1677bc66ed7f88e9c69b31b50b5cc8a92466f01db7f422c06ae5632ec19437ef | Triage

Sharing

General

Target

CheatEngine75.exe
Size

28.6MB
Sample

240707-f5xlysvcrp
MD5

c0b4fec8ef1a3a96c25952d1711f14bb
SHA1

b3951161dd9a163b60c6f2d7ac28435f1b8d0d64
SHA256

1677bc66ed7f88e9c69b31b50b5cc8a92466f01db7f422c06ae5632ec19437ef
SHA512

94dc06b3d6d45aee1e52ca1be3c76e6b4d862930db037e627c086613adc15aa4f036c27bd300094176fe9d5ab421d44ad2819da7acad9af602de1f648c05c8e0
SSDEEP

786432:UTCxuEnwFho+zM77UDZiZCd08jFZJAI5E70TZFHHq:U2EXFhV0KAcNjxAItjK

Score

8^/10

discovery evasion execution

Malware Config

Targets

- Target
  
  CheatEngine75.exe
- Size
  
  28.6MB
- MD5
  
  c0b4fec8ef1a3a96c25952d1711f14bb
- SHA1
  
  b3951161dd9a163b60c6f2d7ac28435f1b8d0d64
- SHA256
  
  1677bc66ed7f88e9c69b31b50b5cc8a92466f01db7f422c06ae5632ec19437ef
- SHA512
  
  94dc06b3d6d45aee1e52ca1be3c76e6b4d862930db037e627c086613adc15aa4f036c27bd300094176fe9d5ab421d44ad2819da7acad9af602de1f648c05c8e0
- SSDEEP
  
  786432:UTCxuEnwFho+zM77UDZiZCd08jFZJAI5E70TZFHHq:U2EXFhV0KAcNjxAItjK
Score

8^/10

discovery evasion execution
- Downloads MZ/PE file
- Stops running service(s)
  evasion execution
- Executes dropped EXE
- Loads dropped DLL
- Modifies file permissions
  discovery
- Checks for any installed AV software in registry
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

System Services

Service Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

File and Directory Permissions Modification

Impair Defenses

Credential Access

Discovery

Query Registry

Software Discovery

Security Software Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Service Stop

Tasks

static1

behavioral1

discoveryevasionexecution