cb9ad75dc33afadc63e4c093b9e81daf4683555290dbad6cbf2ea9f88970cf87 | Triage

Sharing

General

Target

notACheat.exe
Size

20.0MB
Sample

240522-27x66acf86
MD5

d59e7ebb0e8ce630c561b8b8ad6edb8c
SHA1

f94d4a05d71b08df5d1bb002d33f49c142292bb2
SHA256

cb9ad75dc33afadc63e4c093b9e81daf4683555290dbad6cbf2ea9f88970cf87
SHA512

ac7cef21cc6bedd9445406339edd36a831bf5a2195abc519b25cdbf15233268d0de74049627ec230dc11e37a4cd36490bcd1feb124f285decb9a08b389e62658
SSDEEP

393216:WhuHNh7QTX4rU97dbxbIqBZTo4r/stbUGxQhQ3HJlAuXwS39b3:WO6hByFxQUH1Xwy

Score

8^/10

Malware Config

Targets

- Target
  
  notACheat.exe
- Size
  
  20.0MB
- MD5
  
  d59e7ebb0e8ce630c561b8b8ad6edb8c
- SHA1
  
  f94d4a05d71b08df5d1bb002d33f49c142292bb2
- SHA256
  
  cb9ad75dc33afadc63e4c093b9e81daf4683555290dbad6cbf2ea9f88970cf87
- SHA512
  
  ac7cef21cc6bedd9445406339edd36a831bf5a2195abc519b25cdbf15233268d0de74049627ec230dc11e37a4cd36490bcd1feb124f285decb9a08b389e62658
- SSDEEP
  
  393216:WhuHNh7QTX4rU97dbxbIqBZTo4r/stbUGxQhQ3HJlAuXwS39b3:WO6hByFxQUH1Xwy
Score

8^/10
- Manipulates Digital Signatures
  Attackers can apply techniques such as changing the registry keys of authenticode & Cryptography to obtain their binary as valid.
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Subvert Trust Controls

SIP and Trust Provider Hijacking

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2