7046db7db5b4c933076b20a26ee93df4a6278f3b10a6d224961e2c1fa32afb24 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7046db7db5b4c933076b20a26ee93df4a6278f3b10a6d224961e2c1fa32afb24
Size

2.5MB
Sample

221127-1aeswaac98
MD5

f8ccd7819ab5cbff70b3eba6ae23e745
SHA1

37e1cd5702014b5be1bd21e9bab69ef8b65b008a
SHA256

7046db7db5b4c933076b20a26ee93df4a6278f3b10a6d224961e2c1fa32afb24
SHA512

b8b50fb09b7847e1f3b34af0618475f494ac1401e908d9f222a9aa1ddf4bd210618c2f378277b89f9865665cca6ece61297a750e62a47e7eef5db162537bcf97
SSDEEP

49152:MfqgnCZnhs74hcWPeJZdtqCzkG9oI4IgG392ePImNtKseCThqNKTAgh4okRM:qq6Ahs74d0dACzXqI4EgqRrKsjJ4oki

Score

5^/10

Malware Config

Targets

- Target
  
  QQõСܼҸv21.1.exe
- Size
  
  2.0MB
- MD5
  
  5caaec762916b26d8aeedd6693bd5bb7
- SHA1
  
  8b638a7d78f5ff4bb84761fd043e6a32af76cb61
- SHA256
  
  a21510123223cf116948d889fd7bbcb5d780237fd1d6cf4016e6ca79a5a7a817
- SHA512
  
  460c736830f693fa9a282e33570fcecab5a0bb91b4839146fd0833cdc4faf3ee69fb207be32b2afaa30d7a023362f39698836c98790168e1006538a5f44f14c9
- SSDEEP
  
  49152:UZqKRCHnJSBujUS5eJzOSJ4J/pMP4tv6/uApIyznQw:Uq4YJSBu38OSqJDtymsjT5
Score

5^/10
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2
- Target
  
  科威软件园.url
- Size
  
  208B
- MD5
  
  c71a1cb975cfb8b1917367f98805716a
- SHA1
  
  03ec7ea13ad51d18494d5ebac19cba21332174de
- SHA256
  
  2b3c7caa8b06b25f65246da0d83be20d51af24276b6cd958ca401753da880ac7
- SHA512
  
  8e9cfd2311df9ddf35031accdad42135b8be7a9eca7ae44534b4ac8cc99debf801da4dc655a91731697654ebf33f149c58aca38cd365349743aee9180ff686d6
Score

1^/10
behavioral3 behavioral4
- Target
  
  ٷվ.url
- Size
  
  143B
- MD5
  
  a27f91b4da2d7979e43c4dc650a3ee57
- SHA1
  
  a9204df6266aab8ee3384537e39aaf954ba037a3
- SHA256
  
  39dd744fe12efadee8dfa5a01b595a0a753cb6901da9fb00b1c6f6a80e3c1146
- SHA512
  
  4a6c845915fe45dc9ed99b0ea3e3aa769f467ca740972cd9bf5406c8063eff7f22f2a1361a27a6552a92f3434719971686265db331a5b5a0c8568557846355ce
Score

1^/10
behavioral5 behavioral6
- Target
  
  ڼҺ-hao123ַ.url
- Size
  
  136B
- MD5
  
  3672a1006ce0988e658cf49ab3cb4a08
- SHA1
  
  ad5ff52895eda00c87b1f02f7f8bebf1706b8328
- SHA256
  
  fb78252c5a279bcdd1f74e8b9b4f175c004a9c0fbf7a5b5511bc86b6d181d2ff
- SHA512
  
  5012612190236424934013572d1d51d80ee4871b20c99785660087fdbcbd659593a7a6e0c64062d8e2dba5f90739869e4a3c0acb2dd257a298d50c456823b17b
Score

1^/10
behavioral7 behavioral8
- Target
  
  ڼQQܼϵиԶupdate.exe
- Size
  
  727KB
- MD5
  
  5e04b03bb743af69939ebc0e0ef181ff
- SHA1
  
  33d18b1395354c3553bdb3fed86a885e1b8f32de
- SHA256
  
  9b73a7df0651120a74d61ab770c6add90c2d7cdc9ec0e260fca2070e83c06a99
- SHA512
  
  5e2dbf82149d396e8b982c4281224bb5cf96dc4295d2338568e3e270eb0f375108b8c95c0d77a560af2ac396b3d895a145cd156f8cd7ab578ad03d6b64c82ce1
- SSDEEP
  
  12288:bhn7ps1sXXMCj35knZU5r8Z/Ub9V2DGw1NATzSeNpznxo4aQToVc1Yy/:bh7e1sXcCz4CnsGSNATzSeNpDxohq1J/
Score

1^/10
behavioral10 behavioral9

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10