20fad721ad99f8a82c2eaf4743229f8c921d00b9ee0caa49c96edfd15156d749

Sharing

Copy URL

Twitter E-mail

General

Target

20fad721ad99f8a82c2eaf4743229f8c921d00b9ee0caa49c96edfd15156d749
Size

5.3MB
Sample

221013-f85rqsbag5
MD5

e43c48104a92f769fef74b18c4857126
SHA1

62e7f6b3ca4e0091b7a4c732906fdab8c9819d20
SHA256

20fad721ad99f8a82c2eaf4743229f8c921d00b9ee0caa49c96edfd15156d749
SHA512

dbf10d0389793dd011d285cfc251aabe22c691f5dba08d232fe036c2b0feed5023d55282f9511492399d8b19cc90e1e8c5604664ec4f69bd1e67834e304ff41c
SSDEEP

98304:zr70yd+4LA8p0jF6OPbmOvGPBJeK0irhzukmX3CfhUCI/zwVU5R6EKrrNBZ:zr/LhGgPeNghzNmX0m/OeR6EgLZ

Score

8^/10

Malware Config

Targets

- Target
  
  新建文件夹/Inet_Download_Manager_v6.37.14_Final/Internet Download Manager/!卸载.bat
- Size
  
  21KB
- MD5
  
  31fa6631bbea020225696410fc01c8df
- SHA1
  
  8326980dd890d8963d4bb13a7feb55abfadbb196
- SHA256
  
  8f102f28201180ab212a189f5a569b5ec26ef9e6f452a53050e0c29a8023c4a8
- SHA512
  
  6c863bf2c24117523e39f9c4c2a6b9cf3e24ca90200796611731e32d5c02da6d1c3f6cebaa27aae6ac69f35d4a4cac5d01b459f36453f33313728516e91e50a3
- SSDEEP
  
  384:yz3J6AHqbeGsaEBQ8QJyMMpj1Tcdju+ZyAqT+5k2X2dW1IB8paiE33VSN2:MJraOy9ycdju+ZyAqT+5k2X2dW1I2aJZ
Score

8^/10

persistence
- Drops file in Drivers directory
- Adds Run key to start application
  persistence
behavioral1 behavioral2
- Target
  
  新建文件夹/Inet_Download_Manager_v6.37.14_Final/Internet Download Manager/!绿化.bat
- Size
  
  12KB
- MD5
  
  9989aa53d90411bda70ff107e72d2b3e
- SHA1
  
  67ed47b4648f173b3285406d2ff5989090c8b05c
- SHA256
  
  8ec6d310fb11d5c016324ab90be3a01cad14802c6b4dcd17b7397b2eca8e4d85
- SHA512
  
  278969818c17513902ca3459eb6b8be79a7cf5feeb416ba653d2085590ecc4f42a9aacd3fddc89f00de3a8f7332a2adf8b3b803780dcfbf3fe71d9f0afbba68e
- SSDEEP
  
  96:6hCwB6OFpMhtC1MhtxP08htGyghtwOR0TDaD3Y/AAa/AAQ2Rx3cZAzQs:8fsvyMvW8v1gvPR0b/AAa/AAQk7zQs
Score

8^/10

discovery exploit persistence
- Drops file in Drivers directory
- Possible privilege escalation attempt
  exploit
- Registers COM server for autorun
  persistence
- Modifies file permissions
  discovery
- Adds Run key to start application
  persistence
behavioral3 behavioral4
- Target
  
  新建文件夹/Inet_Download_Manager_v6.37.14_Final/Internet Download Manager/IDMFType64.dll
- Size
  
  51KB
- MD5
  
  c976ceb4be1daf3a848c11a4adf224ba
- SHA1
  
  9ce2b9c6a3cefb6b5be69572c0c30f87322ef145
- SHA256
  
  0479dda9f82192a7c8881413f8ca6a220e63a4811efadc497dbefc0f4c290441
- SHA512
  
  3cb95b2048f5c62002656fec25c529caa6327481c0351364f1168a88583facf09631a7c20ae2fe125fd8eef422095528acf27183b242a5a36bcce45c4c327cb9
- SSDEEP
  
