General
-
Target
904a1842c8217a9860c24fc6ba2b8507_JaffaCakes118
-
Size
2.8MB
-
Sample
240603-c7rlyahg84
-
MD5
904a1842c8217a9860c24fc6ba2b8507
-
SHA1
0e94d2329eb9e8ab28c5c1edd3647ad1699cde37
-
SHA256
427be8d59d87591b2c48947a7d0c753a1bc968f9a97581c8a0d1fd231cc0e69d
-
SHA512
5e8544677cd31ee8ef44f30674a2f191fe94004f811ffdd6da72a9e6b43ab4be658378516d167ca872b4af93feb123586d90918e11ad1ae0c98f1c6f7aa602e0
-
SSDEEP
49152:ACqNsLONZmB08pukG56TGPm9DvQwQzPVMcXWAvSDL4ZTf4MKW1nZhj4Zj:zOm0gG5gGOlvQwQDPvSDL4TKW2
Static task
static1
Behavioral task
behavioral1
Sample
小望造梦西游4修改器V2.1.1/小望造梦西游4修改器V2.1.1.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
小望造梦西游4修改器V2.1.1/小望造梦西游4修改器V2.1.1.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral3
Sample
小望造梦西游4修改器V2.1.1/更多软件下载.url
Resource
win7-20240508-en
Behavioral task
behavioral4
Sample
小望造梦西游4修改器V2.1.1/更多软件下载.url
Resource
win10v2004-20240426-en
Behavioral task
behavioral5
Sample
小望造梦西游4修改器V2.1.1/飘荡软件.url
Resource
win7-20231129-en
Behavioral task
behavioral6
Sample
小望造梦西游4修改器V2.1.1/飘荡软件.url
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
小望造梦西游4修改器V2.1.1/小望造梦西游4修改器V2.1.1.exe
-
Size
3.0MB
-
MD5
aae1b4d20ffe4bfc8af082ecd8574e60
-
SHA1
f728ac1fcf2dee3feb278d7c014ca11abe885938
-
SHA256
3a7aea33780a37028cb04ff072a103f29b048330b6af70867d04ea44cfb1b244
-
SHA512
cb4a830e96214aa0803fe46c90f9efba4a29a09e502b8d40e7052dd61674691eba9e939cb511c61b87b9a687a814da7291b78ad28fb177616ded5c53f3040823
-
SSDEEP
49152:UdW+XK36Qh8Ae0J6/fqEOr59FfRUc4rdPlGk5H9d5XmIUwQLDdaFBXf1mhMAA7:UJiX8AHFEC9FfRU9dth/5Xm+qDdaFBtt
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Loads dropped DLL
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
-
-
Target
小望造梦西游4修改器V2.1.1/更多软件下载.url
-
Size
204B
-
MD5
94e540428ac8f3545fec78c2b3dd8c0e
-
SHA1
cd46c366b68af03fc8fa4fa097f9815d43e4c2e8
-
SHA256
357214eb50712a5c8663ef263c458cb4ebbbc27e64d73ab5e32c82f60a7b80c8
-
SHA512
3c7876c3a18e1ba98329392ac1b940c479552b361386ce3776622ae557e4d3d8cee045d162a614a302a603cb4615024258703e0652f41541e043fcf7ecdff539
Score1/10 -
-
-
Target
小望造梦西游4修改器V2.1.1/飘荡软件.url
-
Size
320B
-
MD5
c404bacb30424b525bf6dfcab807f461
-
SHA1
4fdc923fbbeafcb4ee150f4f82597ae72d1f4df6
-
SHA256
8dc8673d85feb2d358e80a498ca7e649b46b8af119ebaf32126099df3cc5fea3
-
SHA512
48b370b8a2a81ae5f3f57752b06f119b8bea0efc19b2ccf31683b5a9456ece68200ee2fb7826bc24c598311be925829be8084e1535f61330d8b91ba4b8d5f74a
Score1/10 -