General
-
Target
Creed_All_Spoofer.rar
-
Size
22.5MB
-
Sample
240719-23tceaybnh
-
MD5
cea33db30f90316c7d2b98f85be9c613
-
SHA1
f4eae80586c0e5ef148bc3ea23a1379b608beece
-
SHA256
26e2cc6a5515d34aba0cfa5072d62fc30d69b55422f1d4e153056aad78be346e
-
SHA512
47e51dd5f2f6ff78175f235ba89be1312c41fa1f6604a13bceb6888c89be4b492dd9d79fbd0b69f3aac13f2a622bd15422cdbaee29462bb62bd3c50cbbbcdfc5
-
SSDEEP
393216:k8ci+Ud8H3PnVrJk8SnVkhSPl+15tT80H4fNqsSYhAmdTj4VFOBtT48wShk77R3U:xofVrKZnahSd+ztT80HFsXdH46e87eSf
Malware Config
Targets
-
-
Target
Creed_All_Spoofer.rar
-
Size
22.5MB
-
MD5
cea33db30f90316c7d2b98f85be9c613
-
SHA1
f4eae80586c0e5ef148bc3ea23a1379b608beece
-
SHA256
26e2cc6a5515d34aba0cfa5072d62fc30d69b55422f1d4e153056aad78be346e
-
SHA512
47e51dd5f2f6ff78175f235ba89be1312c41fa1f6604a13bceb6888c89be4b492dd9d79fbd0b69f3aac13f2a622bd15422cdbaee29462bb62bd3c50cbbbcdfc5
-
SSDEEP
393216:k8ci+Ud8H3PnVrJk8SnVkhSPl+15tT80H4fNqsSYhAmdTj4VFOBtT48wShk77R3U:xofVrKZnahSd+ztT80HFsXdH46e87eSf
Score3/10 -
-
-
Target
Creed All Spoofer/Creed.exe
-
Size
22.8MB
-
MD5
0ede063d189d5176683244c62cb160a7
-
SHA1
9a1aedd08f3bb29390cce31a5d16eaa8681c6089
-
SHA256
499ec15d37c4816953ea43ef49043143341cde6b95ba447d1791c40f80f6b5b9
-
SHA512
acb404002ac791e906f32ad4290984edafee899748ac0b924a838d20107b9e7c3b64631b7ea83e3592d174e6a92434922aa6a1832a7fb9cb5d8ac8f762609bb0
-
SSDEEP
393216:r67Ft/tiAuJOzzZRFMCcCLVzSordVGGtdmaD3U38UfXkOuthQnjs84GFmQClq23m:r67Ft/tiAuJOzzZRFMCcCLVzSordVGGs
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Loads dropped DLL
-
Themida packer
Detects Themida, an advanced Windows software protection system.
-
Checks whether UAC is enabled
-
Legitimate hosting services abused for malware hosting/C2
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
-
-
Target
Creed All Spoofer/Leia-read.txt
-
Size
1KB
-
MD5
d3b677309a297b41415a22fb57feca81
-
SHA1
8dd1275cde5fa41ca00187368f305bf9618e2423
-
SHA256
25e001ef8e05f5a6724c1a1a5acb662fe922c700e8fff727c257e51ea66de9e5
-
SHA512
e0d6859f35f79b66c27b38b8aaf3870f9e2d15bd712cfce02248f61fcfd998cfd1d890193a4c4f5f189c64b3d0a07545fc1bf8a1914b74b3a1ef65ca83ad166f
Score1/10 -
-
-
Target
Creed All Spoofer/Lmao.exe
-
Size
23KB
-
MD5
1cfbd8b79448d13d8eab5acb7ad00549
-
SHA1
d652c8e97e00ff64a7ae4469ecdcfc36f724d61e
-
SHA256
99fb8eaf27c38d5ba7403a824b781e058970bad9afb960bd9d0b7b3fd4d64d22
-
SHA512
5f75cc4eb72bf147ff84f656a9b4115effda31cc4f14a6e19762d47281d9d9efb81eac529ba483de29d834165dd86f6135619b17fbf4264e7fbf34c15cd219aa
-
SSDEEP
384:IdR7VPaXbdXHURQxviPo4fnk24KQL9c49LDMDWbWlUu3iPmXjwXYAk:I/7V42E+xfnhwc49
Score1/10 -
-
-
Target
Creed All Spoofer/Run.bat
-
Size
68B
-
MD5
b0d79d150291c828b6b2755ed873dc36
-
SHA1
f1eaa29eb4387af110feafbb6594aeb9809a429f
-
SHA256
0fd2bf9c09d09440b8350b8fac5ec689c3aec78d5f8cc70ed993d85cc7b727a7
-
SHA512
6ea57a7b6001f3334b6cb3bd286b912ddead007bc25822b75e2dde507da233593583146cb985cc2e2ee03339aa217cbbecdbf05e58893810706da5a0766b5e5b
Score1/10 -
-
-
Target
Creed All Spoofer/SpArtOrOnTOP
-
Size
370KB
-
MD5
df656fe4afadfdbdc78f9da21eb046d0
-
SHA1
139763a354a8a83f4dee2517c1aa07dc59c26ea0
-
SHA256
af3a41b553fde31cbec98c933f8b38c9ab7199d285b69918806da0ca3488de2f
-
SHA512
22046f1b955036571732230c7456ea7e6134c717a280081c8ed744fa44e383ba694cbf013f2fee6783f33a570ae84db2b2fe21093d4150d3f76795b2b7f098c1
-
SSDEEP
6144:RVnpcEEHfWtDPLabngSDZdAHc7VnL7paEqv8zcd2Qr+zu2Q8sy345:HnpcvHfuP2bgSDAHc7F43v3d2+guKb34
Score1/10 -