Overview

overview

8

Static

static

8

QQ群批�...��.exe

windows7-x64

8

QQ群批�...��.exe

windows10-2004-x64

8

QQ群批�...er.dll

windows7-x64

1

QQ群批�...er.dll

windows10-2004-x64

3

QQ群批�...��.url

windows7-x64

1

QQ群批�...��.url

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1284396c6f7a5d88d4d3eddfe28d751c54fa8763554c669e83c05d927702b053

  • Size

    1.4MB

  • Sample

    221127-hq12yabh5y

  • MD5

    b03b4f57a6bdf05014451e1617cbf239

  • SHA1

    db8f7e03badf16ca01c932ef22cd2826cb56eccd

  • SHA256

    1284396c6f7a5d88d4d3eddfe28d751c54fa8763554c669e83c05d927702b053

  • SHA512

    c93b05745c6f62ef661216bcc8b0519a0777ab54053af6dd7c4d788814430b6e9aa4eaec8a730250c0c927181a2946dbd856ed8da3ecb770ca70a6822367723d

  • SSDEEP

    24576:ONmzn1kA00pbVXEbRLk4VzLgj7V8Fq/MpPpwT6MbuLrt7+6uk+yqS+mu26AgE34m:L9pZMVXgj7eF5phwT6MKt7+/vYvu26z6

Score
8/10
upxvmprotect

Malware Config

Targets

    • Target

      QQ群批量拉人软件2.1/PC协议批量拉人.exe

    • Size

      1.4MB

    • MD5

      f115721e8a5d8715f22b33e4061595e4

    • SHA1

      9bc1582ec7b4cc6af75fe54cb553b9a13bee8b9f

    • SHA256

      4decb5069cc6158206a68edaafcd3eecd47db77e74402e71fefeeb49f7cb8dc5

    • SHA512

      318f0d30acea729f29c1a4ce1a704afb5c90cfc1aadcbb2d0e9d7bd414f9dda568f45a307f3b9275abb5711f7e67dd771dc14114ff5bd90d91e9ad11426e2f27

    • SSDEEP

      24576:ZmcCKaDZXUmX+z8MxT98FE27ud1DX078MPCbBeQRB7mO0TSBzaul1/C295:ZmcHAXU0oV98D7A1b0wMPRaB74G2ul1/

    Score
    8/10
    upxvmprotect

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

      vmprotect

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

    • Target

      QQ群批量拉人软件2.1/UUWisehelper.dll

    • Size

      118KB

    • MD5

      2725e51ac1906b999c81319aa4cb0c45

    • SHA1

      babe7f11c5af056a0a569c1a982478ac698aea6c

    • SHA256

      0aa6ca66a683b6e8baf78f2d5e91a016e3a6fb5470d42080d39ca43c03f2f3ba

    • SHA512

      2af4679579dc077977060c4ca2ec1f562affb2492e8b4f2dd965948090c105b49d93ecee28374c2fc1a29df00a090c223b1e424841ec702d256923c42bb0a1dc

    • SSDEEP

      1536:czR/k08QIGChujtNVEmFKg9v4ReW92eX80OjvI/eKB4njUS5Dc1L:cl/k08fG0cK0BUBygdBjS5Dc1

    Score
    3/10
    behavioral3behavioral4

    • Target

      QQ群批量拉人软件2.1/数码资源网.url

    • Size

      244B

    • MD5

      305983ae6219bf10d517e168b3ebe5ea

    • SHA1

      b30177e0d7aa2c46843fa9c728c8a9319f34c6a1

    • SHA256

      a4a66ca6e527f6b5a344ec48235b21666f44d19f710ea5d75332e6a4263d027f

    • SHA512

      def75af02cb32b05d19cea6ac978941f93b659fc23a3d8ea29f60874c6875a08274403c125452bd14fc2e878e193eecca70b83f19c22881e3f9a8ab4f6afcb28

    Score
    1/10
    behavioral5behavioral6

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

Peripheral Device Discovery

1
T1120

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks