General
-
Target
e23077e8d475b17d0c39cc4bb6b99ea119212142117fff4a59d907641ab49acf
-
Size
4.2MB
-
Sample
221127-e3m43ahh26
-
MD5
cb4999cfac3ffa1782dc86f4875f6238
-
SHA1
f5d63351cf57d70fe3146085a59a8069e0c006d6
-
SHA256
e23077e8d475b17d0c39cc4bb6b99ea119212142117fff4a59d907641ab49acf
-
SHA512
f9e520816ddc748d1a8561567a600242aaf5f60b342547975d4e722682c120b1123e33ebc24c792b428cb3daec0191ebeb18694adef03592d45fab84192d271d
-
SSDEEP
98304:M9PN6JtrqgTnbgSxLDsEjmK0Dt7nrhS7szVNojBh6iJ:M6Jtrq0b9DskGrU1J
Behavioral task
behavioral1
Sample
GBQ4.0破解补丁/60天破解/文本文档.bat
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
GBQ4.0破解补丁/60天破解/文本文档.bat
Resource
win10v2004-20220901-en
Behavioral task
behavioral3
Sample
GBQ4.0破解补丁/破解补丁/GBQ4Common_D10.dll
Resource
win7-20221111-en
Behavioral task
behavioral4
Sample
GBQ4.0破解补丁/破解补丁/GBQ4Common_D10.dll
Resource
win10v2004-20220812-en
Behavioral task
behavioral5
Sample
GBQ4.0破解补丁/破解补丁/GrandDog.dll
Resource
win7-20221111-en
Behavioral task
behavioral6
Sample
GBQ4.0破解补丁/破解补丁/GrandDog.dll
Resource
win10v2004-20221111-en
Behavioral task
behavioral7
Sample
GBQ4.0破解补丁/破解补丁/GrandNormDBEngine1.dll
Resource
win7-20220901-en
Malware Config
Targets
-
-
Target
GBQ4.0破解补丁/60天破解/文本文档.bat
-
Size
53B
-
MD5
06820a0f206081d68787dbe679cabbca
-
SHA1
120beef82a09d14aac30be4f1c334f15c818afa1
-
SHA256
35e615b7634b08912540ef2637a11ca46f1e6615e5787ba32db462b9c4db8d9d
-
SHA512
a61663d4f2b7e97a01e259bccbb87430632163593529de74896769142347ff35081d6455f03b2caad462a0a657f62cd60a2c7989b1fc1e3d7be66c872686525f
Score1/10 -
-
-
Target
GBQ4.0破解补丁/破解补丁/GBQ4Common_D10.bpl
-
Size
1.9MB
-
MD5
2154df36029b74258b328d7e448f8f37
-
SHA1
b04a56d7ee7978cf7e3eb132c9efff8dcf38a6c9
-
SHA256
bcec9b6176d1d01198623ebbf89a87eb8ad2e8157e7cf2e84eb14d2d68b55e9a
-
SHA512
8e479d0243683bfbf2b03bc02a8ecfbee501cb3f1467bcbd210ee492656379826093ea16317712e448bd8f9547c325257d28b1317f479a2990e902487c8a855b
-
SSDEEP
24576:ELeMBrg2O9r0MwAZqU7SuTm987+W5pzvKaN8+yg851AIilofd/b+cb8cn+ivFrf:EePwAZqU7SukO+0pj8ng8fAKKcwfOZf
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
-
-
Target
GBQ4.0破解补丁/破解补丁/GrandDog.dll
-
Size
2.5MB
-
MD5
6744c1120c733ada2a28373d6dcd6194
-
SHA1
db10ea574d3e7855c97b33a935cdd71bd04e2657
-
SHA256
87eb149b15b6899a82e359b00449b49c434986a7c29e8997c48789b48b322538
-
SHA512
09352c726efac4a12ffa88d7475086f33b0f274ff3f9f879612f08ea0b8ebbe78e8ebcd5118b6d21e155e3b097ef4773341f884ba6e3f72a332629430c959627
-
SSDEEP
49152:D4Y1S3PU9hU/ZJ+cWExue6qKZ0qNoN+ju2qVWJ4Sq60VXl1uM11Sqqx:Dr10uU/ZJ+cWEMe670CY+ju24WJ4Sq6i
Score7/10-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
-
-
Target
GBQ4.0破解补丁/破解补丁/GrandNormDBEngine1.dll
-
Size
1.2MB
-
MD5
a8db85e4b201f5463486b9199ba5cabf
-
SHA1
ba7ca66d20952a03a8c9e10595a5e802cfd6737c
-
SHA256
eee958ed2efbe93f456dc32c768933f4c414d50ce00a9978376dd648dec2a1ce
-
SHA512
7dc5ee0be74421fa9f55a114f8517e9d7194c28fcd585ac1730fa68b9e27f32782f0e151bde7bcbd7482a5c3a9c414dfff59d998951e14ababd41f1be11c484f
-
SSDEEP
24576:VMgb3DAGvywJwh/qS75pzvl1yU/jL3NE709WE1VKOcODYDbQQzF1fSSadyrz5Z:5bz3vyf/1pJJrxETVQQR1/a
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-