cc84cfcbc9118b57981870a36f579734b18a17c6ea1f0ac3d9538ed5dc431c39 | Triage

Submit
Reports

Overview

overview

8

Static

static

8

ǹ�....6.exe

windows7-x64

8

ǹ�....6.exe

windows10-2004-x64

8

�...��.url

windows7-x64

1

�...��.url

windows10-2004-x64

1

Sharing

General

Target

cc84cfcbc9118b57981870a36f579734b18a17c6ea1f0ac3d9538ed5dc431c39
Size

1.8MB
Sample

221127-fc7lfseb5w
MD5

4b287827dae075205e2428c4f3e76b34
SHA1

3e093cc6453fe6f7e767f98e5f40e02bac95d509
SHA256

cc84cfcbc9118b57981870a36f579734b18a17c6ea1f0ac3d9538ed5dc431c39
SHA512

f62f6250433dda6c7b2f38cf056782fb663b60eb0faf7ae72462a2b12f16e8e75f4ce360ccdc22237c9bf6b3b4989195b9f7877c5560db794ea72477ad36d263
SSDEEP

24576:JtmJxJPEaUG4vOildOkwvlMiXhy0Ju6G853GSRK5RmEnXNPKZRFW3JopbA9Sf4Rp:J06EHudOkw6why00IjRK5RmEnZjaYS2V

Score

8^/10

upx vmprotect

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

ǹV1.6/ǹV1.6.exe

Resource

win7-20221111-en

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

ǹV1.6/ǹV1.6.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

4 signatures

150 seconds

Behavioral task

behavioral3

Sample

QQ.url

Resource

win7-20221111-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral4

Sample

QQ.url

Resource

win10v2004-20221111-en

windows10-2004-x64

0 signatures

150 seconds

Malware Config

Targets

- Target
  
  ǹV1.6/ǹV1.6.exe
- Size
  
  2.4MB
- MD5
  
  0c90bd5a7a173b066d989a117fab9a2f
- SHA1
  
  55ed8f1a30b39bc707f282f2b959b6a7cdb7740b
- SHA256
  
  58994690dae0bf00a26f174ae290da4727d207a4a02cfccd8dbab5c687b621b2
- SHA512
  
  d102258bd70d4a02a5e59bbdbd2093eda5eeb6d5b32c3963a60445f582db700ee96b28d59bf1adc53e8f3898269d1ac146413b48eaa9b96e46aa4deeb9105465
- SSDEEP
  
  49152:qTs8oFSGEVfyOjKaZWwn+0c0EHGh8eBYVol2Ryc/UPQXC:/LQ5fyOG1wn+LdH5eBWRyoUPQS
Score

8^/10

upx vmprotect
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- VMProtect packed file
  Detects executables packed with VMProtect commercial packer.
  vmprotect
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2
- Target
  
  QQ.url
- Size
  
  126B
- MD5
  
  9f36733525857a875b9aa9b0dc78da08
- SHA1
  
  9b7bf725cc7a90bf159ad1958b043adb16e36a9e
- SHA256
  
  97c3de62e4bf28be46b48a65a349d3ab190ebad5602b8c6e92230d0a1c432ad2
- SHA512
  
  72cb12cd8257add1e58d436f69c1f9d6cbfe515a172608943f30e46db376be5873a0ba6c58f81a269b6758419a4ea6b56cfd2dc40d86b4ffab47f0e90815ac85
Score

1^/10
behavioral3 behavioral4

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

© 2018-2024

Terms | Privacy