Overview

overview

8

Static

static

8

炫舞刷y...��.url

windows7-x64

1

炫舞刷y...��.url

windows10-2004-x64

1

炫舞刷y...��.exe

windows7-x64

8

炫舞刷y...��.exe

windows10-2004-x64

8

炫舞刷y...��.doc

windows7-x64

4

炫舞刷y...��.doc

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4140c5491f53e8cf847b36007c7c554f6c61638bf697fd8874287427dd6b2067

  • Size

    1.8MB

  • Sample

    221127-g7s7zseh87

  • MD5

    71f1967ad66ea42cfc2189d31b27712a

  • SHA1

    a1b48a453fa1784d0ba01ac2ee2e24149658a8ab

  • SHA256

    4140c5491f53e8cf847b36007c7c554f6c61638bf697fd8874287427dd6b2067

  • SHA512

    38e6f8e80f0e2c5b5782b7d46c9d96a7c4b61358e5413b4af56f4ecaafe4c545402ad404075cb8e466525525b76362a2fd7f85911d07845e4f4ff21e6c1e33e1

  • SSDEEP

    49152:zrriGOWLDDWWQ+3zqPMLnNE07o369+T+eZFvdW:HrixWPDNDePqE07R99eZFlW

Score
8/10
persistenceupx

Malware Config

Targets

    • Target

      炫舞刷yy挂-非自慰-3.5.8版/官方网站.url

    • Size

      250B

    • MD5

      5af9ec5cf13dd8810c976f386de95818

    • SHA1

      cf19133c64ec6d0d892cd853db24dbc3db81169b

    • SHA256

      4065c83f6eb7e8454faddea3df22fcef4dd737a9538fc276e3067eef8e67c60c

    • SHA512

      2e132c34200b2d908e1d7b64be42f617352725d547050689942491088cf02c4b8af6d159e7090ba34ac9e8ee6b83f9e3e2d6ee6c809929cc52b20dbdeccc46c5

    Score
    1/10
    behavioral1behavioral2

    • Target

      炫舞刷yy挂-非自慰-3.5.8版/炫舞YY挂-非自慰.exe

    • Size

      1.5MB

    • MD5

      0e8a0a3a8f9a4c23fdec2f680d3f02aa

    • SHA1

      c8bafc09dc69a1ae6d4bf85744950caa3ceddc35

    • SHA256

      802ca91970bb59610724819f2b6980c97240258858c2483594c732a37f6a4e8e

    • SHA512

      8d11ddb2aa2ec3a5736968c195444304745e3d2a87ba5259479141caa40eba3cc6d5b36b5debf8f7c79add4b2cf2de9f0a51c3dcdc126bd49311bd5b2f1188de

    • SSDEEP

      49152:DzjtfVRMzqmTvCH6NPHnvSqL7kjxZbDo7im7b0X:vjVYzqmLCH6NPHnTL7kjxZbD4f7b0

    Score
    8/10
    upxpersistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence
    behavioral3behavioral4

    • Target

      炫舞刷yy挂-非自慰-3.5.8版/详细内容.doc

    • Size

      366KB

    • MD5

      b6597eb8aba76077497ab830860e009e

    • SHA1

      7b4c5956a1760aaa1e326b2183a9c4337449cc4a

    • SHA256

      c1d068e4ffb8139ff153a726a62eb380aca6cfa9b417cf7d8096affd5ca7f3dc

    • SHA512

      e699582ac0d81c7a9b1cfa51af95429820db319a0a0c3b05aca5e8310d32af5a07b97bf5a536aabd81fdc3620a05111ed702e7d820934a46687d9af8ba1a6a3b

    • SSDEEP

      6144:e50KFuFghqLXkYcmSEGNujQFVh7voeuNuNnWScaN8DvLXE3k5AMQvSx:e50KAahq7v/GNujQFX7vHuNu/WDTcWnp

    Score
    4/10
    behavioral5behavioral6

MITRE ATT&CK Enterprise v6

Tasks