2c3bbcc60f96a8f56c386009c83939970786c78a4070720955d81bff0f0ced65 | Triage

Sharing

General

Target

2c3bbcc60f96a8f56c386009c83939970786c78a4070720955d81bff0f0ced65
Size

1.2MB
Sample

221127-b43z5abb28
MD5

04053f8a4a8c8455760fc2bc1c807a2f
SHA1

e446d821761737900735bca2a8b65d82e23fef21
SHA256

2c3bbcc60f96a8f56c386009c83939970786c78a4070720955d81bff0f0ced65
SHA512

09fc747720f60e2ad23478f9d0bdac13c0b859c1a1a387a99d65935f2b180a7ee76b7acf7c4792eb91b6290881b1855c0865ae4c1cedd35c8e43a569e1874cde
SSDEEP

24576:GfH9VgFwXvLqQ6uKE+yNU6UGR4p7EgZMMPrJ9EuU+nMR0DC5jZO:GfHVvLqHw+yO6UGRQE6brJEIMukjZO

Score

8^/10

upx

Malware Config

Targets

- Target
  
  07-30 B 周年稳定版)/DNF飞机 07-30 B.exe
- Size
  
  142KB
- MD5
  
  017a71b18028a5cb2aaa957415053238
- SHA1
  
  332697315bc7242257f855ba568e086a8a20cbb2
- SHA256
  
  d1844b529ae742aac3616a49770e547ef5c460cacc9e80b2bcdbe8afbb262268
- SHA512
  
  fee70ae884cbea4d2c0a8accb82527fcd6eed615c7a4d4bcfaf51bfec49407ade7bdaffce18b7471b76f336818155ed51250213c46eedecab11fab3655e847ae
- SSDEEP
  
  1536:K1NAUwtT6sFstwrbUP0nouy8lMrUJ61p4EmoJaoMFYkHrFZejovQySq:kgtTPFsw0PEoutqrUo16Fkjoveq
Score

8^/10

upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2
- Target
  
  07-30 B 周年稳定版)/Theplane.dll
- Size
  
  2.3MB
- MD5
  
  1ec395eef7d5cc1833c121532f0e232b
- SHA1
  
  18d326d98189b324bf86b0683d54a3c3100d0e48
- SHA256
  
  acf1ac838ea940bccc84277a76fd8dbecc0e21bcae5140fe1782e11be2165f24
- SHA512
  
  6621f98ca4ff338027fa9dd0cf4227fcafe84f0e2b3adbea35abb896fcfa4054b83e1273e603d31ed979dfb4837a5b8adfcc84b8326ec70d502d85a3673183ad
- SSDEEP
  
  24576:FQLf4Xvi7/RS7gndLR3IKOCKfJunXKo9yHSAzIZq8y4D3plQ21myoSlxRgVec/MT:FeXsqxLfQ2Ayokgf8veJmb
Score

8^/10

upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral3 behavioral4
- Target
  
  07-30 B 周年稳定版)/打不开飞机-点击我启动飞机.bat
- Size
  
  6KB
- MD5
  
  f29563cfcfec1de3fe022b6dcf417abe
- SHA1
  
  a1ccda74ca6a010aedf20b827031ec433c2a0af3
- SHA256
  
  6c3fcc35e321e5accb37bb9bf52cc02eaf99dea6658c1f27efd77091fff60eff
- SHA512
  
  c86b468a15922a9a99e8a534b18dc474b702de98309750f351016115753d48bb8588b1f9810436d4f3b9fdcbbe68e2c32b08189924511fcf25599ed0ff6a934e
- SSDEEP
  
  24:9QQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQj:XePJ1O32B8PNn
Score

8^/10

upx
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral5 behavioral6
- Target
  
  @创e下载┆9年绿色无弹窗安全.URL
- Size
  
  316B
- MD5
  
  f5e37cde37bdec64208beac24e8a1d55
- SHA1
  
  ea89ed0540810936e0607e45af88659b40a0f4f5
- SHA256
  
  241bc3924c947aea78de58b30e97043bab547c04e4ce2df791c906c302985563
- SHA512
  
  9c28163de7b4da0447a480b580454893b6038d1be3799eb1c10ac9461df45aab7dcf6c7c05a540c62950228d33da3dad9f15ca8097b9c81724bc9f9f10735741
Score

1^/10
behavioral7 behavioral8
- Target
  
  安卓手机版本下载.URL
- Size
  
  315B
- MD5
  
  c0ea82899d2034f5c1b2b03edc710042
- SHA1
  
  ea0df37da5589266114c8cdf0c6c047373060df2
- SHA256
  
  75cd0ea96e55818b2af45ef36bca845c20671bc038566c56aa79cb4904526a5f
- SHA512
  
  fac7b2c17b7b0684ac0de86be11bd8fef38b709deb2052ed7a5521bd6a6867bd0bdf13f9be88d3ba95ba0e0d3039782ae0f57b7df906c5194c15e072ab56ce90
Score

1^/10
behavioral10 behavioral9

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10