Analysis
-
max time kernel
120s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
28-05-2024 16:43
General
-
Target
MK PUBG Mobile Tool v1.0.7.exe
-
Size
41.3MB
-
MD5
5ae79f746c94fecc7bfa726392fd84bc
-
SHA1
f6578649d7a5893830cb8b0cb8a65ec8af125b05
-
SHA256
8b8fda7c1529afd4dd2d5e3688f0cc14555a0567af9c713b4501d87f001bfd8b
-
SHA512
e7eca5dd1d0f74e535894a72d07070686d8f4419e55c0a1f495344b231e709a2e6ca8b82f8ee706c62a4f742ab5a37d9225bc1e360e1b365905bcf6b9d96cd0f
-
SSDEEP
786432:3OPc65XA4pi/dG6hDUey3bDVyPVLtCQ/bwdbIrD2oF3zMLdq:+PJxAqi/E1hLpyPlwQ/bwds3zMxq
Malware Config
Signatures
-
Loads dropped DLL 1 IoCs
-
UPX packed file 1 IoCs
Detects executables packed with UPX/modified UPX open source packer.
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\MK PUBG Mobile Tool v1.0.7.exe"C:\Users\Admin\AppData\Local\Temp\MK PUBG Mobile Tool v1.0.7.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\MK PUBG Mobile Tool v1.0.7.exe"C:\Users\Admin\AppData\Local\Temp\MK PUBG Mobile Tool v1.0.7.exe"2⤵
- Loads dropped DLL
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Admin\AppData\Local\Temp\_MEI18962\python311.dllFilesize
1.6MB
MD5d59f72db95ff2c3cf20e4ed0eb1491cc
SHA1bf881eeae451249128a179965c490782ee0dfdca
SHA25668dbabb431460be3ee063d8b8d1f36bcba85afd4ca4793d44f331ec346743633
SHA5126681d67991f3d7e50dec29877b6b7c608c79ce486fe0b6fecc257fd75a46e2abc996fefb3c8d524dd83c2068f8e76047ba6f922549aee49df35604931668f595
-
memory/1220-346-0x000007FEF5E10000-0x000007FEF6400000-memory.dmpFilesize
5.9MB
-
memory/1220-378-0x000007FEF5E10000-0x000007FEF6400000-memory.dmpFilesize
5.9MB