6900ad15f83f9dc72f6c16b66632058eae825e9c0581afa95060ba441c359844 | Triage

Submit
Reports

Overview

overview

8

Static

static

8

jijiayingy...mp.exe

windows7-x64

8

jijiayingy...mp.exe

windows10-2004-x64

8

jijiayingy...��.url

windows7-x64

1

jijiayingy...��.url

windows10-2004-x64

1

Sharing

General

Target

6900ad15f83f9dc72f6c16b66632058eae825e9c0581afa95060ba441c359844
Size

1.4MB
Sample

221126-xzgf8agh26
MD5

74a54a960f480c6195c56e374cc22769
SHA1

b2f1c282d5d4929043c8f597f61138bb715268e2
SHA256

6900ad15f83f9dc72f6c16b66632058eae825e9c0581afa95060ba441c359844
SHA512

9c730f22eb03970d453bf553ef7472212f7244fa4f89d237cfd9b9903c5d9876c28e3d00e0005bd503dfe75c003d3e04350f05a6fec36029c9c32fa00262105d
SSDEEP

24576:wvAXE3U7xe5BiF4zoV/PQ6dzKKTKMnO2eEyV96/QGsZD9Qccml3nnOGscGiUr:wvEE3U7xEwJXQ6dzKKTxO/Eg6/QHQgJe

Score

8^/10

upx vmprotect

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

jijiayingyyyfz/机甲小子云影辅助2015EXtreme5.1正式版 [Happy New Year !].vmp.exe

Resource

win7-20220901-en

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

jijiayingyyyfz/机甲小子云影辅助2015EXtreme5.1正式版 [Happy New Year !].vmp.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

10 signatures

150 seconds

Behavioral task

behavioral3

Sample

jijiayingyyyfz/西西单机游戏.url

Resource

win7-20221111-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral4

Sample

jijiayingyyyfz/西西单机游戏.url

Resource

win10v2004-20221111-en

windows10-2004-x64

0 signatures

150 seconds

Malware Config

Targets

- Target
  
  jijiayingyyyfz/机甲小子云影辅助2015EXtreme5.1正式版 [Happy New Year !].vmp.exe
- Size
  
  1.5MB
- MD5
  
  2ff657d01b51ab9b9608b9239e3984dd
- SHA1
  
  4806407f73078cd9f9e53a3c75ba0fc115f64baa
- SHA256
  
  eceedc7c54a30d3615ad66899eaa9f75a839ecc6b4debe6b15be9e2071275fe3
- SHA512
  
  fb02afe0f66cb710faefbf60356b910b6816417c35e0d4d5bfe18fcbbe1e91de8532689f87d0d665ea868d6a11e35eeb28a4ef254c9e205f5917d532002fe160
- SSDEEP
  
  49152:sSE9iJXSKwM8jVRxheRE43oLPwA+ERiCtryHEf:susFjV9eRE49wDykf
Score

8^/10

upx vmprotect
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- VMProtect packed file
  Detects executables packed with VMProtect commercial packer.
  vmprotect
behavioral1 behavioral2
- Target
  
  jijiayingyyyfz/西西单机游戏.url
- Size
  
  151B
- MD5
  
  0e86176b4bc94b9eb1a69e62ff7d662f
- SHA1
  
  402e7dc0c5afb8ce4a3fa8436a443752347f8000
- SHA256
  
  35db64621f578341c0fcfd92ecaf86a60a0f60f8fddb4cea902886542820c9df
- SHA512
  
  5f2786850d332889c18a5f6911fa995320a310fceded559c131c4b981ef989ed99df48c2d55b1daf325dcb0a5fa57d0a5de6457b9daeba1bc2fd5fe60aff2958
Score

1^/10
behavioral3 behavioral4

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

© 2018-2024

Terms | Privacy