Overview

overview

4

Static

static

王云雷-...b1.dll

windows7-x64

1

王云雷-...b1.dll

windows10-2004-x64

1

王云雷-....docx

windows7-x64

4

王云雷-....docx

windows10-2004-x64

1

王云雷-....exe

windows7-x64

1

王云雷-....exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    98383ef197201c1b093e3feb6217bb285b4f7e83dd0f2a77f7dc809871601f39

  • Size

    524KB

  • Sample

    220923-h7k22shdgl

  • MD5

    1365a6602de509e4c678f45e051f431b

  • SHA1

    b2ad775b0da73174882ed286fe6bbef67bac5231

  • SHA256

    98383ef197201c1b093e3feb6217bb285b4f7e83dd0f2a77f7dc809871601f39

  • SHA512

    7b387e0fc7a67b941f22743d2a49f1dc817e9c5ae35d3a6f32d00a3ada6b42de2ac6b3fd8148a82eb61a7899a412bdbc02e41f7a44d3fc4a9e5c56a908684b22

  • SSDEEP

    12288:0t6xoz+z/0zBBWYF6HWxHyWjPR2TYnbi+QyNbj1n:HxI+L4BBvFqW1VPWYn9Pdp

Score
4/10

Malware Config

Targets

    • Target

      王云雷-北京航空航天大学-安全研发岗位-个人简历PDF/zlib1.dll

    • Size

      86KB

    • MD5

      688369c0213be161e8b1280198dbe567

    • SHA1

      f2dfa6c7ac04c2785479d2827348bad823497e9b

    • SHA256

      d60a13933b003f4f3a8b69a90a09827baf68bbb72f42fdd453e75cd5cc17f107

    • SHA512

      ab72881ddc6919e2092ae12bd37433e9676e0ed517fd5471f5041c6ac6d09dcba671f819b7ba3405ae0575b2175669bbcb275fa0135947c0a92cf99d0e093ff4

    • SSDEEP

      1536:nkHE/4NDs/WEfIvI5/6GZlryfhUrrfvFEG66ZC8tsWxcd5UYhp/CzpZiC:kHEWI/WTI5yGZlChUrr66xA5U6/CzpZi

    Score
    1/10
    behavioral1behavioral2

    • Target

      王云雷-北京航空航天大学-安全研发岗位-个人简历PDF/新建文件夹/王云雷-北京航空航天大学-安全压法岗位-个人简历.docx

    • Size

      23KB

    • MD5

      e0b6537c94ac8f7b54efa0e559a7d597

    • SHA1

      f5f018ecee6bd47a4add71a9529b9c06d50710ec

    • SHA256

      17523cb78815d26fa59c8e766886a287cb3dd3991a84e717d871aa7d128e33b2

    • SHA512

      b7fbf74a5fe500628f440567abeb1bd580a6b3e47f9dc935399b205225fd529dde4c2e76c21bf5a2a03a78927f1b86d90fa3f5f624a0e1e31e2db13405c79ca9

    • SSDEEP

      384:Q3Frv11y0LjqWuNM7z6qorXmxTd8V/z8Uf716CCh4YvKA3FdjtONwzxLb:urvxWxu67rXmn2gu7gCCKCfF1sNK

    Score
    4/10
    behavioral3behavioral4

    • Target

      王云雷-北京航空航天大学-安全研发岗位-个人简历PDF/王云雷-北京航空航天大学-安全研发岗位-个人简历PDF.exe

    • Size

      501KB

    • MD5

      c6893da36a9a16f013cd344f988b3d18

    • SHA1

      bc64b8f40c2045cec9e248a8d15223c3349df0ba

    • SHA256

      5f32ef64abeaf8f0f15037fa273662067ed9b22714a77ceaee5e132832befb5b

    • SHA512

      19d1d365f71834c11085003e2e43885b136b02d02f261a0e269068c4d1c419ff68cad807a2f14625a1e891615b199f273f84761f352ad4f0c199700c507f636f

    • SSDEEP

      12288:mL9TkUbi4zfHfb3pjerSnetOdwZP77tksMt5U/d:Y9UcnrpA1ZD7tksAO1

    Score
    1/10
    behavioral5behavioral6

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Process Discovery

2
T1057

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks