Analysis
-
max time kernel
103s -
max time network
152s -
platform
windows10-2004_x64 -
resource
win10v2004-20240802-en -
resource tags
-
submitted
07/09/2024, 21:55
General
-
Target
wind64_Bypass-main/Cheat Engine 7.4/DotNetDataCollector32.exe
-
Size
174KB
-
MD5
2d493ab1a8391f52e747987aad17d4b3
-
SHA1
241045db02ac5c469039c32daa4ce8bd8cb8a012
-
SHA256
976c972f163aa3743d27ac7f554914154caa554b95c762150c8c13abe1344708
-
SHA512
a23a8fbf865da1f56e442e0775f62c169b6f1b0d1f1610fff0db04dd7344c2f93f47d0ab0e85ec8ef6da9e62a95e10cfac5d87f27edc2e9a2215e3ae509f0442
-
SSDEEP
3072:9VM4Jg4Ffk8BBtaJMumFAnN4Gmy2rv1BMqIMqsGLOwy860jYAf3gemwOITuOR:jM4r59uJmHy81gMZGtfwemqTl
Score
3/10
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious use of AdjustPrivilegeToken 1 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\wind64_Bypass-main\Cheat Engine 7.4\DotNetDataCollector32.exe"C:\Users\Admin\AppData\Local\Temp\wind64_Bypass-main\Cheat Engine 7.4\DotNetDataCollector32.exe"1⤵
- System Location Discovery: System Language Discovery
- Suspicious use of AdjustPrivilegeToken