c99698775d0366384fb4e0982866564986118d17f9d8b99786ba0048d3502e67 | Triage

Sharing

General

Target

100selling legit cheat.exe
Size

304KB
Sample

240722-nje4savenh
MD5

23957e08e6408875e551a005a330baf5
SHA1

e947dd59da408c8a03145e1c15eb066a8ae33cee
SHA256

c99698775d0366384fb4e0982866564986118d17f9d8b99786ba0048d3502e67
SHA512

3d06cbba39c0968280d19e1477ed632b46a527ee638dcda2fd6d0cd83e370aa0162347f36f545e281b5f31da982378409a7902d3ed48950949c1c9f749d7e892
SSDEEP

6144:KgeHjLNzceWd9FMW6XiPUHcwAnk5+nQ0H4uu9:KgfeOKjAnzH4l

Score

8^/10

evasion execution

Malware Config

Targets

- Target
  
  100selling legit cheat.exe
- Size
  
  304KB
- MD5
  
  23957e08e6408875e551a005a330baf5
- SHA1
  
  e947dd59da408c8a03145e1c15eb066a8ae33cee
- SHA256
  
  c99698775d0366384fb4e0982866564986118d17f9d8b99786ba0048d3502e67
- SHA512
  
  3d06cbba39c0968280d19e1477ed632b46a527ee638dcda2fd6d0cd83e370aa0162347f36f545e281b5f31da982378409a7902d3ed48950949c1c9f749d7e892
- SSDEEP
  
  6144:KgeHjLNzceWd9FMW6XiPUHcwAnk5+nQ0H4uu9:KgfeOKjAnzH4l
Score

8^/10

evasion execution
- Blocklisted process makes network request
- Stops running service(s)
  evasion execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

System Services

Service Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Service Stop

Tasks

static1

behavioral1

behavioral2

evasionexecution