Overview
overview
8Static
static
8121210破�...ld.dll
windows7-x64
8121210破�...ld.dll
windows10-2004-x64
8121210破�...pk.dll
windows7-x64
8121210破�...pk.dll
windows10-2004-x64
8121210破�...mp.exe
windows7-x64
8121210破�...mp.exe
windows10-2004-x64
8121210破�...ip.exe
windows7-x64
8121210破�...ip.exe
windows10-2004-x64
8General
-
Target
2dca64d707c9cc9c8750725efe711ce56501ce681040e88371f3b0f98acee5de
-
Size
5.3MB
-
Sample
221123-v6evvsba58
-
MD5
347a47dd3f2d27c72e8656d693368148
-
SHA1
cc6925f15eb243ff49dd5ac9a997563112a4a077
-
SHA256
2dca64d707c9cc9c8750725efe711ce56501ce681040e88371f3b0f98acee5de
-
SHA512
6aa7ec34de3605c0b3a10b19db66e2f43faa23877e0f218cbede598aee2e9ff758c91e8f74102f177e6bbfd596fe1f9db6c3022d3461ba39a710a0839f6e9285
-
SSDEEP
98304:8T4iMIP0zlHnhad4c/ryQDvuP12S2fFoyr7+XcNWlF88QXXdOv4FdHS:06HEqczTa6JPgcNWl28wXdOwy
Behavioral task
behavioral1
Sample
121210破简单vip/JDG_build.dll
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
121210破简单vip/JDG_build.dll
Resource
win10v2004-20220812-en
Behavioral task
behavioral3
Sample
121210破简单vip/lpk.dll
Resource
win7-20221111-en
Behavioral task
behavioral4
Sample
121210破简单vip/lpk.dll
Resource
win10v2004-20221111-en
Behavioral task
behavioral5
Sample
121210破简单vip/简单vip破解补丁.vmp.exe
Resource
win7-20221111-en
Behavioral task
behavioral6
Sample
121210破简单vip/简单vip破解补丁.vmp.exe
Resource
win10v2004-20221111-en
Behavioral task
behavioral7
Sample
121210破简单vip/简單挂个人版vip.exe
Resource
win7-20221111-en
Behavioral task
behavioral8
Sample
121210破简单vip/简單挂个人版vip.exe
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
121210破简单vip/JDG_build.dll
-
Size
625KB
-
MD5
843c7aa1246d167b66b1cd9f096f0ed2
-
SHA1
744892e3d847c690fc44d06e5ee9b7e9a9d87f20
-
SHA256
d0d7029938aa06bafbd6ea296353cb3ac4bf61da2f9a1b218b4d1d98d8f6a412
-
SHA512
328833c87fa658e58903c55ef8745f140393953552c6c245e58d8724a2212cc0e22f2b67b06cf1b3a10faf3517ff71c3506314ef94048727048b52f8798defdc
-
SSDEEP
12288:Ox+3aBp9fj9PgB1WB3nxGr3v98Izlr+CNXlnd7DnzN+tmMK6LVBCSx9jNqO91:k5RjpR8lBRr+CTnzAtXK6LKW
Score8/10 -
-
-
Target
121210破简单vip/lpk.dll
-
Size
46KB
-
MD5
d2b777a93719e548d0baf4c886e124d3
-
SHA1
55e328477afc3005e24222456ee874a5e43955f9
-
SHA256
28085a4341c06951fac8a483a38f501f017332fcecadc69d2154533a8dab6042
-
SHA512
12d2bacf141ff327f5e5a78910ba6f91343094506f0606e2afdec707bdc3be4fa06884231de6e909f4f6028a359b91c7045e96df84bc34f3108231194c33921a
-
SSDEEP
768:hojY9PfJdMmJyj0Ml+oi/XSpSZbVfDnoWyHaojY9Po:0mnJdMmJyDl+tVZloWyHjmg
Score8/10-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-
-
-
Target
121210破简单vip/简单vip破解补丁.vmp.exe
-
Size
376KB
-
MD5
685493b4cebf734897b281dcb20dee32
-
SHA1
52c15a43515692eb9c707479429c07058d4b49be
-
SHA256
2ca139c675c82f4697fb5a80ed62d257a48b1af9e3a88e40ae42ae412f30727a
-
SHA512
e40378129f2952b5b7145a78928696568e3631b0965c412c2e290caa8194c02c3c8d1f71c63ea4e0c871464bbe20146ad88e338a4b4e591c6a519bb790dba1ea
-
SSDEEP
6144:BSmPzsGUWC7bZfxJDAfe99lUsfByNBPkgsfUJYOUdez47PgtNr6iZQ6MrR5cUN83:BSmrtYZfxJDAfe93vfBSFkW2ukwN6yAq
Score8/10 -
-
-
Target
121210破简单vip/简單挂个人版vip.exe
-
Size
4.3MB
-
MD5
f1d3d13a25c6197d74bdecfadb62b4e1
-
SHA1
55639e0635cfe3a376096441e64e7499b9d0671b
-
SHA256
aacbf02bb66e4f1257539258af2a111203d6126f5578d7bd34213f0f51125592
-
SHA512
0c255fc18b839ad898a9d86036063993bee7244f1ba4f98fea35a167ad0f16bc229988d2b1f839141b37ca83afbc4a19685f974466749f37e4df40d9024e8aa2
-
SSDEEP
98304:usvERX3LYPBnvECaOwvB0GYadHrUh5BtBFZhOy79Tsoi:huHmBnvECZmefh5bBh9T1
Score8/10-
Drops file in Drivers directory
-