General
-
Target
cs2-free-cheat-tutorial-download.19
-
Size
29KB
-
Sample
250118-v583bayqev
-
MD5
12110ca12b30ade16d4b48b372b4bc37
-
SHA1
9001411405190a7dd2f88a46973699c93342b951
-
SHA256
d85c39e9de837871cc385785a08282e8fc3f4a84e8f66b17cda5776b7d9b8d0e
-
SHA512
2e93cbbe3948a37f1459ccc18fdf885d43ec8b270f24c3af8a392f7ba6d56172e5b29d87c66c7740e148c71aebf0c079bb6ae00ea7434fb6e95ffb7745c37c13
-
SSDEEP
384:c0+6GOwNvmMc84Kt+6H+X3KoGJoTgzCEgA+ay1YSYKsK6vnLGDwMK2xBMG3jtOhq:nVGHdQ6H+D++ay9wMDYcdnMsMm
Malware Config
Targets
-
-
Target
cs2-free-cheat-tutorial-download.19
-
Size
29KB
-
MD5
12110ca12b30ade16d4b48b372b4bc37
-
SHA1
9001411405190a7dd2f88a46973699c93342b951
-
SHA256
d85c39e9de837871cc385785a08282e8fc3f4a84e8f66b17cda5776b7d9b8d0e
-
SHA512
2e93cbbe3948a37f1459ccc18fdf885d43ec8b270f24c3af8a392f7ba6d56172e5b29d87c66c7740e148c71aebf0c079bb6ae00ea7434fb6e95ffb7745c37c13
-
SSDEEP
384:c0+6GOwNvmMc84Kt+6H+X3KoGJoTgzCEgA+ay1YSYKsK6vnLGDwMK2xBMG3jtOhq:nVGHdQ6H+D++ay9wMDYcdnMsMm
Score8/10-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Legitimate hosting services abused for malware hosting/C2
-
Detected potential entity reuse from brand STEAM.
-