Overview

overview

9

Static

static

9

51新炫�...dm.dll

windows7-x64

8

51新炫�...dm.dll

windows10-2004-x64

1

51新炫�...��.url

windows7-x64

1

51新炫�...��.url

windows10-2004-x64

1

51新炫�...�].exe

windows7-x64

8

51新炫�...�].exe

windows10-2004-x64

8

51新炫�...��.url

windows7-x64

1

51新炫�...��.url

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    71f38b7f6cc588a976aac9484a0f5620e963585d37c79a84d26675c540047025

  • Size

    1.6MB

  • Sample

    221126-xrzylagc48

  • MD5

    898840dee0935215d70be35c39ab068e

  • SHA1

    0c93d74c59523284f584328739179c338eb3ecc8

  • SHA256

    71f38b7f6cc588a976aac9484a0f5620e963585d37c79a84d26675c540047025

  • SHA512

    4234d5d4ea4db12e155e64c32d6feccdea2f4a26126b0c1a4809769611fca73bb0ee44c218ccd3b9150b4c6e4469f61f7f64478d2e641334f2d682ae9b7f8493

  • SSDEEP

    24576:/W3X9C7dKQyg6PSLLvYF+mX+aZ7Kj7ZidIQJQEU6fidiIT+Dyzn76ImkmNvj3g:/wX9C7gQyg9LLg5n82lJQEU6giITMN7g

Score
9/10
upxvmprotect

Malware Config

Targets

    • Target

      51新炫舞挂房V喊话器[免费]/dm.dll

    • Size

      816KB

    • MD5

      583c06c7b8167d0c1ddd307bd92701b9

    • SHA1

      da3fb90d46c8e2ecb9c60c5c8c2b258a586f1cb4

    • SHA256

      b1b401c604f58249e268655aea88092b16f0f7806fafdbffb4e3ce0e3be27f17

    • SHA512

      39044dfa676e6f801c3686c41738ab589b8db8e6eef1d3db58031be6bfcbfd3d5ff75e517ae4419f09f40094a092c2701b98e883da12cb1df044b2229b62da0f

    • SSDEEP

      24576:QQgsGEuPrVSu8dMgerKeP01MqflXUkoz2:fgvp3OuYMqfp8

    Score
    8/10
    upx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

    • Target

      51新炫舞挂房V喊话器[免费]/使用必读.url

    • Size

      115B

    • MD5

      ef5e2175ea443de9209d40c0af411dfb

    • SHA1

      607bf6cf32e08cbe39bba98021ca5b829e35a258

    • SHA256

      fae11a7f70a01da8f04f4eb2bd69175fa9c1945d73c1bd3cfb6aabadfa0ea34f

    • SHA512

      d014155afffc8238ef9bb6517dfe27dfe40d7a6c69fb1cc99cc7c1d7a5e6e95501a5f3d9d4d527d5eb812916d98df4f09efb9537b8dfb8a3d25d7c5fb2fe5fa8

    Score
    1/10
    behavioral3behavioral4

    • Target

      51新炫舞挂房V喊话器[免费]/挂房+喊话器[免费].exe

    • Size

      1.0MB

    • MD5

      ed51a863e336808d4f67ef59df97f3b9

    • SHA1

      233fed9f10b95e5279c96d5b03b8557ace83ce61

    • SHA256

      d618d188a287fa91384121597c086c23866f3bcda4793059974d0b771550a01a

    • SHA512

      b9c60a0ffdacaa713e545f067512100863972e9d8142a5e4d8e0829c5bc1a45d5e9097e14fe3170e756a5652b7959dfb25a877c4110c2207d2d0e1fecebd0054

    • SSDEEP

      24576:CsaMcNeaoi3QginRuEuAQpxb0o8tBCm9jod:c1Qlu3BC5od

    Score
    8/10
    upxvmprotect

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

      vmprotect

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral5behavioral6

    • Target

      51新炫舞挂房V喊话器[免费]/绿色先锋下载.url

    • Size

      325B

    • MD5

      c7728418b7817af20083617d2a7bde97

    • SHA1

      f8cac36816b472018d97e97485e92ee5d7bd4b24

    • SHA256

      d31d7893e0cfd730022933decbcc420c1169c2715ffecb804ba685f30b99df80

    • SHA512

      ff30d9bf14ff78eb3080c5e07aecf3d60827833c475ae6c96ed5f4217ecc2a9a25d1e3c0aa4fee5950cccd2601cd10f4f0c2e8428bfc5795c7c3438455621c21

    Score
    1/10
    behavioral7behavioral8

MITRE ATT&CK Matrix

Tasks