Overview

overview

8

Static

static

3

MW3CheatBl....2.exe

windows7-x64

8

MW3CheatBl....2.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    MW3CheatBlocker.v1.2.exe

  • Size

    11.5MB

  • Sample

    240714-17qawaxdkb

  • MD5

    0e3ec063a8917521673b28e4f089faf6

  • SHA1

    d4150df0010b15985a04ae0607f8caacb8783313

  • SHA256

    a64d2ce94175c8e25546f8c4d525a4137712a29b7c38c2cf953464fa86286e29

  • SHA512

    934bd06b77fa93b73d3d098fe8387059b9483a81cdf4b6dfd0be5ac5b152af6888436b14cb67d87179a6e42899af4ce6f3ebb66739f228f0036debbdc1ceb366

  • SSDEEP

    196608:DPDGAwgGiA2h3rjmk1IOrZsrc6Gzd+dCs9zKVMYniHF28q:jYgD3HzIYZyapstwMYil28

Score
8/10
evasionexecutionpersistence

Malware Config

Targets

    • Target

      MW3CheatBlocker.v1.2.exe

    • Size

      11.5MB

    • MD5

      0e3ec063a8917521673b28e4f089faf6

    • SHA1

      d4150df0010b15985a04ae0607f8caacb8783313

    • SHA256

      a64d2ce94175c8e25546f8c4d525a4137712a29b7c38c2cf953464fa86286e29

    • SHA512

      934bd06b77fa93b73d3d098fe8387059b9483a81cdf4b6dfd0be5ac5b152af6888436b14cb67d87179a6e42899af4ce6f3ebb66739f228f0036debbdc1ceb366

    • SSDEEP

      196608:DPDGAwgGiA2h3rjmk1IOrZsrc6Gzd+dCs9zKVMYniHF28q:jYgD3HzIYZyapstwMYil28

    Score
    8/10
    evasionexecutionpersistence

    • Stops running service(s)

      evasionexecution

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Power Settings

      powercfg controls all configurable power system settings on a Windows system and can be abused to prevent an infected host from locking or shutting down.

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks