fbede2b7833532ceac86fd44359f738248ec1fcacfede42123a8afc12d95aacc | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fbede2b7833532ceac86fd44359f738248ec1fcacfede42123a8afc12d95aacc
Size

11.4MB
Sample

221125-yj9cqsbc33
MD5

6d701b839dc606c76f4b63077dc480b6
SHA1

f462ddb206e4998e964c2baa6a354ef70ce95878
SHA256

fbede2b7833532ceac86fd44359f738248ec1fcacfede42123a8afc12d95aacc
SHA512

f1f15b040dda01c5547ed32e94a9eac7815311742172f4dac5588683bda46d99e0aecbbda02ab2ca419dd36603cd5523dedb5863c36c9ba95d9e86c0debf7748
SSDEEP

196608:cwO6BfNeYMiIxopekT+O6irIRboSFXdNdHlr736JmCfd/b5OArSYT67U7lfrmoZ:fO6BfNeYJIxWu6iboSF7d136Jmu/b5xL

Score

9^/10

upx

Malware Config

Targets

- Target
  
  QQ飞车体验服全功能游戏工具0928请全部解压出来/mgdm.dll
- Size
  
  804KB
- MD5
  
  c578b6820bda5689940560147c6e5ffc
- SHA1
  
  922e50d89c9c44bdc205ef17aa57212b64e58852
- SHA256
  
  3b6ddc32b800a18b21a819e842cbfdd57cb065fd92cc69545e0ef29b97cfd389
- SHA512
  
  9f2a1bb5788ad245242d12968bbf198af2694a87c6e2342f14672e8c14e8489dd3319434592fc9b20f620557d0fa58482903d19c7f5ba32456a1e4076dc1bb85
- SSDEEP
  
  24576:3rhlxaCsVb6KoTpZCFg6DTk1F2RjkjCQG:VWCsVb6KUpZ+hDg1F2d6
Score

1^/10
behavioral1 behavioral2
- Target
  
  QQ飞车体验服全功能游戏工具0928请全部解压出来/superec.ProcessMemory.sys
- Size
  
  3KB
- MD5
  
  7fc8f430b830c119640c606de9bb907c
- SHA1
  
  d9344f89a9d0d6fdc4629f64e8387d86f67b76e0
- SHA256
  
  bec02a2c50d37bc4af67b7797230a9ed7018d26170d71becc77e99054e72acec
- SHA512
  
  f68bb705b1f33d6f58e93f3b1184a32b588f56d41722372d168b0cada8f54f2838558cd000486983167c4e0fd9a66a6b1ff56a8aacc69dc9573280223c9841f6
Score

1^/10
behavioral3 behavioral4
- Target
  
  QQ飞车体验服全功能游戏工具0928请全部解压出来/第一次使用请点击我.bat
- Size
  
  17B
- MD5
  
  1c4ad02edbca2fd8e254fc84b911f586
- SHA1
  
  6a7dd986aac85a8b256dfb42c5a7da2298f5a2f1
- SHA256
  
  23caf1708e4f754ae0612eb5fe08279c9f6892891f0844c043e4393e99a9a74e
- SHA512
  
  9ac2d6f0374fc0a0a68c479d3e811cde7cc96a73a2a76ea4d6538fc71b4b56cea187ca19139402ab57978cdb38327c7a3903f1863f537340ad45b61b97c0809a
Score

1^/10
behavioral5 behavioral6
- Target
  
  QQ飞车体验服全功能游戏工具0928请全部解压出来/驱动版QQ飞车体验服全功能游戏工具0928.exe
- Size
  
  3.0MB
- MD5
  
  8c3d8ed5a72104b8b4d9a5e41ba415ad
- SHA1
  
  3d6b163d4a03b8e8792c7139fc049fec13101884
- SHA256
  
  0b8a42439b27400b3d359d97f1eded289d3efd8b063ed79cdb9becc29dc5cad9
- SHA512
  
  f05e3c173063a76036bb3fb7193eadbda2e45c5c2ad9f7bbd9c0315c86c7ee8ff4e8960bea5a31bbd2afe1279da6521505a180fe524587a6465fc713d45ea222
- SSDEEP
  
  49152:ZlGkixQOjBFnh92haEWCsVb6KUpZ+hDg1F2d6mttaZ:3tixQGBFnh9IL5SbWf+YFCBtkZ
Score

8^/10

upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral7 behavioral8

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8