719ba6e1ffc43e8bc09325caa5ccce24dc0a93751e67c17ce758acaf2d81d594 | Triage

Sharing

General

Target

719ba6e1ffc43e8bc09325caa5ccce24dc0a93751e67c17ce758acaf2d81d594
Size

693KB
Sample

221104-lpl36seae2
MD5

cb5a934cafbdb302fc503e93a160402b
SHA1

d2fbb8741e68d8d830cc88ae7b5bd36d66f2a1d0
SHA256

719ba6e1ffc43e8bc09325caa5ccce24dc0a93751e67c17ce758acaf2d81d594
SHA512

c5ff66d67ccbe8b73b5f9cbc75144729f736685f99f2f9db33ff2a4ba7ac7f46b9841655765bcb1ce158bfac6ce329bc95e9bb0a46ce99701a1e5fc32baa3e9a
SSDEEP

12288:meFXXG9yBtBiK35wp6679474tsrl63Drl9F/leRsTXXceengue7X5zFdSFShn3dh:meNW9w314u563g8DeczTDV73

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  HashTab-V6.3 完美汉化版/HashTab32.dll
- Size
  
  1.0MB
- MD5
  
  2d740280ec6b4b4aeffbdb6733fb97f2
- SHA1
  
  ec7d93761832b66b1de98edbb81f513c68c02953
- SHA256
  
  f56ed9233ef55665fafea7897a14f05f558a7e894bad807cfec45dab0ff147b5
- SHA512
  
  f8fa19d6f046ad1c2b058cb906a8732b17a427fbce648bcd01bcf3b364a342adfde1a818f1767e573ccccaeb74d922bc7d06142e1e4eeb6f3dd56c8f81c6e6be
- SSDEEP
  
  12288:EHHwfhr7G5CqSgqqxy+gaOxx2rIRTos+OeO+OeNhBBhhBB/RvMsr0M8P3024rBsS:EHH+qCqSD+OgQ+RvMsrH8P02Msyqu
Score

1^/10
behavioral1 behavioral2
- Target
  
  HashTab-V6.3 完美汉化版/HashTab64.dll
- Size
  
  1.2MB
- MD5
  
  08cf369a6a98a4b36b04cc720d4ba2cd
- SHA1
  
  f5a579215cd7428c960066cf0125f912ba7d7d42
- SHA256
  
  c4b1a0bd0d7a1648e95c4cddd854cf63b1ffe0d6b17ceeaeb04c73ac8759d39e
- SHA512
  
  12c6ebae3f84435836a17de5eef96b7587c0b88e828349be45f6fa69cfc60a2200c8073ca22a6537d8864b73669ae581910c0c108010fe169aff73eec3974198
- SSDEEP
  
  24576:KqSCTJeq4W2L/yF6/D48i8Kfy5w0aEJiBjkL9hhKfVwe:qCgGF68kK6mtTBChwV9
Score

8^/10

persistence
- Registers COM server for autorun
  persistence
behavioral3 behavioral4
- Target
  
  HashTab-V6.3 完美汉化版/卸载HashTab.bat
- Size
  
  704B
- MD5
  
  3adfe17f52697ce09b1bcdc16e294a8f
- SHA1
  
  e2bdcf9f4136491e59a831b2cb3ca7ebf0d127fc
- SHA256
  
  7a1ed410e90c1228d87956ade23f5756be2e1836b445b284db887caa1c438855
- SHA512
  
  c563cd7b8e0e2ffb038614f6d04571911c1a99bec6d0d3b4769db8499569e5a7b3ddb94f846983af6f6a643e9408252474a78a24e05d9e548ff62342474b4b3f
Score

8^/10

persistence
- Modifies Installed Components in the registry
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral5 behavioral6
- Target
  
  HashTab-V6.3 完美汉化版/启用HashTab.bat
- Size
  
  1KB
- MD5
  
  9982f1f47c30503dfc631747cbe02e54
- SHA1
  
  487e176d8690c3ec667b568bad6de13479c60044
- SHA256
  
  ba2390f57c373aff66370b62fcaf6f3ceda978b52e76c121e50ab814d1a5d46f
- SHA512
  
  76ea632c532cbc6b7078665dc91b79977bb11e5b6272c2d860ec47881c98cefb056249d3a0bf8e1a325843e8d223a2af3f6b12d976bb94c518b8b3a68ca46a69
Score

8^/10

persistence
- Registers COM server for autorun
  persistence
- Loads dropped DLL
- Drops file in System32 directory
behavioral7 behavioral8

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8