Overview
overview
7Static
static
3skycheats/DismApi.dll
windows10-2004-x64
1skycheats/KBDCZ1.dll
windows10-2004-x64
1skycheats/KBDDA.dll
windows10-2004-x64
1skycheats/KBDGAE.dll
windows10-2004-x64
1skycheats/KBDSL1.dll
windows10-2004-x64
1skycheats/KBDUGHR.dll
windows10-2004-x64
1skycheats/d2win.dll
windows7-x64
1skycheats/d2win.dll
windows10-2004-x64
1skycheats/d32-fw.dll
windows7-x64
1skycheats/d32-fw.dll
windows10-2004-x64
1skycheats/d3d10.dll
windows10-2004-x64
3skycheats/...ts.exe
windows7-x64
7skycheats/...ts.exe
windows10-2004-x64
7General
-
Target
skycheats.zip
-
Size
19.9MB
-
Sample
240629-avsx5awerh
-
MD5
653d5558f37f9ba3cc46b0374fb5a354
-
SHA1
061a198dfadeffad17d7718f34dbfa4ddb47b297
-
SHA256
a2fd4c35d6757aac014b5e188e3136e885184e02c57454a7db1b6792e3f395c2
-
SHA512
186e166de3d75b5db3eae8248cb120441e972b2b68c2dac2904e6a9e5a6fdc352a90c9c90544768473c7c4e313b8d9ea51fb6c7db43974ecf9d03036225f187b
-
SSDEEP
393216:D210rqPtGCQ17Ei0DXidu2oQpxz2k2pQIp2/MkQgHt++TFwII:qq2PVQ1IiyC/oQpxz2IIsf1ZnI
Behavioral task
behavioral1
Sample
skycheats/DismApi.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral2
Sample
skycheats/KBDCZ1.dll
Resource
win10v2004-20240611-en
Behavioral task
behavioral3
Sample
skycheats/KBDDA.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral4
Sample
skycheats/KBDGAE.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral5
Sample
skycheats/KBDSL1.dll
Resource
win10v2004-20240611-en
Behavioral task
behavioral6
Sample
skycheats/KBDUGHR.dll
Resource
win10v2004-20240611-en
Behavioral task
behavioral7
Sample
skycheats/d2win.dll
Resource
win7-20240221-en
Behavioral task
behavioral8
Sample
skycheats/d2win.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral9
Sample
skycheats/d32-fw.dll
Resource
win7-20240611-en
Behavioral task
behavioral10
Sample
skycheats/d32-fw.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral11
Sample
skycheats/d3d10.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral12
Sample
skycheats/skycheats.exe
Resource
win7-20231129-en
Behavioral task
behavioral13
Sample
skycheats/skycheats.exe
Resource
win10v2004-20240611-en
Malware Config
Targets
-
-
Target
skycheats/DismApi.dll
-
Size
1.0MB
-
MD5
f27f60985b6f8a0c7489275a5d06466b
-
SHA1
6391846acdb7a2b4ae7b1ed69e1c1eb2a355d3d7
-
SHA256
1259c57df7da9fe7e0de44e7fa728a449a9edc7836ba1478e6cfbe79dd9416d4
-
SHA512
0ad8d5128e70859dd18dea751c1e29a218f8955748bf132dea2516fe86bac172bcbcabb0baa04cb602f34dfaa84effe6e3480b16e9e3be2298136774a8bf3079
-
SSDEEP
12288:QJXA1K0dXa3+lPMXFR4GrKfZq812dclyGU34Gn9CcDU7asUw3S:GXAZ/lPMXFR4XZq4U9GUoSDeNS
Score1/10 -
-
-
Target
skycheats/KBDCZ1.DLL
-
Size
8KB
-
MD5
36f5be56fa0fac0499c1070d02657b2e
-
SHA1
9aba22a07a3ac49e386e9cdd1d8398176aee07fa
-
SHA256
9c6ec975a8328f4dad225503d7fd3dbdc82fdb9e855319e579e992212236b63d
-
SHA512
72d4f320fd6d7f7a705014d266a3449d480ae1a5bfa197e7ff5bcbe36aff295f2a187a23af12cdfc69ef8ce826d6cb0d5e0dad3339a49a3d7d6f336e24a74ad1
-
SSDEEP
96:5dYKZVX4YwI0Q1q15zljKLBWFE0e+Lpmy+HgQKUWNcWw6vv:52wVNq15hjQWCdfKUWNcW5
Score1/10 -
-
-
Target
skycheats/KBDDA.DLL
-
Size
7KB
-
MD5
2bfb2b68a666f20a5d536dedb54899c9
-
SHA1
218154a69c400ef97722c81a4b9bdba3ce3fea95
-
SHA256
feb2577d5a528ef3a1f5138c4b4131598715e92181e8dfc6c4f4a9da0c951fdc
-
SHA512
2b1b2e1206bccbd262757f62c9369cb76c1afafcd2295973fbd0895bc4774eadfa5bdb1ce3efde07ca81df86b9cd4e3506e858aee570c6be98388846aa8bd18b
-
SSDEEP
96:5dW4VHx05Oqh9lIkOMadeusQR9KWuRRWw:5g6AOqh3IkOMCs8KWORW
Score1/10 -
-
-
Target
skycheats/KBDGAE.DLL
-
Size
7KB
-
MD5
15b272094455cc4949c0ba2f6f5f79c9
-
SHA1
e1739d32667be730a383cad6caa585eb8227f037
-
SHA256
6bfa4640818694b9645478b97cf1b1d6c80602f855716bca6753239b8b3353a9
-
SHA512
bc1ea1be36fea4a86fc08a713a6db3c3c131c45cf4a23eae8ed69cbc55496fcb723149e6acd512e12d81921cf0b7fe166dff6b4cd15dad1395f257c66a2360a8
-
SSDEEP
96:5dHJt6yZsdVdQN1Tk+bBloYxwBUpo9u9mMqwWu3Ww98kvv:53ofdWTkablTqwWu3W+
Score1/10 -
-
-
Target
skycheats/KBDSL1.DLL
-
Size
8KB
-
MD5
0675b97fdc36315be8561319cfc2f432
-
SHA1
808fa04f3dc10e4837c4d21386add597ea2338ff
-
SHA256
7866d07857786566a6d16dbe9c89e9a5b34db5488eb7aef2ee874154a86cb071
-
SHA512
0089fd63ec3c7ff199b384b4e307767c0214af7ea3cd05c71089ef72e59e7983b22000c257d2da66eb11fa3b50f13b8c19995120b1bed171a04e6f44ac0809c1
-
SSDEEP
96:5dwxVX4YwISLK19SmjT0S2QLYFZc0eWjpm6+HQNiswQCWXt2dWw6:5GxVwm9SmH/2RcdeQsZCWdaW
Score1/10 -
-
-
Target
skycheats/KBDUGHR.DLL
-
Size
7KB
-
MD5
2c81ba2ed8469d45dbc10aba4d956599
-
SHA1
97ac0d4c0ce92faf034406172dbaec25aceb1838
-
SHA256
8b765a00a37332396501ae88b43499baf298dd812544c02ad4436382c50304e5
-
SHA512
681390bfdd8fbbd4e7dffb64394162976593e6ef1334e65f4a743aedbd7c9babc105b1cda963bfec165190ff362c16c949c84480f2b6549c7a21168418ec185f
-
SSDEEP
96:5djHeKwIFacm+9VqaM2DyNc8XEWr9EWwjvvNovP:59+EFacv9VpHEEWr9EWAvNw
Score1/10 -
-
-
Target
skycheats/d2win.dll
-
Size
160KB
-
MD5
9071ccf74a0956e5116e0541ef36fbda
-
SHA1
4664d50688fae64b27d7b244ddb0abff695da9d8
-
SHA256
b558c1b55325c0935e5e7c1203cb588532a938632ad940a939dffcfc51df2c1d
-
SHA512
fa62a38ab8186f9b2e6b421eed5a2287e809929cf3b08093461ba229fd571571b9c1e368e542a72258955fa2d3878771e1bf57da0d85e4724da4b2183b22bb1a
-
SSDEEP
3072:WTiZEtA4tO8U4Ibg2p9EIHs471zg8WErMamf7qKck5Pkj:Weso8UtigsINg8WKha8k58j
Score1/10 -
-
-
Target
skycheats/d32-fw.dll
-
Size
43KB
-
MD5
63df2c67027b0cd05e432548d3c1044d
-
SHA1
f1fa3b5a06bbf6db2181b4d575c4050f6978603d
-
SHA256
0eafa4e65dd3d20d5fa73e09ae9ff4aba3cabf997b1092f10774dc6529498fc4
-
SHA512
55cd1ae1979a3928e166b14f51fac1b1d45a8b03df03cb7111c892596c4931adfe39202e6f29efbdbad1f94989347fee660eb60b2898e57740640e1922c6dec9
-
SSDEEP
768:MvD3wtiLQp4exDNSg1WX+SnhXRyQCVXt0oSFicOgg1:MkTz1WX+Sn2Q+90o8iUg
Score1/10 -
-
-
Target
skycheats/d3d10.dll
-
Size
1021KB
-
MD5
b4eabbcfc6909a3b2d11f4f5d7dc639a
-
SHA1
2891784622fb8c85c3216fd11b33a4bf2aafbb2a
-
SHA256
9f33bc81f7c979c24977bfcedf7ec2ea69f36349da5cbbe19f97dbe4a80f8fbf
-
SHA512
8b9c80d41d812474a134e8b2eda00dd17025e234700fb05015b1eeff7a9eea252e10112ea4d17dff97dad2fe4630a474d144f24e77c41db16de5b3d3cf8054b0
-
SSDEEP
12288:FVCyj6R2f5hRH1MR5IMjhzXyVBHHxTogNvW648Rm2FP+Bh7G3r6cJaJbfLunld4f:FERM1MR5tEHO2e6JQ29/r3JawpZFXaR
Score3/10 -
-
-
Target
skycheats/skycheats.exe
-
Size
49.1MB
-
MD5
2df03054c8bd7495bbe7ac7cbcebcc8b
-
SHA1
7c102f0c132f1154b3f70d2e48c8dac36015efac
-
SHA256
c89e7305f8d00bdf890c7b19765ade09e32cd2199c86cec972e7efc8f11e71a2
-
SHA512
a3b289b094f90a8c1c233dc2158d922fab275dd4c870bbfdb35270cf0cdbc87b5c18c95c3d5f3d996bf298c02a36a40d3c92e970c9c041057bafa0ab691a4ae4
-
SSDEEP
393216:no9DF23QDxhtSme+7/pWYkRiu3HBHeZWdp9+5tHTy:o9o3QNjFe+7/pWyuxgOYz
-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-