Overview

overview

10

Static

static

3

Fivem_cheat.exe

windows10-1703-x64

7

Fivem_cheat.exe

windows10-2004-x64

10

Stub.pyc

windows10-1703-x64

3

Stub.pyc

windows10-2004-x64

3

Analysis

  • max time kernel
    51s
  • max time network
    52s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-de
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-delocale:de-deos:windows10-2004-x64systemwindows
  • submitted
    11-06-2024 15:06

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Stub.pyc

  • Size

    198KB

  • MD5

    9c2cf95223bab098446b35f0fee344d8

  • SHA1

    174ec8cc8e45147f338afe9beeb7fed9bc441447

  • SHA256

    8aca7e89f3bd8b18baa035f687f6f6b4cb5bf88da347152849d305d55c413597

  • SHA512

    cd954a3b66cdbf66292550e9049a5b30b9d1d6d93e6fbad62c029fe612bc6329be4766d5ab6bd9eb366f71df48315870e6c60f9ca29b54c1c7f7da9aa251f472

  • SSDEEP

    6144:DeYPhrY7CTpZNhKYhYYYYY9YYUqbGSTgPm:WspLSbGSkm

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\Stub.pyc
    1⤵
    • Modifies registry class
    PID:3688
  • C:\Windows\system32\OpenWith.exe
    C:\Windows\system32\OpenWith.exe -Embedding
    1⤵
    • Modifies registry class
    • Suspicious use of SetWindowsHookEx
    PID:2988

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads