Overview

overview

8

Static

static

1

FreeOverwa...ot.msi

windows7-x64

6

FreeOverwa...ot.msi

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    FreeOverwatch2CheatDownloadAimbot.msi

  • Size

    3.7MB

  • Sample

    240818-f7qana1cjn

  • MD5

    b826a74f6a35724198de57c50555aa40

  • SHA1

    4fc13a28007d42e7d13e5f111068baaf19a01af3

  • SHA256

    6f85a729e8358b3c4d70e1a17dc1ddf9bf855eaa2f866f2b0c8a6dd2011ba707

  • SHA512

    880204e11dfcb94b3f093fdbd6351eb24907eba762112c8feb8cb2eb4d0f26ce71152b699d5f52a1076937af76d97231df60e18bd44bd4b714419ad735708a05

  • SSDEEP

    49152:EEfc/f9r84jEHYDgE5e7vaP5Ferq7I5RJK5k1ccB6jWH5XzatCJkH105fASGdvxn:VVHYDgpuxFe/IC2H1YOLGQ

Score
8/10
discoveryevasionexecutionpersistenceprivilege_escalationtrojan

Malware Config

Targets

    • Target

      FreeOverwatch2CheatDownloadAimbot.msi

    • Size

      3.7MB

    • MD5

      b826a74f6a35724198de57c50555aa40

    • SHA1

      4fc13a28007d42e7d13e5f111068baaf19a01af3

    • SHA256

      6f85a729e8358b3c4d70e1a17dc1ddf9bf855eaa2f866f2b0c8a6dd2011ba707

    • SHA512

      880204e11dfcb94b3f093fdbd6351eb24907eba762112c8feb8cb2eb4d0f26ce71152b699d5f52a1076937af76d97231df60e18bd44bd4b714419ad735708a05

    • SSDEEP

      49152:EEfc/f9r84jEHYDgE5e7vaP5Ferq7I5RJK5k1ccB6jWH5XzatCJkH105fASGdvxn:VVHYDgpuxFe/IC2H1YOLGQ

    Score
    8/10
    discoveryevasionexecutionpersistenceprivilege_escalationtrojan

    • Blocklisted process makes network request

    • Checks whether UAC is enabled

      evasiontrojan

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks