Overview

overview

10

Static

static

10

SS Tool [E....3.exe

windows7-x64

5

SS Tool [E....3.exe

windows10-2004-x64

5

SS Tool [E...or.exe

windows7-x64

5

SS Tool [E...or.exe

windows10-2004-x64

5

SS Tool [E...ng.exe

windows7-x64

7

SS Tool [E...ng.exe

windows10-2004-x64

7

$PLUGINSDI...ng.exe

windows7-x64

3

$PLUGINSDI...ng.exe

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

SS Tool [E...ui.jar

windows7-x64

1

SS Tool [E...ui.jar

windows10-2004-x64

7

SS Tool [E...er.exe

windows7-x64

7

SS Tool [E...er.exe

windows10-2004-x64

7

SS Tool [E...or.exe

windows7-x64

3

SS Tool [E...or.exe

windows10-2004-x64

3

SS Tool [E...ew.exe

windows7-x64

9

SS Tool [E...ew.exe

windows10-2004-x64

9

SS Tool [E...st.jar

windows7-x64

1

SS Tool [E...st.jar

windows10-2004-x64

7

SS Tool [E...ew.chm

windows7-x64

1

SS Tool [E...ew.chm

windows10-2004-x64

1

SS Tool [E...ew.exe

windows7-x64

4

SS Tool [E...ew.exe

windows10-2004-x64

4

SS Tool [E...ch.lnk

windows7-x64

3

SS Tool [E...ch.lnk

windows10-2004-x64

3

SS Tool [E...IN.lnk

windows7-x64

3

SS Tool [E...IN.lnk

windows10-2004-x64

3

Analysis

  • max time kernel
    121s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    23-05-2024 05:07

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    SS Tool [Extract]/Applications/CheatDetector.exe

  • Size

    183KB

  • MD5

    ee9c8749cc266c1dd6a9e4cd6c383043

  • SHA1

    98a9f8f9bd5c325c813e63f5596b6b84f9e32b72

  • SHA256

    7cd1d198a0f047e3bebec1c1fbff331218f7c132f20a49413ee2048446808e2e

  • SHA512

    28e5c1cc7f722b37f448fc1610fcab241a683bba147a27e5e3911d7b4a24fd710d41366469ffe2c824b7c5d9db9a545176f782328faee41e0336f205b941fd47

  • SSDEEP

    3072:ui08qSCLfDE6VODGTk2Uu5Slpe2xrB7nn2igJfIV5yHQMHt:WvSCLfDfIGFUiUpeM4J0ywMHt

Score
5/10

Malware Config

Signatures

  • Suspicious use of NtCreateThreadExHideFromDebugger 1 IoCs
  • Suspicious use of NtSetInformationThreadHideFromDebugger 2 IoCs
  • Suspicious behavior: EnumeratesProcesses 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\SS Tool [Extract]\Applications\CheatDetector.exe
    "C:\Users\Admin\AppData\Local\Temp\SS Tool [Extract]\Applications\CheatDetector.exe"
    1⤵
    • Suspicious use of NtCreateThreadExHideFromDebugger
    • Suspicious use of NtSetInformationThreadHideFromDebugger
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of WriteProcessMemory
    PID:2116
    • C:\Users\Admin\AppData\Local\Temp\SS Tool [Extract]\Applications\CheatDetector.exe
      "C:\Users\Admin\AppData\Local\Temp\SS Tool [Extract]\Applications\CheatDetector.exe"
      2⤵
        PID:2188

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads