General
-
Target
LordCheats.rar
-
Size
14.0MB
-
Sample
241109-aek8cavrcr
-
MD5
e14188d2f49a3002d37b6a9dfe4e73e3
-
SHA1
c22562fdbc92292002ece8d48bffe416d60c6eeb
-
SHA256
e4a3d6753435b8cf562bbf1e3ed582a22f4e2aca6d2a325c580525e9a5316a8b
-
SHA512
07e178c7159cf68a1f1240d7060224d9158011dd36bd7f9d3fb4d9a9e93e1ad0f50add7608efb4ac70e7207a5d4100a4a11eab64442af40d607c0fc6d73a4f08
-
SSDEEP
393216:/wBWmcdIt5zo3CqUe57yJZ0jJ7ksBjZaLownzGGCz7IB:43cdItlmUe57hjzjYLowF8IB
Static task
static1
Behavioral task
behavioral1
Sample
LordCheats.rar
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
LordCheats.rar
Resource
win10v2004-20241007-en
Behavioral task
behavioral3
Sample
LordCheats/LoaderV2.exe
Resource
win7-20240903-en
Behavioral task
behavioral4
Sample
LordCheats/LoaderV2.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral5
Sample
LordCheats/MSAlacDecoder.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral6
Sample
LordCheats/MSAlacEncoder.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral7
Sample
LordCheats/msafd.dll
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
LordCheats.rar
-
Size
14.0MB
-
MD5
e14188d2f49a3002d37b6a9dfe4e73e3
-
SHA1
c22562fdbc92292002ece8d48bffe416d60c6eeb
-
SHA256
e4a3d6753435b8cf562bbf1e3ed582a22f4e2aca6d2a325c580525e9a5316a8b
-
SHA512
07e178c7159cf68a1f1240d7060224d9158011dd36bd7f9d3fb4d9a9e93e1ad0f50add7608efb4ac70e7207a5d4100a4a11eab64442af40d607c0fc6d73a4f08
-
SSDEEP
393216:/wBWmcdIt5zo3CqUe57yJZ0jJ7ksBjZaLownzGGCz7IB:43cdItlmUe57hjzjYLowF8IB
Score7/10-
Executes dropped EXE
-
Loads dropped DLL
-
-
-
Target
LordCheats/LoaderV2.exe
-
Size
35.1MB
-
MD5
614be7a9a89b3c9f3f4f26f804bbfd0f
-
SHA1
6a450e9725745fecc45b01964115bd06f33f33eb
-
SHA256
167b1999ee89eed093850069f77a205284a00c4d7b8f10b59026da8b676ac92e
-
SHA512
c93282bf4c3c3b622155bbc071f01b4221a59dbd267ed566a615c000dbd81c3330e3e8e03020226bcfefc0087078ad4ec4447e4fbcdc62dd2032ac9110ab31f8
-
SSDEEP
393216:qQgHDlanaGBXvDKtz+bhPWES4tiNQPNrIKc4gaPbUAgrO4mgY96l+ZArYsFRljPl:q3on1HvSzxAMNYFZArYsLPvz7OZM
-
Loads dropped DLL
-
An obfuscated cmd.exe command-line is typically used to evade detection.
-
-
-
Target
LordCheats/MSAlacDecoder.dll
-
Size
80KB
-
MD5
09d48aa9e4f6a6ce60abc3d5e979335d
-
SHA1
3f3d1499a4fe9509ee049335594de63e198a2190
-
SHA256
3026b5f8a9ab755713f2e35bb54731ca7f124b03e28547815f69d534b6c869e2
-
SHA512
f42da1c8479deb9e21e2e02423f8f6745087116c4c7a5006d9de70eb010fc0acd86dacdece261f36f7bb9076c18c3f575c3c713bfa84994a6fc57a6490fb2c00
-
SSDEEP
1536:Pnwr55QlJ4EgWLfMhNH1D9mZQOMQxMzV1RqJ:fwr55QjJLYNH1D9NOMQxM51MJ
Score1/10 -
-
-
Target
LordCheats/MSAlacEncoder.dll
-
Size
88KB
-
MD5
8467c77a97cc97092ceece5fa8add721
-
SHA1
d85401b00997d468a1df5c168edf8ac03c3474f7
-
SHA256
9501e0948c7c30e81b5846ec7ed07ba2ccca86e21cd92da9bb05a7159a1cc295
-
SHA512
5158e06b7ff6a26ce632402af53d87062920e7a1cf5d75a1598d02c32d0f347113dac79d3e53feab1e1426229c28e6ea712b165d7e293f078e6590d0383a74b5
-
SSDEEP
1536:n6ABO/QDBprZITTluqS/P5HVA/Y7bt2zzVyBAS:xBO/QDBprZ8Tly/RHiKYz5yBt
Score1/10 -
-
-
Target
LordCheats/msafd.dll
-
Size
12KB
-
MD5
662f31f3d87b0773a24ffbabcf50ffb7
-
SHA1
ff2628c0778b74a304eede79a77c452481e8784a
-
SHA256
52ba6a4619d61b0e9dfbb1352f13e448f543e8a719892e10083d5f2e04fb9275
-
SHA512
598c96378b391d87c2a8fc4e19f1d7ff3a0b55549d70a683c892b07fa852c52021de943c0b9433cc345b18e3cc31bbf48f38770c6459d4e0e86aecfcb1e3ccd3
-
SSDEEP
24:eFGSTc3fh8GhzK+OLRU1D8hGIZW0DlAHsNwNuBeuS35WWdPPYPNC:ioPh8c++y+D8sIZWdHM+u3Y5WwHg
Score1/10 -