General
-
Target
YoudaoDictFull.exe
-
Size
69.6MB
-
Sample
201120-k9m4nvmkle
-
MD5
0a787dc2f656470a709315c09fc6791d
-
SHA1
d99f132aede8a8c6dc158ba9a93dbbbcb875865e
-
SHA256
fdb34dedcdda1a3564b952ea89f447ec4f011bb9d4e45a1b477f8d70feaab9be
-
SHA512
9a4f2b515e639ad2d2ce106daf98f55b7fbd73da9fb6bbfe2c5081fb63073cddb3bbb3e19f50bbe4b7e53566904f1244481a245fe1711cc2c592911c8bcfc95b
Static task
static1
Behavioral task
behavioral1
Sample
YoudaoDictFull.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
YoudaoDictFull.exe
Resource
win10v20201028
Malware Config
Targets
-
-
Target
YoudaoDictFull.exe
-
Size
69.6MB
-
MD5
0a787dc2f656470a709315c09fc6791d
-
SHA1
d99f132aede8a8c6dc158ba9a93dbbbcb875865e
-
SHA256
fdb34dedcdda1a3564b952ea89f447ec4f011bb9d4e45a1b477f8d70feaab9be
-
SHA512
9a4f2b515e639ad2d2ce106daf98f55b7fbd73da9fb6bbfe2c5081fb63073cddb3bbb3e19f50bbe4b7e53566904f1244481a245fe1711cc2c592911c8bcfc95b
Score10/10-
Registers COM server for autorun
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
JavaScript code in executable
-