Overview

overview

9

Static

static

蓝梦穿�...��.exe

windows7-x64

9

蓝梦穿�...��.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d51c9b494373e2ad487e2157a6116c1713c60af41b60b3e6d8aeb6e2d4b269e8

  • Size

    1.6MB

  • Sample

    221125-ya1n8sde21

  • MD5

    93b07625a873ae14a159fb4e186d094b

  • SHA1

    8b1fd0c9e4288c6c94ffce75e892fcbd7a8fa454

  • SHA256

    d51c9b494373e2ad487e2157a6116c1713c60af41b60b3e6d8aeb6e2d4b269e8

  • SHA512

    8e46344132a0e60d5278d00e7f6dd92e7415bf79ec43d654972343157c6782e6f1fc9cf6876901088bba4c29ccd35233fe269ed8c044429db437df0baab6d441

  • SSDEEP

    24576:wjAWPj7vI9sggsuQAhsUzxD8UdVXJ6tMX82cSmfLWY9B5HohjbnmnSN+sglyiV:wjAW/gygWYUdVUA5QLj9Bdm3rNwM2

Score
9/10
upx

Malware Config

Targets

    • Target

      蓝梦穿越火线CDK生成器.exe

    • Size

      2.1MB

    • MD5

      a3d4bb44d098194b155791a4a14699ba

    • SHA1

      3537714b4efb98c3e6bbefc4f879f534b8aff7e3

    • SHA256

      6b8ae82a19b3daf9fa725660f86c64832003c507e79a714ee3051e8628dd74a6

    • SHA512

      77c602df63e519911b09462131ec2a27ec7434098157907df7f8ed53cd7dc81341cf1c4ddca8459eb6a788eefaf0bd1b58a78efdd9ef6f2aae465ed1665a102e

    • SSDEEP

      49152:HG5L4MC1RK/BdzTZaqdwk0c05HGiFbjXliJaEuQ1q:0LfC1RKPzYqdwkLcHHNXcJB

    Score
    9/10
    upx

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

2
T1112

Credential Access

Discovery

System Information Discovery

2
T1082

Query Registry

1
T1012

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks