7df1ce85eef676c2f93834272b52e19be76d21d18462ac1d553903e0f08daa14 | Triage

Submit
Reports

Overview

overview

8

Static

static

mwbqyxfz/�...�].exe

windows7-x64

8

mwbqyxfz/�...�].exe

windows10-2004-x64

8

新云软件.url

windows7-x64

1

新云软件.url

windows10-2004-x64

1

Sharing

General

Target

7df1ce85eef676c2f93834272b52e19be76d21d18462ac1d553903e0f08daa14
Size

963KB
Sample

221127-awlv7sfh96
MD5

c54c10fea9c8232660d4c17db6438991
SHA1

1377af778540796d843ef2201ebb1038e3c218d7
SHA256

7df1ce85eef676c2f93834272b52e19be76d21d18462ac1d553903e0f08daa14
SHA512

952eea993b8ee07c1ba19fdbfa4dd0825926015bf459ee838a68e724e68f6e5da9c91b836a48a95def20b43c8c47920700957608dcb7a307e5eba95b8ebf3be7
SSDEEP

24576:FlL9+md0D3iZb3rV2ellIqZgNsu6oICDKCf5Xd:L9Rd0D3iVrVplhZ0suLDd5N

Score

8^/10

persistence upx

Static task

static1

Behavioral task

behavioral1

Sample

mwbqyxfz/魔王辅助[爆枪英雄].exe

Resource

win7-20220812-en

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

mwbqyxfz/魔王辅助[爆枪英雄].exe

Resource

win10v2004-20220901-en

persistence upx

windows10-2004-x64

12 signatures

150 seconds

Behavioral task

behavioral3

Sample

新云软件.url

Resource

win7-20220812-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral4

Sample

新云软件.url

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

Malware Config

Targets

- Target
  
  mwbqyxfz/魔王辅助[爆枪英雄].exe
- Size
  
  1.8MB
- MD5
  
  37ce26d6b4d4f4e73b705a7b5586d0f2
- SHA1
  
  0b32f91a59413b0f3606ad189f0ae2f70143a4cb
- SHA256
  
  755816f16d2afad3a7d1d84df8a129435ebedb2f6369a8362f82e1b01db8e73f
- SHA512
  
  743094be2a454ec701bd6139a0ea2a228d457f873b5092a6664fda64bbc52d004d325a77ce3fb3d10ed82a5c19713609a65287a2c222556fb46a98f530672722
- SSDEEP
  
  49152:P1qYWKqdj6QoKh+s8KuqGaX0ToIBAUZLYcX:E5KqoQoFJBAUZLVX
Score

8^/10

upx persistence
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Adds Run key to start application
  persistence
behavioral1 behavioral2
- Target
  
  新云软件.url
- Size
  
  217B
- MD5
  
  e5e80be1cf1a1b2af35991aed091c827
- SHA1
  
  79e02d122cdf24da7e59044b4bf83572242b4c71
- SHA256
  
  1016d243a1266c9970996f2847639ecefbecc361cd98fb79d27d048eee3dd69e
- SHA512
  
  b926f6e34e0e9e260a8f6e59ec8e660af0fea09de91140d968cc7665ea45f840a8951f4a1c0400bfe384d2e269159febfc5e32981b863b9d97830f5eb2521705
Score

1^/10
behavioral3 behavioral4

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

© 2018-2024

Terms | Privacy