Overview

overview

8

Static

static

8

会员终�....8.exe

windows7-x64

8

会员终�....8.exe

windows10-2004-x64

8

去脚本�...��.url

windows7-x64

1

去脚本�...��.url

windows10-2004-x64

1

服务器软件.url

windows7-x64

1

服务器软件.url

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2998d2e3e25c27ce0d31a898fc839e520a4ff22c0d23d10be8d0130e42800726

  • Size

    1.3MB

  • Sample

    221126-3ndtvadd35

  • MD5

    62f2f6d8a51118aa6b06fc406b069d7e

  • SHA1

    aa99d803206ce267d3db41e7838ed46de8fd1daf

  • SHA256

    2998d2e3e25c27ce0d31a898fc839e520a4ff22c0d23d10be8d0130e42800726

  • SHA512

    fddfd1dd71eece37d9ac779740d76c211a0bb812daf17dcccbb9732bf778a16345495f63889682985db675ed91f5cf0ba252411b7b61c4c91f1cb8e571d4de15

  • SSDEEP

    24576:/Oc6YV/PRf87X2AocTRwyqeL/tyA5tYQ0uVUbMa2YS5TmEZBtGW:mcXVRf89ocTRwy3tF5tVVIMWx0oW

Score
8/10
vmprotect

Malware Config

Targets

    • Target

      会员终结者3.8.exe

    • Size

      1.3MB

    • MD5

      c308423474f15a521a02e8f8213ba459

    • SHA1

      49c9735a32ce2c3e1e4c7a99e5110f94d0b1a3fd

    • SHA256

      3514ebc94c64e6faf1da7c91df9b4d7695bd7717eb34eabde4ee96157abcf4d7

    • SHA512

      14ab8fd0e4efc50b1e9b6b8bc9954c3cbeb6eaa37da11c433d73e7a9af162c3e6ec7429d3edf2235a6debac229a7c5c9e930a69c6f0c133646fe5da26b573d59

    • SSDEEP

      24576:E7wnMrzYmRa8tH9Vo8QBTQ+WY590c0aRH8fFkj1vzDDST:E3YOtZE+YMaRcfi9O

    Score
    8/10
    vmprotect

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

      vmprotect
    behavioral1behavioral2

    • Target

      去脚本之家看看.url

    • Size

      124B

    • MD5

      9d9c794d654383c012286b258556fe46

    • SHA1

      8266c2159f57859ff102df419a94157a2ccef61f

    • SHA256

      c4965fa0cf71f391518797b3cc3b7ffef0ec991c5266f5f9cc90298a7da7e1da

    • SHA512

      28b9a9519a0fb7e826adaf43e76dfd11df323f20ab3089ec53c6263a51c06635c9d0b0a325cb7d20f7db42734dc257666e77d63be620aca34cdb13b766da9bbe

    Score
    1/10
    behavioral3behavioral4

    • Target

      服务器软件.url

    • Size

      112B

    • MD5

      db4aa2c6c4e0555b3968690756e24836

    • SHA1

      96933b815ecdcf2fd43bd2ef036260029a633801

    • SHA256

      c85359e7af5e102716e42f659fd5c1931b553761898714ccbb261883a03f40e1

    • SHA512

      6ca491f92f9990d706b75e7ff091f8c025de7d9dc438aa25cf6e8baa87e750f6f0490e9923d82aa00ac074b572468349ed52c2765ec1fd3183a9ea146a2ff5c3

    Score
    1/10
    behavioral5behavioral6

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

2
T1112

Install Root Certificate

1
T1130

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks