500c0e2400d5968f7c34bde6036d0c9f015625cc04a5202d84fba915a3355a74 | Triage

Sharing

General

Target

500c0e2400d5968f7c34bde6036d0c9f015625cc04a5202d84fba915a3355a74
Size

6.0MB
Sample

220923-qe4mpaacan
MD5

564cd6ea67e7ac6745c76f0537882483
SHA1

e9bb8009ab734c20f70ad2c823143eb372342211
SHA256

500c0e2400d5968f7c34bde6036d0c9f015625cc04a5202d84fba915a3355a74
SHA512

cf33d0e047781d434274688793c566286d846027c22ea0036653dbb56beee4682a3419a1c832c172e2b3952558f93d8d30dba159a3376728eb0eb77e11849c7d
SSDEEP

98304:y0dTjIn1R5ioo48rk4p47HuSOXEMi5be6h4IK1u5dKAb/Us9j9hmbTxB:VRIn1R8IC4nB5bXUvET+P

Score

6^/10

discovery link pdf

Malware Config

Targets

- Target
  
  RevoUninstaller_Portable_免安裝/Revo Uninstaller Help.pdf
- Size
  
  1.9MB
- MD5
  
  bc3c694f3531b6e3d78289ac504f29d5
- SHA1
  
  dabbb77e54329242bacb8c6a80ebcb0db13d6764
- SHA256
  
  48eccafe4479a41a147d7490491b2f9708dfc1473d3c8773417b1d3c7c82979c
- SHA512
  
  3e561b84fa8220bb049349e7c8b1981918297c8c17e9f1eb04142254df52df1fb1de7fc8d93f92c768e576c081756277f868c9048d228f4253cd806fed84116a
- SSDEEP
  
  49152:EB7uFk2pHH1JZ8lGwu1m4YJLdsJSozfrXbeBs:K7R2BH1X8A1mnJ8SBs
Score

1^/10
behavioral1 behavioral2
- Target
  
  RevoUninstaller_Portable_免安裝/RevoUPort.exe
- Size
  
  198KB
- MD5
  
  bdf110792f1c2e04913adbd399e3e322
- SHA1
  
  53346e850b3915c4169b5ba05c70bc1fc818a2eb
- SHA256
  
  28fe5e5d40990a751290ad3533fa5546202c3ccf86085f7ab59e67dd6c760494
- SHA512
  
  a605ab518305cba844fd6c10d70947d77fcd0bcd3ac7cab117816e1f3b97aa1181216830a80b51dec284b16a5443ff56a893c0387070af43bfd8880c1f2b861e
- SSDEEP
  
  3072:SkLnA5QRbvAZpoKIIn9xg//XHTfq2M0W30L/OHQ4HFs3qMGrfv8QYF:dLAKYZCIn9SzsFwWu
Score

4^/10
behavioral3 behavioral4
- Target
  
  RevoUninstaller_Portable_免安裝/x64/RevoUn.exe
- Size
  
  14.1MB
- MD5
  
  d9dbc3e316e5875b06bdafbe8bcac2ef
- SHA1
  
  7ec7dd9ebb00a4571de97d950b32df0ef657e0da
- SHA256
  
  15d6a4a051aa6df22c091efe0455be3bdca88ebff88f3b339f624752ecb44035
- SHA512
  
  59bfd98b014f2c1fd4cd5d5c28bf4ccf0c40087bc923ef6d966eeb2aad101e64b1269fe94e5e2abc621e19770b410b2cd70451a451108088c6f652a0234dffa8
- SSDEEP
  
  196608:ZlO7qoQv9vcFs0ibFt/owPWpGplR806IIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIC:7O7qoQv9vccbFt/3PWpGplR8Zy
Score

6^/10

discovery
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral5 behavioral6
- Target
  
  RevoUninstaller_Portable_免安裝/x86/RevoUn.exe
- Size
  
  12.0MB
- MD5
  
  b5fb25ca0a7d445113a9c6e117e25025
- SHA1
  
  4300fde45347d0b1258f7d07023a51e4e0c09648
- SHA256
  
  a7e497eee025ea9fe77e2cb1930501f41ce252cd87e1138c339c65dca7ce44b0
- SHA512
  
  05896f71b51decebe808b4633517889bf88edef5a0e6ef13f3fc53e14c080931996d975640eb8418d998d252d263e35bf28438af404f5b8e314383eab33dafeb
- SSDEEP
  
  196608:amHmtt8KsVO/owPWpGplR806IIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIAcQ:asmhKO/3PWpGplR8Zb
Score

6^/10

discovery
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral7 behavioral8

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8