746de725b958eb6dc30b836114a79cb0071fda04a15dcc938a6ced5586de25d0

Sharing

Copy URL

Twitter E-mail

General

Target

746de725b958eb6dc30b836114a79cb0071fda04a15dcc938a6ced5586de25d0
Size

2.0MB
Sample

221124-lmg2faed85
MD5

883c9d3faddc356d30ac3112c20158e2
SHA1

9dadc914a311ffaa9a25ccb223eb123baf834ece
SHA256

746de725b958eb6dc30b836114a79cb0071fda04a15dcc938a6ced5586de25d0
SHA512

5c5e919c6b786d9f06958190c347e36bf806d00567c16ca985822e38f47f61ea5bd7364e3262d95159d2789a694107bb6bc9970b08f1816a46364c3dd4a8fa7c
SSDEEP

49152:ZJtiiGptU7+rr80ZAYJ1SxYKaPszhMRykmd6ZR7kktFFwC2eH:ZJg/rr80PJ1SraPszhMRGd6Hiy

Score

7^/10

bootkit persistence

Malware Config

Targets

- Target
  
  ipacc/)!访问我们的网站！.url
- Size
  
  204B
- MD5
  
  3a38bbf4f6e489c411fd94cd6aa556cc
- SHA1
  
  0ebbe3180df7dd781c9dbeca7e883aca0092698c
- SHA256
  
  0aa6fb7dc7a5a95e69b7ba73ff0ff21195de2fa31ded8aed8a5c15148cdbfd3f
- SHA512
  
  a07f80ff3f78acda739c73ab731ac7ec490d5dcd64bee8b72e0fa03645ed128a7b99055dac22935966a124cb2209e6d6fcd37a0af031ae8d39112c03bc2c15f8
Score

1^/10
behavioral1 behavioral2
- Target
  
  ipacc/HotVideo/pageerror.html
- Size
  
  1KB
- MD5
  
  7db35201d8189e092997fae0163b4cc8
- SHA1
  
  3f14342a77e7d8be68c89cada5db7a1570e234ee
- SHA256
  
  5e76e12a0628658e0841c9e00e14c2a579a88ff7a5938e7a9a3ca99611454d42
- SHA512
  
  609ebec14cc8e3d1671e39924d68826a93f1f88a42c1d3d1bcc270f35d8e95b139ab99d44570ea64517d256351c137d6f9eede08a16b2ed1167dc87f0f8e8fe7
Score

1^/10
behavioral3 behavioral4
- Target
  
  ipacc/HotVideo/pagewait.html
- Size
  
  1KB
- MD5
  
  ada8bc44e180ed72ea3e1870623a6c54
- SHA1
  
  383da689dea5884310eb80e8fdc7760a64fac002
- SHA256
  
  4c728e6db57f4fc6bc63a7e5e9e1662a0dcb30822300b1ee66d0ef1abe89bef8
- SHA512
  
  8e5e4c8c117bb55daa1b21af42441676e561900df4926c408bfba2a4505ecc5f23b483023120db1aa55cf666c4b5547881017f650bb1ebbcbf00b95a0123d962
Score

1^/10
behavioral5 behavioral6
- Target
  
  ipacc/HtmlPeek.dll
- Size
  
  228KB
- MD5
  
  cd7a5a5ea24919d661c9c058eaa8aed8
- SHA1
  
  b2c4f5d5437655875b329726d8521614287fd6f0
- SHA256
  
  602ba0d3d7706689343da9e9d5c9df063eebafbecddc7c9cb4eee7799177d26f
- SHA512
  
  bf45c637a5bc688829576e5fc2827e58d4b883921a72ff9dbe68fa7dff10c7f15eb18a6f62b0a64e554ae7f7012ed9afd436945bee68f6d9927c949f6b396c83
- SSDEEP
  
  6144:AdHDWxiYy4kM22ikvRW4h8CsBHji4NYJ:Fi+kWi2sFj
Score

5^/10
- Drops file in System32 directory
behavioral7 behavioral8
- Target
  
  ipacc/iRes.ipa
- Size
  
  104KB
- MD5
  
  18425d3a85dd1261f276346a0a74da88
- SHA1
  
  9244c4fa3cda3535a291f732d72c08b7f9b48d08
- SHA256
  
  701e062e4f171b4e0f47ab017234d5f005f7b59d9b784b463d094217c9cad2f3
- SHA512
  
  a9d85ec5636699015837d846ba69994cd52df9ed76d73eb85ff1a927c9c8c8bc3d9c5d8cc91cc9bc8bd7e8fc254a594892f7b80c9d6b54cce1e8bd3f3deea1c7
- SSDEEP
  
  1536:zV7Go2LRlQfFKhZCgtgAl4iHK8smyGC+BvX/R0Y:co2L/AyCponyGC+BvX/R0
Score

1^/10
behavioral10 behavioral9
- Target
  
  ipacc/index.dll
- Size
  
  332KB
- MD5
  
  6e772b396a316709c2bbec739daa9891
- SHA1
  
  af2177049a2decb5790b05d912be762fc564797b
- SHA256
  
  c8b36e58326b29ba4c2d57d3d6dad7a36ea3f0abc47667b66c8c80fb4c59c073
- SHA512
  
  6baf13b14ceac558cb4285eb6ee8a80079440c534c163fe43e9b080cb14795f96dbd787f6f8f75f08af15236c840a6e8718c87d8746b20fd3fa0579a03a7e199
- SSDEEP
  
  6144:NzAWwIJOcLOrK4SoRfqaRIPRQrgV1i2L4G:NzAXY/OrK4SdxJGe1ig
Score

3^/10
behavioral11 behavioral12
- Target
  
  ipacc/ipacc.exe
- Size
  
  2.7MB
- MD5
  
  59e1fe6e03698ed318553bcb27459714
- SHA1
  
  926c6eb147771e33da7033b1bc1984d02fecbd19
- SHA256
  
  4997b44eba96f208d739842bfab5ba42d6d403f5be934074f9fb5ebabbb735b2
- SHA512
  
  a5ff4fc6baabfc751c8f6f1d48d7730acb702d003d399a8a2d3f24588f10a98ad5fd4d29fac44d8f9fb9e957c32a8746f8b6331e2778edefa89a989d99510937
- SSDEEP
  
  49152:4FRLGah4x9y9Ks2DOWyvAKM7QEBno8lP3NThjwTJ4ORdaHzHKA:4FRcyfAQEBo8lPi4ORd6t
Score

7^/10

bootkit persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
- Drops file in System32 directory
behavioral13 behavioral14
- Target
  
  ipacc/ipacc_v2.dll
- Size
  
  56KB
- MD5
  
  a4a8d010f957ef326705c513b0af9d28
- SHA1
  
  18bc9ff8de553ecff2b9dfe7a3d51155c7021d8c
- SHA256
  
  559786764ee95af3e56a31b862600dd982ed057c1226f5b8a211c6fad5c7430f
- SHA512
  
  a3ef6af36aab829775fed76f6a07f87757ed4489fd3769ca916b5a7f9772c7f261867d52547400ceba343fc296acd48ce61c1748553b8cfc4a2591ac7713d77f
- SSDEEP
  
  768:tTDbO7x8XoVfrdI+L70bzwzpVOjMX/x+BKEkueAGoDpmKKtVB2:o7xEoVZFaqVGMX/x+0EkueA9ct
Score

1^/10
behavioral15 behavioral16
- Target
  
  ipacc/ipaccu.exe
- Size
  
  1.1MB
- MD5
  
  55015a638f50a9c25f963f8c9d3fd9b4
- SHA1
  
  388e539230f9518b7017c767bf049980dd8a0d3f
- SHA256
  
  e1472087ac696565199c9355d0293dec9be38e83b67e63c56e2d514758b7e606
- SHA512
  
  11ea6d01caf37011949d03b8b26399f3ba0060e01164811efee69fc9ea0b814b92b573ef2d91ac9afd553e8097fa9985a66dd4e1bdec598c2f00c00c609acd8a
- SSDEEP
  
  24576:RAHO6udLo+FLv0MYZWQ820c6OPimM0bu//00:RqObLooIMYZ7Z6OM0m/00
Score

1^/10
behavioral17 behavioral18
- Target
  
  ipacc/iplayer/iPlayer.swf
- Size
  
  9KB
- MD5
  
  81dc833637786d8b7f94d010b059cf5f
- SHA1
  
  9215c464dd76c8f6e1dd62b5eb5258f296fbc81c
- SHA256
  
  d818695e41b4a9fe258f105259551bcf135bb0427ffacfd52bfa61815c7a5ab4
- SHA512
  
  ca73b2a6193125cdaf6d047a6091200c99ee4dd7b535788d46ff54d3dd5e53853f2ecfdbb2ceb7195918f178a3776e3a53f04f130bcdc68c1730a8fc15149c20
- SSDEEP
  
