c079831a30683aabc0effa6bb60c84a960c2bcda1ce5da204bebc2050a359ec2cf36df426a0d227165afb9c4b9401fd0316b2504394c7876ed177fff2377
-
SSDEEP
24576:tLEWuIj9T0gR1U2vfVD8sA15qkJ1K3mbDQca9L32GY:twfIj9T0ujvTO6L3
Score1/10 -
-
-
Target
Verse crack from feds and nex/Monitor Spoof/reset-all.exe
-
Size
51KB
-
MD5
3d47586c62bf61dac639d8cc1bf43ee7
-
SHA1
36f605e1fb7cae972c6723ded6a5f126f36a8d01
-
SHA256
70639c195430afb92799d711ed784406bfdfd04c648d5f3e4d9873da0063660b
-
SHA512
638a75c0159de8553e8071a68b5a4355bfc002489d9ed62bfbb1019d287073a555133bd4a55abd68c51b3e2a1616f586a26998ce32ade322cd72ffeab5ffe105
-
SSDEEP
768:Jd0XBRNU+hV81e14G8xGvMhBmqVHhc6ZrLy01fA5Egt2rHNZAEDFn27DQNE5B:b0XbeQ8xG0Kqjc6lLFfSortZBMDu8
Score1/10 -
-
-
Target
Verse crack from feds and nex/Monitor Spoof/restart.exe
-
Size
63KB
-
MD5
8242ce426ad462eff02edae1487a6949
-
SHA1
9a4f382d427e0de729053535aaa3310cac5f087b
-
SHA256
b68ee265308dc9da7dbb521bb71238d27ac50a5ee816f21c13818393be982d7a
-
SHA512
aff43a78d29ede49eac386d9b0b44d0f37d5a20bdda8553369d68dec90bbc727c6dd8fe239987a9d2e3affaeff8b72b5023ed973d7aecfbb99de46dca8c99ef1
-
SSDEEP
768:xa+/MMnf2XivrjhmxEQSQIjDaGva2XaT+CSxKUAch9Itvo7vq2XFelWn2iED5Vx0:xa0wstmSpDaGS2RCSxK28otXFQwUx
Score5/10-
Drops file in System32 directory
-
-
-
Target
Verse crack from feds and nex/Monitor Spoof/restart64.exe
-
Size
73KB
-
MD5
297aa19bade534a791d053ca190b74ad
-
SHA1
15cb6a33994f75fe9e30a2afbc8a7e4616b63962
-
SHA256
5f779bb822aedaf5bd11693cdf73f6c7c3342f37371a78c07c2aca1e15dbfd00
-
SHA512
df883950c598f31b81f22a68b2a9fed7459dcad5084ec6e39399658b0492bcc458d9fc5bb80fda6bc994bed3241f969fc67a0b8e021fb82b040455d64776c625
-
SSDEEP
1536:8vXMJl7uRupZzidl/T+Dnx86Rpy4roKsIrryeq3OTM:8vMJl6RAZu/T+7x8qpRM8rNcOTM
Score5/10-
Drops file in System32 directory
-
-
-
Target
Verse crack from feds and nex/Serialcheckers/Backup serialchecker/Serialchecker.bat
-
Size
2KB
-
MD5
88d4cd0ecd8b80204a867b085cc7af7f
-
SHA1
88367c0259581943a45f77683e22a180d3286ca5
-
SHA256
40e615e60f1de58259a9d440ebc2e9f757221ad07f35ff3dae2ef57ba8279976
-
SHA512
b8949ef027e08c742f7a681991532e0fee97abd96b720b8cdb2bb6a9e1fea4c9c7c693ccc62a220e20c0832e47a47869bc045f3e997b742d9db51a988f832ece
Score1/10 -
-
-
Target
Verse crack from feds and nex/Serialcheckers/Mac-checker.exe
-
Size
4.3MB
-
MD5
23c1ce038611001835e2192fc31229e8
-
SHA1
