Overview

overview

8

Static

static

QQ空间�...te.exe

windows7-x64

7

QQ空间�...te.exe

windows10-2004-x64

7

QQ空间�...9x.exe

windows7-x64

1

QQ空间�...9x.exe

windows10-2004-x64

1

QQ空间�...Ke.dll

windows7-x64

1

QQ空间�...Ke.dll

windows10-2004-x64

1

QQ空间�...dz.exe

windows7-x64

8

QQ空间�...dz.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    24ebebe3e4274300e2a4a6254eedebf429629b8748204ec8c0cc8c4fc1527b77

  • Size

    3.0MB

  • Sample

    220919-h1xr9shfdm

  • MD5

    794c1ce97c11350b87d7caab7d4d1fea

  • SHA1

    a81db861accae0f4bb3a243e65e046cea5ce8694

  • SHA256

    24ebebe3e4274300e2a4a6254eedebf429629b8748204ec8c0cc8c4fc1527b77

  • SHA512

    ab8824fa99ac2b2d2ec31beb93280550c32c50f27da4b33c68800d68caa04072243bf9e0f1885cbafead8d90e559249ab829782772f32673d49f4061f2ac87ec

  • SSDEEP

    49152:QwZwngXa1KHqgmlgv2xFzQAMboPy83DD4pYJ/JjV0MsPZS16QUAEqQg8:QkybUIgvcFqo6Gf4qJJViPZrQrF8

Score
8/10
upx

Malware Config

Targets

    • Target

      QQ空间红警大战小工具/AutoUpdate.exe

    • Size

      2.2MB

    • MD5

      f6d0d18eb49322a1cca613512d7b451c

    • SHA1

      b6d0c63738bcbcfb70837f334a0a4b9bb76af52c

    • SHA256

      dec10d7466c30327f503654f6b7678833b8993847b1b6bbdf05158cfe14ad707

    • SHA512

      a6253d805f652e7c7ec31615cd08c8d7a979863c91b80d12eb115fd95b434505d920871155ffedf70050ec16def5151559da4d9c7a3a3662a2936dc51ae06d80

    • SSDEEP

      24576:AqqWU9pzgeUNmBbeQz9OIu4d1KCHwIkfS3vixtV7xYLUFsuZ3D4tc1omkpQcY/jK:AX9YYC+ruyJHEg4tV7eUFnpD5mQcY/W

    Score
    7/10

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

    • Target

      QQ空间红警大战小工具/Gear9x.exe

    • Size

      784KB

    • MD5

      4140bdcb654e54b6aa0696e1b71576d7

    • SHA1

      3b7a8e514e34cfb3fb10c14fffb1142f5c17150c

    • SHA256

      d4b271cd28354032c3a312a8ebc7442d244e7cdb49332ce00eef64ae5e6f1e16

    • SHA512

      5e0302f8797980c96cb61de877e2aac3af3c8ef1471de57c9acecd922dfb40ab0b06bbcf0c6941859dafda5fc95093f60862ac1ee4f8d56f3ddaa96a60701c0e

    • SSDEEP

      12288:7Hzxm7hieLjht75XuqUYuBio/UoC9kPbx7WpoAvCCg/Wc/pHjLSOH3j:f07rjht1XuHYuX/FukF7W/C3/N/9j2M

    Score
    1/10
    behavioral3behavioral4

    • Target

      QQ空间红警大战小工具/Gear9xKe.dll

    • Size

      60KB

    • MD5

      bc4293ba23d40e72fe1812b31d33ac57

    • SHA1

      7c91530485274207a0d7e87a911b10a742b3056b

    • SHA256

      7de5d8d7401a3506222335a6c576a3d967c9faa647a7bf8b470e5315caa94268

    • SHA512

      51457769ac2f779fe6af8e7a985983fce54f2f608ddafb3ce1d8af25793a2d0e6c77fde2452ed339045051f7915a5b8fa1df6b33d751b65fb03d76a3ac009621

    • SSDEEP

      768:4dSSxX1TxJqjVoq2wnqP3vjhyKOqiB9fX9lWdHVIBzUYrXBekqoLhNZUxO:4dLX1TxJsoq2hyX9yIBl+oZUxO

    Score
    1/10
    behavioral5behavioral6

    • Target

      QQ空间红警大战小工具/fyqqhjdz.exe

    • Size

      2.3MB

    • MD5

      6ea60341b08e693785de675a898e6505

    • SHA1

      8ab7b3e97f267ba49cbfbd3d07403310961e37f1

    • SHA256

      afa44f2a0abfc38e2dcc9c2a16023e1b3e5ec2da41884a27b63e1424f630a724

    • SHA512

      e5044269e0a789ee9b7380d7f87a2d3662203d72a48341381eb49e63f395f4d8d8c2f6116027c4ccd2264e748c9bb277c54bd7b17bb7ddb5dfe69f858d6acbac

    • SSDEEP

      24576:+kirzmh3NuMVA4fXtB8HCZHMGLZHMTGGem/IHzFDPaHk59Or9w33Af9mvuG3P:JZhpFHlFMT9e5TFLaEjOWgfwW8

    Score
    8/10
    upx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral7behavioral8

MITRE ATT&CK Enterprise v6

Tasks