a75423b1568e44ca6657eee8c7804c5871c69cd6e289c4f81a6d2e861ec99188

Sharing

Copy URL

Twitter E-mail

General

Target

a75423b1568e44ca6657eee8c7804c5871c69cd6e289c4f81a6d2e861ec99188
Size

1.2MB
Sample

220927-cze8yadean
MD5

81695ce9416c26dfbcd9c7e3953225e2
SHA1

2b1d9333ab68666700ab4993986687d7775b02ff
SHA256

a75423b1568e44ca6657eee8c7804c5871c69cd6e289c4f81a6d2e861ec99188
SHA512

df36c33967b8b4cb48563df3117a2226d844555368a3908d5aecfcc4cff3df8f5b07cac9f635be234ef2d0e22f25fd793a3786511d451d986119c7f13f47ac49
SSDEEP

24576:cdxovImr7QgTjzFXzM8tXaZ3GQ1zCZgFmt9sfP0KUCyt6Jq+0TFh+Ak5:cdWr7QytaNGQ5E6fP0KUC5JCY

Score

7^/10

Malware Config

Targets

- Target
  
  Jetbrains全家桶激活/2021.2.2版本以及之前版本用这个/ja-netfilter/README.pdf
- Size
  
  52KB
- MD5
  
  a50bc28fa5d1bedf6ed986e02b524e47
- SHA1
  
  9fb01a6e520495b88e39f3631059dfdc6f16c334
- SHA256
  
  ecdda639da4ad045a93304980474d3c95fe2a166c6d81f258ea74b2fe9c717ab
- SHA512
  
  5ed6e5fb55323d5a93ac22e404a67ce07920dc8186223281d08dfed1142afd55ccbc68fe3e8737ff82b58d60943fa41e547c62dd88a7143d99db44f17e096b5b
- SSDEEP
  
  1536:/lAd621/cXZMLpUz+GyuwXOYJExJvlDR+sz:NAdR/cXI6zMUxDvLj
Score

1^/10
behavioral1 behavioral2
- Target
  
  Jetbrains全家桶激活/2021.2.2版本以及之前版本用这个/ja-netfilter/ja-netfilter.jar
- Size
  
  27KB
- MD5
  
  db5662ae52ece33d63f2f4dfc4b3f5d3
- SHA1
  
  582abeb58902c79bd5d494ae7e0bb93c53630697
- SHA256
  
  2234adefa9886993ba60a3888403b798d7c33c34ffcb01dfaeb88229cd43793b
- SHA512
  
  b6575bae51a7cdf7f48591c73ef8efc50dafea8fa40645b2782c789f96c45b6beb11982ca75b372a32acca03d5160c3079f8bd92935115b0ab089e35c869276a
- SSDEEP
  
  768:ECJIS6dXilnljmb+x8/kh74hVhPhnDdphc1d:EUIS6dSjm6x4McVPy
Score

1^/10
behavioral3 behavioral4
- Target
  
  Jetbrains全家桶激活/2021.2.2版本以及之前版本用这个/ja-netfilter/plugins/dns.jar
- Size
  
  4KB
- MD5
  
  014c2b0f2bf744087676f866df7fa609
- SHA1
  
  f26ca0b8754f3a43bdef2b1102a0d4d278b077d6
- SHA256
  
  22ecea7e7a0a14a61b465f50eb1a7d4faf668356159f4129fc58f9010ab04e99
- SHA512
  
  96989b3371558f007af89d2299b29a00860b1e942a8b619bc43d08e6a5a3a05fdab679a75c373d1b125d1417fe97f2d49a7ffea89309c851c3934243b0e3ec69
- SSDEEP
  
  96:vibJhkJwMC8ROBGp4EmZxkgt/YN8cdQ9jryIUr2N4bW:o7kqMpDpUZj1B2Q0Ig+4bW
Score

1^/10
behavioral5 behavioral6
- Target
  
  Jetbrains全家桶激活/2021.2.2版本以及之前版本用这个/ja-netfilter/plugins/hideme.jar
- Size
  
  7KB
- MD5
  
  2df8e28dd31ce8fc03461bb68eebea4c
- SHA1
  
  d2df1b5205c8b6a2b2adc1d852da1ecc8ce64767
- SHA256
  
  c3c0f22681db3f74a3437b0d9bd403811be85a91aba905882b678606d99df808
- SHA512
  
  b7135754a854d45091ea240f3052001d85dd30f3b8bc97b9cb642f562907598f566b060efb581c4a5ef910534f5f40339b8cc013c898e04e47e34a24cd4aa6c3
- SSDEEP
  
  96:0uX7HNy3c2uUBmkxA5G3PxhUgB9tmUAxusTptmEybZPCafT18OiPKwChfuiF:nzN8Xq5G/xfBWBusqBRL7GOiEDF
Score

1^/10
behavioral7 behavioral8
- Target
  
  Jetbrains全家桶激活/2021.2.2版本以及之前版本用这个/ja-netfilter/plugins/mymap-v1.0.1.jar
- Size
  
  4KB
- MD5
  
  7a0e7526ba7542c94fdc8f5bd0a4052c
- SHA1
  
  37c069fdde8182879bf4958d703a19113bbae4ec
- SHA256
  
  2a20c5f9a05820f522d9338c57aeac51232422af87ac299c3bb541e948549774
- SHA512
  
  96bbb690f150322a8a86e88f013f749f55f67f41b4f5f19b78121d8d653b851c290c17e6e551b89e5ed37c38b1c408511cb67c5f15c627edf11a9ce61a480e89
- SSDEEP
  
  96:Bn+DGJBqyu5t762MDaLFlFqz5e32NULTeDAjC4wK1Iuu:B+Mq35t7g+mAqULTLHwsIx
Score

1^/10
behavioral9 behavioral10
- Target
  
  Jetbrains全家桶激活/2021.2.2版本以及之前版本用这个/ja-netfilter/plugins/url.jar
- Size
  
  4KB
- MD5
  
  2d0b30ee9997f453d0cae2e76aa31f7e
- SHA1
  
  20519fe3a4cb999ba06e5916f2cfc7ac269b330c
- SHA256
  
  a5073326c48412f27f5f7c3beb1015b8b3cd564fc71292be8ffbe514fecb7485
- SHA512
  
  16259927d6bf0228b35a5728cf574f744cb1b00832857ec9c84910f99ccb6e3c871e31544a70f0c07d72a96e3aad74810cf38d29adf08878faa01d41cd5ee03e
- SSDEEP
  
  96:Qd93pKtliSxmGImaxW9zxYQcTxBWUw3/6ws3l:gutcEmGItMxATHO3iN3l
Score

1^/10
behavioral11 behavioral12
- Target
  
  Jetbrains全家桶激活/2021.2.3版本以及之后版本用这个（2022也用这个）/最新一键激活（建议使用）/ja-netfilter-all/ja-netfilter.jar
- Size
  
  47KB
- MD5
  
  2fa1b1364515dce93eb67c423b570deb
- SHA1
  
  2a723c2ef30be4a5c167c6639bf9ec0b9c7e7ca2
- SHA256
  
  3acc4e9d91793f6909458a4761b75b6da45c8868e75dca33c9fec63659202995
- SHA512
  
  0b6cf7caf6d48419251d0aa1ccf280536eb20b1f108f874a9ce86943601c2317833031578fc869366e3bc40dedfabfd64527598ea63b879bc77f82a9a218766b
- SSDEEP
  
  768:Oh7IDIGjwZyHIwcctMtI+xIfo1UC6cB+P9146lp3fbYHfkWvQdptYc4klY:KSIG0ZuIQMtI+xIrTcB034673fbgvYI
Score

