Overview

overview

8

Static

static

8

cf子阳�...65.exe

windows7-x64

7

cf子阳�...65.exe

windows10-2004-x64

7

cf子阳�...��.url

windows7-x64

1

cf子阳�...��.url

windows10-2004-x64

1

cf子阳�...��.exe

windows7-x64

8

cf子阳�...��.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    098958f3886bdbbf84a297be53d7bf7a62a00e319bdab1040054d14c791e86f1

  • Size

    2.5MB

  • Sample

    221125-31te3agc36

  • MD5

    daf41a7764cf6f1426cac5c2edb00d09

  • SHA1

    62448ed2343af8aeb2c65c9368f850c7fc0bc812

  • SHA256

    098958f3886bdbbf84a297be53d7bf7a62a00e319bdab1040054d14c791e86f1

  • SHA512

    4fc6f8e37ce0977f881ccd7a8df0de5d4b126eed8ed3d8d1522114f47b4218ab026e4eb9f3710ac4810c2f72cd3a96ec4eab83b22f2ed759fc947168e4149f80

  • SSDEEP

    49152:TT1p0O9K4y8P1OEh3S+SySmg+H+jEDigibWXihFiNXfg4LTMTMFGZ7CCsa:TT1bjFoD+LXv6uJiyXie1o6wCCsa

Score
8/10
aspackv2bootkitpersistenceupx

Malware Config

Targets

    • Target

      cf子阳刷枪软件/C90000165.exe

    • Size

      1.4MB

    • MD5

      ad36c2362c768d5dd35ab52b9ecebf74

    • SHA1

      c0421275f325bdc9523a6248547a5246d006189f

    • SHA256

      290b2114b5cf080c9377fa83dd1f8b34eca5fceba910a767f41005edd6f86554

    • SHA512

      17e64246411a08b6351e58297ab23999ebb4897648b75642b9c790048bddec7a3d7be1f3ef70f2feb296319e47cc9f69bd242d61555ab7719764a74ca3f5f6f8

    • SSDEEP

      24576:uCjTrHbwvh+9KkhSyW42Hkjigj1g4/Pbb6yPfo6/SzGI7L90uMhHE4cNpKf/BP8a:lTr7Q+9K2W4J1g+jFSyIgC42KHEjYXiO

    Score
    7/10
    bootkitpersistence

    • Loads dropped DLL

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral1behavioral2

    • Target

      cf子阳刷枪软件/PC6下载.url

    • Size

      108B

    • MD5

      9a3427f2b5d327e004e68379049168ec

    • SHA1

      b7e47c3a4a8777dc9f56d03ce351309b880789e6

    • SHA256

      c5c7327a0829c196ed997090e5e859d3ef91c9b48372a521aeeb3fcbd17e9a50

    • SHA512

      62b93af0eea8dbf5e02f080b8375acc2eb855c5fb881eb61980979d1c863a233dc8cf9047ce32741a81cd9d7a414ddc70548fa6d7b1e52fc1614c55f14d740bb

    Score
    1/10
    behavioral3behavioral4

    • Target

      cf子阳刷枪软件/cf子阳刷枪软件.exe

    • Size

      1.1MB

    • MD5

      49494e187a014e2e41727e0750ca6fc5

    • SHA1

      e51a90a93b9016c83e420a699aeb7a883f27f690

    • SHA256

      da370b051ede62cf65e6f2d6c0f037b066c9745e9903f48c1a89e29431657c4b

    • SHA512

      a25854327a11d6f6420948dd68c031f0b42848c8b30d862fbb5abca46d98989eacf6ca3de8cdb4ae74da6144f5fa5ec75b864e35e5c4f44005f8dae7c495470a

    • SSDEEP

      24576:jbeDpW7ZjL2fBbMF9HNSOI6qZCLBlVvXr3IkSpNL0oWhf8ZK28P:jbWpW78MFt58CL/ZdSp90Z0ZA

    Score
    8/10
    upx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral5behavioral6

MITRE ATT&CK Enterprise v6

Tasks