  768:eak1cQ6KfFSF1F2Rcyg1wgRKZMMNbKYk4PHQBpjhXnZwPs0DDYW1MmOdbCk7v:KLwL2Rc7caIbKYrKpdJwPVDRDOlCk7v
Score

3^/10
behavioral5 behavioral6
- Target
  
  新建文件夹/Inet_Download_Manager_v6.37.14_Final/Internet Download Manager/IDMGetAll.dll
- Size
  
  73KB
- MD5
  
  d04845fab1c667c04458d0a981f3898e
- SHA1
  
  f30267bb7037a11669605c614fb92734be998677
- SHA256
  
  33a8a6b9413d60a38237bafc4c331dfebf0bf64f8057abc335b4a6a6b95c9381
- SHA512
  
  ccd166dbe9aaba3795963af7d63b1a561de90153c2eaefb12f3e9f9ddebd9b1f7861ee76f45b4ef19d41ca514f3796e98b3c3660596730be8d8eb9e1048ef59e
- SSDEEP
  
  1536:d2cmEq8ecPyaTYj3lBDuOMVCdPlvnya2QdeMVez1v:Nmt8bxTYzCOM8d9nya2U5e
Score

1^/10
behavioral7 behavioral8
- Target
  
  新建文件夹/Inet_Download_Manager_v6.37.14_Final/Internet Download Manager/IDMGetAll64.dll
- Size
  
  93KB
- MD5
  
  597164da15b26114e7f1136965533d72
- SHA1
  
  9eeaa7f7de2d04415b8c435a82ee7eea7bbf5c8a
- SHA256
  
  117abaeb27451944c72ffee804e674046c58d769bd2e940c71e66edec0725bd1
- SHA512
  
  7a2d31a1342286e1164f80c6da3a9c07418ebeafb9b4d5b702c0f03065ee26949da22193eb403c8aeec012b6f1c5ff21179104943943302972492fcdccc850d9
- SSDEEP
  
  1536:2mGBz5y9AOlFfdW/tfSB9POp//dEFFFG63htH:UyzmabPOp//dEvFG4H
Score

1^/10
behavioral9 behavioral10
- Target
  
  新建文件夹/Inet_Download_Manager_v6.37.14_Final/Internet Download Manager/IDMIECC.dll
- Size
  
  459KB
- MD5
  
  87b251b1ce38671a4af0a6e8a67caa06
- SHA1
  
  40cb0c16d7d6aa831df6ce67b4d1f3a407295035
- SHA256
  
  16cad77ae8104c8e1db4126f300ea29de0b1aaa2084031590c2ee180b06960ab
- SHA512
  
  1d243726debcb134857a0e32866ac783a32764fa893e2f181ea2c56651cb1088e99d8811381ac7d20ca096c0bfcd46b26660be4a39bdb79a15c8e950cd1e3cf4
- SSDEEP
  
  6144:0CvMMpdXUMCvpZzk8ND5/7wmAKpvq14Hpk798XLHAv8z4hYO8pNfopzDN:XvMMzCLN9FvXe9aHW8tOZzB
Score

1^/10
behavioral11 behavioral12
- Target
  
  新建文件夹/Inet_Download_Manager_v6.37.14_Final/Internet Download Manager/IDMIECC64.dll
- Size
  
  650KB
- MD5
  
  fcadf36c463e1877f17beee3cc0cb278
- SHA1
  
  f18633bc81080e35f25915ab98d16902465d441d
- SHA256
  
  b413fe3d11ced1343da832cf61f8c24124fe7d216ecf84c6e3c0c3764a2ed7ba
- SHA512
  
  e96539e58c65f69d6c8666127f5d38856b30417769fb52fd8a0657c53e5ce627553dc8b903911dedecb69b6a37b0390c473bde01ddbe4b5d156b6d8e79edbb15
- SSDEEP
  
  12288:uIUtqWjE00D+U/KhbsL7J0aMXDDc8ozY8NmWo:wqWjE09U/KhydMzLoet
Score

1^/10
behavioral13 behavioral14
- Target
  
  新建文件夹/Inet_Download_Manager_v6.37.14_Final/Internet Download Manager/IDMIntegrator64.exe
- Size
  
  74KB
- MD5
  
  d2e5c1e09079de5830579757086ff2d0
- SHA1
  
  4817a3cffb8169b6a354abde869d82991f4ca8b1
- SHA256
  
  e894ff8a9b2eb9f3203518c143fe33bdaaf900513493aef402d6f88ed56a684d
- SHA512
  
  b0f5f0385efec2fae394ad02deeb52369ee7594c8df3f42ba170ea6d01eda6f7ccec25c61df70a08bd14e71b9b79e01f95ed7c62b4b5191cec2eb007a92c8366
- SSDEEP
  
  1536:R3pUek8m7Ww+ZooX9YWilODnD1NJrNza1YRqMVeIe:BpUe7m7WTZoiQODDHJrNza2RF
Score

1^/10
behavioral15 behavioral16
- Target
  
  新建文件夹/Inet_Download_Manager_v6.37.14_Final/Internet Download Manager/IDMNetMon.dll
- Size
  
  313KB
- MD5
  
  a3b53bb580c75d828eb2d870ca29df78
- SHA1
  
  778f2322d019d6399395967abeddf12569eac369
- SHA256
  
  6577e59b83671cac17b64d84895216422b216767e3dab0ba6d23fdf7f383cb99
- SHA512
  
  23e7eaada9f5b72d3ba8b21519da953e0268760b111fe34604a62bff9b23ea733c1df19f16f2f882cb84f6dd7568c856ccf4c88461276809e59e243c50289222
- SSDEEP
  
  6144:tusxf07mISbn3Rxml2s7r11qxf5yFxVNTkZySLfWsfXIGVTBQY6dyhCMbiu:CmFDxxf5y/bTkZyuOs/IGVTmY6dgnF
Score

1^/10
behavioral17 behavioral18
- Target
  
  新建文件夹/Inet_Download_Manager_v6.37.14_Final/Internet Download Manager/IDMNetMon64.dll
- Size
  
  383KB
- MD5
  
  50ed4c18951b3f320ea75f5320748942
- SHA1
  
  4379dcd13e9e081a5bca8825a3bff70242c1c6ff
- SHA256
  
  16d14dff2e149abb0d6588ef5450745c1c57ad1967783876bb658a7b5c2f7b1c
- SHA512
  
  aa76df700e264aa61da06c9c64c4fa8231b2aaffe9a7fd53871d27f75179bb13b3a41d638dce6172ef8e20f84c0f360d748738e920891bfbe6d9dda052bbee1a
- SSDEEP
  
  6144:4fR211R1k48x0zRTBHdZcduyZ4gCPhVt4cUiudWKo+zKUI/aQkN2AUITByB+QXOY:4fROjbSpJdWKo+zzIiREIT4Y6IU9vD
Score

1^/10
behavioral19 behavioral20
- Target
  
  新建文件夹/Inet_Download_Manager_v6.37.14_Final/Internet Download Manager/IDMShellExt.dll
- Size
  
  32KB
- MD5
  
  e3ffdff31fed63050fa856dbdafb1e90
- SHA1
  
  6fcde3e14bdf2095d7ba52d86ce2aab76b75f5ab
- SHA256
  
  ecdd25fcc1a974e35ba8dd58f8d08af2ae81807d5df0eb9472151a4f1799e0a6
- SHA512
  
  1dd50cb7718d9ad3da727b41429c0724037687e30e2c2fa223b9e4395e3b1d14f5c23be2348f7c33506d982be9a882c5763f28a2df44254f3eab0ae6d5dc5255
- SSDEEP
  
  384:tM3kv2nxRY+oDpqSSR6V9OSNUeYpioRcY/HlLnYPLWSUHeMcCHOU7b8JN77hhFA:tM3kvmxRASReZWeoWY/lLjOCHBQ3hDA
Score

1^/10
behavioral21 behavioral22
- Target
  
  新建文件夹/Inet_Download_Manager_v6.37.14_Final/Internet Download Manager/IDMShellExt64.dll
- Size
  
  34KB
- MD5
  
  555f97044de456b918b32fe684e40d78
- SHA1
  
  0cb97d7a8751af62e4121d312e72a25689749e5d
- SHA256
  
  09d4481d59eaef978b946fd4a9d8f53e51aed176ef629ed26e26d9a306e44d4b
- SHA512
  
  0ba231e4529455aac6c8b3de93e17299835a75f07133df8fe97de8db67676d2e0638973050fcfe9064078a40db0e422385e5d65c7260470fe558dc9f04471a8c
- SSDEEP
  
  384:+whsSCSf1YFnrWfJ9J9YNiaD2nYPLWSUHeMQgPHOULkyw8JN77hhh6:+knYFyfJ5YjKjbPHmQ3hD6
Score

8^/10

persistence
- Registers COM server for autorun
  persistence
behavioral23 behavioral24
- Target
  
  新建文件夹/Inet_Download_Manager_v6.37.14_Final/Internet Download Manager/IDMVMPrs.dll
- Size
  
  341KB
- MD5
  
  1f274d186c29db4078cfd26170760a74
- SHA1
  
  b90d30d3ca3804ada23fcd3d7feb2e40691b99a8
- SHA256
  
  804a6a9d19eb8a1b09e5b4bb8f3849e8a64480355525374024435349a4fe7f62
- SHA512
  
  ca771cb01df448b01b4eac57aa05696d18afe0c4000200455e7f5e6392139702b3d9d3d7130984b2f9fd8c474033a18dab72d8823c71174d7611904f41d2e4cd
- SSDEEP
  
  6144:i3mjKuPlUvBOju7JOcS52t8Z5IMpxzjd4C7JIhwEYi/KWF4K:pzPlUvx+5O8kMjQTiWF4K
Score

3^/10
behavioral25 behavioral26
- Target
  
  新建文件夹/Inet_Download_Manager_v6.37.14_Final/Internet Download Manager/IDMVMPrs64.dll
- Size
  
  409KB
- MD5
  
  1932ee5460c7c7d0240b955fd56b3bf4
- SHA1
  
  8c267070f8131731323c3c2d8ec305e8dc3dc09a
- SHA256
  
  5feb30fedde71d47676b7d8ac6b503e8017b210687ff73bbfa350799cd6dd0aa
- SHA512
  
  4abdc2939fd23bb6cbb6ef3e4edbc3cab5da113c15c9a867c34017765a9483a7eea373b600c9b1f61c1bbafd87d38e9e107b9a5e545ab370d4804ce8aa614e32
- SSDEEP
  
  6144:Iw5sjfobmuQYvQwDSH/U0avrw7S7Wh89RjYYiZC:FqjpqzDwU0Mrw/cYYuC
Score

3^/10
behavioral27 behavioral28
- Target
  
  新建文件夹/Inet_Download_Manager_v6.37.14_Final/Internet Download Manager/IEExt.htm
- Size
  
  277B
- MD5
  
  7ee0cc294b365f8fc4fab2f06e01ac95
- SHA1
  
  1a49c5f7a98580f8002ac1d6115ab39cb753975b
- SHA256
  
  a17fe100c65749018ca05a1b2e600060d83b4490bddfd3f61b5523c78b9483d7
- SHA512
  
  ebaea4b4b77cba5d0f77124f7e0389ec04e7a44ae74ae0ba964a46758f92394dcb76b4c02eb89135c56815bba56b753c086b7dc3937947ed16532c8ab24f12b5
Score

1^/10
behavioral29 behavioral30
- Target
  
  新建文件夹/Inet_Download_Manager_v6.37.14_Final/Internet Download Manager/IEGetAll.htm
- Size
  
  283B
- MD5
  
  648e7b2602158d2ff9197d664f59b28b
- SHA1
  
  6ff2653314ddad254ad252b1867d0925b30bb196
- SHA256
  
  47937f8f34ba56718d4bd3b97bfd9e42468d6b7615c745b7841272a2e3d39e57
- SHA512
  
  c24d7059acf8d5a8ca5de77a165f95e4b6a685a62ddf8a3446ed465c4064d33a057c9f8e985bb73d41f1b0984cf8065c0c5d1a7e9123521d962befaf49edc3a0
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

T1060

Privilege Escalation

Defense Evasion

Modify Registry

T1112

File Permissions Modification

T1222

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

Sharing

General

Malware Config

Targets

Drops file in Drivers directory

Adds Run key to start application

Drops file in Drivers directory

Possible privilege escalation attempt

Registers COM server for autorun

Modifies file permissions

Adds Run key to start application

Registers COM server for autorun

MITRE ATT&CK Matrix ATT&CK v6

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32