Tt eSPORTS THERON Plus GUI.exe
- Filename:
- Tt eSPORTS THERON Plus GUI.exe
- md5:
- b123ae3c368a53f7a8e81d20cfb71648
- sha1:
- c6a793f368fe98a1ba1eaa52bbe831ce7a181a6a
- sha256:
- 53d09f32331abf9083780a37e2ad05c3a4214956778513ae83c09ab35da5f349
- Filetype:
- PE32 executable (GUI) Intel 80386, for MS Windows, ...
- Size (Bytes):
- 12144322
- Classification:
- malicious
- Indexed:
- Thu Jul 24 2025 15:05:47 GMT+0000 (2 months ago)
- Last modified:
- Thu Jul 24 2025 15:45:07 GMT+0000 (2 months ago)
Sample information
0
Antivirus detections0
IDS alerts3
Processes0
Http events0
Contacted hosts0
DNS Requests8
Score
Current activity of this Sample
Blacklist timeline
First seen: Thu Jul 24 2025 15:15:03 GMT+0000
Last seen: Thu Jul 24 2025 15:45:07 GMT+0000
Period: 30 minutes
Last seen: Thu Jul 24 2025 15:45:07 GMT+0000
Period: 30 minutes
Hashes
In depth details
Dates
Developers can check API Specification here:
Request:
curl -H "Authorization: Bearer <API_KEY>" https://api.maltiverse.com/sample/53d09f32331abf9083780a37e2ad05c3a4214956778513ae83c09ab35da5f349
Request:
Alternatively you can use Maltiverse Python3 Library:
import requests
import json
url = 'https://api.maltiverse.com/sample/53d09f32331abf9083780a37e2ad05c3a4214956778513ae83c09ab35da5f349'
response = requests.get(url)
print(json.dumps(response.json(), indent=4, sort_keys=True))
Request:
$url = 'https://api.maltiverse.com/sample/53d09f32331abf9083780a37e2ad05c3a4214956778513ae83c09ab35da5f349'
$headers = @{Authorization=("Bearer {0}" -f "<API_KEY>")}
$response = Invoke-RestMethod $url -Headers $headers
Write-Output $response
Response:
{
"blacklist": [
{
"count": 4,
"description": "Generic Malware",
"first_seen": "2025-07-24 15:15:03",
"last_seen": "2025-07-24 15:45:07",
"ref": [
21745
],
"source": "Hybrid-Analysis"
}
],
"classification": "malicious",
"creation_time": "2025-07-24 15:05:47",
"filename": [
"Tt eSPORTS THERON Plus GUI.exe"
],
"filetype": "PE32 executable (GUI) Intel 80386, for MS Windows, ...",
"is_alive": false,
"is_cdn": false,
"is_cnc": false,
"is_distributing_malware": false,
"is_hosting": false,
"is_iot_threat": false,
"is_known_attacker": false,
"is_known_scanner": false,
"is_mining_pool": false,
"is_open_proxy": false,
"is_phishing": false,
"is_sinkhole": false,
"is_storing_phishing": false,
"is_tor_node": false,
"is_vpn_node": false,
"md5": "b123ae3c368a53f7a8e81d20cfb71648",
"modification_time": "2025-07-24 15:45:07",
"process_list": [
{
"name": "TteSPORTSTHERONPlusGUI.exe",
"normalizedpath": "C:\\TteSPORTSTHERONPlusGUI.exe",
"sha256": "53d09f32331abf9083780a37e2ad05c3a4214956778513ae83c09ab35da5f349",
"uid": "00000000-00009072"
},
{
"commandline": "-deleter",
"name": "TteSPORTSTHERONPlusGUI.exe",
"normalizedpath": "C:\\TteSPORTSTHERONPlusGUI.exe",
"sha256": "53d09f32331abf9083780a37e2ad05c3a4214956778513ae83c09ab35da5f349",
"uid": "00000000-00005896"
},
{
"commandline": "/Automation",
"name": "TheronMonitor.exe",
"normalizedpath": "%PROGRAMFILES%\\(x86)\\Tt eSPORTS\\Tt eSPORTS THERON PLUS\\TheronMonitor.exe",
"sha256": "6de426ca51057e0cb24630f3ad0134596cd4df316b42561914be88b2932391e3",
"uid": "00000000-00009136"
}
],
"score": 8,
"scoring_executed_time": "2025-07-24 15:15:04",
"sha1": "c6a793f368fe98a1ba1eaa52bbe831ce7a181a6a",
"sha256": "53d09f32331abf9083780a37e2ad05c3a4214956778513ae83c09ab35da5f349",
"size": 12144322,
"type": "sample"
}
Process list
- uid
- 00000000-00009072
- commandline
- name
- TteSPORTSTHERONPlusGUI.exe
- normalizedpath
- C:\TteSPORTSTHERONPlusGUI.exe
- sha256
- 53d09f32331abf9083780a37e2ad05c3a4214956778513ae83c09ab35da5f349
- uid
- 00000000-00005896
- commandline
- -deleter
- name
- TteSPORTSTHERONPlusGUI.exe
- normalizedpath
- C:\TteSPORTSTHERONPlusGUI.exe
- sha256
- 53d09f32331abf9083780a37e2ad05c3a4214956778513ae83c09ab35da5f349
- uid
- 00000000-00009136
- commandline
- /Automation
- name
- TheronMonitor.exe
- normalizedpath
- %PROGRAMFILES%\(x86)\Tt eSPORTS\Tt eSPORTS THERON PLUS\TheronMonitor.exe
- sha256
- 6de426ca51057e0cb24630f3ad0134596cd4df316b42561914be88b2932391e3