aa28d3084f6aa5e9c19875e7cd9017452b684d303a15c860cb88c302c73bb6f5 | Triage

Submit
Reports

Overview

overview

8

Static

static

8

Q...��.exe

windows7-x64

8

Q...��.exe

windows10-2004-x64

8

Բθ...ַ.url

windows7-x64

1

Բθ...ַ.url

windows10-2004-x64

1

Բθ...ַ.url

windows7-x64

1

Բθ...ַ.url

windows10-2004-x64

1

Բθ...��.url

windows7-x64

1

Բθ...��.url

windows10-2004-x64

1

Բθ...ַ.url

windows7-x64

1

Բθ...ַ.url

windows10-2004-x64

1

Բθ...��.url

windows7-x64

1

Բθ...��.url

windows10-2004-x64

1

Բ�...��.exe

windows7-x64

8

Բ�...��.exe

windows10-2004-x64

8

华彩联�...��.url

windows7-x64

1

华彩联�...��.url

windows10-2004-x64

1

华彩软�...��.url

windows7-x64

1

华彩软�...��.url

windows10-2004-x64

1

뷬�...��.url

windows7-x64

1

뷬�...��.url

windows10-2004-x64

1

Sharing

General

Target

aa28d3084f6aa5e9c19875e7cd9017452b684d303a15c860cb88c302c73bb6f5
Size

4.9MB
Sample

221124-gfaxbsfe3t
MD5

4a701f0818fd826dccc9f092ad19f70c
SHA1

008960c8022d47034d1f5671d957ee5a7d404e55
SHA256

aa28d3084f6aa5e9c19875e7cd9017452b684d303a15c860cb88c302c73bb6f5
SHA512

ef5891efcd3eb771bd5e42767767bd92920e3583555d184251038a2929a993e7294ee2c9d54849f6a4c9dd5155be067f4a963815bb6a2c05b8351f91fe9c51d0
SSDEEP

98304:qhu4nxpAWt1/v0t/jyZRB1KbhenpgwaWAzUoA/AWc4m5wEODMggaI:apAM/cxW7ghenmWWUDAW93Zs

Score

8^/10

persistence upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

QֶԲθȫܰ.exe

Resource

win7-20220812-en

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

QֶԲθȫܰ.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral3

Sample

Բθ֧ֱӸַ.url

Resource

win7-20220812-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral4

Sample

Բθ֧ֱӸַ.url

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral5

Sample

Բθ̳ַ.url

Resource

win7-20220812-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral6

Sample

Բθ̳ַ.url

Resource

win10v2004-20221111-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral7

Sample

Բθ.url

Resource

win7-20220812-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral8

Sample

Բθ.url

Resource

win10v2004-20221111-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral9

Sample

Բθصַ.url

Resource

win7-20220812-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral10

Sample

Բθصַ.url

Resource

win10v2004-20221111-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral11

Sample

Բθ.url

Resource

win7-20221111-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral12

Sample

Բθ.url

Resource

win10v2004-20221111-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral13

Sample

Բ.exe

Resource

win7-20221111-en

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral14

Sample

Բ.exe

Resource

win10v2004-20220812-en

persistence upx

windows10-2004-x64

11 signatures

150 seconds

Behavioral task

behavioral15

Sample

华彩联盟论坛.url

Resource

win7-20220901-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral16

Sample

华彩联盟论坛.url

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral17

Sample

华彩软件站-使用必读.url

Resource

win7-20220901-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral18

Sample

华彩软件站-使用必读.url

Resource

win10v2004-20221111-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral19

Sample

뷬QQԻ.url

Resource

win7-20221111-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral20

Sample

뷬QQԻ.url

Resource

win10v2004-20221111-en

windows10-2004-x64

0 signatures

150 seconds

Malware Config

Targets

- Target
  
  QֶԲθȫܰ.exe
- Size
  
  7.2MB
- MD5
  
  18f05d697d1073a509ba15225819c800
- SHA1
  
  d67894e561d2d77c0dffa992718b07f0187dd154
- SHA256
  
  4aad27dff19aaab18ed8cef7707b849587e0aa5b35e283a11580080e70bc8ffe
- SHA512
  
  538194ca21b74a3efb74f5187e46e2466dc0c866c645f2006bd1bf5077e4668c218eb9e61cc6db1efa15781bd8822eaedc7bfeeb3436a845da649d013dd0fb13
- SSDEEP
  
  98304:VZf8h00H+1bnO2LQszjcZXJ1K17A6fjWa+j+DU2TeDEvmJBAUZL:XpbO2LQGAZK7AAaX8UHEmJV
Score

8^/10

upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2
- Target
  
  Բθ֧ֱӸַ.url
- Size
  
  158B
- MD5
  
  19d4a43ea637370b2cd685f604a9d702
- SHA1
  
  022a26a406ca5696c78e334ecec0782ca280c66b
- SHA256
  
  01fc0e69ac6d1eb7eca6b7f2a37c11e9162eb9489b01509af9a52ef37ca1f997
- SHA512
  
  b2ae1b8611f77db9d85c4e599c17dc567089e35fdbb0901c113d66e1a7b684381fa0c48541223291fc9c23380c33ea444851e17c6ba93bc849f6893d646f1f8b
Score

1^/10
behavioral3 behavioral4
- Target
  
  Բθ̳ַ.url
- Size
  
  160B
- MD5
  
  d471b2c45ca4c7206400e9999bd140cc
- SHA1
  
  e989aee2717908a8405e395ee2ef5ae620673973
- SHA256
  
  4b44e8d64449483f280a96a84b18679116dee296f7ac554245dec7105e7a0ec5
- SHA512
  
  860ab2046d30f1f729fe08785f988c46d7e7617c7e6c5b401936c73a20b7e098348b35f4e41ce36a21cd3b696edae2b14dcec9fcae2343430196311fab89506f
Score

1^/10
behavioral5 behavioral6
- Target
  
  Բθ.url
- Size
  
  180B
- MD5
  
  a7dd8668a53f369b39c9ee14d15fd3d8
- SHA1
  
  5eef69212bb6af71625c10dafb29b482694dd826
- SHA256
  
  68cda217d493f9e284c020456e171597ee3b05dbbba8a8a45805f9b8369b5b9c
- SHA512
  
  0831fe09bab6d17e583095fc2056ce3884f7ce67ca39c9106a4939d59a5d67d8534c69a357b090e257faa62e6082303aea4a4c02fdbf5bb76eed1e23f0486508
Score

1^/10
behavioral7 behavioral8
- Target
  
  Բθصַ.url
- Size
  
  163B
- MD5
  
  ece22a30fc56312b95d33709b78a4b31
- SHA1
  
  45e4fb85bfbaa476ea4f297f98e6310bbcc91ffa
- SHA256
  
  6b4c7eb4697bd3ae7861297d12207019c0bf4920b43cef600c98a20266d3f705
- SHA512
  
  dd722ebb5141dd662f08c20282d2d1e2f0a1d9bb6808bfb508d21d91f18da5faed9b038a40d0530724f4602684b25d0b587d0db0716ccb4ee7235c0ea5b826c9
Score

1^/10
behavioral10 behavioral9
- Target
  
  Բθ.url
- Size
  
  217B
- MD5
  
  e810dd672a3807c71361e4d45c6fdcf7
- SHA1
  
  baf59fb9061eb5eb8b0de20ce0956f266613106a
- SHA256
  
  09d8368c2b9a0158c04366ada78f99f1568a4cd969ff0674ec435f59794bf9a2
- SHA512
  
  d4fe6d0459e219b8bd653fc265b78834fb1843208213cb434e07b252f6e4d21d2a3a104ed3d712f5b8226e31030c3708119eb3d81b591c3c3a9856212ebcc1d7
Score

1^/10
behavioral11 behavioral12
- Target
  
  Բ.exe
- Size
  
  465KB
- MD5
  
  63d19df9caa9d1e7ce950c6fbd19c243
- SHA1
  
  62bc630bfaa8030c4091b84c48845ae4148956f8
- SHA256
  
  022661ed69bbfbc95729f2d24e0990ec946e2fb248f78842caf83e3205b1e205
- SHA512
  
  ce2088d0d5765431ad2e6131241da277c21ecbcfe35b08f8db5001ad792b9e760ef9052a579b85b3c81880efb902a5abd27324630a68837e4679536a05973267
- SSDEEP
  
  12288:0qy7g6eJycaLu26Jf89qiGuigF8kbJLwM+kCeb+uoS:0qy7tefOi29qiGeKkz+kk
Score

8^/10

upx persistence
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Adds Run key to start application
  persistence
behavioral13 behavioral14
- Target
  
  华彩联盟论坛.url
- Size
  
  195B
- MD5
  
  3698a735324bacdd3b2af392e147760e
- SHA1
  
  5b418dd022cca58b681608e2edeed76664008bf3
- SHA256
  
  581598ce2b694b1047880b8e3e00c29503bf14e7d5e822a50d0d9d18efc4049c
- SHA512
  
  dcc683b550626e02ef141203d3cbf93cddcbe601a26ca0d96d07023bb0d99d495a9907877e6cd1c357076bbae21706f8efdbbba400fde72d886aea9eb5f4287a
Score

1^/10
behavioral15 behavioral16
- Target
  
  华彩软件站-使用必读.url
- Size
  
  195B
- MD5
  
  42efd0afcfab0ff79f2c6f5da24130c0
- SHA1
  
  70be7729a7ceb8104f10ca9a3992d8f8a66625d6
- SHA256
  
  4efceddfef0eca8059d945e667cded24eb0abdbc7dca00c7ed6a4a51b2598a7b
- SHA512
  
  82b6e9c0349aedf5a162b8f1a93c2c9403c78814df9bc40524e96c6fbdf3dc2fc8ac7a54f8cb5791602733429cf3e30785491bddeb4f301f9c88ec7561741496
Score

1^/10
behavioral17 behavioral18
- Target
  
  뷬QQԻ.url
- Size
  
  185B
- MD5
  
  d7abb2f3ee53fd6b3be59a892cc2b44e
- SHA1
  
  69c39035e050ce2106a43c4f5df2f58ac544b71a
- SHA256
  
  b0dd9a628f4c38e05d5fa3644f3c7ce797c2fc91ff7d8307a9af5b9f39785a93
- SHA512
  
  fcc2096dc09a137bc536f3dceeeac737b0bbc59080d7f0ab964db5502541ed644e9bb1d83869799b31dca7125003b9098d42b3a6931d03772bfa4c90eff492cd
Score

1^/10
behavioral19 behavioral20

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

© 2018-2024

Terms | Privacy