74ea2e2ef34c4cfd5cd10186ac32ba3084988d417d0d35168d317eddf1195ba9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

74ea2e2ef34c4cfd5cd10186ac32ba3084988d417d0d35168d317eddf1195ba9
Size

5.5MB
Sample

221002-r95c5sbdg8
MD5

50f87206789746e2c089bbd5375347c0
SHA1

0d39213657c3b7d9f7b1d344a38f26097eb908c1
SHA256

74ea2e2ef34c4cfd5cd10186ac32ba3084988d417d0d35168d317eddf1195ba9
SHA512

8aea52920ca99f4efabbddbc95f24ca6807bb1175159be1addc4b1a0d595a9662958aa4df6992244f8272760ad126a5e988c47b11fe4b796169d202522685d30
SSDEEP

98304:8vqbShSq6bQ9CHQ6Owhmwx2AslFTkVqTc6RCMcCq4Ky8qVK:8Om0s9CHQ6awx2AbP6kCX8MK

Score

8^/10

discovery

Malware Config

Targets

- Target
  
  gaojizhanzheng/gaojizhanzheng/UnInstall.YK000
- Size
  
  1.0MB
- MD5
  
  b63caacaa1f6f141db797ec1c0e37d7e
- SHA1
  
  5e5c3aa49143b9398d3604e216cc6491f441e0a6
- SHA256
  
  5fa0a1223a31557dc8ec841c994357035d663e28b6394a57cbaf406793f9d119
- SHA512
  
  4a5021eccfd7b5d1f5ea25a195df3f0ca4f94730a99334be4c5defa2784e84224e7cd0b68a4f275a0a77fc3909f1bf589ccc4b4a034d20d5ad9166a5b8ef17e8
- SSDEEP
  
  12288:sqfbzvuj0uFO+hXMRJZMoiNqZoxGykTz3bgAwCTOSFpLe1yheK0WqI727hLboXbp:PfbzvujR/hXMxZ1CCzp1hD0WqhF8X
Score

8^/10
- Executes dropped EXE
behavioral1 behavioral2
- Target
  
  gaojizhanzheng/gaojizhanzheng/VisualBoyAdvance.YK000
- Size
  
  1.8MB
- MD5
  
  e40d5b5fa1146b928a11024abb3970f2
- SHA1
  
  2f43da71f8a07926ab05c2ce888832876e8177ac
- SHA256
  
  2f2c4b88fce992b1f2e3c539d929925da6c85a317e4c63f28a2bcf8bbcc0fd5b
- SHA512
  
  21bf4103909490922a5db67f8d453592a424e1aab15f1ff7647587d5f924696e98ebf698e839dc9ad624e68dd09b93c553ad4e51b917093d8976c9aeca4ee745
- SSDEEP
  
  24576:ZZS/i19NHKvbLNyp//lHRvYCeaPJTDi5yfYpmlYekZptkx+4g+xYP3IbW55QFKLX:b39NHKvvNyZS+DiYYcYDZpts+4nQ
Score

6^/10
- Drops desktop.ini file(s)
behavioral3 behavioral4
- Target
  
  gaojizhanzheng/gaojizhanzheng/YK_GameManager.YK000
- Size
  
  2.3MB
- MD5
  
  eb00e44c009f0e65663afc5a8d9465ca
- SHA1
  
  85aedccb9ba41167befb78010fb18a1443d22276
- SHA256
  
  72886c436a76ff2ac59031de27fb00ee602775d54cd5814325b2dc28e6fd2fc6
- SHA512
  
  a246ab2b1be99cfc5462679e47e54b853db238012173e9ba72144985b48776b58bf90b5c6ecad050df02a41b345c5d62766e6ec3ab81f3eff94994fe24b0d0f8
- SSDEEP
  
  49152:ZYEWvi4pMSB/uzd7LgbuChj53x6tIML78J5e4ufLHfNWQM:Zzb4pMoYd7LgbuCtq+ML7cBujN
Score

6^/10

discovery
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral5 behavioral6
- Target
  
  gaojizhanzheng/gaojizhanzheng/ykgamerun.YK000
- Size
  
  2.5MB
- MD5
  
  3cd8b22a2fdac9e686b557c5a02a2390
- SHA1
  
  040fccf2c4dc189d197327007bb7b959a1f34d1b
- SHA256
  
  512a6a8aa37e0d2e24689ca4f5cd6104006e8a14baf77d3dc68a1d805e80913a
- SHA512
  
  ac05126f89c48c6afc2f50a731158ca0284228add093daa9a3073e933c4f3d346bd49b1e1274d332dc3635994ec46b8a70824aa4c31be80f230f62e3292d83b3
- SSDEEP
  
  49152:kjZrOTAuCsIPPxdHC/5eDMCVSLOSsdl97HXdyYSCQbwFWLyhrMhTq7NOorraW/:dTAuCsIPnHC/5eQCOORl97HXdyYvFWLO
Score

1^/10
behavioral7 behavioral8
- Target
  
  gaojizhanzheng/gaojizhanzheng/yx.gba
- Size
  
  4.6MB
- MD5
  
  0373388c2bc544ee5b6bfb80ba9affbb
- SHA1
  
  e7723d02c3d553aacf35798eec9986f89e197e21
- SHA256
  
  83f8013a7eb48a2ff3460d2b63ebdf9d53bf498a3fdce17df008e58162e8155b
- SHA512
  
  b8b567df9baa23e0939dc45cc95bd60218a9f27550e8e61addd3a8d6ec96a8f09d7ee0baf14077c70b7dbe5aadcfd209e519815db13fb614d364dbc9aa07a4a5
- SSDEEP
  
  49152:N9As9RlclmzDcjqvwbH6HDwzr2crmGhgg715o76+GCH5xOp7Nldv:ks9RlAmzgAW4ar2za1t+Gs5xo7Nl
Score

3^/10
behavioral9 behavioral10

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10