1^/10
behavioral13 behavioral14
- Target
  
  Jetbrains全家桶激活/2021.2.3版本以及之后版本用这个（2022也用这个）/最新一键激活（建议使用）/ja-netfilter-all/plugins-jetbrains/dns.jar
- Size
  
  4KB
- MD5
  
  4f3c516c1704a5569725246d57dd1ae7
- SHA1
  
  4e8693b5a7a3837cf7f6db0c4f1316f376d34721
- SHA256
  
  d1150b1831b112b93d74a34a10ce6c11606e0d2255d532c29f91f1d92b40a552
- SHA512
  
  f885fc751e9035944489578bb037f05521c6258c377c0c7bf8b8d10b799063e6e529c715ecebf9729724f0497f588803d7d463fbb70f5efbd73952624f60d08e
- SSDEEP
  
  96:LSyBi1RBhx1yI/OEEKXejuu9lSx/xowSpTz7g8nJfTfTX:LSx1RBhx1y0OPhox/6fpTvgeRTfTX
Score

1^/10
behavioral15 behavioral16
- Target
  
  Jetbrains全家桶激活/2021.2.3版本以及之后版本用这个（2022也用这个）/最新一键激活（建议使用）/ja-netfilter-all/plugins-jetbrains/hideme.jar
- Size
  
  7KB
- MD5
  
  cdab6a30b0949a741f13935f5483c303
- SHA1
  
  729d00e4fa04ca49c00b5b6aa60706dfadd5644e
- SHA256
  
  fa14c735ab9fed3f3a5df0dc78a5d38ae0a146099ddc858197e9f528bd996c40
- SHA512
  
  bf155c0b062fe9c7c237f9b0329a155387b7294fae7c7ed73e41e9528f119ccc513855329f6e91e62106b589c8b215d981ed11f2f89c7e13c06fbdcf7d6d1ee8
- SSDEEP
  
  96:ohFTqRYuFhXQ5GeiCGkeFUgbH44yY8NVFubQLwNUmvHh18OiPKwChme:gFuRDiiCSbH4u8ZuvOMBGOiEme
Score

1^/10
behavioral17 behavioral18
- Target
  
  Jetbrains全家桶激活/2021.2.3版本以及之后版本用这个（2022也用这个）/最新一键激活（建议使用）/ja-netfilter-all/plugins-jetbrains/mymap.jar
- Size
  
  4KB
- MD5
  
  b5e49c56f85542bc19b14af11eb10d60
- SHA1
  
  dc104acd2b3c83474f04b975f882a43017bbc2b2
- SHA256
  
  48f627919c46ec345119b05afbd18b2a443d47223533f21a64792302ffcd223d
- SHA512
  
  30430bb87e1201c17f760f822c4c670c7b283e9cde56a2737da2ab1531f7634bc2f0034e3eef11f91bc1af52f8a80f598e9233a289566e0d95e1f5d48d979f97
- SSDEEP
  
  96:ZnOG4zI+06qc5t762MDaLFlFDz5e32NULTeDAjC4wK1I0XzK:ZOEHBc5t7g+PAqULTLHwsI4K
Score

1^/10
behavioral19 behavioral20
- Target
  
  Jetbrains全家桶激活/2021.2.3版本以及之后版本用这个（2022也用这个）/最新一键激活（建议使用）/ja-netfilter-all/plugins-jetbrains/power.jar
- Size
  
  9KB
- MD5
  
  d8711b73bc0507dbdc841b098af99787
- SHA1
  
  26ee7577969265ff77a7fd786bcb707fe21a3d6b
- SHA256
  
  7819e5b968ce5ea2e638e53d84089d35e89e9ea3088f18f8dbf6dd38d14ab25a
- SHA512
  
  dde478c503a5fbd17fd3cdac67d379abdb392d9edadc37feeafc3572f44044674af2f16e33b7c201fcb52e0d4eeb635fd53843b58700986aa380191aca6cc843
- SSDEEP
  
  192:82u+Rd5aW2DJ1uPpz22NQUsLvA2EagRl3W8H:Du+loJ1EJ22dr1H
Score

1^/10
behavioral21 behavioral22
- Target
  
  Jetbrains全家桶激活/2021.2.3版本以及之后版本用这个（2022也用这个）/最新一键激活（建议使用）/ja-netfilter-all/plugins-jetbrains/url.jar
- Size
  
  4KB
- MD5
  
  6b181e5b8255db4cd9beb1c6af5f420e
- SHA1
  
  b1bebbee8d98218db5794f596001b8b7427ae0c7
- SHA256
  
  ce5a83aee31153cca30274ac94467b316edea8cb28acf72f52f5a72d455b1b43
- SHA512
  
  26dabc145da4a987744ab86d600ab81482771fb8fc99933828104d4698f4dc407eb97281a36f01d5852fc2209d0092f10b7d23d62db8f7e456f8d2d0a108ce7a
- SSDEEP
  
  96:KPP4+DT0nUeKLB3pWsWJMN4j4pbxYQcTxBWUw3/6ws3U:IPLTLRZWsN+6xATHO3iN3U
Score

1^/10
behavioral23 behavioral24
- Target
  
  Jetbrains全家桶激活/2021.2.3版本以及之后版本用这个（2022也用这个）/最新一键激活（建议使用）/ja-netfilter-all/scripts/install-all-users.vbs
- Size
  
  2KB
- MD5
  
  718759ea7e8c9b9d1a9b8a24e3104fe2
- SHA1
  
  b2d07857217102ca0ffdb19b85f276c09490633f
- SHA256
  
  198fbe631bf1fdb5744a2c36922051922e779d96f04edaebb62ff4d63820e1e0
- SHA512
  
  5d59ac3dc8e90cec68642eebcd4636302652aee6f03a7f8796e5c1491c2df6117e156eb83c24d291572d9c75756e1dfcb4af63db81d3103b03a578bc9d51c0b9
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral25 behavioral26
- Target
  
  Jetbrains全家桶激活/2021.2.3版本以及之后版本用这个（2022也用这个）/最新一键激活（建议使用）/ja-netfilter-all/scripts/install-current-user.vbs
- Size
  
  1KB
- MD5
  
  0b3a9d58a1508c11d785526a6d031d4f
- SHA1
  
  c043578c099f9f895bf68725621997d039ca961a
- SHA256
  
  0fc2188ed607ae0d7565357ef70f9027f9a12876dabd211117d158419ca10a7a
- SHA512
  
  347bfd433c84ad73e382ab9743f502a9f9ebee664575c34d1fe0ed2b06da7cc464c86ee76b244aa16e7bf3fd500db6671d0fae7c4c91db8f5ab151ea3b9976fc
Score

1^/10
behavioral27 behavioral28
- Target
  
  Jetbrains全家桶激活/2021.2.3版本以及之后版本用这个（2022也用这个）/最新一键激活（建议使用）/ja-netfilter-all/scripts/install.sh
- Size
  
  3KB
- MD5
  
  7cd4c7fd9589e0adca2487b53bcb0268
- SHA1
  
  dce3e034eed6f1c4a4f92d1aba509c214a1ef567
- SHA256
  
  3184d316ad658acb2889991070b4297b21e36ed8d0629c9d8960c6a4af970a64
- SHA512
  
  8d7dbdadf29c5b131e0c8093bb2f428af424ac4c2c4f0ab2d9cd83724ecdc5bcfd025806f84ab2c8b22dbf211b855242d3ecc2389f1618e13f2db993e84cd33f
Score

5^/10
- Writes file to tmp directory
  Malware often drops required files in the /tmp directory.
behavioral29 behavioral30 behavioral31 behavioral32

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

Sharing

General

Malware Config

Targets

Checks computer location settings

Writes file to tmp directory

MITRE ATT&CK Matrix ATT&CK v6

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32