Overview

overview

10

Static

static

3

OblivionCh...er.dll

windows11-21h2-x64

1

OblivionCh...vc.dll

windows11-21h2-x64

1

OblivionCh...xy.dll

windows11-21h2-x64

7

OblivionCh...SP.dll

windows11-21h2-x64

1

OblivionCh...re.dll

windows11-21h2-x64

1

OblivionCh...re.dll

windows11-21h2-x64

1

OblivionCh...es.dll

windows11-21h2-x64

1

OblivionCh...er.dll

windows11-21h2-x64

1

OblivionCh...ol.dll

windows11-21h2-x64

1

OblivionCh...on.dll

windows11-21h2-x64

1

OblivionCh...ls.dll

windows11-21h2-x64

1

OblivionCh...st.dll

windows11-21h2-x64

1

OblivionCh...nt.dll

windows11-21h2-x64

1

OblivionCh...ge.dll

windows11-21h2-x64

1

OblivionCh...ct.dll

windows11-21h2-x64

1

OblivionCh...sk.dll

windows11-21h2-x64

1

OblivionCh...sk.dll

windows11-21h2-x64

1

OblivionCh...st.dll

windows11-21h2-x64

1

OblivionCh...re.dll

windows11-21h2-x64

1

OblivionCh...ps.dll

windows11-21h2-x64

1

OblivionCh...ps.dll

windows11-21h2-x64

1

OblivionCh...ps.dll

windows11-21h2-x64

1

OblivionCh...es.dll

windows11-21h2-x64

1

OblivionCh...re.dll

windows11-21h2-x64

1

OblivionCh...er.dll

windows11-21h2-x64

1

OblivionCh...er.exe

windows11-21h2-x64

1

OblivionCh...es.dll

windows11-21h2-x64

1

OblivionCh...cc.exe

windows11-21h2-x64

3

OblivionCh...cc.dll

windows11-21h2-x64

1

OblivionCh...cc.exe

windows11-21h2-x64

1

OblivionCh...cc.exe

windows11-21h2-x64

1

OblivionCh...nt.exe

windows11-21h2-x64

10

Analysis

  • max time kernel
    90s
  • max time network
    97s
  • platform
    windows11-21h2_x64
  • resource
    win11-20241007-fr
  • resource tags

    arch:x64arch:x86image:win11-20241007-frlocale:fr-fros:windows11-21h2-x64systemwindows
  • submitted
    14-01-2025 21:07

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    OblivionCheatVIP 2.1/Addons/Macro/MapsBtSvcProxy.dll

  • Size

    40KB

  • MD5

    ae54de5d281d6cabf82cf88bc0e5011f

  • SHA1

    2b27d48630a1b9e7a82ae32459c18f337eb5c50e

  • SHA256

    a94fdfed0e3cb0aaaa9a727d150157fd0179ffcbe03adec5fdcd3e186c1a457f

  • SHA512

    cbc541b4f40d8e3ba452f35b31cafedb492be6981f425b333d8ae397e01247cba0ada80c6313b99a00f6e4307ff889944d6e4190e953f832fe0218227c4db24a

  • SSDEEP

    192:G2obK6DtPHd5Qk1tRSmmmDVwaQ9jdg7QA/eQ9cQ7p97vE1VzkdHWR6Wk:Gjbfd5jzIa37rehQn7WVzsHWR6Wk

Score
7/10
persistenceprivilege_escalation

Malware Config

Signatures

  • Event Triggered Execution: Component Object Model Hijacking 1 TTPs

    Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.

    persistenceprivilege_escalation
  • Modifies registry class 5 IoCs

Processes

  • C:\Windows\system32\regsvr32.exe
    regsvr32 /s "C:\Users\Admin\AppData\Local\Temp\OblivionCheatVIP 2.1\Addons\Macro\MapsBtSvcProxy.dll"
    1⤵
    • Modifies registry class
    PID:1160

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads