Overview

overview

8

Static

static

wlycrqjl/W...��.exe

windows7-x64

3

wlycrqjl/W...��.exe

windows10-2004-x64

3

wlycrqjl/lpk.dll

windows7-x64

8

wlycrqjl/lpk.dll

windows10-2004-x64

8

wlycrqjl/�...��.url

windows7-x64

1

wlycrqjl/�...��.url

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    340b3710352f4446fdccbda281cdbe1c80ba7ce19d4c09db3137240feb9815e0

  • Size

    430KB

  • Sample

    221127-jrx74sef31

  • MD5

    d9daa35ba9f6746b7c85c468014e0f9a

  • SHA1

    e860bf514ead7b38d800c5280884affc40f6453c

  • SHA256

    340b3710352f4446fdccbda281cdbe1c80ba7ce19d4c09db3137240feb9815e0

  • SHA512

    4f5ed867cceb520ee53b9449c33fef2f484329507ace684de9119d99e3b1e3ba5435fae16f5674c778592d787a0e5a1fbeb2e7ec0533d4eddb24fdc5392dbe3c

  • SSDEEP

    12288:MmvSErV8XQF1L2eLp6rK6UEYfMNzYtbGQbS2:MmarXsrVNEjNzmp

Score
8/10

Malware Config

Targets

    • Target

      wlycrqjl/WLYC空间人气精灵.exe

    • Size

      976KB

    • MD5

      d77d68a00c1cc68629757fabd4fe6f0f

    • SHA1

      03f6b0bbfc5ebb358a9ed6ff5b0214e7d30b2cd5

    • SHA256

      f8819972bd97ca14421277d2894bbf496a59eb04905390dacb92381cfe51e270

    • SHA512

      3e0d74489982b0ad379a26917a3628c3d79ca7e2edb8d4d11a2873beb62df18ebb4109c1d37ce2dd307811799fc9616cc79484b4cb0d77d8445327ca6f2a3c34

    • SSDEEP

      12288:9HybiwFlJ6i/jNmFHsKYMMnML1Vf/JykmkRd+7R5nWFpPoShqI:9wiwFH6yyHxYbnMVyklR/bv

    Score
    3/10
    behavioral1behavioral2

    • Target

      wlycrqjl/lpk.dll

    • Size

      45KB

    • MD5

      6d69be00f87b765e1cf5c7303a2f4cd6

    • SHA1

      dcfd01e48cb6fd4abfb2168c927751396645fc88

    • SHA256

      3436427ba41d6b61d1cfc198f7bc1b2111ce6a69db83514acceb05c391c8c67c

    • SHA512

      a6f377b6ce9649a3b846c01074307d6dec93882e98de65fa032f65e314cfd71bfffa88b7829c24559b55f6a2b9fcea24728db04314777b27988545fb3efd7867

    • SSDEEP

      768:zojY9P368uUCS77GhGLhLpms1R6o9yHHojY9P:GmP6BS7LL18do9yHSm

    Score
    8/10

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

    behavioral3behavioral4

    • Target

      wlycrqjl/数码资源网.url

    • Size

      244B

    • MD5

      305983ae6219bf10d517e168b3ebe5ea

    • SHA1

      b30177e0d7aa2c46843fa9c728c8a9319f34c6a1

    • SHA256

      a4a66ca6e527f6b5a344ec48235b21666f44d19f710ea5d75332e6a4263d027f

    • SHA512

      def75af02cb32b05d19cea6ac978941f93b659fc23a3d8ea29f60874c6875a08274403c125452bd14fc2e878e193eecca70b83f19c22881e3f9a8ab4f6afcb28

    Score
    1/10
    behavioral5behavioral6

MITRE ATT&CK Enterprise v6

Tasks