f01e7f42e74f65642bcad5fdadb72dbb0a729eea4f2602ae59baa483a9d89a1a

Sharing

Copy URL

Twitter E-mail

General

Target

f01e7f42e74f65642bcad5fdadb72dbb0a729eea4f2602ae59baa483a9d89a1a
Size

2.9MB
Sample

221125-zc72rsgc7t
MD5

4ee43fe024a8318ece036813226b7641
SHA1

b83289eb1de0b6e269aee08611779c9954a0a06a
SHA256

f01e7f42e74f65642bcad5fdadb72dbb0a729eea4f2602ae59baa483a9d89a1a
SHA512

401f66ec1f1897ce1bc2472387cd848e4e2a8757c4ee5cccdcbd9332cb3acd3d4c6aa49ad088d02b6ee34564e4ba665301e7fdaeb24294f871533a63f514a8dc
SSDEEP

49152:x1/Bbap2rX7SASxpJHDjm1Eq0o0R+pACwb7tAC88mPUN0sChQGQwoMtcgE42:n/BnrYxXmuq0Lu1wHtLusChQGQwnmgET

Score

8^/10

aspackv2 persistence

Malware Config

Targets

- Target
  
  1001下载乐园.url
- Size
  
  119B
- MD5
  
  09e7a20e4825dff1b611474f7ce4abf9
- SHA1
  
  b4a08663d5db0f162faf261647b13c91cba7dad3
- SHA256
  
  3665c1aaeb541fa2e0838533b6fafd7afd4e6efd3b9f5f3cacb3b0ed8cea24d2
- SHA512
  
  f8d48c4e44af6088d08eabc139eb14ea34fb1297b76672bfb6f3ca6fa0c03474ec38c74bcdbfcc900440b6c8f301edb699ca6bda1dc673452a8193c27d82e80b
Score

1^/10
behavioral1 behavioral2
- Target
  
  PCGuard.exe
- Size
  
  520KB
- MD5
  
  f2b53419eb6b168f3972337324f515c6
- SHA1
  
  26fa789ebbaf070f863a46abcec4cb7438eddbf0
- SHA256
  
  d034c68a0631c80950804a2f00ce94bca52806599099400e87c43ae190a71efc
- SHA512
  
  344a492415a07328075da173882a9328c7906749157cb0b4a90426aec0496517d5323aebadef2b551758ddf8dcf761d3d28f737b141d309bafbe2eed7b737bc4
- SSDEEP
  
  12288:MD9OtnjAYhsvdGqgiYRI2FYBR+x3RTgCxHVdO5N2c37B/OM:29Otn0Y2dGqgi07sR+zTgKVeN2c9WM
Score

6^/10

persistence
- Adds Run key to start application
  persistence
behavioral3 behavioral4
- Target
  
  Readme.htm
- Size
  
  9KB
- MD5
  
  4407c7555cebb8907e10c61ac15ed015
- SHA1
  
  9755168c43159ef1f436bb035ad6380d4519bce9
- SHA256
  
  540187398bb61a7793a50caa0d3f4f4252baec5324e7e580d1e6754be00d78e6
- SHA512
  
  27539b688ae9a76f48d8196f6ee636f6ac5a85873fff9216c3a68d9521b132958b0ff31d21ce0655191074062ef4c6c191394fbcd3b94322c55159a40beabc38
- SSDEEP
  
  192:t+69ZOAo+W/UPoQlIt5wBmXdunuGu/uLu+uzul1QqrNA0qVACfdsQIQprcS2kkVK:39ZEtUVuCzIytN5srfdNT52kkg
Score

1^/10
behavioral5 behavioral6
- Target
  
  Shutdown.exe
- Size
  
  172KB
- MD5
  
  a3c43afdcb922aea8b1e2b6aee803137
- SHA1
  
  467c2ba860cdba04b186748108165cf425fe6353
- SHA256
  
  6a9ef46c816278c266a918784a983e07f2174eb1f5d4fe49c43090fecde55325
- SHA512
  
  433f34424ed009b5213cbcbcc951fa873b492002542fa6e3253c42afd276c7e0c486c70a2c90303d16e702aa052322e2e0acbd0e9a1913aceecf3ab7c73480be
- SSDEEP
  
  3072:2bS7Y/MXJBJXBTKT1RnjtjPIhP7lcZ8kFuytbNyiS1vbW8esqVySoAF/lbn:2gY0bJdCjZPIhRK8RytbgiWy8esGymFx
Score

