Overview

overview

10

Static

static

27猫资源论坛.url

windows7-x64

1

27猫资源论坛.url

windows10-2004-x64

1

StopUpdate...rd.exe

windows7-x64

1

StopUpdate...rd.exe

windows10-2004-x64

1

StopUpdate...10.exe

windows7-x64

1

StopUpdate...10.exe

windows10-2004-x64

1

StopUpdate...up.bat

windows7-x64

1

StopUpdate...up.bat

windows10-2004-x64

1

StopUpdate...rd.bat

windows7-x64

8

StopUpdate...rd.bat

windows10-2004-x64

8

StopUpdate...ll.bat

windows7-x64

10

StopUpdate...ll.bat

windows10-2004-x64

10

StopUpdate...wu.exe

windows7-x64

1

StopUpdate...wu.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a532ef74cfbe55a5d4cba2e9407ea4951328797d94e30c4160664d3536cb13d2

  • Size

    1.7MB

  • Sample

    221003-f5q46sbaem

  • MD5

    e3d2da8b86bd9a9703a416cc86d74599

  • SHA1

    a7601195f2076acd059f1a2229efc6b5167e7195

  • SHA256

    a532ef74cfbe55a5d4cba2e9407ea4951328797d94e30c4160664d3536cb13d2

  • SHA512

    284b18074e1e73239ed3ae1447e4bb75e4e4f6874a0eb940b8312bdcee17cbba13d42ed274d1a4d0ebefa1a8004fc9cff741c55560cf60ba45f8812c1207449e

  • SSDEEP

    49152://hWDjfkjir+lVMLxqajtdj+hWzNIAd8TgMnxpdkyAzriNdEtB://hGjRr+lcoYdxDWTnDzAzEEj

Score
10/10
evasion

Malware Config

Targets

    • Target

      27猫资源论坛.url

    • Size

      122B

    • MD5

      a2b0070a34e3a92337e52f6c99ce56f8

    • SHA1

      14689e5cc948f57e501132726b272a0141656dbd

    • SHA256

      09f25a83c0397815b353c4d55a1669fc607d77ddb7ffa1de37b4b6f2d2bca5f6

    • SHA512

      8a5a29717531bb76e1def5ec2381060bfd9822306c5fa812f8b3367dc672f65ba53a30e36222b681649bd322da08967e274c8675a749715d05e06d6c971f0fe0

    Score
    1/10
    behavioral1behavioral2

    • Target

      StopUpdates10 Win10Զ¹رչ_v3.1.101 Я/SU10Guard.exe

    • Size

      69KB

    • MD5

      9e0ed4953b2f1d25d60aa802cd3cb2bf

    • SHA1

      fc2282630aa64e1ab43ebfc16b5a746fd6e44a0a

    • SHA256

      c3a355e7e7f69c78ee07d4436fa9faaacbbf2bcdaee67b0fc177a5d73988b501

    • SHA512

      41b27963f06a2329ea58a60e14a77a36a031dc43c6e7b34c294a5c07c5bd087a514b39ebc2a29ac842bb9df684570dfbb2bf424e77e9334cdf8a136e09016f6b

    • SSDEEP

      1536:vijJhdjFxm4Y5MTGQZfZZQJl7OAtOcJXn97G:qjJhhFFYGpQJlyAYU97G

    Score
    1/10
    behavioral3behavioral4

    • Target

      StopUpdates10 Win10Զ¹رչ_v3.1.101 Я/StopUpdates10.exe

    • Size

      1.6MB

    • MD5

      ac6938fcc213f60afb98a34dc31be46c

    • SHA1

      09f29c734a4434e3b20aa672be003f6a684ff838

    • SHA256

      39a4676e907eafb7a65c1b36d33d7396c4e31be59b66449585d1571e90376c2e

    • SHA512

      1595b610b5fcf164dce2deda8f0433792900b036b5ae8de39baab379168e0dbfd1ad2b4f5985b45d1da173807a2e67ac2426625c17e43f8a9efc92dc70a1f8df

    • SSDEEP

      24576:6kvE3KlnpZGbHqXDy4nvFovotXBCKMvekY+iRUAgqO8SeUTRdR0qgX8OCagZC:JvE3KlnpIGnN3z4JTR0JeZC

    Score
    1/10
    behavioral5behavioral6

    • Target

      StopUpdates10 Win10Զ¹رչ_v3.1.101 Я/stop-gwx-from-startup.bat

    • Size

      1KB

    • MD5

      4b724372b80e66b4f7747aa7a4dd82fa

    • SHA1

      74a7972fb13bb80530fde331bc0de6df18405834

    • SHA256

      9580a95c5cd25d960232af7c8042c0c89aeddfb2a7db009f9080241190f8bccd

    • SHA512

      caf6c95820094a9b600fbed64d53179ebf6b397301b060d6731b6de922c59ef3e9e3bacfce771cdc4fd5a0a33332a69eedb099edbe3daaf6b185af7d88221c45

    Score
    1/10
    behavioral7behavioral8

    • Target

      StopUpdates10 Win10Զ¹رչ_v3.1.101 Я/uninstall-guard.bat

    • Size

      16B

    • MD5

      1439b8c9de2e8368dca861f4476ecf3f

    • SHA1

      19338762144ed068496be8652e64f0594e1f4150

    • SHA256

      ec8af7eaf76519a0dda10acf5a2bcb76cd122514b6512596024fae4735470bd1

    • SHA512

      cf45797f81a8e265cd2bc7ff5120409713f2401a9e6bd6fd9400f4108e71760a7bf81e93465e1b80af6c266a8e7be8fcc5ddb0d9beb10bcf8348f2925ddd7423

    Score
    8/10
    evasion
    behavioral9behavioral10

    • Target

      StopUpdates10 Win10Զ¹رչ_v3.1.101 Я/uninstall.bat

    • Size

      51B

    • MD5

      b12d06605b99570ff0d5ea528be40ca2

    • SHA1

      2cfd0af17ba51badf963f3a9a754b43005dd131a

    • SHA256

      82ea7cb76b8c01cd7da7273927f3c77032b8878dfa1bf46c797345deaafdcd1c

    • SHA512

      3f54980b42aedaea989834ae2f54387839830f2e3353f6369b961f1f7af2dfedd3a387f3caeceddca771d881bca0b2b434115d1a13ad75e82b3633c7e1c46dea

    Score
    10/10
    evasion
    behavioral11behavioral12

    • Target

      StopUpdates10 Win10Զ¹رչ_v3.1.101 Я/wu.exe

    • Size

      1.9MB

    • MD5

      7feb135bcf1777f07763799349fad414

    • SHA1

      5df2f16fc65bbd41e6c4d3c0614ac4721a516af1

    • SHA256

      45d803377c12a496cb92e908c71d5cc486255ab96f863e459ed2d2dfe9e0800f

    • SHA512

      444f2ba93ae9701bf4d8efb800cb880b9a8d053b168d9ef99482e6270f2cc68b1ac67b3c4886fe0c1f278cdb6869ae85ac2f0f175b6a47019ee3f731e07504a0

    • SSDEEP

      24576:hNh1vOi0ZFqJD5+O9IB9JhlOHhC9J7yaBAVTHd9xQdbD9ZpUS:hZJJOWH3TOh9ZpUS

    Score
    1/10
    behavioral13behavioral14

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Modify Existing Service

3
T1031

Privilege Escalation

Defense Evasion

Impair Defenses

2
T1562

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Service Stop

2
T1489

Tasks