953f5b0eb9fe724044a9b977644ceb6fc47da250b1bb1b1b09b7e5f85feca249 | Triage

Sharing

General

Target

953f5b0eb9fe724044a9b977644ceb6fc47da250b1bb1b1b09b7e5f85feca249
Size

19.1MB
Sample

221124-f7n3laca38
MD5

5884a358e7c3858e09720f6099ccc64d
SHA1

1113e032638eedfdcc82175b9ccdb8947190ebfa
SHA256

953f5b0eb9fe724044a9b977644ceb6fc47da250b1bb1b1b09b7e5f85feca249
SHA512

d5b15c31c34e8b5dbd6eacccf10cba242706f4d292bfd0ecbb38d6add1b7978d283b9c131ad3f29bb92098c2cade8e96aea2006318448a3ecc72762aa11c4296
SSDEEP

393216:F3hwy86ntsrkQEflqtSkvR8m93O/nioTPI0BWYsDp/+75mmz96aF:ph2WHlqTmm5OPioTPRsYsl/+VL

Score

6^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  www.hack95.com.url
- Size
  
  177B
- MD5
  
  6c768bb89db41c89e13a28f20290041c
- SHA1
  
  48cace472b43c0cbb2e49972cc2aa65f443f2051
- SHA256
  
  2fa429ead5b731156e39f508669e669f59bf83aef1cd2f71de88d31d1e86157b
- SHA512
  
  d4e3b75505df57b061b78ce51ec3cb9a82fc07a0f6cecdcfe604fd26d9d7453ada7ba7a374729ae5b4db5ce2c105d684d797f3ac25b8f8dfe78828988d44a6e7
Score

6^/10

evasion trojan persistence
- Adds Run key to start application
  persistence
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2
- Target
  
  破解某外挂拿vip使用权.exe
- Size
  
  18.7MB
- MD5
  
  c299928c8a96213821fba9cb3f4c2f0e
- SHA1
  
  7e2ab6c5423efb29c771a8cf00ec7e7533af973d
- SHA256
  
  05141086032983692761f99d41d4edd98d357f75df4708338badfe3698de99cf
- SHA512
  
  576905b7e6a4997b8545b648ef6b976824d2e4539ccf17816da3320144aec392ed5f00f6e5d308ae4a2017efef7c30feb6f65596aea3814b1c9be512be52e1d6
- SSDEEP
  
  393216:ARxs30nw4RVYICfsm8DbVRQMIZD/t0VoItPJGS1T5TPAMdLHkEb0gIL/HHOA:A4knrfDQtlioQDZ5TIMBk36A
Score

1^/10
behavioral3 behavioral4
- Target
  
  网络安全黑客攻防培训.url
- Size
  
  188B
- MD5
  
  23f6e9328f02c79ef5645a6483b1fd59
- SHA1
  
  53e1d6bdeb8cdec6edbd24c396c1bba4d38c0dd0
- SHA256
  
  78aec1d2003adfbb48fd27d4e629c8e52d671333ec5253574ad5796a0ac3afab
- SHA512
  
  a4636c961bc66ca95cf56f16e81791341602a286055d9bb8001a9c236b7fa2e657808ccd01462b9ad271da5be642bacd15d37ae22b2ebe0d22aad558d22fdfbd
Score

1^/10
behavioral5 behavioral6

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6