Overview

overview

8

Static

static

LOL老干�...��.exe

windows7-x64

8

LOL老干�...��.exe

windows10-2004-x64

8

LOL老干�...mm.dll

windows7-x64

1

LOL老干�...mm.dll

windows10-2004-x64

1

LOL老干�...��.url

windows7-x64

1

LOL老干�...��.url

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    849e4a817090f6336a574b9171e354186e8fa21635dc0a73212db575aa6e27f0

  • Size

    1.2MB

  • Sample

    221127-ehbkjage69

  • MD5

    56588c2c51dc3fc7560ad3273d2fb5f6

  • SHA1

    1553a164a9a31b2405eb93cb0066fc04424f5157

  • SHA256

    849e4a817090f6336a574b9171e354186e8fa21635dc0a73212db575aa6e27f0

  • SHA512

    3eb77922ea951fe76b51a60a4fdfa03ea526a06b1269b95591d328b0cc0aa926aa6fd7415ea7dd517991ca73428d81ec1352b3effe16e31ca6a8fead423c8216

  • SSDEEP

    24576:PhxzwDTgKqn6SQRdjv+RMWhUdw8prgMM+nU50OAfAfgj7qMK4jx:pogKqn6SkvmhhUdrMZ55AIf+7qMK0x

Score
8/10
bootkitpersistenceupx

Malware Config

Targets

    • Target

      LOL老干妈V2.9【无限视距版】/LOL老干妈V2.9【无限视距版】.exe

    • Size

      1.0MB

    • MD5

      0db3e2bb2bdf8fa311cb8c18f30bf199

    • SHA1

      7c81c8e88937ef6f4d106ec25ba2b5848bd7af3e

    • SHA256

      8ed6520499a464776ab21c98452561980e8fb730ac43133af20dc0f84892eae6

    • SHA512

      a1131f8f8c88057e7516cbbe6eaeac202ac83fda86cf4715c27448a1090e0ca2a639fde0a37f01642eaf7d61d788a010404621856d10b910020cb6db9f206ac1

    • SSDEEP

      24576:4BtnIbzLSFiRowjsIpeod6WelgcsB7JRvITJj:4nn0SFiyYsaH0PsBYJj

    Score
    8/10
    upxbootkitpersistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral1behavioral2

    • Target

      LOL老干妈V2.9【无限视距版】/winmm.dll

    • Size

      81KB

    • MD5

      3178eb2d5e2a9964288b3890612817b7

    • SHA1

      883ae666affc760d96266a06bb5bafd38a721c5c

    • SHA256

      3cb2d3da39c60685c35fe72c89f0a307c7e143aca2b4d52ad1ecdf721931d512

    • SHA512

      598714e5bcbe71521fa11c7b0acd64515c86d31784b984d96a247ecd4ca783387accae1125563cfed4905c4bb75e7f2be760a6eacd21f289b432707cfbea5cc5

    • SSDEEP

      1536:WvwjOiobtD2Z0Afoy9BMCPgia50vZ4usu800/DPP6+4GXbdWRtWdTX:W67DoyR4O4usuah4KbdW7Wdj

    Score
    1/10
    behavioral3behavioral4

    • Target

      LOL老干妈V2.9【无限视距版】/点我购买.url

    • Size

      237B

    • MD5

      18a80b5251a912ebc2668610e3dd30d9

    • SHA1

      76d399262b4b60b7f796bb0c48bff1a3d8b869fb

    • SHA256

      c3642a82b61d3a45fcd5ec03b370f834da79039287e0679b4dbf89a3cdeb3231

    • SHA512

      bc6f3b2cd51a13f240f9af3606953d69722dbd7968dc73da70b2bb869cb3757b5acf22d9ce9ffad60bbf2fd70a0b3aa16f62cb4660ebe92d019b4791c830c745

    Score
    1/10
    behavioral5behavioral6

MITRE ATT&CK Enterprise v6

Tasks