8678d9fd919508f00a4f1bd71c0fbe99d1e442e55df520da3d27f88f8944f0c4

Sharing

Copy URL Twitter E-mail

General

Target

8678d9fd919508f00a4f1bd71c0fbe99d1e442e55df520da3d27f88f8944f0c4
Size

16.5MB
Sample

221124-h4nnrsgd36
MD5

3626b7767b6122f3963480549cab3c01
SHA1

36f36892fccf24b7f4f2cd91ead59f635e78d05a
SHA256

8678d9fd919508f00a4f1bd71c0fbe99d1e442e55df520da3d27f88f8944f0c4
SHA512

690a20124061957c79192d7caff4a4b4613d732656384c3437ce2d99711cfa929f18d7ba48d882f8a05ca7a9bbb80ce083c25e11956961a5c0174b62bfc70f5e
SSDEEP

196608:5++PqLwFH4dwyncr58Dov8Au5yZFaH8ORwGkYUrZ6oA4fwuBxf4PvJQJRtKly0m2:lPqLwhkhDNJBH8O9A/A2BxIu1UR8ZsP

Score

7^/10

Malware Config

Targets

- Target
  
  bm114/index.html
- Size
  
  26KB
- MD5
  
  7be3042650254255a81f221044cc6936
- SHA1
  
  01b03d863026460a611ef31731bbd1fbcce6321b
- SHA256
  
  2877a5bb7fb410a687e7b6d0c5d519386bebb674a438a6064ea1a0814f98fec3
- SHA512
  
  61d85c0878b7a5651e6a29f610a84638db3992452d3c393989ccbf1232e384ae90725dcc01220020875e296bd93712d1c329c200ecd07ebb3d54987a775c6639
- SSDEEP
  
  384:SIVc1Q0Lw9CMEQdF9eI5IMaA0nGMUa/Q6KkGP3d1QX3ORrpO4GXQYjS5GsvRUNea:SWcRxJqXqQNLClmxMOZgws
Score

1^/10
behavioral1 behavioral2
- Target
  
  bm114/wwwroot/aqq/index.html
- Size
  
  3KB
- MD5
  
  1e842815fb20c4c15912eed9e6b9a27d
- SHA1
  
  44b77a00980629c0b64a4b99ba042f758858f1ac
- SHA256
  
  42f46820c9b21781ce7301e141eac6a2817a6d429b23e43591320b2afca19c4a
- SHA512
  
  b6c26a31768842cd92d66f71518325627ef7adb26dcdad431155abc545ed4892d9a0e18a8b3db919fc190771aa84c1522651e3e4cae44e9c8478a5554ad8cf53
Score

1^/10
behavioral3 behavioral4
- Target
  
  bm114/wwwroot/ascii/index.html
- Size
  
  3KB
- MD5
  
  e2a0d352df6540de4c9b710879e2bb4a
- SHA1
  
  c293728b4d9cd4b7a4e9f839e678a15cf0418917
- SHA256
  
  3c64d6bf83195bee0f82e047b58204f8b6df0c03c5cd212dfcad40c0d6159e2c
- SHA512
  
  f5bceb5c0cc4a24d66833a848243b0bababd5b948bc1558203e0c7afa1977461ad36360a5bf4fb382a219673e6641ae6698212d1a79599987a48efe0baabc9ab
Score

7^/10
- Unexpected DNS network traffic destination
  Network traffic to other servers than the configured DNS servers was detected on the DNS port.
behavioral5 behavioral6
- Target
  
  bm114/wwwroot/ascii2/index.html
- Size
  
  3KB
- MD5
  
  788da41e5997cf6a67595148a9b2ef08
- SHA1
  
  7778a60f95c23e3b42e8b5173f6d27eb3b3e8726
- SHA256
  
  85623ed16f231b05f9bc410f2622cda8aadc1b1d253d265bad67cd528951220d
- SHA512
  
  fe28bd6520637a2dcfd528802335ba20a6e7df548ec262841131a1f7cf99b91d950b78510c21c31bb4b091225f09c6ab967fdf1c99c1362a6f408d91aab0f33d
Score

1^/10
behavioral7 behavioral8
- Target
  
  bm114/wwwroot/base64/index.html
- Size
  
  3KB
- MD5
  
  0f3ff76c3e57cd3882dfae501098fa4f
- SHA1
  
  dd9eedcff64ae685541f1b9f17aa481d7569602f
- SHA256
  
  e43b2dee2366bb7b272640206cf9fb5c6b8c4242a850833d921fb06586d9d7ba
- SHA512
  
  f68bb217370662279c7e20561d96e1c084af8a820b6e993d23e3016908793cf7fc7b117f233b4fb79d13538c89b6a143ad401c7f81192467806f2b3d1d93f739
Score

1^/10
behavioral10 behavioral9
- Target
  
  bm114/wwwroot/biaozhi/biaozhi.htm
- Size
  
  29KB
- MD5
  
  bc370fd04d77eb2f729d63fd1e641084
- SHA1
  
  eb4a35446e262a9cda78782d1b88b15b41c41d9f
- SHA256
  
  1d99f2526dcd07dfc083f72102114683cb0a50f3964f4c1b0c226cc278c58eb4
- SHA512
  
  8f6525a51871dd089c5a04312f4b8421c2cd0867abff9e31f7f19bb43148f6665d61979d9277c4a2557813492dc3b6f7c72a3d2c7e176d8e36e47db90831ce8e
- SSDEEP
  
  192:SITpBa6WvLCN9xeDt8LZVupsp8zeeeIrKOOx:SITCBvLCN9xeDt8LZVEspOeeeIrKOE
Score

1^/10
behavioral11 behavioral12
- Target
  
  bm114/wwwroot/biaozhi/index.html
- Size
  
  2KB
- MD5
  
  28bfcf5120e4e6bba8ddc758b79d4ad0
- SHA1
  
  2ce87f9c4f8bc1284d99bc8e47078328c9e66e8b
- SHA256
  
  8fdce6306a615d6cb7d0421a00baa4ea05cd2e80856f3f56a6f096b1bb6cffbe
- SHA512
  
  3751b7b263480456d20f44112e196085c4a88442f0c05b21d2339b0f03f470b1b1055d2fcf4a2698e55754b6646b6c72d81d6c544092c431487e315621a6b2fd
Score

1^/10
behavioral13 behavioral14
- Target
  
  bm114/wwwroot/buyhouse/index.html
- Size
  
  14KB
- MD5
  
  2c511c94679074afc5e9518e0eb40a31
- SHA1
  
  b61818eccd0d4dcdc377ce4e1130ae274554c5f5
- SHA256
  
  16ab86d287d1ad5601b5f1696e32757365edcec563ff5e2c11b49b762dcac3ee
- SHA512
  
  135bc34e21a6843b60309818ec321eb2385cbd593910442010a5b55f953f29f3fbad1def0abceaf9c0eb80f820f2c572b6d639ba1001ad48d38a99efcaa9630d
- SSDEEP
  
  192:SI3w1bNkTUFlRsz5dOOpmUyhuveVhhNeyCr:SIINZFlRsdOp4WhCr
Score

1^/10
behavioral15 behavioral16
- Target
  
  bm114/wwwroot/cal/index.html
- Size
  
  6KB
- MD5
  
  f777b5c40475e806063c5e4c6f2622cd
- SHA1
  
  4795d26677057e74fda65b103bc6ab3629e642d5
- SHA256
  
  e2a542c8ba97915a4f57ffede43af705232daa1f5293467c4b0e166a5244180c
- SHA512
  
  50f848d724f8e969e414620a1ba21c7e19c6804c5e3f9e6ce795e6489db649b12e6888440918e8390481bcfd863e768015d4f3fdeb7c04e64a433d6c4c9b64ad
- SSDEEP
  
  192:SIPw1EQdM+nvRUN5ze5wx5qO5N5Wze5iXs5hT65WFrALG6oR:SIKnvRUN5ze5wx5qO5N5Wa5ic5hT65Wz
Score

1^/10
behavioral17 behavioral18
- Target
  
  bm114/wwwroot/changdu/index.html
- Size
  
  2KB
- MD5
  
  f648843a0d723e6e14d2325058337356
- SHA1
  
  d63e26b5a00f1c608df79160869f259b88835869
- SHA256
  
  a722bbe3d6a0886120ef4e52a84b0edc959d0ff7db643b18f628cb9d74063afc
- SHA512
  
  67272106913411f1c9a2db5d0bb348deec5de1b239eca6d58afe3c5fdab0f8b2da870a985b2f3d7f5a1d87baf39a05b3191a8ce1b8fbab6903fd75335ea51203
Score

1^/10
behavioral19 behavioral20
- Target
  
  bm114/wwwroot/chaodai/chaodai.htm
- Size
  
  11KB
- MD5
  
  f7d0e4b3c788d278f49dd9a1f327005f
- SHA1
  
  b54fe7ba44416b8714182478fd220c306d68a1f1
- SHA256
  
  a4fed1c950138a16996771438b64c52a1916050e34dde354db03ae7f9e982701
- SHA512
  
  28c3330dec7f13c9a02e5e66dd403515d10616d7470957ae866ea6e250c9efe4549a17ac7d370f25f2b7464b9009d45d9948d2b9bd911d1b2dbea1b0c3e2beb9
- SSDEEP
  
  192:MivJUFTykfjQm5w8aOyudTDGC+GJl++JyuuTQsGCPDtbnnVtSDQvo2CYUTbnCdvz:MYThEwETynShNQEyD
Score

1^/10
behavioral21 behavioral22
- Target
  
  bm114/wwwroot/chaodai/index.html
- Size
  
  2KB
- MD5
  
  9aa3e2bbd35d4194cb8946ae0cdf2bf2
- SHA1
  
  bb4981dc6fb50c800d5626c5c7a4156dfb48a6ab
- SHA256
  
  d8ad12ef5a4b071a89075fece54d4bd57b2e74e1fa6804935fa90f668c0cc6de
- SHA512
  
  21fef2313b5842e4288172deeccdcc11db4cd3ae914cd23685604878c4d9f40cbdabd89e2bd3bf823637bbc1cca5c361f73aa298e032cd90be7d4b7d043e01a2
Score

1^/10
behavioral23 behavioral24
- Target
  
  bm114/wwwroot/chengyu/checkpostandget.php
- Size
  
  1KB
- MD5
  
  721ba935d1296955ada99db5149976e4
- SHA1
  
  6bed8c63c3cbb8a0773d100ff183a34358c48601
- SHA256
  
  0791c1b2db77650241c723ac704edc4b9ff6dc55dff807bc379ffc5845560010
- SHA512
  
  3e33c820f9a5d5b2795c98929952a919f1e69b93a5763350d4bf9e8e438cad22047a6824d977460762af185041551d6a76bea2a40d222bc8d4a153766a62a85a
Score

1^/10
behavioral25 behavioral26
- Target
  
  bm114/wwwroot/chepai/data/1.html
- Size
  
  3KB
- MD5
  
  d098e4140cbf139c7c91058ea2e6caf4
- SHA1
  
  59f9ec6e9c064c2e1a111718c85ff8b183d2b897
- SHA256
  
  b3eeddbfb118da2c05dbdde45201f0d872042514a06c143a3b51e205f572ea53
- SHA512
  
  933a5bdb3ade7bcf16beaf02465e532f976bb426b529b49fe559a06493634c1536448ee446751ea8202f35ccbc352dfb472c2ae06820907b6a6aca13d2a48a15
Score

1^/10
behavioral27 behavioral28
- Target
  
  bm114/wwwroot/chepai/data/10.html
- Size
  
  3KB
- MD5
  
  fa784a4f3ac0aaa279d7070d0a1636f2
- SHA1
  
  3bbc963b6c37ed1cb623a0476d7e5f1f3574106e
- SHA256
  
  4a1f1ada971c3ad8a2c2617fe53b025182b0aa8188b0357710abefa9455ed576
- SHA512
  
  2b624c299f4b005761ffde4782c35abbc834bb2e15e3929a59468194b2b10eaea2526ae3322a560a4f4b00cbf1cf5ee82bf1c6225131f4c5fd901a81955f3aca
Score

1^/10
behavioral29 behavioral30
- Target
  
  bm114/wwwroot/chepai/data/11.html
- Size
  
  3KB
- MD5
  
  7879741fcff677bcf95145e7c4fec18d
- SHA1
  
  5bf43e8290c2815724dbe84e67a84abdb4339294
- SHA256
  
  85718be8cff73c0e1a3f2cde7d84a5da1ebe7ddd6c6cbbe8fda118dbcc8235ba
- SHA512
  
  6a7a0b19c2c77d6d2c1b6c9dc44edd345f9b30b94c961347f78f1269049069e00626af02191ea835fbbc36cfc0044ec01754c0de1c8c067c7eaa2e6fb4be1ac1
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Unexpected DNS network traffic destination

MITRE ATT&CK Enterprise v6

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32