f6a611587759537cfb1d3a1580bfa43736053d37ed5d75b39c4eb9033e429640 | Triage

Submit
Reports

Overview

overview

8

Static

static

8

河源下�...cn.url

windows7-x64

1

河源下�...cn.url

windows10-2004-x64

5

淘宝热卖.url

windows7-x64

1

淘宝热卖.url

windows10-2004-x64

1

腾龙刷�...��.exe

windows7-x64

8

腾龙刷�...��.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

Target

f6a611587759537cfb1d3a1580bfa43736053d37ed5d75b39c4eb9033e429640
Size

1.1MB
Sample

221125-zbec3agb5v
MD5

5d65bc9791646cafb76a0925cf112ec7
SHA1

1bb2fdbc5cd6e85df8a2b629609c8127d1d31a00
SHA256

f6a611587759537cfb1d3a1580bfa43736053d37ed5d75b39c4eb9033e429640
SHA512

7a8242e6e097c9b771bc772fe3199e0bb782044432a02c008e732124e7845f8caa253138132cf57334758a33f296e0ccc1593ceaa656217116fcaaa145213b99
SSDEEP

24576:MboS4CKVossg77BmLZmVljc6hsUzMxEeEePmhmt6PmK6J0b3P:mobCSossgRMhnWfetEmKOg3P

Score

8^/10

upx vmprotect

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

河源下载站-cngr.cn.url

Resource

win7-20220812-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

河源下载站-cngr.cn.url

Resource

win10v2004-20220812-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral3

Sample

淘宝热卖.url

Resource

win7-20220812-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral4

Sample

淘宝热卖.url

Resource

win10v2004-20221111-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral5

Sample

腾龙刷车软件-免费版.exe

Resource

win7-20220901-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral6

Sample

腾龙刷车软件-免费版.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

3 signatures

150 seconds

Malware Config

Targets

- Target
  
  河源下载站-cngr.cn.url
- Size
  
  110B
- MD5
  
  87d5540eb47b60f225cc6d5e9ec5d3b5
- SHA1
  
  bb87c8cd2721eed95ed96cfed3c23a71dd636743
- SHA256
  
  7503e8e9530726e8934149fb2afc1a9638d8a4727cc05c6bed1c1b1539dc43fa
- SHA512
  
  ed81acc65c042f99ed20b511a755606e13619ddbd7e05125ecbcf5342ac9239329184d8b1b45d47ee4fc0ef4c62e06b2bd806b73f0f5c852173798e76d23a951
Score

5^/10
- Drops file in System32 directory
behavioral1 behavioral2
- Target
  
  淘宝热卖.url
- Size
  
  384B
- MD5
  
  959444600790e569e917523917654610
- SHA1
  
  bf62acd4e2059dcdf7dbe9b1c343a436212ff784
- SHA256
  
  3f5d98f266fa246282bbda9fbe2872e1a6c28452a14bb3b2fa80b8498ceb9f93
- SHA512
  
  982c307aaa05bac10e079e4bc59aec4adc64f5c48a70dd67d57379e7e4e36af63e77450d55a1c895dc9dc26601cc1e9f11353378d2151f6486f480cdf6f0a9b7
Score

1^/10
behavioral3 behavioral4
- Target
  
  腾龙刷车软件-免费版.exe
- Size
  
  1.1MB
- MD5
  
  506596527507e705fa44f531c98e5bf7
- SHA1
  
  260e7debaf8b830bddbf8f2fea800db7ec5bb79e
- SHA256
  
  ecc8f17d2e46d69c65142b7ad28489ff1dd271cc58b177905841f7210694e3e8
- SHA512
  
  56001df68f421f67c040b4f5ac9970fe413427315c2d7d5559820680a70b91f25be31246bb7efb700f98bd64bb68e2cde0edb7d42fa86df0ae114d7cf47ec1c5
- SSDEEP
  
  24576:4Z1hOCHuepYwSCx1yXFJulzTOzweMa5sU0ERGbhhHsJUP4EwI8:4zrRpvSCxAmuzweMa5ZGbnsJUPrw
Score

8^/10

upx vmprotect
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- VMProtect packed file
  Detects executables packed with VMProtect commercial packer.
  vmprotect
behavioral5 behavioral6

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

© 2018-2025

Terms | Privacy