Overview

overview

7

Static

static

7

AntiSkid.dll

windows7-x64

1

AntiSkid.dll

windows10-2004-x64

1

Spark Clicker.exe

windows7-x64

7

Spark Clicker.exe

windows10-2004-x64

7

SparkCrack.exe

windows7-x64

1

SparkCrack.exe

windows10-2004-x64

1

Resubmissions

06-06-2024 14:26

240606-rr1x1agc93 7

06-06-2024 14:23

240606-rqb79agc63 7

06-06-2024 14:19

240606-rm83tafc5s 7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Spark.zip

  • Size

    6.8MB

  • Sample

    240606-rm83tafc5s

  • MD5

    fb6a28a908295100cd7d808be1bf751f

  • SHA1

    dde2c5a1b84616faa97604ccde111fc23be594be

  • SHA256

    d1c1b4af90bc95dec61fbba76afa7ca62bd07b9b6ecd0636fe30f6a9268dedac

  • SHA512

    e5370675c9e0be0338e90023c2166bc7c81fba51cee34db9b77516e4c01f24f58efd7af75a1193c2748b3b73de09bada4060710d9db02ffe8a66ec2f9ae840e1

  • SSDEEP

    98304:FcHTwcWYk76JQde3SAhPZPBaKzEjV4ifGMo412y/rPxAQwpMXFHAZ65KAl/gTuZm:0Twf2iMzPsaif7o4b5AQfXfKAyNuf5Cp

Score
7/10
vmprotect

Malware Config

Targets

    • Target

      AntiSkid.dll

    • Size

      1.2MB

    • MD5

      895d41ad41a72c7e467eee1ea2667f7b

    • SHA1

      c446c7ddc9806c8b1c78dbef32b1894aefba93ea

    • SHA256

      9557555d70c0db28a9932bbbd262c43eee2121ec8cc6249f707ec721994c6b25

    • SHA512

      00027a2130234d70ae74de5252fdd52ded9f7f118a1c1e87af354635f258c824f2fd06da40ce4ce09d49d03611825d69b6103cc15250e9948dee5fe780699af6

    • SSDEEP

      24576:WrvDc+30B33jXF7s5NBIK1jBuhJO6SgvD06:WrDc+3m3j17s5NBIK19uh7Sgv4

    Score
    1/10
    behavioral1behavioral2

    • Target

      Spark Clicker.exe

    • Size

      6.1MB

    • MD5

      1eb8146f8c8a9faee483039585347ce0

    • SHA1

      f98fd066d30658c35d5abdb2432f3adff142b813

    • SHA256

      55397cfeea42a91fbae9e11a2365501df943175e2df5b2ffe6505cbf51f0798b

    • SHA512

      b0605500bc835773cd621c973580873f301ae752c7319f08fb3ce4f1d3a05ff1ce748b86c9ac60abfaf930ab12ca48b0e100492e0020e763ba565fb8b6add304

    • SSDEEP

      98304:pY0lYn54JO2GS/eX/cc7m2eUZmepnzPuMStE1HI0+gtr9jTA3k7kvH:mPaJkQc7feUFLuMr1t+cZuH

    Score
    7/10
    vmprotect

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

      vmprotect

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral3behavioral4

    • Target

      SparkCrack.exe

    • Size

      1.2MB

    • MD5

      729ef11bb843517bef3f097e4d5efea2

    • SHA1

      f691eb21e61535662ed588957ad798fa3f21098c

    • SHA256

      821ad7168deab1b2ff27f81298a9c3029ffe138a9d9ff2e4d66be4dfe369f5c7

    • SHA512

      f26ad252ac200031e151a31c11851fd306e435ac445070a622a3b860106a59c637764c11fafa37a23cb1da5444e2467940bb60723f9df0dc571f1aef3e6c0e17

    • SSDEEP

      12288:JQ2ujPpZeET9mJwTI6v3c/GNg0KwBtzvwVyDQ8C05Ka+33UMAxpBO+3SgCeWG8EP:JnujDeExbv3c/YjF5CwJO6SgCidKK1

    Score
    1/10
    behavioral5behavioral6

MITRE ATT&CK Enterprise v15

Tasks