General
-
Target
SpeedHack666Cheat (no VM detected).exe
-
Size
369KB
-
Sample
241014-tx3pwsvajd
-
MD5
65c0f9249f64c65cda3e5ea32126fc1f
-
SHA1
d567a001160109f58a4ec43db2abd9971e01afa7
-
SHA256
7522fa6d0f83eac9662ae47af048f02ddfaab925738cec1280b0c5c7788d2d0a
-
SHA512
08347609ba2b8ba7a69a147fe7c426baebed93f2a9db3137a9d9ebbc0bf87a775808e55d7c7b7e0b852e8f0065f0204b71fbbadf3cdffc84b1cbea21723e0308
-
SSDEEP
6144:wb8Xw/FxbPPf7QdZE6B5srZP7i+wIUNr4:2/fw5kjwT4
Static task
static1
Behavioral task
behavioral1
Sample
SpeedHack666Cheat (no VM detected).exe
Resource
win7-20240903-en
Malware Config
Targets
-
-
Target
SpeedHack666Cheat (no VM detected).exe
-
Size
369KB
-
MD5
65c0f9249f64c65cda3e5ea32126fc1f
-
SHA1
d567a001160109f58a4ec43db2abd9971e01afa7
-
SHA256
7522fa6d0f83eac9662ae47af048f02ddfaab925738cec1280b0c5c7788d2d0a
-
SHA512
08347609ba2b8ba7a69a147fe7c426baebed93f2a9db3137a9d9ebbc0bf87a775808e55d7c7b7e0b852e8f0065f0204b71fbbadf3cdffc84b1cbea21723e0308
-
SSDEEP
6144:wb8Xw/FxbPPf7QdZE6B5srZP7i+wIUNr4:2/fw5kjwT4
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Execution
Command and Scripting Interpreter
1PowerShell
1Scheduled Task/Job
1Scheduled Task
1System Services
1Service Execution
1Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Scheduled Task/Job
1Scheduled Task
1Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Scheduled Task/Job
1Scheduled Task
1Defense Evasion
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Hide Artifacts
1Hidden Files and Directories
1Impair Defenses
2Disable or Modify Tools
1Modify Registry
3