Overview

overview

3

Static

static

3

PSN LIBERA....1.rar

windows7-x64

3

PSN LIBERA....1.rar

windows10-2004-x64

3

PSN Liberator.exe

windows7-x64

3

PSN Liberator.exe

windows10-2004-x64

1

Tools/PKGD...AM.sfo

windows7-x64

3

Tools/PKGD...AM.sfo

windows10-2004-x64

3

Tools/PKGD...AM.sfo

windows7-x64

3

Tools/PKGD...AM.sfo

windows10-2004-x64

3

Tools/PKG_...ee.exe

windows7-x64

1

Tools/PKG_...ee.exe

windows10-2004-x64

1

Tools/PS3P...er.exe

windows7-x64

1

Tools/PS3P...er.exe

windows10-2004-x64

1

Tools/curl.exe

windows7-x64

1

Tools/curl.exe

windows10-2004-x64

1

Tools/cygwin1.dll

windows7-x64

1

Tools/cygwin1.dll

windows10-2004-x64

1

Tools/decr...ot.exe

windows7-x64

1

Tools/decr...ot.exe

windows10-2004-x64

1

Tools/dev_klics.txt

windows7-x64

1

Tools/dev_klics.txt

windows10-2004-x64

1

Tools/games.txt

windows7-x64

1

Tools/games.txt

windows10-2004-x64

1

Tools/genp....5.exe

windows7-x64

3

Tools/genp....5.exe

windows10-2004-x64

3

Tools/keys.conf

windows7-x64

3

Tools/keys.conf

windows10-2004-x64

3

Tools/klic...er.exe

windows7-x64

1

Tools/klic...er.exe

windows10-2004-x64

1

Tools/klics.txt

windows7-x64

1

Tools/klics.txt

windows10-2004-x64

1

Tools/klics/klic_free

windows7-x64

1

Tools/klics/klic_free

windows10-2004-x64

1

Analysis

  • max time kernel
    121s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    21-07-2024 01:48

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    PSN LIBERATOR V1.1.rar

  • Size

    15.9MB

  • MD5

    6b5078ae33665774acb9ca5d8ea20fcb

  • SHA1

    673ce5b5d15a69e44532ce87d5391aaee09f0fc5

  • SHA256

    c5c73e0ae0d29166baa7511807cacfed9b67eeed081268dd497eb290f53a191c

  • SHA512

    21cd7df836f3547ef9086da45dac95cb674ca8ba5ba89481cb0317cd5a1ae43b298aa3c07743430cae2f540172f53af278143ef9b8c734b837894cd16dfc7e84

  • SSDEEP

    393216:5lHjhT/05QtA7Lw+t+b32hS/BOZ55G8efaqMNmzT6uWqlRgRw:PHjhTc5QtYLLtw2hqwVG8dmzT61qqw

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 2 IoCs
  • Suspicious behavior: AddClipboardFormatListener 1 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 36 IoCs
  • Suspicious use of SendNotifyMessage 35 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs
  • Suspicious use of WriteProcessMemory 9 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c "C:\Users\Admin\AppData\Local\Temp\PSN LIBERATOR V1.1.rar"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1508
    • C:\Windows\system32\rundll32.exe
      "C:\Windows\system32\rundll32.exe" C:\Windows\system32\shell32.dll,OpenAs_RunDLL C:\Users\Admin\AppData\Local\Temp\PSN LIBERATOR V1.1.rar
      2⤵
      • Modifies registry class
      • Suspicious use of WriteProcessMemory
      PID:1764
      • C:\Windows\system32\rundll32.exe
        "C:\Windows\system32\rundll32.exe" C:\Windows\system32\shell32.dll,OpenAs_RunDLL C:\Users\Admin\AppData\Local\Temp\PSN LIBERATOR V1.1.rar
        3⤵
        • Modifies registry class
        • Suspicious use of WriteProcessMemory
        PID:2748
        • C:\Program Files\VideoLAN\VLC\vlc.exe
          "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\Admin\AppData\Local\Temp\PSN LIBERATOR V1.1.rar"
          4⤵
          • Suspicious behavior: AddClipboardFormatListener
          • Suspicious behavior: GetForegroundWindowSpam
          • Suspicious use of FindShellTrayWindow
          • Suspicious use of SendNotifyMessage
          • Suspicious use of SetWindowsHookEx
          PID:1160
  • C:\Windows\explorer.exe
    "C:\Windows\explorer.exe"
    1⤵
      PID:2312

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\Roaming\vlc\vlc-qt-interface.ini.lock
      Filesize

      18B

      MD5

      a8c71b89a050feb50ce546d2eee95a19

      SHA1

      4d954a421bbef20781a71e3d1be2c3ec785cfec0

      SHA256

      ca9b229fcbdf7c7ded96fc6335335fd6053d33e256e2b65067b62b140c1e7dc7

      SHA512

      4d2d195d50ae2ab68540caacdfb21957f6ae3787a81aa8749f265d65768336207b71e7eadd6deb339d778e2979858ed7778ce97cd9f97796f764e8bc2f287cdf

