fe6c0d8f90c9c74f2986fe169342e0a5319a3b1ffcf711b513f33db7e28e863a | Triage

Submit
Reports

Overview

overview

8

Static

static

1

CheatEngine75.exe

windows11-21h2-x64

8

Sharing

General

Target

CheatEngine75.exe
Size

28.6MB
Sample

241007-1vr9psygqd
MD5

e703b8ac5b3601deebbf05843c9a4e97
SHA1

ab154e32099776e432b4d2c31366985f27950cf1
SHA256

fe6c0d8f90c9c74f2986fe169342e0a5319a3b1ffcf711b513f33db7e28e863a
SHA512

8280af1c2455b37c13de60f1d4a4ab26fe7d03bed7f874b074afb4ae365f2380aa71525e7e649e924347c38efd601dd3a6b7924f56aa6c09932f24b5c2f03c65
SSDEEP

786432:dTCxuEnwFho+zM77UDZiZCd08jFZJAI5E70TZFH2:d2EXFhV0KAcNjxAItj2

Score

8^/10

discovery evasion execution

Static task

static1

Behavioral task

behavioral1

Sample

CheatEngine75.exe

Resource

win11-20241007-en

discovery evasion execution

windows11-21h2-x64

20 signatures

150 seconds

Malware Config

Targets

- Target
  
  CheatEngine75.exe
- Size
  
  28.6MB
- MD5
  
  e703b8ac5b3601deebbf05843c9a4e97
- SHA1
  
  ab154e32099776e432b4d2c31366985f27950cf1
- SHA256
  
  fe6c0d8f90c9c74f2986fe169342e0a5319a3b1ffcf711b513f33db7e28e863a
- SHA512
  
  8280af1c2455b37c13de60f1d4a4ab26fe7d03bed7f874b074afb4ae365f2380aa71525e7e649e924347c38efd601dd3a6b7924f56aa6c09932f24b5c2f03c65
- SSDEEP
  
  786432:dTCxuEnwFho+zM77UDZiZCd08jFZJAI5E70TZFH2:d2EXFhV0KAcNjxAItj2
Score

8^/10

discovery evasion execution
- Manipulates Digital Signatures
  Attackers can apply techniques such as modifying certain DLL exports to make their binary seem valid.
- Stops running service(s)
  evasion execution
- Executes dropped EXE
- Loads dropped DLL
- Modifies file permissions
  discovery
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Drops file in System32 directory
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

System Services

Service Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

File and Directory Permissions Modification

Impair Defenses

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Service Stop

Tasks

static1

behavioral1

discoveryevasionexecution

© 2018-2024

Terms | Privacy