Overview

overview

10

Static

static

10

Bird.exe

windows7-x64

10

Bird.exe

windows10-2004-x64

10

CSGO FREE HACK.exe

windows7-x64

10

CSGO FREE HACK.exe

windows10-2004-x64

10

CSGO FREEHACK.exe

windows7-x64

3

CSGO FREEHACK.exe

windows10-2004-x64

3

CSGhost-v4.1.exe

windows7-x64

8

CSGhost-v4.1.exe

windows10-2004-x64

10

Install.exe

windows7-x64

10

Install.exe

windows10-2004-x64

10

Installer.exe

windows7-x64

10

Installer.exe

windows10-2004-x64

10

Installer2.exe

windows7-x64

10

Installer2.exe

windows10-2004-x64

10

Kiddions Mod MENU.exe

windows7-x64

7

Kiddions Mod MENU.exe

windows10-2004-x64

7

Minecraft_v4.5.exe

windows7-x64

10

Minecraft_v4.5.exe

windows10-2004-x64

10

Vape Crack.exe

windows7-x64

10

Vape Crack.exe

windows10-2004-x64

10

Vape Patch.exe

windows7-x64

10

Vape Patch.exe

windows10-2004-x64

10

Vape_V4.exe

windows7-x64

10

Vape_V4.exe

windows10-2004-x64

10

launcher.exe

windows7-x64

10

launcher.exe

windows10-2004-x64

10

nixware crack.exe

windows7-x64

3

nixware crack.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    133s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
  • submitted
    09-11-2024 16:28

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Kiddions Mod MENU.exe

  • Size

    142KB

  • MD5

    0bc5ae5e0021fccd9bff9f64f686f043

  • SHA1

    06e779dae148031e6294ecf0cc5e135da09811b4

  • SHA256

    e0aca3b1e2806672143d256e87812294fe04f1ea95625979e3b9d64b951449db

  • SHA512

    ac306d51feaddbc4f733963314b48aeb50a1a707bea90d3347dcf832d59ae96da6775e73760d6899066cdbcb11370ad26e5b901447fd8be2133fbbe6143b6414

  • SSDEEP

    3072:FvcjAFss11pSyRNKB2c3XEECZOX0ByrzwZ+Tlttu6OcTy+Dp1jWT39Y7umZZWDpT:Fvt11pxIuZOX0ByrzwZ+Zv9WqumZZ1Pb

Score
7/10
discoveryspywarestealer

Malware Config

Signatures

  • Reads user/profile data of web browsers 3 TTPs

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer
  • Browser Information Discovery 1 TTPs

    Enumerate browser information.

    discovery
  • Checks processor information in registry 2 TTPs 2 IoCs

    Processor information is often read in order to detect sandboxing environments.

  • Suspicious behavior: EnumeratesProcesses 5 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Kiddions Mod MENU.exe
    "C:\Users\Admin\AppData\Local\Temp\Kiddions Mod MENU.exe"
    1⤵
    • Checks processor information in registry
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:2396

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2396-0-0x00007FFC7E8E3000-0x00007FFC7E8E5000-memory.dmp

    Filesize

    8KB

    Download

  • memory/2396-1-0x0000000000B00000-0x0000000000B2A000-memory.dmp

    Filesize

    168KB

    Download

  • memory/2396-2-0x00007FFC7E8E0000-0x00007FFC7F3A1000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/2396-29-0x000000001E3D0000-0x000000001E592000-memory.dmp

    Filesize

    1.8MB

    Download

  • memory/2396-37-0x000000001ECA0000-0x000000001ED16000-memory.dmp

    Filesize

    472KB

    Download

  • memory/2396-53-0x000000001F7D0000-0x000000001F820000-memory.dmp

    Filesize

    320KB

    Download

  • memory/2396-57-0x0000000020470000-0x0000000020998000-memory.dmp

    Filesize

    5.2MB

    Download

  • memory/2396-58-0x00007FFC7E8E3000-0x00007FFC7E8E5000-memory.dmp

    Filesize

    8KB

    Download

  • memory/2396-59-0x00007FFC7E8E0000-0x00007FFC7F3A1000-memory.dmp

    Filesize

    10.8MB

    Download