1^/10
behavioral7 behavioral8
- Target
  
  StartUp.exe
- Size
  
  248KB
- MD5
  
  88f1e9a373ebf5a364effa9437f988be
- SHA1
  
  2919eb0920c9a9d4dda1faa8194a995f0ddeb5e5
- SHA256
  
  5545f221cd2022b761887ef40c627123ce153a8b2f59d80b3ad6290e1f3c978e
- SHA512
  
  2136f996546f0b7e85939ff97d53b93e0aff05c2011e448704aa6c88c2820686c095790fc6f8eba85c9688ed6abd3811df521572c511f896d43622a49e13a476
- SSDEEP
  
  6144:GZjzQMBeyu/n6b+uTDcMBlju3ZuXkbJjvnwVZAm3ddjhH:GZjMMdhT1zkbZvnwVD
Score

3^/10
behavioral10 behavioral9
- Target
  
  Update.exe
- Size
  
  413KB
- MD5
  
  b8d375bdb0886b0dacf5400371f296f5
- SHA1
  
  8b3f7a0e49d990290109fe4b1414935ad0b75277
- SHA256
  
  9430769ca9e1b7d1cb111a691ab043ffbfb3b9310261bfc7708e7426e9f97119
- SHA512
  
  9d050c5b3137a0c0fe8688c666241d2e6449c151cd8509e3e4a2d564adefc51661ea70755f7ae1e3717c67f88e17e375c859932cb1cac42c75935cd0548c1fd0
- SSDEEP
  
  6144:bTHIvj2kdmqSYc+jkHsPlbTSw5M9ycQIwJXaka2PIIVexM+7S1Y+5bBAuU5RodzX:3IvZd3DTSwSII2v+yZBAuU5Ro
Score

1^/10
behavioral11 behavioral12
- Target
  
  Vdesktop.exe
- Size
  
  389KB
- MD5
  
  a2c02e95507c7a6572977fffb25b7744
- SHA1
  
  ab424d6f8a1d36a158377fb58e6abaca97bc8f19
- SHA256
  
  a6d554dd2449e966be1d015fc4278c26437309c73c2e83d5dfa00dd63b9e6e5f
- SHA512
  
  b0c8b579252a0a5efc36bd89a89d0c231b58b10741cc7e6e958eb57038ce04d1736194779359274426379c34e95b824ce0fde44b612d73e7849cf7ef7cc60070
- SSDEEP
  
  6144:lsjSNoyKhhDljxoi1ow4zPhVDa/Cvfh/3gNinhy4VW5JX9DgtNRROmha6caVhyse:CjSNf0Ro9zPhV+mv9hy3J9KD5le
Score

1^/10
behavioral13 behavioral14
- Target
  
  WinSock2.dll
- Size
  
  68KB
- MD5
  
  c6fbb5c34a965327b6cada725ac6ccc7
- SHA1
  
  e287d873e64d125a7465bb7b8b110a89894daf2a
- SHA256
  
  2e3f72b05e63df1ada6d909b42db8c3eed0d8fa5e260802807bfbffd8cd6a6d2
- SHA512
  
  352582ad91ee3eb2b9cf0fd3e81244e8ef29bfb50446a2bf059b27ff57b523c49468009c8b40a7293bea0a40a97481d6994b40bc4fee1f997862dd092bb10ea4
- SSDEEP
  
  384:p/JQJwtOprIG/UvJwtOfrI3/9NJwtOWACIf/ZeJKOfz97zXIQMuqozR/2eJKOpz+:a0umJXcdspPsnjsdFfyFxjsyKk3KGjsG
Score

1^/10
behavioral15 behavioral16
- Target
  
  spawn.exe
- Size
  
  38KB
- MD5
  
  043876b5761ac195cd75db81d82e836d
- SHA1
  
  64983b75a42e415d2d399d05f2974d7b780518aa
- SHA256
  
  f538ef40ab229879d2cce3a441611aac98d4b057a578ec708b7a713ecafc4df1
- SHA512
  
  348527de88a2cc474a234b677427ceaab00f0fa1e960bff6336997ab1b8530ff78a41111f6843ac4711f6073a82a47fe04e0a06c7e049cd41dc6242ff66fd2bc
- SSDEEP
  
  768:r1KvZjM0qsC2QwpveSUtbgRqvMvogYZo4nFoyd4uQvwFB9xAha5:4MjsC+teSIblgmpFBvQvK0
Score

1^/10
behavioral17 behavioral18

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

T1060

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18