571fdba3497a39c7a202753e671f5002323a302d895a8d1862419622953e1c6a

Sharing

Copy URL

Twitter E-mail

General

Target

571fdba3497a39c7a202753e671f5002323a302d895a8d1862419622953e1c6a
Size

5.8MB
Sample

221125-1z52csdc5t
MD5

5f49d4e28ffea50fdd6d4e7890f3807c
SHA1

a753447eddae53d733712cac6150a0069865e73c
SHA256

571fdba3497a39c7a202753e671f5002323a302d895a8d1862419622953e1c6a
SHA512

8a10fc11508ed3d09db43cbbcdc7d9f2859245ee4e70bad5e67713cf9b904d75c481e6de0c70a03bc66706eae8c4f564211c757e23454e6217d8a007ee75d03c
SSDEEP

98304:d3mfmi472sV3ry9VgI8scgUZdxER6eOfi1GwSlM3mfz30sUT:Izp92I8sRBweOfsLoDIsO

Score

9^/10

upx vmprotect

Malware Config

Targets

- Target
  
  雷霆之怒夜涩辅助V2.3/EThread.fne
- Size
  
  56KB
- MD5
  
  391a5e311cebf461334acb330a0faaf8
- SHA1
  
  8e46d3ac91ba123803d69a665c80b30f5a8ad339
- SHA256
  
  8f462850ca8f46dd4095097aac4fcfb04cfd7fb0020f410dd3612960a16cd054
- SHA512
  
  8e7bc8c3677c6afcedb6fe7c6f4aa7ab9097ecb015012e734c58d59d6b77a04ef12a32dc653e6e06c332c4bdb50cc5c986eb07b44a4203f9512dd168a289ecc8
- SSDEEP
  
  768:13gWNW3gyVNWTmOPMJcyS6K7viaViB9V5yHQ6Fq4oCaJaUOJK:5XkSTmOP0Cbu2BboCakJK
Score

1^/10
behavioral1 behavioral2
- Target
  
  雷霆之怒夜涩辅助V2.3/SkinH_EL.dll
- Size
  
  86KB
- MD5
  
  147127382e001f495d1842ee7a9e7912
- SHA1
  
  92d1ed56032183c75d4b57d7ce30b1c4ae11dc9b
- SHA256
  
  edf679c02ea2e170e67ab20dfc18558e2bfb4ee5d59eceeaea4b1ad1a626c3cc
- SHA512
  
  97f5ae90a1bbacfe39b9e0f2954c24f9896cc9dca9d14364c438862996f3bbc04a4aa515742fccb3679d222c1302f5bb40c7eaddd6b5859d2d6ef79490243a4d
- SSDEEP
  
  1536:s5Np2dgZgIehUUS3E1Ujmrvl179D53UWnGQRJZiXRmrCnKptnouy8K:s5Np2dlUX0+Cx17F8QRJZKmOK3outK
Score

8^/10

upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral3 behavioral4
- Target
  
  雷霆之怒夜涩辅助V2.3/arie.fnr
- Size
  
  1.0MB
- MD5
  
  dde0681ba7a02bbb1c9b756af7e53fd2
- SHA1
  
  eb1310a5848614d89e71e76bf6beee497a068017
- SHA256
  
  f1efcaa3a7b5bf98819ec0076984f4af595d595c2553f4eec454e6d96f2bf080
- SHA512
  
  1f9892ea5727159e7f0ec836dac78bd6923f7b803e5f39113a14c27b4bea5353503a7b998088cdf8ad0f0920e66a241c588bec0b2cab6b02157b54ab4ce30ff1
- SSDEEP
  
  12288:d9uwvXUjUEQRTykNsRo5uloubqAxxKYlNKVe0QhBOSIwflL0lA/2b:wjUB+ho5jAxUYshqBOSIw96A/
Score

1^/10
behavioral5 behavioral6
- Target
  
  雷霆之怒夜涩辅助V2.3/dp1.fne
- Size
  
  124KB
- MD5
  
  210795f012450fefa80ce492560e32ec
- SHA1
  
  67d3d972a471804a284da45e05c92474de05e82a
- SHA256
  
  f901d0883e40c0635724b085b5b889b567f6347b7c41f7183377b79e27088fba
- SHA512
  
  8bd71d02d43004dbe2e882475d4f72e69a9cc2d8e442013fd3536cfdc71296c2c4c8121875785e8b1cb9f37aa6a5c94fed846e8068a6aab5e71252f166a7140f
- SSDEEP
  
  1536:1DSn+hfeTpCwAncpZ6Z8HTiQjl1sYiKG3oZ/:1DTReTgwAcp9lqKG3o
Score

3^/10
behavioral7 behavioral8
- Target
  
  雷霆之怒夜涩辅助V2.3/eAPI.fne
- Size
  
  320KB
- MD5
  
  f3bdb078e722c34956b370a74b518e8c
- SHA1
  
  5217eac6dbba8ed1819acf90596684f15e87b00d
- SHA256
  
  f3db44f1d7c4aaf281b9d8c1e9e542660e975e2abcc4d4927e78488303ca7ecb
- SHA512
  
  7878e0261561aa854489215fe725d1da63727805780a74658e2618011eca51999c925b63a6c962849376da2739db06b2abb7197acd64dc72ff50542d172244dd
- SSDEEP
  
  3072:0U0swaxu1SrlTvpSuKsZZA+CaHgepAPAdh+SmTsc05nJhonAfVMQDjwQ+9JQmRyd:0UHwakEr9p+AbCQpAIdh6mVMewQ+Lca
Score

1^/10
behavioral10 behavioral9
- Target
  
  雷霆之怒夜涩辅助V2.3/edison.fnr
- Size
  
  3.8MB
- MD5
  
  518f36099e6526c41e44ccfdf2665a99
- SHA1
  
  acb3288e67fd5381ef6d89ba6031a623c535c481
- SHA256
  
  e14eaf02998acd6c3ae092c1f6a62377e64add5ed410096df693388694cb19c4
- SHA512
  
  e1977eff04ea4fcfc19a119f37cf165b945662cf858e2cb918ec9f8716e354657c545ac2fc8f3e96a239978589d1ff88e6571db47020d7ca8e4d127618bcf478
- SSDEEP
  
  98304:hUlRr8eWMeymfqEbW5UAGAD2jMjtDTu+jrrc+:hO81Me6SrAMMZfu2H
Score

5^/10
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral11 behavioral12
- Target
  
  雷霆之怒夜涩辅助V2.3/internet.fne
- Size
  
  188KB
- MD5
  
  b925098c6a6330410cffb3994ef36211
- SHA1
  
  7467bb63d47ea2fa6dbf3984ede8d9e04b8ce37a
- SHA256
  
  f25727ce196ac0ab4119ab7968cdfe18425170b55012fc7fb26a3f824514d82f
- SHA512
  
  955ab8e3eb661cf575db0db77ca81fca16cdb3e29ce49237b1df1377d6f2aaff3c6a12bbc98a720f0a67292b39451474b97de31f696688a93547181991fffe0e
- SSDEEP
  
  3072:tpTEys+TR7yRoHzXjlhvtcxVIThpEbbAKNXoqlSY9M02MHUP:tpTEt+ycLHlCIThpEX9+XM
Score

1^/10
behavioral13 behavioral14
- Target
  
  雷霆之怒夜涩辅助V2.3/krnln.fnr
- Size
  
  1.0MB
- MD5
  
  dde0681ba7a02bbb1c9b756af7e53fd2
- SHA1
  
  eb1310a5848614d89e71e76bf6beee497a068017
- SHA256
  
  f1efcaa3a7b5bf98819ec0076984f4af595d595c2553f4eec454e6d96f2bf080
- SHA512
  
  1f9892ea5727159e7f0ec836dac78bd6923f7b803e5f39113a14c27b4bea5353503a7b998088cdf8ad0f0920e66a241c588bec0b2cab6b02157b54ab4ce30ff1
- SSDEEP
  
  12288:d9uwvXUjUEQRTykNsRo5uloubqAxxKYlNKVe0QhBOSIwflL0lA/2b:wjUB+ho5jAxUYshqBOSIw96A/
Score

1^/10
behavioral15 behavioral16
- Target
  
  雷霆之怒夜涩辅助V2.3/poe.fne
- Size
  
  320KB
- MD5
  
  f3bdb078e722c34956b370a74b518e8c
- SHA1
  
  5217eac6dbba8ed1819acf90596684f15e87b00d
- SHA256
  
  f3db44f1d7c4aaf281b9d8c1e9e542660e975e2abcc4d4927e78488303ca7ecb
- SHA512
  
  7878e0261561aa854489215fe725d1da63727805780a74658e2618011eca51999c925b63a6c962849376da2739db06b2abb7197acd64dc72ff50542d172244dd
- SSDEEP
  
  3072:0U0swaxu1SrlTvpSuKsZZA+CaHgepAPAdh+SmTsc05nJhonAfVMQDjwQ+9JQmRyd:0UHwakEr9p+AbCQpAIdh6mVMewQ+Lca
Score

1^/10
behavioral17 behavioral18
- Target
  
  雷霆之怒夜涩辅助V2.3/shell.fne
- Size
  
  56KB
- MD5
  
  b824c21472c72b34fa9e103a71b210bf
- SHA1
  
  8611a68c40c3c66c81795df814165b1338b2dca6
- SHA256
  
  544985bffdd00a24def65288354dd4b4b3b29c99d9e4965dba7463ab229c61bf
- SHA512
  
  d2167cb90019ed4353bca853ff8c2d1ea1923d0b7a19c253aa2680549e30c82557ddf76dd4d3dd2fa18d03e6802466999ded35b417cb80b8ec51569dee530d9f
- SSDEEP
  
  768:PeZWaAKT41c1IYc8HBbrYNYVw2Fj9oNIqF42eo6U:PBKT4fkrymV7oNIqC8D
Score

1^/10
behavioral19 behavioral20
- Target
  
  雷霆之怒夜涩辅助V2.3/zeir.fne
- Size
  
  320KB
- MD5
  
  f3bdb078e722c34956b370a74b518e8c
- SHA1
  
  5217eac6dbba8ed1819acf90596684f15e87b00d
- SHA256
  
  f3db44f1d7c4aaf281b9d8c1e9e542660e975e2abcc4d4927e78488303ca7ecb
- SHA512
  
  7878e0261561aa854489215fe725d1da63727805780a74658e2618011eca51999c925b63a6c962849376da2739db06b2abb7197acd64dc72ff50542d172244dd
- SSDEEP
  
  3072:0U0swaxu1SrlTvpSuKsZZA+CaHgepAPAdh+SmTsc05nJhonAfVMQDjwQ+9JQmRyd:0UHwakEr9p+AbCQpAIdh6mVMewQ+Lca
Score

1^/10
behavioral21 behavioral22
- Target
  
  雷霆之怒夜涩辅助V2.3/更多软件下载.url
- Size
  
  204B
- MD5
  
  94e540428ac8f3545fec78c2b3dd8c0e
- SHA1
  
  cd46c366b68af03fc8fa4fa097f9815d43e4c2e8
- SHA256
  
  357214eb50712a5c8663ef263c458cb4ebbbc27e64d73ab5e32c82f60a7b80c8
- SHA512
  
  3c7876c3a18e1ba98329392ac1b940c479552b361386ce3776622ae557e4d3d8cee045d162a614a302a603cb4615024258703e0652f41541e043fcf7ecdff539
Score

1^/10
behavioral23 behavioral24
- Target
  
  雷霆之怒夜涩辅助V2.3/雷霆之怒夜涩辅助V2.3.exe
- Size
  
  1.8MB
- MD5
  
  09be0e9da4098fd10fc3e664db9a6c76
- SHA1
  
  59e70a5a5a5bfc78a83ccf55ed968ee0d40fc651
- SHA256
  
  cb7d20ec893bc7f68332a4867b4074650fdf8a250a44926beae4a069e444b0cb
- SHA512
  
  f69269fa538dc900e7d9579ef8d362b962cc2f6d52af49672ae8206e2741c8b3e4b0cad41b0d43a64e851403da9eeff3a62354083b4108286036579f47833829
- SSDEEP
  
  24576:g3iFu/RkAgSl+I7CfHhZ/uOHTLXs/nGRMItConG3CgOuKrMA3jIEPn7:gSY/RkdHD8i9nKOuYTl
Score

8^/10

upx vmprotect
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- VMProtect packed file
  Detects executables packed with VMProtect commercial packer.
  vmprotect
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral25 behavioral26
- Target
  
  雷霆之怒夜涩辅助V2.3/飘荡软件.url
- Size
  
  320B
- MD5
  
  c404bacb30424b525bf6dfcab807f461
- SHA1
  
  4fdc923fbbeafcb4ee150f4f82597ae72d1f4df6
- SHA256
  
  8dc8673d85feb2d358e80a498ca7e649b46b8af119ebaf32126099df3cc5fea3
- SHA512
  
  48b370b8a2a81ae5f3f57752b06f119b8bea0efc19b2ccf31683b5a9456ece68200ee2fb7826bc24c598311be925829be8084e1535f61330d8b91ba4b8d5f74a
Score

1^/10
behavioral27 behavioral28

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

UPX packed file

Suspicious use of NtSetInformationThreadHideFromDebugger

UPX packed file

VMProtect packed file

Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v6

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28