Overview
overview
10Static
static
3CLibrary.dll
windows10-2004-x64
8CheatInjector.exe
windows10-2004-x64
10bearer/libn.dll
windows10-2004-x64
1bearer/qge...er.dll
windows10-2004-x64
1bearer/qna...er.dll
windows10-2004-x64
1dll/Qt5Network.dll
windows10-2004-x64
1dll/Qt5Svg.dll
windows10-2004-x64
1dll/libEGL.dll
windows10-2004-x64
1dll/libGLESV2.dll
windows10-2004-x64
1dll/libeay32.dll
windows10-2004-x64
1dll/msvcp120.dll
windows10-2004-x64
3dll/msvcr120.dll
windows10-2004-x64
3dll/ssleay32.dll
windows10-2004-x64
1iconengine...on.dll
windows10-2004-x64
1General
-
Target
Cheat.zip
-
Size
53.8MB
-
Sample
240701-wp1xfavhqq
-
MD5
7cdf56b3bee16029882d29c1873ffc39
-
SHA1
5285f807b7e2a0c624181ab2c2a8ed6ea8380973
-
SHA256
b61fed559224dec5c55d61b344407e65bb7253586120f144a8f07db35a41383d
-
SHA512
9f9a5dd472bbb8ffad303b81b57631335ae24267677b146e0990e6e46f91118663b99f88ef299267f640e280ceee49194264d56061fcf65eb9d089ea83fad3cd
-
SSDEEP
1572864:nFcOuQOrIej6n8hEuXPjEqxezd/ZxqPfa4FmKKvv:nFcBEeGnEXDezc37sv
Static task
static1
Behavioral task
behavioral1
Sample
CLibrary.dll
Resource
win10v2004-20240611-en
Behavioral task
behavioral2
Sample
CheatInjector.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral3
Sample
bearer/libn.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral4
Sample
bearer/qgenericbearer.dll
Resource
win10v2004-20240611-en
Behavioral task
behavioral5
Sample
bearer/qnativewifibearer.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral6
Sample
dll/Qt5Network.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral7
Sample
dll/Qt5Svg.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral8
Sample
dll/libEGL.dll
Resource
win10v2004-20240611-en
Behavioral task
behavioral9
Sample
dll/libGLESV2.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral10
Sample
dll/libeay32.dll
Resource
win10v2004-20240611-en
Behavioral task
behavioral11
Sample
dll/msvcp120.dll
Resource
win10v2004-20240611-en
Behavioral task
behavioral12
Sample
dll/msvcr120.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral13
Sample
dll/ssleay32.dll
Resource
win10v2004-20240611-en
Behavioral task
behavioral14
Sample
iconengines/qsvgicon.dll
Resource
win10v2004-20240611-en
Malware Config
Extracted
lumma
https://citizencenturygoodwk.shop/api
https://potterryisiw.shop/api
https://foodypannyjsud.shop/api
https://contintnetksows.shop/api
https://reinforcedirectorywd.shop/api
Targets
-
-
Target
CLibrary.dll
-
Size
6.5MB
-
MD5
9a319ba89b9427cd2251fe2b5b2f8268
-
SHA1
ca95629d35f35d703acde97a9219955d24fb9dc2
-
SHA256
50b11d03d16c1d71072647d3a41dd4370ee356306984f467c274260f5ef13958
-
SHA512
af7affbedd59dad1509d820b602777d4e56fa5636112f976f843e83e98c52c8c8f7b37d6c7622483ba7113cb4de92754e72102aff25a5852e0596f171039b37c
-
SSDEEP
98304:v9wyQ37ksSqslMh/xM/uZzVrwQYpKPJDeg3lPq6hTa1DMn:Vh+XKC/xFhVrwQrPJ9iY
Score8/10-
Blocklisted process makes network request
-
-
-
Target
CheatInjector.exe
-
Size
12.0MB
-
MD5
ffd54dd853ba501a846bcb20b8fb8a92
-
SHA1
167e0a2d7fcb110df4d5561cfb0aa86e67784f4e
-
SHA256
bc668cbc597c7b00abca9b6ead346889cee9c8de235534bff296417a077df999
-
SHA512
eedb05f9e7a260004a53b6196401e878c8f2d2f1c47e280dc5bbca245771417fae7ffea1201ccdf1ab56a6998e0acdf2ee7e39538ea91e056f91811e2e253f6f
-
SSDEEP
98304:qTTm3vPx378D4xKKpmULiOSnP7REM+aweRMEz:5Pp8D40/UuO0P7yM+M
-
Suspicious use of SetThreadContext
-
-
-
Target
bearer/libn.dll
-
Size
18KB
-
MD5
379358b4cd4b60137c0807f327531987
-
SHA1
b0a5f6e3dcd0dbc94726f16ed55d2461d1737b59
-
SHA256
0ff1d03926f5d9c01d02fae5c5e1f018a87d7f90a1826de47277530bfc7776f8
-
SHA512
097c08135d654596a19ada814ad360a8c2374d989cbd7094c6acb092e9854abf1f1d878d3da72b66c4c75806586bee7fe04d555a1d82db170725bdbeadea7d50
-
SSDEEP
384:rLyPunoshzdtnbuH0aXOk0GfZh5g+zCxU:rLy7s5dJuHHOqhyy
Score1/10 -
-
-
Target
bearer/qgenericbearer.dll
-
Size
45KB
-
MD5
dba35d31c2b6797c8a4d38ae27d68e6e
-
SHA1
37948e71dc758964e0aa19aee063b50ef87a7290
-
SHA256
086d6ba24f34a269856c4e0159a860657590d05aabb2530247e685543b34c52f
-
SHA512
282e7613fe445785fa5ed345415bc008637b7d1d7988cc6da715b024311a1c29425f5edb26a1d90f301af408b60244dd81e1459eef2aab10b07d1ac352770b4b
-
SSDEEP
768:B+B5mIpDC6s1Hf30HdG806zHgaEsyJa5gYnDGMHgtpQu8KOqfyc:UB5mTfEHdh0GHga9nDGigvQu8K/J
Score1/10 -
-
-
Target
bearer/qnativewifibearer.dll
-
Size
46KB
-
MD5
a8bca50f7966f578b127d1e24fc2430f
-
SHA1
cfa1e5d684d938fdb9a97ff874cd2166a10ca0c8
-
SHA256
c209d080a62f5e67ddc01a3ae6b4f9b103faf4104c93b7dbb5ffa8d548bf0cd5
-
SHA512
86b1e4eec873b5951408f1793b5a35725fb53e2282e194b409705f476d8bea9750dcee74bd51ae5d3acb3d47846a8b7210b1493f7d9ac012140df5e6a57d8c69
-
SSDEEP
768:AoK5SNALlqMB1hF4hGm6/q4wgaHbAUjHgLa3TO1ZOqgCyEw:mSIlq6cl6SDgacU7ge3TOn/I
Score1/10 -
-
-
Target
dll/Qt5Network.dll
-
Size
840KB
-
MD5
0fdda3a8c8be28993b156b24b300ccdf
-
SHA1
57fe6cfd0b28708d23ae560675d4c462127722c8
-
SHA256
335cec3a5f9082f083190660932b6641f682f4c5818ffbd6ffa98c9d0c24e0f1
-
SHA512
4ba8b28ac903d087344185b77144bfcbcd5bda11efb2a8d45b942363b8a13c7c4fb56820644166c7556fb44b68a8786ebb10b8cc4b3557247aa85214289e4453
-
SSDEEP
12288:/fGeWXoifZwygBFp9RsVqSA3jk1x5X+JPnk4PpazkoLhVY9hqivwlsBNzARfG2:/fGeWXoiBwHbHEgqM9BNzARfG2
Score1/10 -
-
-
Target
dll/Qt5Svg.dll
-
Size
253KB
-
MD5
06cc5d18a496520e05bcfee1e3169535
-
SHA1
98ba5d0ed52499a845038c3b4bcba356b9339f11
-
SHA256
ea31035fa96ba656d64b58d4f1a9dd210df7154afad3d4f96ee36b41584e4360
-
SHA512
154a2fdbaa045df6289476420cc4045905a866cd54d756dcc09e0ea79f2cec7f33c748534f47c827841e35c35f71d462cadb801a6b99bf72c162c075d786fdbe
-
SSDEEP
6144:kKD4dwpLEE61jMW52NP5xwuMnyOWYGcy8Dv4Cnke+9oCsGhvdw61IwxP4zd:kKD42pLEE6mw2NPnBMIBrU
Score1/10 -
-
-
Target
dll/libEGL.dll
-
Size
18KB
-
MD5
379358b4cd4b60137c0807f327531987
-
SHA1
b0a5f6e3dcd0dbc94726f16ed55d2461d1737b59
-
SHA256
0ff1d03926f5d9c01d02fae5c5e1f018a87d7f90a1826de47277530bfc7776f8
-
SHA512