13c0c1944de37603265115ed5cf2a934de449f36
-
SHA256
577c7eda29b869de5793131ced4cd54fd222619e1c00765e0b3f16f1240239a3
-
SHA512
b560f1c4b7bb9ccb57d36099320ab70790f2b04954483a4d8ff2bcb67cfcece1234bddbb4f0c8c9685dc209bfac74dae161b38cc83cdc61f504b29c095bbc22f
-
SSDEEP
98304:xOFr0xNl6tHTzYcJnoqVgKw0RGVGB5kv3Hav+2+VeE5Hd:US/GTuq9MgxUeE
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
-
-
Target
Verse crack from feds and nex/Serialcheckers/Serialchecker.exe
-
Size
10.6MB
-
MD5
cf543d52d92d821555096ccefea80b9b
-
SHA1
b0c9e85d0738164562d9e5fc0d70a4cb2a971a51
-
SHA256
232e2e13b72be736fd0517b01daaa51236a5023d265050bbc2e92651837c96d8
-
SHA512
7592a9e1b5f2d56f25a7a131f87b99030b4048fecd0d6eab253c77890755afee112c4002dd5d0519ff61626382526f4d1deba35655f935c4b45cba3563c0dbf5
-
SSDEEP
196608:8soA+1W903eV4Q+tpDjIIAcwD/au5p0W8/LQhoANNOSEDRPQv/k9jpIi:wW+eGQ69jo/au5qW80hoA/bg5u
Score7/10-
Loads dropped DLL
-
-
-
Target
Verse crack from feds and nex/Serialcheckers/Wifi & Bluetooth disabler/Disabler [Run Admin].bat
-
Size
1001B
-
MD5
f231be56f8dd034fd9e62fe67b120dec
-
SHA1
c0a4b9d91f5934f00a6cc28cdad56dfee45d3116
-
SHA256
ff5735d7157d43beaf0ea13eae9dc29619d9384a79c0009c7b0ada9d722f0a30
-
SHA512
0da567136e8e24ed1cdcd27633ba2f68c26c9fcc3038d1d7a041516e187d97c9a1fc22eb57552f4a4378e58daeb297991e95f388530fa38e12c67ddcf50b22dd
Score1/10 -
-
-
Target
Verse crack from feds and nex/Verse V4.15.exe
-
Size
30.0MB
-
MD5
15ee2efb6fe685d6d5217c58c33d98e2
-
SHA1
4a6b8fcb5c21621a81c35cd367e186985044408c
-
SHA256
336c6f0d9de3de21f971c92e2239dac504580b4259602f9d602d0c4d7a2dacce
-
SHA512
23f0b7cd6b1412bd1a97910efd0462e3078139fafe3cc857d0969fb432448d85b65273822bee6daee8903394230fa15a83fb1a1326580d02490dbf8015f43239
-
SSDEEP
786432:3zKrKrbA+pjd0AG04wFoVKjPZCgJVehG4+d:D8K/A+pB0GZomCeVS+d
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
-
-
Target
Verse crack from feds and nex/rip.dll
-
Size
115KB
-
MD5
b865b83b699bad54c7cfdb66154b806b
-
SHA1
fe3a90ae3df5dcd25a27435a4137c8a6ecb89585
-
SHA256
a9c39d3bf6befec28b85950841353eab96e83812dc6f5e05d91a8bcbe9be6704
-
SHA512
272f4101c62e1345edbbb9c217c81930c0be5b1363a14047da7395ef778c6651160ec2f98eac9138ab22e78e9aef4352ffbae4f13baf0f1495b61f3efabc4dcc
-
SSDEEP
1536:+9Dtf0cwp0UFw5G//pu3nj7alhA3DADLA/PX1TACXOFe9sTAt8IAm+:+tt8cwp9puXfal2EDuXEssct8IAm
Score1/10 -