Overview
overview
10Static
static
3maizu hack...er.dll
windows7-x64
1maizu hack...er.dll
windows10-2004-x64
1maizu hack...fg.dll
windows7-x64
1maizu hack...fg.dll
windows10-2004-x64
1maizu hack...im.dll
windows7-x64
1maizu hack...im.dll
windows10-2004-x64
1maizu hack...er.dll
windows7-x64
1maizu hack...er.dll
windows10-2004-x64
1maizu hack...ng.dll
windows7-x64
1maizu hack...ng.dll
windows10-2004-x64
1maizu hack...2p.dll
windows7-x64
1maizu hack...2p.dll
windows10-2004-x64
1maizu hack....4.exe
windows7-x64
3maizu hack....4.exe
windows10-2004-x64
10maizu hack...er.dll
windows7-x64
1maizu hack...er.dll
windows10-2004-x64
1maizu hack...on.dll
windows7-x64
1maizu hack...on.dll
windows10-2004-x64
1Analysis
-
max time kernel
119s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20231129-en -
resource tags
arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system -
submitted
01-07-2024 13:24
Static task
static1
Behavioral task
behavioral1
Sample
maizu hack v1.4/app/apper.dll
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
maizu hack v1.4/app/apper.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral3
Sample
maizu hack v1.4/cfg.dll
Resource
win7-20240611-en
Behavioral task
behavioral4
Sample
maizu hack v1.4/cfg.dll
Resource
win10v2004-20240611-en
Behavioral task
behavioral5
Sample
maizu hack v1.4/data/aim.dll
Resource
win7-20240508-en
Behavioral task
behavioral6
Sample
maizu hack v1.4/data/aim.dll
Resource
win10v2004-20240611-en
Behavioral task
behavioral7
Sample
maizu hack v1.4/data/fover.dll
Resource
win7-20240419-en
Behavioral task
behavioral8
Sample
maizu hack v1.4/data/fover.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral9
Sample
maizu hack v1.4/data/setting.dll
Resource
win7-20240611-en
Behavioral task
behavioral10
Sample
maizu hack v1.4/data/setting.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral11
Sample
maizu hack v1.4/data/vkfow2p.dll
Resource
win7-20240220-en
Behavioral task
behavioral12
Sample
maizu hack v1.4/data/vkfow2p.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral13
Sample
maizu hack v1.4/maizu hack v1.4.exe
Resource
win7-20231129-en
Behavioral task
behavioral14
Sample
maizu hack v1.4/maizu hack v1.4.exe
Resource
win10v2004-20240611-en
Behavioral task
behavioral15
Sample
maizu hack v1.4/updater.dll
Resource
win7-20240508-en
Behavioral task
behavioral16
Sample
maizu hack v1.4/updater.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral17
Sample
maizu hack v1.4/version.dll
Resource
win7-20240508-en
Behavioral task
behavioral18
Sample
maizu hack v1.4/version.dll
Resource
win10v2004-20240611-en
General
-
Target
maizu hack v1.4/maizu hack v1.4.exe
-
Size
507KB
-
MD5
5241cbe1ca5ad91d9701dcd3e86d0be4
-
SHA1
42e2343018e6f26747f21310e1498a0b7558cee7
-
SHA256
18b8ddccfd60b09d5e7148f3a5ce61c61d37da4de9e4206ad28155ad92d70a5d
-
SHA512
208b7e3efce893a7a766d03f5185f065e0067b100ec5917fe9a3030906ce0740669d95ad2a128cdecf7cd70051cd04e1befa1fec5ce855a6a016016ae25950e1
-
SSDEEP
12288:1+0NNkaifVNXUYLnft4Com2511gYTqKoGlGnzc:17yaCTXU+t4CoP5FTxoG
Malware Config
Signatures
-
Program crash 1 IoCs
Processes:
WerFault.exepid pid_target process target process 2516 1988 WerFault.exe maizu hack v1.4.exe -
Suspicious use of WriteProcessMemory 4 IoCs
Processes:
maizu hack v1.4.exedescription pid process target process PID 1988 wrote to memory of 2516 1988 maizu hack v1.4.exe WerFault.exe PID 1988 wrote to memory of 2516 1988 maizu hack v1.4.exe WerFault.exe PID 1988 wrote to memory of 2516 1988 maizu hack v1.4.exe WerFault.exe PID 1988 wrote to memory of 2516 1988 maizu hack v1.4.exe WerFault.exe
Processes
-
C:\Users\Admin\AppData\Local\Temp\maizu hack v1.4\maizu hack v1.4.exe"C:\Users\Admin\AppData\Local\Temp\maizu hack v1.4\maizu hack v1.4.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 1988 -s 962⤵
- Program crash
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/1988-0-0x0000000000020000-0x0000000000021000-memory.dmpFilesize
4KB