Overview

overview

8

Static

static

8

急速辅�...ew.dll

windows7-x64

1

急速辅�...ew.dll

windows10-2004-x64

1

急速辅�...YS.dll

windows7-x64

1

急速辅�...YS.dll

windows10-2004-x64

1

急速辅�...om.dll

windows7-x64

3

急速辅�...om.dll

windows10-2004-x64

3

急速辅�...p1.dll

windows7-x64

3

急速辅�...p1.dll

windows10-2004-x64

3

急速辅�...PI.dll

windows7-x64

1

急速辅�...PI.dll

windows10-2004-x64

1

急速辅�...et.dll

windows7-x64

1

急速辅�...et.dll

windows10-2004-x64

1

急速辅�...ln.dll

windows7-x64

1

急速辅�...ln.dll

windows10-2004-x64

1

急速辅�...ll.dll

windows7-x64

1

急速辅�...ll.dll

windows10-2004-x64

1

急速辅�...Ex.dll

windows7-x64

1

急速辅�...Ex.dll

windows10-2004-x64

1

急速辅�...ec.dll

windows7-x64

1

急速辅�...ec.dll

windows10-2004-x64

1

急速辅�....3.exe

windows7-x64

1

急速辅�....3.exe

windows10-2004-x64

1

急速辅�...3K.dll

windows7-x64

8

急速辅�...3K.dll

windows10-2004-x64

8

急速辅�...KY.dll

windows7-x64

8

急速辅�...KY.dll

windows10-2004-x64

8

急速辅�...me.dll

windows7-x64

8

急速辅�...me.dll

windows10-2004-x64

8

急速辅�...��.exe

windows7-x64

8

急速辅�...��.exe

windows10-2004-x64

8

急速辅�...56.exe

windows7-x64

8

急速辅�...56.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a0dcf63ff683243a2dd902ce32c6b9c607e953be27d7cdf056a1ef777015d1b8

  • Size

    22.1MB

  • Sample

    221127-fymheabh99

  • MD5

    b0b703c56061c16039452d0735ba516b

  • SHA1

    7147eafc5c44e29e6cc66c26f9819e3ec48a2e8c

  • SHA256

    a0dcf63ff683243a2dd902ce32c6b9c607e953be27d7cdf056a1ef777015d1b8

  • SHA512

    0fa332cd71f030fc9d34cc05170f67d30f9028c74e58e25a168bf9c12b316f9ca0f76c51aed98d5251c1c476199c7ff9c8f4c107074469cfa75f5948474ef4af

  • SSDEEP

    393216:IK+DoqcM+RBzyyewF/oi9cOUTafNl6sETRp4IozTOX97SLipdiOLEFSx:ait7poi9AeF7ElVEOX97S2fiOAF2

Score
8/10
upxvmprotect

Malware Config

Targets

    • Target

      急速辅助免费版1120/前锋加速器/HtmlView.fne

    • Size

      224KB

    • MD5

      2c0b196cb4b98677c77aa810e7f1f072

    • SHA1

      b8ba545ebb7b55c7371cd7c18d78dfebbba33866

    • SHA256

      8d32a07500380f9b900134fecf01068d025f7b7b27c998066a321710db5a5f0d

    • SHA512

      39713b827cae220ae1d2f6b968bb689f72e583f1f5024260f54744c332ca99ed5a9508bcea6c143df31faa5a362e40fc5e7d2215a5c7f6c095c3951662a9b76f

    • SSDEEP

      3072:fz31EsnwzDXnva3uSoSNLIUCUbaAXZAlXpgoPNr3C2jo+xPsXC:X+nvaToaCsv6XtNh

    Score
    1/10
    behavioral1behavioral2

    • Target

      急速辅助免费版1120/前锋加速器/SYS.dll

    • Size

      33KB

    • MD5

      36b00f7278553b7402c890ed7bc9a5c5

    • SHA1

      f15442c01d2cfff82f0fb613ff679b450efee73d

    • SHA256

      cdcad8b543d5b078a4869e335aa3a0ccf9099a0baab806d396ad0ca2556aaa45

    • SHA512

      0c27b9f8213cc49d3c3f97a615236dc86ed4d65b41ac0a6a1c596438f7e308a73f7b8cd1b8be4f370cecae8122278bbacf8e7d41aeb9b13ebfc78cc00817f2fe

    • SSDEEP

      384:TmYWDn+cpDTcn6m3JfVlrrrgovC4mMfnYPLhU1vv:iYcn5DYdNprLC4mMfR

    Score
    1/10
    behavioral3behavioral4

    • Target

      急速辅助免费版1120/前锋加速器/com.run

    • Size

      260KB

    • MD5

      a50997b4c89c65c884962b7329f79482

    • SHA1

      0682991c12e6291e4cda784f9bcec9d94e929f99

    • SHA256

      ecff85bf05907c9806b66c8a18e21dbf689ed28c5fba9c5e3dc8a38a51d9c5de

    • SHA512

      273339549636c12b0faa634be1eaee78ef504df35014d7c82ac979eea4bde8a3d69f3b232dc49e8f3ccafa0a72edaf576a9d69ea031681d6a9ed9a5e0bfde9ab

    • SSDEEP

      3072:oE3SIWawqQX1yfkL7CfDyiOUAVvzUT3F4a3OMn08Mm/5zIuBEgWo0iM//Ke6N:A1nLO7PAhzUx4agasH//

    Score
    3/10
    behavioral5behavioral6

    • Target

      急速辅助免费版1120/前锋加速器/dp1.fne

    • Size

      128KB

    • MD5

      07201b1fd5f8925dd49a4556ac3b5bab

    • SHA1

      a76afbb44376912f823f2b461507c28d2585a96c

    • SHA256

      abebbb0981d3d51eb63abcfa68be98da0cae4e6e3b143dd431fc845d1457dbd2

    • SHA512

      0cf673ce1b6cad38f0211231e876f00f6a8397a5f3e71680046f4a216bbe0f47f4541e5f5b49364310e41a04cce14703459725c3d9f052f9da13624e73753e12

    • SSDEEP

      1536:tiDSn+hfeTpCwAncpZ6Z8HTiQjl1sYiKG3oe/:UDTReTgwAcp9lqKG3o

    Score
    3/10
    behavioral7behavioral8

    • Target

      急速辅助免费版1120/前锋加速器/eAPI.fne

    • Size

      320KB

    • MD5

      75e3942b26c39888cc2ee9b732a101c8

    • SHA1

      31fafc5d186101da0a546ff044765e5e22efadbd

    • SHA256

      dc48317159bbdb48ce79932411561c2be9efc3ce952dfd698609bd4033256f05

    • SHA512

      c664365c20fc2da3117f142f819961a7db29c3bc4a453fefdfc534e34a4c1012794c58915183822e7ff7f05c604c321c5ce1631c1fc9a97c37ebc5b4322bf040

    • SSDEEP

      6144:yVv24BZWu21ov/di3CqinRzQA4WVEuwQ+jNb:yVvHop8SCqgrvvwQ8

    Score
    1/10
    behavioral10behavioral9

    • Target

      急速辅助免费版1120/前锋加速器/internet.fne

    • Size

      188KB

    • MD5

      7b129c5916896c845752f93b9635fc4c

    • SHA1

      e3fc632af5e1f36e8022e651f64eb8f8381c73c3

    • SHA256

      adc45970f4a0eafd2f372302f64836802380c253096a99ca964677a70a7128f8

    • SHA512

      c72dd4043e7cdc0ccefe26ce8a6d05701b4c610f88ab827e6731296da76b8cbe5b63c0970954ec7616369172b8b8f9cb546545271be3e86c18c54d0b9cad8f95

    • SSDEEP

      3072:mpTEys+TR7yRoHzXjlhvtcxVIThpEbbAKNXoqlSY9M02MF8:mpTEt+ycLHlCIThpEX9+XM

    Score
    1/10
    behavioral11behavioral12

    • Target

      急速辅助免费版1120/前锋加速器/krnln.fnr

    • Size

      1.0MB

    • MD5

      44e2ca67c060fbe3dc0d030149f5a478

    • SHA1

      5df61eb626bc3849893701942114609c1086d496

    • SHA256

      6ced19283dbbb95f264448f380592f4e98ba8228efca2f68821ab3ae61029d93

    • SHA512

      1a348c7585d78dd68c1d0e059ea1d7cea57c1aeff734f834f75025719b9fdd0e9bb16aebe75e15502a1b83106387eaa9493b8990999e0a68b62c1afdbc8cf45e

    • SSDEEP

      12288:rb0+sqCE6yy4bmhSd+1YCHYFZzktq0TNSARuOrRUVbNGvNXXYA/2b:AjE6+bhiHYF5kZI6uOrRUjYNXXYA/

    Score
    1/10
    behavioral13behavioral14

    • Target

      急速辅助免费版1120/前锋加速器/shell.fne

    • Size

      60KB

    • MD5

      98174c8c2995000efbda01e1b86a1d4d

    • SHA1

      7e71a5a029a203e4ab0afc68eee18c39f4ab4097

    • SHA256

      90284c2ead0598faa715cc90c1f53b83b916099c918ce7f816f0b4550ff55ac6

    • SHA512

      a37059062a99cd2a9fae15850b49068752ccf0be9f1d86c3f812a689b7c4d024771ec2b66adf9ce950bc5b8b117d457aba87d586cf112a1a30239531bfc8cd06

    • SSDEEP

      768:eeZWaAKT41c1IYc8HBbrYNYVw2Fj9oNIqF42eofVU:eBKT4fkrymV7oNIqC8f6

    Score
    1/10
    behavioral15behavioral16

    • Target

      急速辅助免费版1120/前锋加速器/shellEx.fne

    • Size

      14KB

    • MD5

      cbe7b9dbe063b6f94b1b53e936f6c0a4

    • SHA1

      9dc41d44da76f65f00bd74e59cfb2be07f19756a

    • SHA256

      f7f2a1dee67bb04b990d04eae4fd5d83a4b415b0ccfba83d557f1373b0119f36

    • SHA512

      81580a1beb8594ec8687b680338f2ff7cec5af312ff28cab4aaa63ce3aeac6d5cf26b00e8bd42cfce29439d65a41211bbb796f6d80498642de3271c834a7a129

    • SSDEEP

      192:gMmfK8f2azD84R42B6rRBPMgKvT+lvxFwvjvx4QxyfCkS:gM4K8f2Kb+0QkCvHw7vwC

    Score
    1/10
    behavioral17behavioral18

    • Target

      急速辅助免费版1120/前锋加速器/spec.fne

    • Size

      88KB

    • MD5

      51d7be0ca4431fec32d0ba0978cb2cae

    • SHA1

      1aa65ca721bd881b615b16602f6bc7cc4c7d74d8

    • SHA256

      1e4d44d3a865a766517057c199eda71e005e56c13fce2c4137b66d185a416986

    • SHA512

      5cf2214bc60dde261f44aa339ba1943f5c9b70337a11d064185224b3dcfc705e55386c95de280b6d05c4b60a318abbfa3d5728724c28dfc009d57c3bbfd76ef5

    • SSDEEP

      1536:DcrPILJRJT/DpWc6hVoabwhfoeW7JsVRj0:QrMW1ojfolax0

    Score
    1/10
    behavioral19behavioral20

    • Target

      急速辅助免费版1120/前锋加速器/前锋加速器1.3.exe

    • Size

      1.2MB

    • MD5

      3ac68a77e06d50b0a84f1223577f660c

    • SHA1

      3c2ff18d7a5c8488315eeb85b2ab3363460491aa

    • SHA256

      62257d72acc71d2839ef6c59eafc67fbe998ceadeb1c346e0ed48da2591e0319

    • SHA512

      06a184010515c2ab56791968524808da41d4de35b9d142b633d050c1fb544af3e738087fa4eb35b46bbdb5542b611662988d291c80dd87e25b164def65237a57

    • SSDEEP

      24576:lplQ21myoVTnqsf0Bt+NRYAKyklCbbX/B7os7kUju3rnO:lfQ2AyoVesfnRYBRlCHx

    Score
    1/10
    behavioral21behavioral22

    • Target

      急速辅助免费版1120/急速免费版1120(账号test密码123456)/3K.dat

    • Size

      1.9MB

    • MD5

      6203bca868d92aba0d0f0f2a3a960126

    • SHA1

      19e2ecf3234cbc160ef97db1d4b9518320411d1b

    • SHA256

      36cdb077066f8b1588c5f4f8720c5a24548a935b570b0ff5017d9b4dfacf2dfa

    • SHA512

      52b0b15d2ee448a0fac1d59001b30d2781ea59da8d28dcb8f62091d125fdbfe8707c53ee12779fa33da851790f0c5120ca91da7c779a7d9800a773f0fe72a0cf

    • SSDEEP

      49152:KnSnexfKCV8Q2ER86/iq842RKL6eu+PovJ:dnexfKCWQ18uR2oLxu+Po

    Score
    8/10
    vmprotect

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

      vmprotect
    behavioral23behavioral24

    • Target

      急速辅助免费版1120/急速免费版1120(账号test密码123456)/SKY.dat

    • Size

      2.8MB

    • MD5

      cc13fc01be4af136e42c2296fb0801ac

    • SHA1

      10682bca093fa2e32f9873902ebce2518264f86d

    • SHA256

      eabda8bacc9772ef8d528a47fe9d9dcbb589b9a7db410972c3e332346434e7ef

    • SHA512

      e42d4f81cdcf9cda52831a8cc59513d6513ecc9454c985280c6003ca4d05af200ab3e56c3273d91f0a85a5fca201fae33c756e344693a0c32f86e845a2ef40fd

    • SSDEEP

      49152:UHslDt2okV9wob/fsuY3IOY4Swtus8nBXPVmVP+E0:nJ2okV9wob7Br7s6d

    Score
    8/10
    vmprotect

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

      vmprotect
    behavioral25behavioral26

    • Target

      急速辅助免费版1120/急速免费版1120(账号test密码123456)/game.dll

    • Size

      829KB

    • MD5

      bb6b8fbcbbf0ce880bfb174de7319334

    • SHA1

      a47b2f845d39a6da602e46293ca58da7d014e988

    • SHA256

      297aafaf69c972826912f0faccb1f4cdb0b5bf8826a937cb4ce66c71677f350a

    • SHA512

      ed2c3f7bbf5115848367ce1a7e933f6b1dae72646829ab35ca66ccaf95d9f17696bdc099cb9ed324133083963e5d906c7fed19e5758eda0be1695d293484b775

    • SSDEEP

      12288:ifwaCksSKrsWn5TmE/a1O0G7Lg6iFvZZLw9LaCXKEiaBfaBp2m4/hxzEo4nlC4zV:qXs1nME/a1mLsFvPw9+Moj4PEjl7zO8

    Score
    8/10
    vmprotect

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

      vmprotect

    • Drops file in System32 directory

    behavioral27behavioral28

    • Target

      急速辅助免费版1120/急速免费版1120(账号test密码123456)/极限处理器.exe

    • Size

      4.1MB

    • MD5

      4707f303bf7416fdb58e2ae62e64714c

    • SHA1

      1645325a57bd9a4b92aceae98661dc2a6d9d9293

    • SHA256

      db9f698360d7ca795075fbbaf62b60dea53cb060d6b7640c8dfc268b18bf8af3

    • SHA512

      76f65af2918685ccdbb2f7bbb83c0f9ab3abfbc927a94b2a52ebac9fd54de54cec5b95bc4294d89b2756c7c05f9263a0c077d4b302bd0b1e4f3616cfcbd92ce4

    • SSDEEP

      98304:tJkE1sb/ywRW3p5O1OJa3BVuFsCxlejnlXOXiw3oDl3Yqw:THWR8/UOaMlxgDNOOF

    Score
    8/10
    vmprotect

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

      vmprotect
    behavioral29behavioral30

    • Target

      急速辅助免费版1120/急速免费版1120(账号test密码123456)/账号test密码123456.exe

    • Size

      11.4MB

    • MD5

      4ca2b92346da55dabbc66eda9a767afc

    • SHA1

      4dd740230a289742aae8d12602f797bd36ec12dc

    • SHA256

      3216fb42e410628282217b865e93fa68aaedae52c9720d2ef7f5d967a57ee61f

    • SHA512

      66a5144487cc342064e324bfab3951e1fbf586359d44ad68447aa4d23d1bb621ca1311fabb4c6170ee95c6de1b59e98745a33b0d71dfe7a8e2645ac9a8d54f34

    • SSDEEP

      196608:CEgpi+gAopuROmoWrJe1cmk+At/DnNshvgcwAiRF5iwV:CEgpi+gAGoqWgcmkd/DNs5gDf4

    Score
    8/10
    upxvmprotect

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

      vmprotect
    behavioral31behavioral32

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

vmprotect
Score
8/10

behavioral1

Score
1/10

behavioral2

Score
1/10

behavioral3

Score
1/10

behavioral4

Score
1/10

behavioral5

Score
3/10

behavioral6

Score
3/10

behavioral7

Score
3/10

behavioral8

Score
3/10

behavioral9

Score
1/10

behavioral10

Score
1/10

behavioral11

Score
1/10

behavioral12

Score
1/10

behavioral13

Score
1/10

behavioral14

Score
1/10

behavioral15

Score
1/10

behavioral16

Score
1/10

behavioral17

Score
1/10

behavioral18

Score
1/10

behavioral19

Score
1/10

behavioral20

Score
1/10

behavioral21

Score
1/10

behavioral22

Score
1/10

behavioral23

vmprotect
Score
8/10

behavioral24

vmprotect
Score
8/10

behavioral25

vmprotect
Score
8/10

behavioral26

vmprotect
Score
8/10

behavioral27

vmprotect
Score
8/10

behavioral28

vmprotect
Score
8/10

behavioral29

vmprotect
Score
8/10

behavioral30

vmprotect
Score
8/10

behavioral31

upxvmprotect
Score
8/10

behavioral32

vmprotect
Score
8/10