Overview
overview
9Static
static
7GGKILLER.7z
windows7-x64
9GGKILLER.7z
windows10-2004-x64
7GGKILLER/GGKiller.exe
windows7-x64
9GGKILLER/GGKiller.exe
windows10-2004-x64
9GGKILLER/GGKiller.exe
windows7-x64
9GGKILLER/GGKiller.exe
windows10-2004-x64
9GGKILLER/G...g.json
windows7-x64
3GGKILLER/G...g.json
windows10-2004-x64
3GGKILLER/H...2.7.js
windows7-x64
3GGKILLER/H...2.7.js
windows10-2004-x64
3General
-
Target
GGKILLER.7z
-
Size
3.5MB
-
Sample
240608-vsqefadf81
-
MD5
155608e4df8013f2e348eeb83512f4ae
-
SHA1
2452d259f8bbb61cae3ec2993ec44c5e8a44fef2
-
SHA256
cdfccd9051fde177ede6ae732d3e339625df4633909fe184c4148db5e52c27af
-
SHA512
a6bbf115f3fcc495bffaf15366ce5d4c531d6c035e29c8f52c4e398a07d999c30872c651d6dfaa461d881e21feb682faeb194fe3dbed7443025d898ec36fd3bf
-
SSDEEP
98304:e2WZIOmHCh4IXwpmcJUMyTzVyXn0NqHXpIorqwaFh:e2QWChRAppyTcXn0cHbrq93
Behavioral task
behavioral1
Sample
GGKILLER.7z
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
GGKILLER.7z
Resource
win10v2004-20240226-en
Behavioral task
behavioral3
Sample
GGKILLER/GGKiller.exe
Resource
win7-20240221-en
Behavioral task
behavioral4
Sample
GGKILLER/GGKiller.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral5
Sample
GGKILLER/GGKiller.exe
Resource
win7-20240221-en
Behavioral task
behavioral6
Sample
GGKILLER/GGKiller.exe
Resource
win10v2004-20240426-en
Behavioral task
behavioral7
Sample
GGKILLER/GGKiller.runtimeconfig.json
Resource
win7-20231129-en
Behavioral task
behavioral8
Sample
GGKILLER/GGKiller.runtimeconfig.json
Resource
win10v2004-20240426-en
Behavioral task
behavioral9
Sample
GGKILLER/Helldivers2_1.2.7.js
Resource
win7-20240419-en
Behavioral task
behavioral10
Sample
GGKILLER/Helldivers2_1.2.7.js
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
GGKILLER.7z
-
Size
3.5MB
-
MD5
155608e4df8013f2e348eeb83512f4ae
-
SHA1
2452d259f8bbb61cae3ec2993ec44c5e8a44fef2
-
SHA256
cdfccd9051fde177ede6ae732d3e339625df4633909fe184c4148db5e52c27af
-
SHA512
a6bbf115f3fcc495bffaf15366ce5d4c531d6c035e29c8f52c4e398a07d999c30872c651d6dfaa461d881e21feb682faeb194fe3dbed7443025d898ec36fd3bf
-
SSDEEP
98304:e2WZIOmHCh4IXwpmcJUMyTzVyXn0NqHXpIorqwaFh:e2QWChRAppyTcXn0cHbrq93
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
-
-
Target
GGKILLER/GGKiller.dll
-
Size
14KB
-
MD5
2ca91f1d9e77883f013382e6480b989a
-
SHA1
b38bff58f25f7209c7138347c31eabc56f6a82ad
-
SHA256
c66ae606927d3513e32d6ac3b949829b9bdaec33e0a6095df6dc32ab00c05b05
-
SHA512
c837b41ba60765999e9b1ef5006e12b73c2771265ef4c61110457f7abb35f07e8c2283a455d6e2168514bc7c4bb25e2237a48fe06accd6b55d56562b93bca811
-
SSDEEP
192:NGEerh4v1pPaVRlfT62UHjAUyKQZErPc7h3xlFnVo/:NGdiv1pATr62UHjAmQZwc7h3Q
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
-
-
Target
GGKILLER/GGKiller.exe
-
Size
3.5MB
-
MD5
820a9e561d9dfc4d1f87c6996568ab90
-
SHA1
b43f4d8bdcedbbdf48ff1fe395bdb2f03f8b7e9e
-
SHA256
b92ef426190f6feea9714198585be1f0f969a2a1295fdad1c467ebcd64d9c9d4
-
SHA512
9a6dc6cdb3556d0a43e6494b3572f5e869e18bc814e77791a121f46877fe59c558bb275883da37684d12ed057e23607b979c4af62efd1326952768ec8c823e99
-
SSDEEP
98304:9EKje4CSWnsuTtOk8hJj9gW7RJF26E0et3nkHPFg2Zqw4Z/Y:9EKWvnsW4ksgWNJFn3et3kHTZq5VY
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
-
-
Target
GGKILLER/GGKiller.runtimeconfig.json
-
Size
253B
-
MD5
24e4653829de1022d01cd7ddd26e2f22
-
SHA1
9160a009cb381e044ba4c63e4435da6bfeb9dc6d
-
SHA256
ded3aeb5856a11db0b654a785574490cab55839ebfb17efe9e39b89618fc5b91
-
SHA512
efd4bbba1baec0b47003831510e3aa539db9ef468e0f06ba9d7ba6d0b3800035f7c818d7d90171bfd377ec97d08c4617555bcff635dd83efceb412b1a9cca820
Score3/10 -
-
-
Target
GGKILLER/Helldivers2_1.2.7.ct
-
Size
55KB
-
MD5
c7401b131764aef39c46c9d84b206f49
-
SHA1
144dc9018de06f51b9b1462f9fa443051f7bec78
-
SHA256
e5798ba0fbcfbcb5d19773fec95be5affeef6009525ed6291dbfc67db01a4d83
-
SHA512
6162dc97d24aac591d5e63ab6b8fa39bb54174f9c0111544334457f276f1fc36cb93819bcbc82d0ef096a9ed7ba0c73125570789c108eacfdfcc6fe0dbfba381
-
SSDEEP
768:efn3W4Z71joQ9Ma9QaXJoyjOgl5szGckiEALpLA2qOVKFzod7axzod7as:d4ZmQGaDoySGcVEze0zer
Score3/10 -