General
-
Target
NeverLoseCrack-main.zip
-
Size
257KB
-
Sample
241006-1nwzba1hpb
-
MD5
ad88bbbdf317da5a619670c47ef969d9
-
SHA1
609fcfa922006f5866a614b72fadf9fcf83862d3
-
SHA256
d893667722ead622a8309c287f75d5e31aa8614db99ddf3866d1956d4ec83219
-
SHA512
fe68538dd0b3193a2e674a203e3e8a2047f13494b1b0ea252e845a6c6b66a41af88333efbfded68e21005d08b54deef45d921752f1d56900ea302b2ca803a106
-
SSDEEP
6144:LbcDapv6zVxcKT8S0SZxheRO7SSlw+Wj9cwnrP78sNfIax+II5:LoDeUxcKF0eL7SSv+6wcoRx+IK
Static task
static1
Behavioral task
behavioral1
Sample
NeverLoseCrack-main/NL-Crack.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
NeverLoseCrack-main/NL-Crack.exe
Resource
win10v2004-20240802-en
Behavioral task
behavioral3
Sample
NeverLoseCrack-main/NeverLoseCrack.exe
Resource
win7-20240903-en
Behavioral task
behavioral4
Sample
NeverLoseCrack-main/NeverLoseCrack.exe
Resource
win10v2004-20240910-en
Behavioral task
behavioral5
Sample
NeverLoseCrack-main/NeverLoseCracked [no cap].exe
Resource
win7-20240903-en
Behavioral task
behavioral6
Sample
NeverLoseCrack-main/NeverLoseCracked [no cap].exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
NeverLoseCrack-main/NL-Crack.exe
-
Size
116KB
-
MD5
f887bcb839b5a1fafab384463fb49d1e
-
SHA1
72c644fa03146acd5f46a639d6b59937b471ccd1
-
SHA256
7a3f34bd3f8571aca6a86534909a0e34693dea50e1296aacde55f7691f39fad4
-
SHA512
63a0b63cc29c21a19f416f6dac6e5a0825481658d201015fba064521d88a17be12cfbe0d34fc55304c59eb24a603674fe5cb7d49c09672917a11ea3b885a8951
-
SSDEEP
3072:w8acu7cIA5SvNEQGuI7hNVLokwLQLO34/qY:j2v2Q21NV0zUi+q
Score10/10-
Modifies WinLogon for persistence
-
-
-
Target
NeverLoseCrack-main/NeverLoseCrack.exe
-
Size
247KB
-
MD5
b0fb6fe29957b69fe9914e596268fa7d
-
SHA1
f4c8a5112275df89e04d29e0de49eb8895ce6215
-
SHA256
c7800f0e4212822477ddaa0c7c3f3c79c0bcd94c6de5aa0de76036ec4f1f0139
-
SHA512
b92d3ff2451d6552c0ee643ee96e1ff19601bd8d13cfcecde486277e25e2b55f4b76ee6a1bdb1305c533c39deb6937b60617cb9c1f59980f0c4bbd640a8bdc1a
-
SSDEEP
6144:y50tR/5gjbnI3OkLFxD5tKdHDunqIxynuzt50tR15gjbnI3OkLFxD5tKdHDunkIs:l/5gjbnI3OkLFxD5tKZDunjxynuzS152
-
Disables Task Manager via registry modification
-
Possible privilege escalation attempt
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Modifies file permissions
-
-
-
Target
NeverLoseCrack-main/NeverLoseCracked [no cap].exe
-
Size
116KB
-
MD5
83ae01e02a278e59eb79252fdcb9cc20
-
SHA1
3defaa1b28f9c84c53be8cd1bc49823216c3a823
-
SHA256
7a85dce7ea5b93ff36d117de8dadc113f050f5dabb76c363ada52727f0846f34
-
SHA512
ba2939d85f28f6803c9e9b7cfebcaeb3b61fbc52710f0d1efdd5c36638820e948ef438ee5ac0ba72de1e77463107395c05b8d4d0858424d74a627b2e8d8a1a35
-
SSDEEP
3072:z2Gcu7cIA5SvNmQGuI7hNVLokwLQLO3e/qY:U2voQ21NV0zUicq
Score10/10-
Modifies WinLogon for persistence
-