  192:2yBgD7T0jO4LFVg7qJp2cJAzpa42s26DZq3b+spqFjNJB7E7oXxC:o0a4BV6qrlitZDECVjNP7GoXxC
Score

3^/10
behavioral19 behavioral20
- Target
  
  ipacc/iplayer/iplayer.htm
- Size
  
  2KB
- MD5
  
  22e8455cc7cbad66d479a2f27c89265b
- SHA1
  
  9531cd21fb5b2b6c95a7e99ca337374a14be0995
- SHA256
  
  61c0fc341ec767c30b311c9cff5dc84d80a369ea36d0042b22c70e34a3161289
- SHA512
  
  f276a9341b7bc7cc336760e3ea49371d145a2f4eb09cc821f3bb69a44cd67e5dbca830c69e96d40ff9a9c9d23387884a7bf5972ca3490bd091f0dec6a2fcc1d3
Score

1^/10
behavioral21 behavioral22
- Target
  
  ipacc/iplayer/swfobject.js
- Size
  
  2KB
- MD5
  
  3115368fb4e40c5580394360d699b282
- SHA1
  
  5a0d8e1a821d0205e55ccee8622e4f954336c1fe
- SHA256
  
  27d6f524964ef1a6eae8fb086e269741913ab2e3a87a92487c5201f3eb2a4899
- SHA512
  
  7aae95905e10f5bb8a7b566202056cb692c4b8b45bad5ffbf84caa34a6e5376eea13fc7130835b5d2d517c37379640fcab4380b49d3d7512a35a31d2c38815a9
Score

1^/10
behavioral23 behavioral24
- Target
  
  ipacc/istat.dll
- Size
  
  92KB
- MD5
  
  26cfb12edce6878f9a516eb40dd5f324
- SHA1
  
  73f17efdd35929ae46c691a3e7c892307e4b6301
- SHA256
  
  ddb58c425008c68ae08db34519bb5d27a6933f2373629885fb79e8d4398d78b8
- SHA512
  
  a650f38c2a3cfd1a0cac501cecb3359533341765b7a82cfa1289db242e27cb2298bc9e1674bf05920b1957ff784a7fa9087df2e02e3af2a54a0f0610bc3f1d0f
- SSDEEP
  
  1536:A0qiiCCTyYeS3fTdYdu8oQA2JYrof/gjOB8GZOLaD0hBrRIj:A0pSO+A5zZRABrRo
Score

3^/10
behavioral25 behavioral26
- Target
  
  ipacc/jifeng.dll
- Size
  
  92KB
- MD5
  
  aab6b655c762d23f0cb1f637a89618b7
- SHA1
  
  8c04e00597c1d79371d198265b57c3de5216fa3d
- SHA256
  
  7e46bb82ca755e4de75cf7c5809cb08152cf08199917a8821785f7ec6716ca35
- SHA512
  
  7c663042bea8d55bc0b211dcf88d7df32691818d66ab181f81ea8de42b04c285354b4e837647713484239082bb3ead692d676ec30f4c058860b7faca54744b62
- SSDEEP
  
  1536:9pyxTQJgERdH+BFUEpf1lzHRfIevaMalJt+JJP6:GTQJgERCieaMalJt+zS
Score

3^/10
behavioral27 behavioral28
- Target
  
  ipacc/说明.url
- Size
  
  131B
- MD5
  
  18451933c77293cd34ee0620069ede37
- SHA1
  
  e44706fdb5f70a96406edd5734e479334db5fce6
- SHA256
  
  14ac714853b1ac49bf37b561d4cd9e06fe95c7c3fe3d6b119386b65e19c8838d
- SHA512
  
  93b98ea169940377587fd396fa76f0b7bb50c9b37e3dd8d573de039f93581d30db86c1a66f5736eb027e1997a7f42f1f4aab55514e6ec17ed1adb5d5bc5f36bf
Score

1^/10
behavioral29 behavioral30

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Command-Line Interface

T1059

Persistence

Registry Run Keys / Startup Folder

T1060

Bootkit

T1067

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

Sharing

General

Malware Config

Targets

Drops file in System32 directory

Checks computer location settings

Loads dropped DLL

Adds Run key to start application

Writes to the Master Boot Record (MBR)

Drops file in System32 directory

MITRE ATT&CK Matrix ATT&CK v6

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30