General
-
Target
主管透露公开利用彩金充值赠送话术.7z
-
Size
616KB
-
Sample
211205-bdevlseeg4
-
MD5
e31775fa249d465f847eaf509b80e9e5
-
SHA1
d7abd66ce84f18254fdad3b4dd7606bb86374940
-
SHA256
8fd8c53c6f6fcdacbee5f8a320a0d46e6defad7fa6f2ff34b0e283c2ed1249b3
-
SHA512
c1ac650087873fba35d192f364d568153c05c26e4d786af5ed16f77e926c9b4c85a956b6a9cc84ec982930efc8b47af03ada148a7335ad3c3b1fa5ff0ee639c1
Static task
static1
Behavioral task
behavioral1
Sample
????????????????.com.exe
Resource
win7-en-20211104
Behavioral task
behavioral2
Sample
????????????????.com.exe
Resource
win10-en-20211014
Malware Config
Targets
-
-
Target
????????????????.com
-
Size
820KB
-
MD5
11985a5f1baa69c64d43dd67eee3b95f
-
SHA1
a579cc38d40fbc39d9d14d4b290cdeec433b0c45
-
SHA256
8f83e16612f5fd5db6d74da7a9de542becd19a52b3916380235c32adbf50ee7e
-
SHA512
d40113b6b467d7b3890be76dd34d831e7141171e3253c6d724e9e92b4138dfb93af7bfa336a240e25a333546860dab856b9942c95b4fbfd8ca55dd79696ba2ce
Score10/10-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-