097c08135d654596a19ada814ad360a8c2374d989cbd7094c6acb092e9854abf1f1d878d3da72b66c4c75806586bee7fe04d555a1d82db170725bdbeadea7d50
-
SSDEEP
384:rLyPunoshzdtnbuH0aXOk0GfZh5g+zCxU:rLy7s5dJuHHOqhyy
Score1/10 -
-
-
Target
dll/libGLESV2.dll
-
Size
1.5MB
-
MD5
aebbd25609c3f1d16809c02f12e99896
-
SHA1
7675d0f61062490b8c7043a66a8d88d5d147f7a9
-
SHA256
6765d163fae52331dfdcccab371c9b8b5cd0915bfdb14bbf2ca5d3f42bb29f4c
-
SHA512
a441ae0fe98ae39ed7fd1feb410bcac3aba9179242c62166190926588b97e11f0a3442d0619c6a2f6070e336a82d7fcabeb89461ff15fe878da13f2a57710f87
-
SSDEEP
24576:IGyEmXb3NBT+BZDQnVjDuBy8aTnilzT8QreNdJU8GAeZRyRWh:I8mr3OaDVXnilcQreNdJU8GOWh
Score1/10 -
-
-
Target
dll/libeay32.dll
-
Size
1.1MB
-
MD5
67130d64a3c2b4b792c4f5f955b37287
-
SHA1
6f6cae2a74f7e7b0f18b93367821f7b802b3e6cf
-
SHA256
7581f48b16bd9c959491730e19687656f045afbab59222c0baba52b25d1055be
-
SHA512
d88c26ec059ad324082c4f654786a3a45ecf9561a522c8ec80905548ad1693075f0ffc93079f0ef94614c95a3ac6bbf59c8516018c71b2e59ec1320ba2b99645
-
SSDEEP
24576:CBULPHc9UKJayhv6uaDGXcRY0Pt4eY/qL6I4tPxVCBfe6w:L09UpyuDMaoHI4tPxV56w
Score1/10 -
-
-
Target
dll/msvcp120.dll
-
Size
444KB
-
MD5
fd5cabbe52272bd76007b68186ebaf00
-
SHA1
efd1e306c1092c17f6944cc6bf9a1bfad4d14613
-
SHA256
87c42ca155473e4e71857d03497c8cbc28fa8ff7f2c8d72e8a1f39b71078f608
-
SHA512
1563c8257d85274267089cd4aeac0884a2a300ff17f84bdb64d567300543aa9cd57101d8408d0077b01a600ddf2e804f7890902c2590af103d2c53ff03d9e4a5
-
SSDEEP
12288:uZ/8wcqw2oe+Z3VrfwfNOOoWhUgiW6QR7t5ss3Ooc8DHkC2e77/:W/8wVwHZFTwFOOos3Ooc8DHkC2e77/
Score3/10 -
-
-
Target
dll/msvcr120.dll
-
Size
948KB
-
MD5
034ccadc1c073e4216e9466b720f9849
-
SHA1
f19e9d8317161edc7d3e963cc0fc46bd5e4a55a1
-
SHA256
86e39b5995af0e042fcdaa85fe2aefd7c9ddc7ad65e6327bd5e7058bc3ab615f
-
SHA512
5f11ef92d936669ee834a5cef5c7d0e7703bf05d03dc4f09b9dcfe048d7d5adfaab6a9c7f42e8080a5e9aad44a35f39f3940d5cca20623d9cafe373c635570f7
-
SSDEEP
12288:LBmFyjLAOQaYkxGXPfY7eiWWcpOKnpTVOIxhK765qlRRb6x4pI23IbJQV:dmFyjLF847eiWWcoGZVOIxh/WxIAIbGV
Score3/10 -
-
-
Target
dll/ssleay32.dll
-
Size
270KB
-
MD5
df38eb2002e5979e57babf8b4f6a2f82
-
SHA1
219d5837f6461688122d637bf67f041fc6c19aac
-
SHA256
5c2f10a772edfbeef8a5261b8677e68c4194cb87f3cb9bc319c8da75cfaefa3f
-
SHA512
da4b6ec820f5886102577a7e98187ed45165ee5373504fb4f610cfb47eb2ad6e0b75d868464df4ee8b97f506c2f493a1d3bf029c184c08b311dbc1b76c2a37f6
-
SSDEEP
6144:0xnT+R40IInTyFxvYlBtCikIK3gb/VuLXyJxm11VMaorgpa7ivoQXoYwWAaHeeT6:6nKR40IInTyFxvY3tCikIK3gb/VECJxD
Score1/10 -
-
-
Target
iconengines/qsvgicon.dll
-
Size
37KB
-
MD5
90bb882a4b5e3427f328259530aa1b3b
-
SHA1
a4059f0c105f4e2abe84efc4a48fa676171f37c5
-
SHA256
b2b420aa1805d8b5dc15ccb74dd664d10bd6ba422743f5043a557a701c8a1778
-
SHA512
a486280bba42d6c2d8b5ca0a0191b6b29067e1c120f85dbff709a4a42c61d925804915f93f815f56c9ca06ea9f8b89de0e692776524d28d81e29ef1c75501db8
-
SSDEEP
768:ps7Ss9mMa0qnobGobEng53IdR4rXDd/+Hb0RPNRuBNJOqUVyvC:s95aoZEgGdu7Dd/YbOPybJ/XC
Score1/10 -