Overview

overview

5

Static

static

ٷվ.url

windows7-x64

1

ٷվ.url

windows10-2004-x64

1

ڼQQ...te.exe

windows7-x64

1

ڼQQ...te.exe

windows10-2004-x64

1

ڼQQ....3.exe

windows7-x64

5

ڼQQ....3.exe

windows10-2004-x64

5

Sharing

Copy URL Twitter E-mail

General

  • Target

    412a65b893050e6bd0e9f659a1f2fc48ad4ade7aaaec8288faacb459a745fc81

  • Size

    1.7MB

  • Sample

    221127-ef2c6sca3s

  • MD5

    ea1184d7a429bd08566ea33c3548a371

  • SHA1

    980bbcc0560e607141b4c7b5aa74e2d57c11911f

  • SHA256

    412a65b893050e6bd0e9f659a1f2fc48ad4ade7aaaec8288faacb459a745fc81

  • SHA512

    234b6ffaa6046ec1ae378bb510d825f583ea7ce285d00b99f0fe249fd4678064a83c55fd85a6170dd63890b6efbcb81904ccb2b0328b8ee9630b16d7617dc9aa

  • SSDEEP

    24576:pv+hbpbNW1S7CsUA0nScSY6J5KdAGVaFMJ0fugGPHVN2JX85jYHevygzJLE:pG9HW1SWszhY+EDV2k0fuZf2taMHe6gW

Score
5/10

Malware Config

Targets

    • Target

      ٷվ.url

    • Size

      129B

    • MD5

      7082b7ce5996a705060b9480323919cb

    • SHA1

      26346a6ec2c008d9ea58764e6dd8ca957eb09232

    • SHA256

      fe9f5ba48e27382ecec6dea9e729f1d6c28b5d17bf4546d1f984b8ad8f122ab9

    • SHA512

      506def3f0e6ea4895479ce7cfdf382b6dcdfafc13c61de0d51cae1af0940672f209c5f15f4060cc82e3b8c5b2d0983f4f0b7dc75ac93df1c9fe8cbf5c146f2ab

    Score
    1/10
    behavioral1behavioral2

    • Target

      ڼQQܼϵиԶupdate.exe

    • Size

      740KB

    • MD5

      0d70e4829a8a03007ce46351cc695a11

    • SHA1

      e8bc045cdb81bb368aca0510804ca07a158f942c

    • SHA256

      280735afc354bc8b995b815c7a0a99773360a44be532379972dd944e0f80afc8

    • SHA512

      8839875673b497b4f8746686b78de77b8614d86297d0508ec30bf0a0a5383f604d69223755755a687436acfd731c8bf30f855995226fec46007494a83579b4d0

    • SSDEEP

      12288:Zx5lsGRDzfa03lc9G6dHSJnxJcQ1LlvT7ps1sI:ZnRHft3lc9+JL1e1sI

    Score
    1/10
    behavioral3behavioral4

    • Target

      ڼQQռ˵˵ˢѻˢv6.3.exe

    • Size

      1.6MB

    • MD5

      e84eecaec2c12863e92b3a78aef9b236

    • SHA1

      118da847b2758ba6e4bb13e8ad8256a7c2f435b3

    • SHA256

      0705cc3dcaf62059db2cc13ff4e6719597fbd25ae6c5d423ef6562803eca04f0

    • SHA512

      b8dd6004d9ef1f12a9556fd7d999a75ac370751038296bc0c5ebdb03eb6484517615308b5107436b2ab35e0de813a98856c9544169910f065d16bfadc684532c

    • SSDEEP

      24576:8xG39LpNs1S7EkmAyn4cAZl3mbgJCkKUcFi8W13GqpRw5xMb3xFaFi7art:6GNjs1SYk1jc/EBKfk5bR8I3rct

    Score
    5/10

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral5behavioral6

MITRE ATT&CK Enterprise v6

Tasks