3b6d8c0676d4938d2539db90feba809edcdd46bbca25621a3980b73a950687df | Triage

Analysis

max time kernel
57s
max time network
16s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
11-06-2024 20:39

Sharing

Report Analysis Logs

General

Target

combatmastercheat.exe
Size

13.2MB
MD5

f8d91f0431c70dff4a5a903674853389
SHA1

20594827a53f0ef10b6f3f6a76cfb4433474941d
SHA256

3b6d8c0676d4938d2539db90feba809edcdd46bbca25621a3980b73a950687df
SHA512

b8b0e9398a09a9c08171f0f37e98d7fe8ee9f4d952a4691b2dd452d7a3a42802963dde854d11b925ed4147d72fd478d4e7e7fa508e3971573a7f3a304dc3a86c
SSDEEP

393216:q6AcWJq1+TtIiFg0VQx/Bg/sx4wzaXkK:16Jq1QtI66BY1w9K

Score

7^/10

Malware Config

Signatures

Loads dropped DLL 1 IoCs

pid	Process
2960	combatmastercheat.exe

Suspicious use of FindShellTrayWindow 2 IoCs

pid	Process
2960	combatmastercheat.exe
2960	combatmastercheat.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
2960	combatmastercheat.exe

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 1096 wrote to memory of 2960	1096	combatmastercheat.exe	28
PID 1096 wrote to memory of 2960	1096	combatmastercheat.exe	28
PID 1096 wrote to memory of 2960	1096	combatmastercheat.exe	28

C:\Users\Admin\AppData\Local\Temp\combatmastercheat.exe
"C:\Users\Admin\AppData\Local\Temp\combatmastercheat.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:1096
- C:\Users\Admin\AppData\Local\Temp\combatmastercheat.exe
  "C:\Users\Admin\AppData\Local\Temp\combatmastercheat.exe"
  2⤵
  - Loads dropped DLL
  - Suspicious use of FindShellTrayWindow
  - Suspicious use of SetWindowsHookEx
  PID:2960

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\_MEI10962\python312.dll

Filesize
6.6MB

MD5
d521654d889666a0bc753320f071ef60

SHA1
5fd9b90c5d0527e53c199f94bad540c1e0985db6

SHA256
21700f0bad5769a1b61ea408dc0a140ffd0a356a774c6eb0cc70e574b929d2e2

SHA512
7a726835423a36de80fb29ef65dfe7150bd1567cac6f3569e24d9fe091496c807556d0150456429a3d1a6fd2ed0b8ae3128ea3b8674c97f42ce7c897719d2cd3

Download Submit