9553647c5bf0738c76e46918066ec596e0b722016f7fef10adc80d32e560c80f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9553647c5bf0738c76e46918066ec596e0b722016f7fef10adc80d32e560c80f
Size

2.1MB
Sample

221127-f9jkwsgc9x
MD5

b52b1e81f8aaeed765b31c1a2ea8a9f9
SHA1

75b17af593c8e5026a7ca01b54b791f1b077d26f
SHA256

9553647c5bf0738c76e46918066ec596e0b722016f7fef10adc80d32e560c80f
SHA512

0b88bd5a9a1b671161cdc18c3e50b99c6592cae64d9a8557e6082f73050475127fd705a9d8eab6666b6a8835dc48c46bd4ba307a063048be5467e4980774d50d
SSDEEP

49152:LvEmowL5BnPQXYKW4qpOGxW+Q6o6mOdACztiNAT8g7gO6E:bEmoqjPQHpsOMQV6NdVpgO6E

Score

5^/10

Malware Config

Targets

- Target
  
  QQĦ¥ܼv22.4/qqĦ¥ܼҸv22.4.exe
- Size
  
  1.6MB
- MD5
  
  5948681981b28b91e2f6f8f1b8ca9629
- SHA1
  
  2941b432bdd5fb18014c708bc929befbca9420c8
- SHA256
  
  27e82e15d5a6911c6011eb91544bde282c13920cf79570569dde5f8f82e8d8f5
- SHA512
  
  1e78e7ae17b76b812261f2ea744d27fc6925ffccb8016896e83aed9883f8936cef87542ce671981452b08b86bdb25149f98a0ca4dcdaf6224c3c6e05739e082e
- SSDEEP
  
  24576:hRlGmKeaF18N8S/kFv8WRYEFOpmSXjDlGHsPNAMMxuOSUF4Up6dGx42EvGo78v5:fDKeGidQEPASPEHeIpX6dGfCGi4
Score

5^/10
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2
- Target
  
  QQĦ¥ܼv22.4/ٷվ.url
- Size
  
  143B
- MD5
  
  a27f91b4da2d7979e43c4dc650a3ee57
- SHA1
  
  a9204df6266aab8ee3384537e39aaf954ba037a3
- SHA256
  
  39dd744fe12efadee8dfa5a01b595a0a753cb6901da9fb00b1c6f6a80e3c1146
- SHA512
  
  4a6c845915fe45dc9ed99b0ea3e3aa769f467ca740972cd9bf5406c8063eff7f22f2a1361a27a6552a92f3434719971686265db331a5b5a0c8568557846355ce
Score

1^/10
behavioral3 behavioral4
- Target
  
  QQĦ¥ܼv22.4/ڼҺ-hao123ַ.url
- Size
  
  136B
- MD5
  
  3672a1006ce0988e658cf49ab3cb4a08
- SHA1
  
  ad5ff52895eda00c87b1f02f7f8bebf1706b8328
- SHA256
  
  fb78252c5a279bcdd1f74e8b9b4f175c004a9c0fbf7a5b5511bc86b6d181d2ff
- SHA512
  
  5012612190236424934013572d1d51d80ee4871b20c99785660087fdbcbd659593a7a6e0c64062d8e2dba5f90739869e4a3c0acb2dd257a298d50c456823b17b
Score

1^/10
behavioral5 behavioral6
- Target
  
  QQĦ¥ܼv22.4/ڼQQܼϵиԶupdate.exe
- Size
  
  727KB
- MD5
  
  5e04b03bb743af69939ebc0e0ef181ff
- SHA1
  
  33d18b1395354c3553bdb3fed86a885e1b8f32de
- SHA256
  
  9b73a7df0651120a74d61ab770c6add90c2d7cdc9ec0e260fca2070e83c06a99
- SHA512
  
  5e2dbf82149d396e8b982c4281224bb5cf96dc4295d2338568e3e270eb0f375108b8c95c0d77a560af2ac396b3d895a145cd156f8cd7ab578ad03d6b64c82ce1
- SSDEEP
  
  12288:bhn7ps1sXXMCj35knZU5r8Z/Ub9V2DGw1NATzSeNpznxo4aQToVc1Yy/:bh7e1sXcCz4CnsGSNATzSeNpDxohq1J/
Score

1^/10
behavioral7 behavioral8
- Target
  
  ɫ.url
- Size
  
  247B
- MD5
  
  f61141aa548cc4ab4a2d6c7f3cf937f6
- SHA1
  
  fbf58d0d18f8ec1fab3e97ca5e3f22b8d8ff92e3
- SHA256
  
  85a29d029946a7b28a2e97479d0539553da84dffe014dd2db2968757a533ba52
- SHA512
  
  d71db1b10f8069bf4161dabe90cfec5d30648c16a75f580dcb355ce1fb56ee628c3a5f84a1d3684d1a7e4c668a329c523c8abbe2decf504ffdfb330ea4183a96
Score

1^/10
behavioral10 behavioral9

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10