Overview

overview

8

Static

static

8

一键火�...��.exe

windows7-x64

8

一键火�...��.exe

windows10-2004-x64

8

一键火�...��.url

windows7-x64

1

一键火�...��.url

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    96036334fa2b42344ab4f28ed9caa0adab33526a511fab6da69200db75b61b62

  • Size

    1.0MB

  • Sample

    221127-f89exscg72

  • MD5

    eaf37a41e88d0c3e65e844a5782cbe9a

  • SHA1

    3d29ae8ef42f0fe8fadf68a983aca2282aa2742e

  • SHA256

    96036334fa2b42344ab4f28ed9caa0adab33526a511fab6da69200db75b61b62

  • SHA512

    95ed3c76dd5cfaa3263348826478f855ba787020ed4786eb6aee46dc2dca45c781c1fecb34100a6b05f641aca8d567632b26ec6c38e39ada7a2726a7ed4d110b

  • SSDEEP

    24576:AjzPirtlnElKcv3wEIQkLI5RlmBbpApj4YAsxp:SzPQuA63WnI5REBbpXYAwp

Score
8/10
vmprotect

Malware Config

Targets

    • Target

      一键火线/CF大米绿色方框透视12.30-10子弹穿墙完美版.exe

    • Size

      1.1MB

    • MD5

      119bbf453482a070cd9b01b7ffffe148

    • SHA1

      df9de659252fa5436acc27e0024dc9b067f47417

    • SHA256

      c131f9b0c5c85c454b4dc3ff0bb4ecf0bc99768086ae09cb74e403e599fd8f96

    • SHA512

      465e0fedd34e65854b9316aad2e0253d2ed4707989271ce0f6967c27260200bf97027108b5590bbd03f627a49082eb4b24e6d8601f0e91e33f459266f0247db6

    • SSDEEP

      24576:/AU+/xrn/+WzFPR02wW/atRJUEjmdCfXZHt6SD/1H7lcY6qpQ7W/m:/d+Zrn/dPoLmAXFt6SD/1H7lb6qp6Km

    Score
    8/10
    vmprotect

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

      vmprotect

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

    • Target

      一键火线/数码资源网.url

    • Size

      244B

    • MD5

      305983ae6219bf10d517e168b3ebe5ea

    • SHA1

      b30177e0d7aa2c46843fa9c728c8a9319f34c6a1

    • SHA256

      a4a66ca6e527f6b5a344ec48235b21666f44d19f710ea5d75332e6a4263d027f

    • SHA512

      def75af02cb32b05d19cea6ac978941f93b659fc23a3d8ea29f60874c6875a08274403c125452bd14fc2e878e193eecca70b83f19c22881e3f9a8ab4f6afcb28

    Score
    1/10
    behavioral3behavioral4

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

2
T1112

Install Root Certificate

1
T1130

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks