1141efed74f2c12a1a6d871ae4594afe69f1bc60be9177039b8beb1e6723a89e | Triage

Sharing

General

Target

1141efed74f2c12a1a6d871ae4594afe69f1bc60be9177039b8beb1e6723a89e
Size

1.0MB
Sample

221125-2mnrzscc39
MD5

b0bac627c7a08f3dcb3475f02b71cf00
SHA1

37401c3187d6254f16e4678307a5c5b52be7a826
SHA256

1141efed74f2c12a1a6d871ae4594afe69f1bc60be9177039b8beb1e6723a89e
SHA512

745e166544486e4f3f0531819faac7e934a165139159ec4dca3b72d37fd44e923d14f6dd40292dd9d8cc2ee4c9fd1336b93661060c10f9dc4706be85ed60043a
SSDEEP

24576:5L/D+yLPbg0sWU8nIB0tSk60aRkoZyb7aabH+pFjPR30dzqRPjDbHmXBvG710:5L/D+yLP1U8IyT60aWSi7aabHijOdzyo

Score

8^/10

evasion persistence trojan vmprotect

Malware Config

Targets

- Target
  
  2014年全部热门单机游戏及汉化下载.url
- Size
  
  135B
- MD5
  
  a29b31d598bace188d44a1a00dc49ae1
- SHA1
  
  1e28bb441000742512fd60a7aeb27bb018e5067d
- SHA256
  
  03de1ab3909bf16475265be54473b2dd8b525a43edb21d9c053e002748f171f9
- SHA512
  
  225873d557ff6ab12a27f99d3fd0d43479fb0f0aaf63ee9a6a432607d5588faf10091ae5990bdb969c97d2f0e74a50110c7ba9d2ed652980721f72699e9f2923
Score

1^/10
behavioral1 behavioral2
- Target
  
  Crack/Game/Bin/3dmgame.dll
- Size
  
  802KB
- MD5
  
  582e9002cc3766b3cff02536b65c6bc4
- SHA1
  
  91ed2700dbfdaa31b3bfebdfe42a82560839f79f
- SHA256
  
  5bbd97293117378e8c8f12336be4b59e9bd00ce68d105094fe87a2de79d6792c
- SHA512
  
  e2704748681bbc133f0b1b7dee0a83455ef83ca9611c29fd5311679846f96dce6a845480176a4904a1e20a426b7407d596622afc0c188e2e8945a837faf3739e
- SSDEEP
  
  24576:ENiiIr3+x4WzRid6vJSqwduCX8YwfHOPucs0aT/H:ENGDsR1csCsYwfHOj
Score

8^/10

vmprotect
- VMProtect packed file
  Detects executables packed with VMProtect commercial packer.
  vmprotect
behavioral3 behavioral4
- Target
  
  Crack/Game/Bin/The.Sims.4.Launcher.exe
- Size
  
  503KB
- MD5
  
  260874317fdfd3e651782ce92f308acc
- SHA1
  
  97102fa8bbe4f5cd5a99b961cffe4cbfe2e60940
- SHA256
  
  ca389136613d579ece97f2d4775f86cd11d919b99adcdb4145ba686e2cda13c2
- SHA512
  
  a007dfb764226180f10b96b5433121d2a55cf1e3b751c73f99742e6c58d28c76676c2543681dd39e3a94a486d251ef6b88d20b87e538de56e9ea1437d5a7a439
- SSDEEP
  
  12288:LR52ZS10kzeMRyko7vasOeJ+joEkw9Kawv5ad+WYkj:V52ZI0YyrauJcoEkqvwvw2kj
Score

1^/10
behavioral5 behavioral6
- Target
  
  www.3dmgame.com.url
- Size
  
  122B
- MD5
  
  49cbfed4fa9b3fafdc9d499b6163fa62
- SHA1
  
  28decd9138bd3f7b3ef38bf9e40cd0d6305d1cdb
- SHA256
  
  03df27e82600098c34c413cc2e45b43638d3ac33666960cfbd913f1c3f9a0b11
- SHA512
  
  64e91ed564ef64d7687599012c4728b811fec2661dcb7941374cdd3a8450563073c67c452d97d43545f49182fbda2c26702dd35088723ace21717282d1233627
Score

6^/10

evasion trojan persistence
- Adds Run key to start application
  persistence
- Checks whether UAC is enabled
  evasion trojan
behavioral7 behavioral8

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8