General
-
Target
CheatEngine75.exe
-
Size
28.5MB
-
Sample
241113-kx1qvssjhk
-
MD5
647a2177841aebe2f1bb1b3767f41287
-
SHA1
446575615e7fcc9c58fb04cad12909a183a2eb15
-
SHA256
07c1abb57c4498748c4f1344a786c2c136b82651786ed005d999ecbf6054fb2c
-
SHA512
f3165aec7a4b7adb7e6ffca56812f769b7b085000d50bf235ca1c7e74d76dfb5549de9561e281623c734c2dec9fc37b54af572c3e97fcb9fb1411102ae3da0c0
-
SSDEEP
786432:5l3LNCxuEnwFho+zM77UDZiZCd08jFZJAI5E70TZFHi6t:5l3LMEXFhV0KAcNjxAItjFt
Static task
static1
Behavioral task
behavioral1
Sample
CheatEngine75.exe
Resource
win7-20240903-en
Malware Config
Targets
-
-
Target
CheatEngine75.exe
-
Size
28.5MB
-
MD5
647a2177841aebe2f1bb1b3767f41287
-
SHA1
446575615e7fcc9c58fb04cad12909a183a2eb15
-
SHA256
07c1abb57c4498748c4f1344a786c2c136b82651786ed005d999ecbf6054fb2c
-
SHA512
f3165aec7a4b7adb7e6ffca56812f769b7b085000d50bf235ca1c7e74d76dfb5549de9561e281623c734c2dec9fc37b54af572c3e97fcb9fb1411102ae3da0c0
-
SSDEEP
786432:5l3LNCxuEnwFho+zM77UDZiZCd08jFZJAI5E70TZFHi6t:5l3LMEXFhV0KAcNjxAItjFt
-
Manipulates Digital Signatures
Attackers can apply techniques such as modifying certain DLL exports to make their binary seem valid.
-
Modifies file permissions
-
Checks for any installed AV software in registry
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Defense Evasion
File and Directory Permissions Modification
1Impair Defenses
1Modify Registry
1Subvert Trust Controls
1Install Root Certificate
1