Overview
overview
9Static
static
9tox tweaki...or.exe
windows10-ltsc 2021-x64
1tox tweaki...or.exe
windows10-ltsc 2021-x64
1tox tweaki...CK.exe
windows10-ltsc 2021-x64
9tox tweaki...ew.exe
windows10-ltsc 2021-x64
6tox tweaki...up.exe
windows10-ltsc 2021-x64
1tox tweaki...8.appx
windows10-ltsc 2021-x64
1Microsoft.UI.Xaml.dll
windows10-ltsc 2021-x64
1Microsoft.UI.Xaml.dll
windows10-ltsc 2021-x64
1tox tweaki...up.exe
windows10-ltsc 2021-x64
8tox tweaki...LG.exe
windows10-ltsc 2021-x64
1tox tweaki...el.exe
windows10-ltsc 2021-x64
1tox tweaki...un.exe
windows10-ltsc 2021-x64
3Export.bat
windows10-ltsc 2021-x64
1Import.bat
windows10-ltsc 2021-x64
1SCEWIN_64.exe
windows10-ltsc 2021-x64
1amifldrv64.sys
windows10-ltsc 2021-x64
1amigendrv64.sys
windows10-ltsc 2021-x64
1tox tweaki...64.exe
windows10-ltsc 2021-x64
1tox tweaki...CL.exe
windows10-ltsc 2021-x64
1tox tweaki...64.exe
windows10-ltsc 2021-x64
7tox tweaki...64.sys
windows10-ltsc 2021-x64
1tox tweaki...64.sys
windows10-ltsc 2021-x64
1tox tweaki...vc.exe
windows10-ltsc 2021-x64
1CRU/CRU.exe
windows10-ltsc 2021-x64
3CRU/reset-all.exe
windows10-ltsc 2021-x64
3CRU/restart.exe
windows10-ltsc 2021-x64
5CRU/restart64.exe
windows10-ltsc 2021-x64
5tox tweaki...on.exe
windows10-ltsc 2021-x64
1Export.bat
windows10-ltsc 2021-x64
3tox tweaki...ll.exe
windows10-ltsc 2021-x64
7tox tweaki...xp.exe
windows10-ltsc 2021-x64
8tox tweaki...tr.exe
windows10-ltsc 2021-x64
1Analysis
-
max time kernel
98s -
max time network
145s -
platform
windows10-ltsc 2021_x64 -
resource
win10ltsc2021-20241023-en -
resource tags
arch:x64arch:x86image:win10ltsc2021-20241023-enlocale:en-usos:windows10-ltsc 2021-x64system -
submitted
08-11-2024 15:08
Static task
static1
Behavioral task
behavioral1
Sample
tox tweaking/Emu/KeyAuthEmulator.exe
Resource
win10ltsc2021-20241023-en
windows10-ltsc 2021-x64
Behavioral task
behavioral2
Sample
tox tweaking/Emu/KeyAuthEmulator.exe
Resource
win10ltsc2021-20241023-en
windows10-ltsc 2021-x64
Behavioral task
behavioral3
Sample
tox tweaking/ToX Premium UtilityCRACK.exe
Resource
win10ltsc2021-20241023-en
windows10-ltsc 2021-x64
Behavioral task
behavioral4
Sample
tox tweaking/niggers/DevManView.exe
Resource
win10ltsc2021-20241023-en
windows10-ltsc 2021-x64
Behavioral task
behavioral5
Sample
tox tweaking/niggers/DeviceCleanup.exe
Resource
win10ltsc2021-20241023-en
windows10-ltsc 2021-x64
Behavioral task
behavioral6
Sample
tox tweaking/niggers/Microsoft-uiXAML2.8.appx
Resource
win10ltsc2021-20241023-en
windows10-ltsc 2021-x64
Behavioral task
behavioral7
Sample
Microsoft.UI.Xaml.dll
Resource
win10ltsc2021-20241023-en
windows10-ltsc 2021-x64
Behavioral task
behavioral8
Sample
Microsoft.UI.Xaml.dll
Resource
win10ltsc2021-20241023-en
windows10-ltsc 2021-x64
Behavioral task
behavioral9
Sample
tox tweaking/niggers/MicrosoftEdgeSetup.exe
Resource
win10ltsc2021-20241023-en
windows10-ltsc 2021-x64
Behavioral task
behavioral10
Sample
tox tweaking/niggers/NSudoLG.exe
Resource
win10ltsc2021-20241023-en
windows10-ltsc 2021-x64
Behavioral task
behavioral11
Sample
tox tweaking/niggers/NVIDIA Control Panel.exe
Resource
win10ltsc2021-20241023-en
windows10-ltsc 2021-x64
Behavioral task
behavioral12
Sample
tox tweaking/niggers/PowerRun.exe
Resource
win10ltsc2021-20241023-en
windows10-ltsc 2021-x64
Behavioral task
behavioral13
Sample
Export.bat
Resource
win10ltsc2021-20241023-en
windows10-ltsc 2021-x64
Behavioral task
behavioral14
Sample
Import.bat
Resource
win10ltsc2021-20241023-en
windows10-ltsc 2021-x64
Behavioral task
behavioral15
Sample
SCEWIN_64.exe
Resource
win10ltsc2021-20241023-en
windows10-ltsc 2021-x64
Behavioral task
behavioral16
Sample
amifldrv64.sys
Resource
win10ltsc2021-20241023-en
windows10-ltsc 2021-x64
Behavioral task
behavioral17
Sample
amigendrv64.sys
Resource
win10ltsc2021-20241023-en
windows10-ltsc 2021-x64
Behavioral task
behavioral18
Sample
tox tweaking/niggers/SCEWIN_64.exe
Resource
win10ltsc2021-20241023-en
windows10-ltsc 2021-x64
Behavioral task
behavioral19
Sample
tox tweaking/niggers/SetACL.exe
Resource
win10ltsc2021-20241023-en
windows10-ltsc 2021-x64
Behavioral task
behavioral20
Sample
tox tweaking/niggers/VC_redist.x64.exe
Resource
win10ltsc2021-20241023-en
windows10-ltsc 2021-x64
Behavioral task
behavioral21
Sample
tox tweaking/niggers/amifldrv64.sys
Resource
win10ltsc2021-20241023-en
windows10-ltsc 2021-x64
Behavioral task
behavioral22
Sample
tox tweaking/niggers/amigendrv64.sys
Resource
win10ltsc2021-20241023-en
windows10-ltsc 2021-x64
Behavioral task
behavioral23
Sample
tox tweaking/niggers/bfsvc.exe
Resource
win10ltsc2021-20241023-en
windows10-ltsc 2021-x64
Behavioral task
behavioral24
Sample
CRU/CRU.exe
Resource
win10ltsc2021-20241023-en
windows10-ltsc 2021-x64
Behavioral task
behavioral25
Sample
CRU/reset-all.exe
Resource
win10ltsc2021-20241023-en
windows10-ltsc 2021-x64
Behavioral task
behavioral26
Sample
CRU/restart.exe
Resource
win10ltsc2021-20241023-en
windows10-ltsc 2021-x64
Behavioral task
behavioral27
Sample
CRU/restart64.exe
Resource
win10ltsc2021-20241023-en
windows10-ltsc 2021-x64
Behavioral task
behavioral28
Sample
tox tweaking/niggers/devcon.exe
Resource
win10ltsc2021-20241023-en
windows10-ltsc 2021-x64
Behavioral task
behavioral29
Sample
Export.bat
Resource
win10ltsc2021-20241023-en
windows10-ltsc 2021-x64
Behavioral task
behavioral30
Sample
tox tweaking/niggers/openshell.exe
Resource
win10ltsc2021-20241023-en
windows10-ltsc 2021-x64
Behavioral task
behavioral31
Sample
tox tweaking/niggers/procexp.exe
Resource
win10ltsc2021-20241023-en
windows10-ltsc 2021-x64
Behavioral task
behavioral32
Sample
tox tweaking/niggers/str.exe
Resource
win10ltsc2021-20241023-en
windows10-ltsc 2021-x64
General
-
Target
Export.bat
-
Size
529B
-
MD5
bf354baed02884dc4cf002db55818873
-
SHA1
66475f4de3baf56280ead4fc7c1303f5acbad307
-
SHA256
283d6ea32f1aa30985dc7ff1564e345ef62ca8193d764418b3031bbba82bb7da
-
SHA512
205c681c36b856f46c4cb91ae7adab2bd006c4950a660414dffd12ddafd23828d82a2128a19eef4cf05124a2b1237a8f1a3c50643479c91c0cef045df7c98134
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 4 IoCs
description pid Process procid_target PID 1028 wrote to memory of 632 1028 cmd.exe 86 PID 1028 wrote to memory of 632 1028 cmd.exe 86 PID 1028 wrote to memory of 3904 1028 cmd.exe 87 PID 1028 wrote to memory of 3904 1028 cmd.exe 87