      Download Submit

    • memory/1160-54-0x000000013F260000-0x000000013F358000-memory.dmp

      Filesize

      992KB

      Download

    • memory/1160-55-0x000007FEF66B0000-0x000007FEF66E4000-memory.dmp

      Filesize

      208KB

      Download

    • memory/1160-60-0x000007FEF6650000-0x000007FEF6667000-memory.dmp

      Filesize

      92KB

      Download

    • memory/1160-63-0x000007FEF6250000-0x000007FEF6261000-memory.dmp

      Filesize

      68KB

      Download

    • memory/1160-62-0x000007FEF6610000-0x000007FEF662D000-memory.dmp

      Filesize

      116KB

      Download

    • memory/1160-61-0x000007FEF6630000-0x000007FEF6641000-memory.dmp

      Filesize

      68KB

      Download

    • memory/1160-59-0x000007FEF6670000-0x000007FEF6681000-memory.dmp

      Filesize

      68KB

      Download

    • memory/1160-58-0x000007FEF6690000-0x000007FEF66A7000-memory.dmp

      Filesize

      92KB

      Download

    • memory/1160-56-0x000007FEF59E0000-0x000007FEF5C96000-memory.dmp

      Filesize

      2.7MB

      Download

    • memory/1160-57-0x000007FEF6D00000-0x000007FEF6D18000-memory.dmp

      Filesize

      96KB

      Download

    • memory/1160-64-0x000007FEF57D0000-0x000007FEF59DB000-memory.dmp

      Filesize

      2.0MB

      Download

    • memory/1160-66-0x000007FEF6200000-0x000007FEF6241000-memory.dmp

      Filesize

      260KB

      Download

    • memory/1160-67-0x000007FEF6060000-0x000007FEF6081000-memory.dmp

      Filesize

      132KB

      Download

    • memory/1160-68-0x000007FEF6040000-0x000007FEF6058000-memory.dmp

      Filesize

      96KB

      Download

    • memory/1160-77-0x000007FEF5610000-0x000007FEF568C000-memory.dmp

      Filesize

      496KB

      Download

    • memory/1160-69-0x000007FEF6020000-0x000007FEF6031000-memory.dmp

      Filesize

      68KB

      Download

    • memory/1160-70-0x000007FEF57B0000-0x000007FEF57C1000-memory.dmp

      Filesize

      68KB

      Download

    • memory/1160-65-0x000007FEF4130000-0x000007FEF51E0000-memory.dmp

      Filesize

      16.7MB

      Download

    • memory/1160-93-0x000007FEF67A0000-0x000007FEF67B1000-memory.dmp

      Filesize

      68KB

      Download

    • memory/1160-92-0x000007FEF34F0000-0x000007FEF3502000-memory.dmp

      Filesize

      72KB

      Download

    • memory/1160-91-0x000007FEF3510000-0x000007FEF353A000-memory.dmp

      Filesize

      168KB

      Download

    • memory/1160-90-0x000007FEF3540000-0x000007FEF3556000-memory.dmp

      Filesize

      88KB

      Download

    • memory/1160-89-0x000007FEF3560000-0x000007FEF3578000-memory.dmp

      Filesize

      96KB

      Download

    • memory/1160-88-0x000007FEF3580000-0x000007FEF3592000-memory.dmp

      Filesize

      72KB

      Download

    • memory/1160-87-0x000007FEF35A0000-0x000007FEF35B1000-memory.dmp

      Filesize

      68KB

      Download

    • memory/1160-86-0x000007FEF35C0000-0x000007FEF35D1000-memory.dmp

      Filesize

      68KB

      Download

    • memory/1160-85-0x000007FEF54A0000-0x000007FEF54B2000-memory.dmp

      Filesize

      72KB

      Download

    • memory/1160-84-0x000007FEF54C0000-0x000007FEF54D1000-memory.dmp

      Filesize

      68KB

      Download

    • memory/1160-83-0x000007FEF54E0000-0x000007FEF5503000-memory.dmp

      Filesize

      140KB

      Download

    • memory/1160-82-0x000007FEF5510000-0x000007FEF5528000-memory.dmp

      Filesize

      96KB

      Download

    • memory/1160-81-0x000007FEF5530000-0x000007FEF5554000-memory.dmp

      Filesize

      144KB

      Download

    • memory/1160-80-0x000007FEF5560000-0x000007FEF5588000-memory.dmp

      Filesize

      160KB

      Download

    • memory/1160-79-0x000007FEF5590000-0x000007FEF55E7000-memory.dmp

      Filesize

      348KB

      Download

    • memory/1160-78-0x000007FEF55F0000-0x000007FEF5601000-memory.dmp

      Filesize

      68KB

      Download

    • memory/1160-76-0x000007FEF5690000-0x000007FEF56F7000-memory.dmp

      Filesize

      412KB

      Download

    • memory/1160-75-0x000007FEF5700000-0x000007FEF5730000-memory.dmp

      Filesize

      192KB

      Download

    • memory/1160-74-0x000007FEF5730000-0x000007FEF5748000-memory.dmp

      Filesize

      96KB

      Download

    • memory/1160-73-0x000007FEF5750000-0x000007FEF5761000-memory.dmp

      Filesize

      68KB

      Download

    • memory/1160-72-0x000007FEF5770000-0x000007FEF578B000-memory.dmp

      Filesize

      108KB

      Download

    • memory/1160-71-0x000007FEF5790000-0x000007FEF57A1000-memory.dmp

      Filesize

      68KB

      Download

    • memory/1160-103-0x000007FEF59E0000-0x000007FEF5C96000-memory.dmp

      Filesize

      2.7MB

      Download

    • memory/1160-104-0x000007FEF4130000-0x000007FEF51E0000-memory.dmp

      Filesize

      16.7MB

      Download

    • memory/1160-102-0x000007FEF66B0000-0x000007FEF66E4000-memory.dmp

      Filesize

      208KB

      Download

    • memory/1160-101-0x000000013F260000-0x000000013F358000-memory.dmp

      Filesize

      992KB

      Download