Overview

overview

6

Static

static

DK4MOD.shi...er.exe

windows7-x64

1

DK4MOD.shi...er.exe

windows10-2004-x64

6

DK4MOD.shi...��.url

windows7-x64

1

DK4MOD.shi...��.url

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ce968a741b7931554f3b1040316a783cac79bcf022533abf62b4141c70c62bab

  • Size

    121KB

  • Sample

    221126-c4dkxaae2s

  • MD5

    06d0392f55703fac1e91d58b952fc072

  • SHA1

    a48e8d0f58787819be238796e5e813693b65b3d5

  • SHA256

    ce968a741b7931554f3b1040316a783cac79bcf022533abf62b4141c70c62bab

  • SHA512

    d9f9fbe23eccf9e23c05a47f694f2c216e183fb5bc7d89837aff433551d7d4304dbff353ea594781432d353e30fce46cfb196bd9cd04ed556a4ad139333fc106

  • SSDEEP

    1536:QOcS+dla9QdyVa10hKo6Z3sRJblrD/y9TOsmx1nBtXoy05ZkWwU/5dg2WhW69aCA:QNb69Q4hbcsiTeZXl05ZLehW6kCA

Score
6/10
microsoftpersistencephishing

Malware Config

Targets

    • Target

      DK4MOD.ship.build/DK4MOD Ship Builder.exe

    • Size

      267KB

    • MD5

      abf3a2e6371c638c2940ea387022df38

    • SHA1

      a86278d192a9d43e4d7d42e9b78993c1792cda17

    • SHA256

      7887e60f290774bbae810ab003f17d10e93431ced630b80231eab1aed0d8d8b5

    • SHA512

      043b98ff0545e61802d7d816ed04c9e28b453eb8c8f1ae4034948bf594f160ad723293ff43844d5770046cca22fe1744c6832f0b7f79940b99ec5c7fa817d83f

    • SSDEEP

      3072:k61dU6cPjx6dhCDstuBFTWpCjYNKzAdu4T29QzeP/oEUZvLrWTm5XPaZ9RnbUHIX:XBZES5/kAHIsrqhKshdBCqrNLMhW6k

    Score
    6/10
    microsoftpersistencephishing
    behavioral1behavioral2

    • Target

      DK4MOD.ship.build/新云软件.url

    • Size

      217B

    • MD5

      e5e80be1cf1a1b2af35991aed091c827

    • SHA1

      79e02d122cdf24da7e59044b4bf83572242b4c71

    • SHA256

      1016d243a1266c9970996f2847639ecefbecc361cd98fb79d27d048eee3dd69e

    • SHA512

      b926f6e34e0e9e260a8f6e59ec8e660af0fea09de91140d968cc7665ea45f840a8951f4a1c0400bfe384d2e269159febfc5e32981b863b9d97830f5eb2521705

    Score
    1/10
    behavioral3behavioral4

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

System Information Discovery

2
T1082

Query Registry

1
T1012

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks