Resubmissions
05-07-2024 10:18
240705-mb479sygld 10General
-
Target
Cheat.exe
-
Size
81.0MB
-
Sample
240705-mb479sygld
-
MD5
16f1896ba01dbefb637eae6d70c5faca
-
SHA1
18e17a70f99e18049d2378574c0e3e28010f18a1
-
SHA256
030adf70797313d1eb9020d0f329a3509b49a1d0d060fb7f910bfc627faf1f53
-
SHA512
e5392920c809fd4aa8b89d17be49685ceafa4882735419ee3344574343578a492eddd7d4f9ace740508167c8bf1eebc09ee9bac67d9bc97378b017ab4b69bdfa
-
SSDEEP
1572864:UvxZQgl0mSk8IpG7V+VPhqcPE7hlgkiYgj+h58sMwVWg9OSFcJz7:UvxZxfSkB05awcSeu5Bn9O17
Behavioral task
behavioral1
Sample
Cheat.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
Cheat.exe
-
Size
81.0MB
-
MD5
16f1896ba01dbefb637eae6d70c5faca
-
SHA1
18e17a70f99e18049d2378574c0e3e28010f18a1
-
SHA256
030adf70797313d1eb9020d0f329a3509b49a1d0d060fb7f910bfc627faf1f53
-
SHA512
e5392920c809fd4aa8b89d17be49685ceafa4882735419ee3344574343578a492eddd7d4f9ace740508167c8bf1eebc09ee9bac67d9bc97378b017ab4b69bdfa
-
SSDEEP
1572864:UvxZQgl0mSk8IpG7V+VPhqcPE7hlgkiYgj+h58sMwVWg9OSFcJz7:UvxZxfSkB05awcSeu5Bn9O17
Score9/10-
Enumerates VirtualBox DLL files
-
Command and Scripting Interpreter: PowerShell
Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-