Overview
overview
8Static
static
8GameHardware.exe
windows7_x64
8GameHardware.exe
windows10-2004_x64
8IP地址修改器.exe
windows7_x64
3IP地址修改器.exe
windows10-2004_x64
3VMwarehardware.exe
windows7_x64
8VMwarehardware.exe
windows10-2004_x64
8hardware.exe
windows7_x64
8hardware.exe
windows10-2004_x64
8一键修....exe
windows7_x64
7一键修....exe
windows10-2004_x64
7分区序....exe
windows7_x64
1分区序....exe
windows10-2004_x64
1网卡MAC....exe
windows7_x64
1网卡MAC....exe
windows10-2004_x64
1General
-
Target
3356559202bc774b2201346dcbfea6dadfd8b256288a8e0d7a8f7da120030fcb
-
Size
12.8MB
-
Sample
220520-fkqb5sdfer
-
MD5
239bf3b156c534745d584ad8cf02e5b0
-
SHA1
afa276ce42be4be7195e151370d3bf338acb437f
-
SHA256
3356559202bc774b2201346dcbfea6dadfd8b256288a8e0d7a8f7da120030fcb
-
SHA512
c9d5c44e7fbc8771547edb2d5a00495a06731768d4d463937de7699c8beeff4b4a39552ef52d741658eda230fc867bb882a0dc0221149dccbbaad294e193b58e
Static task
static1
Behavioral task
behavioral1
Sample
GameHardware.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
GameHardware.exe
Resource
win10v2004-20220414-en
Behavioral task
behavioral3
Sample
IP地址修改器.exe
Resource
win7-20220414-en
Behavioral task
behavioral4
Sample
IP地址修改器.exe
Resource
win10v2004-20220414-en
Behavioral task
behavioral5
Sample
VMwarehardware.exe
Resource
win7-20220414-en
Behavioral task
behavioral6
Sample
VMwarehardware.exe
Resource
win10v2004-20220414-en
Behavioral task
behavioral7
Sample
hardware.exe
Resource
win7-20220414-en
Behavioral task
behavioral8
Sample
hardware.exe
Resource
win10v2004-20220414-en
Behavioral task
behavioral9
Sample
一键修改系统信息.exe
Resource
win7-20220414-en
Behavioral task
behavioral10
Sample
一键修改系统信息.exe
Resource
win10v2004-20220414-en
Behavioral task
behavioral11
Sample
分区序列号修改工具.exe
Resource
win7-20220414-en
Behavioral task
behavioral12
Sample
分区序列号修改工具.exe
Resource
win10v2004-20220414-en
Behavioral task
behavioral13
Sample
网卡MAC地址修改工具.exe
Resource
win7-20220414-en
Behavioral task
behavioral14
Sample
网卡MAC地址修改工具.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
GameHardware.exe
-
Size
3.0MB
-
MD5
2f9c82f0f68238e9119e58522a7edbdd
-
SHA1
de538ef85d65ae879bb54f0c359320c04d3f1c1b
-
SHA256
48268e44f32fbb789e29a02aa6dde585b9b9139f37a9a06be2140edb145a7118
-
SHA512
1e2584082b47a7bc07ad93906ea43cf9c497676373ef90d68a7357be4ace38f66db453d647baba48bec6d88211ef22ce685cefad96b1eb5423a95de320c08444
Score8/10-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
-
-
Target
IP地址修改器.exe
-
Size
1.7MB
-
MD5
243458530a7047c32c6a2cce3f8ed14f
-
SHA1
68404c80fc17aa5a078afdfcd230a51ffffa1000
-
SHA256
54d667dd1661820e6ef9d8d3e6409ab63d9ed720aae2c574b827495fcb215570
-
SHA512
d57ab9290ffb1a097714f24b44b94067e64dd59b6514e880f3248247ad310c7fb7b1d6c0e7451bd56c9e3b9fde0d1f04db22c5fa7279002093b06aabd0bc8957
Score3/10 -
-
-
Target
VMwarehardware.exe
-
Size
3.6MB
-
MD5
f7f54b4990122d9befde831905fd5955
-
SHA1
81622ef7179128f8f5f59ba21df8efdf56f902d2
-
SHA256
03568cf423fd658b3799b3cd687e4d537f3788bec138352c252434ef8fc041bd
-
SHA512
67d80ea11116a34ed3d5dbe2a6bda0a6f6932b18db5fcf9d57a6db1b6342a5de5bffa0d0b8e40b04d84d8c11c56ae0706ceddd1d248368af1f796f3e70232d1a
Score8/10-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
-
-
Target
hardware.exe
-
Size
3.8MB
-
MD5
3ab55ffcb2a3e5ed6736ee140b2517cd
-
SHA1
1a0ee95472512823db3874f459a4f4af60c93de8
-
SHA256
fdc567520e5d5c3e1f992758fdc8088930a7e719938d38f59c4cb6f9a4bb971d
-
SHA512
17dab96c1090cab014562a23cf4b99500a824a1a2fbf6ab97c25e3edef296472cf6f3e5201aa2f5675210c6a7adfa33320b25974498f464582e29635b9d2df04
Score8/10-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
-
-
Target
一键修改系统信息.exe
-
Size
1.7MB
-
MD5
0692e1b606617ee36a5bff5a919bac66
-
SHA1
aa29d6e9049c125084c8b78c6f816a5ffaed0bee
-
SHA256
a114ea8d11c12e66d1fb2ddd31ce91aa24ec9355dc6b3ab3fe2840cdf6a3f96b
-
SHA512
b45a6438d7bc3039520bcc3abd97530fd776036e1b5756117fc3dfaa980bc7633adaea0b61c173e3a066083f7d4522a89d782c14a56eb5349920b68407773deb
Score7/10-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Checks system information in the registry
System information is often read in order to detect sandboxing environments.
-
-
-
Target
分区序列号修改工具.exe
-
Size
1.6MB
-
MD5
99c050ee7f450fd6d0ed540b8ef8cc68
-
SHA1
17224a94dfe9138ac32fa130769c146428816b2c
-
SHA256
f9e32b5632bfbf591c8f8a078cb61ada43a1799d3fa16ceda08e707a0533b7ff
-
SHA512
86eaa30f1c41b2aa114483f44c497df58254716905491457b67343627a14fa71e33178a0922355f74e44fc3bf25cecd53f0186596234c8338684c620841b29aa
Score1/10 -
-
-
Target
网卡MAC地址修改工具.exe
-
Size
1.6MB
-
MD5
7f03dab4be2e7266d2215e31fbaf6ecb
-
SHA1
25a9b47938064cafcf3d69c16891fc4f0fdf64f3
-
SHA256
10985ec327572de432bf0cb3e340ba76cb63479863f28b6c3219d2f42df765b1
-
SHA512
257fc2ef093b56c8c72e61d98c745b76dce84be602c72e857e0cdce27d973c44e92130cd675a0e1ce34f9a605939cb4898cb6f00c4f543203e0e80188f2eea6e
Score1/10 -