Overview
overview
10Static
static
10Kingdoms.o...er.exe
windows7-x64
3Kingdoms.o...er.exe
windows10-2004-x64
3Kingdoms.o...ng.exe
windows7-x64
3Kingdoms.o...ng.exe
windows10-2004-x64
3Kingdoms.o...nt.dll
windows7-x64
3Kingdoms.o...nt.dll
windows10-2004-x64
3Kingdoms.o...pi.dll
windows7-x64
3Kingdoms.o...pi.dll
windows10-2004-x64
3Analysis
-
max time kernel
149s -
max time network
151s -
platform
windows10-2004_x64 -
resource
win10v2004-20240802-en -
resource tags
arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system -
submitted
11-08-2024 03:34
Behavioral task
behavioral1
Sample
Kingdoms.of.Amalur.Reckoning.Crack.Only-SKIDROW/SKIDROW/Launcher.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
Kingdoms.of.Amalur.Reckoning.Crack.Only-SKIDROW/SKIDROW/Launcher.exe
Resource
win10v2004-20240802-en
Behavioral task
behavioral3
Sample
Kingdoms.of.Amalur.Reckoning.Crack.Only-SKIDROW/SKIDROW/Reckoning.exe
Resource
win7-20240705-en
Behavioral task
behavioral4
Sample
Kingdoms.of.Amalur.Reckoning.Crack.Only-SKIDROW/SKIDROW/Reckoning.exe
Resource
win10v2004-20240802-en
Behavioral task
behavioral5
Sample
Kingdoms.of.Amalur.Reckoning.Crack.Only-SKIDROW/SKIDROW/Steamclient.dll
Resource
win7-20240704-en
Behavioral task
behavioral6
Sample
Kingdoms.of.Amalur.Reckoning.Crack.Only-SKIDROW/SKIDROW/Steamclient.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral7
Sample
Kingdoms.of.Amalur.Reckoning.Crack.Only-SKIDROW/SKIDROW/steam_api.dll
Resource
win7-20240705-en
Behavioral task
behavioral8
Sample
Kingdoms.of.Amalur.Reckoning.Crack.Only-SKIDROW/SKIDROW/steam_api.dll
Resource
win10v2004-20240802-en
General
-
Target
Kingdoms.of.Amalur.Reckoning.Crack.Only-SKIDROW/SKIDROW/Reckoning.exe
-
Size
8.3MB
-
MD5
23953a4d9ef48a4d78776883a0c9dec8
-
SHA1
9547acee503b9d2c8296f82137d1b6d70d821cc1
-
SHA256
eb073c91605ad2d2aea3d3da473a748a90224ac170cb292fcaee53c56c6692ba
-
SHA512
69d4058e0a07c785a2c677ceffc35a1d1bb517c291434d73f16ee57f5e9bf037ce076f4a80c0c380df2c678d5bef497785fb79b8ddf2c1cc7dc3c02846bac80e
-
SSDEEP
98304:KiE4orRstP1poLzE6Qgs9JfwBUX31hUQgi78xvFv4HN3Y/q9wx:KiE4o9ktyLl/LUHoQg48dNKpXwx
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
description ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language Reckoning.exe