Overview

overview

10

Static

static

10

cheaterbot ong.exe

windows10-2004-x64

7

main.pyc

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    cheaterbot ong.exe

  • Size

    24.8MB

  • Sample

    241222-qsqyrazqem

  • MD5

    9cae1c1b6699beba8010ccbafefe84f5

  • SHA1

    632f79e4474a4f7b55fe888bb1207fed9a5519d1

  • SHA256

    ae515b9cf61e75ea6024235bfbd4f56dac1e07af26d4f774c5db4b04088d381a

  • SHA512

    9afd7c2bdacfb60c28f2518f29f0432e41fba3e44c633be7dc9bbccd840049f49ea1ccdae01a1ad1750f80aa08cb7f1f3b195a6d3583d50084ddda989b448ea0

  • SSDEEP

    393216:FqPnLFXlrAMYovQ9U06heDOETgs77cG79VgceMBpMpIQvZ6pWYxJe8s:8PLFXNANovQ9+hfE79DZIpvYJx0

Score
10/10
empyreandiscoverypersistencepyinstallerspywarestealerupx

Malware Config

Targets

    • Target

      cheaterbot ong.exe

    • Size

      24.8MB

    • MD5

      9cae1c1b6699beba8010ccbafefe84f5

    • SHA1

      632f79e4474a4f7b55fe888bb1207fed9a5519d1

    • SHA256

      ae515b9cf61e75ea6024235bfbd4f56dac1e07af26d4f774c5db4b04088d381a

    • SHA512

      9afd7c2bdacfb60c28f2518f29f0432e41fba3e44c633be7dc9bbccd840049f49ea1ccdae01a1ad1750f80aa08cb7f1f3b195a6d3583d50084ddda989b448ea0

    • SSDEEP

      393216:FqPnLFXlrAMYovQ9U06heDOETgs77cG79VgceMBpMpIQvZ6pWYxJe8s:8PLFXNANovQ9+hfE79DZIpvYJx0

    Score
    7/10
    discoverypersistencespywarestealerupx

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1

    • Target

      main.pyc

    • Size

      7KB

    • MD5

      af5e35ef6fd7a89478f59a3e236e654e

    • SHA1

      1cee061059ef5b811044c110fca9855b552cf0d1

    • SHA256

      0e1b1803514d101139b09f5cbd5870fd5c454d433b73aa5ee158e343eed5f12a

    • SHA512

      0d4022465e121a135f644b622c5308b5c7afb13992817020ae75d972ac453d629db59336b163a07f33fcb9650c851873938d07ade525e0fdf8f92507e991fca8

    • SSDEEP

      192:wnGkFSnqD8zbWdXwRAuJpBJhwQbMdw2cnw:qMWuRAI72QbP2cw

    Score
    3/10
    behavioral2

MITRE ATT&CK Enterprise v15

Tasks