169749ad1a1fddd6ec1e7efcab7469e1fdde99e5788ea5c12ec7089ecc146c5d

Sharing

Copy URL

Twitter E-mail

General

Target

169749ad1a1fddd6ec1e7efcab7469e1fdde99e5788ea5c12ec7089ecc146c5d
Size

3.4MB
Sample

221127-mjk5csea8v
MD5

e13f99d05e221f25fd27e302fcc09c91
SHA1

bba7899c40bc5ed76bf19aeee54084a0d13fab28
SHA256

169749ad1a1fddd6ec1e7efcab7469e1fdde99e5788ea5c12ec7089ecc146c5d
SHA512

53a990076a32c6c0cdfab66d27b3eea23d44b6ea0baa9ee99197fbc8fa1c7876af96cef53d32ef7119d58d02f701386672e2770b34abca43ad1f730bf6cf7402
SSDEEP

98304:U3nBsxMD1kjRG46h8ur1BsxMD1kjRG46hEaBHfDDbID65k:AFmR56yuLmR56yO73IDUk

Score

5^/10

linux

Malware Config

Targets

- Target
  
  DituhuiManager.exe
- Size
  
  71KB
- MD5
  
  edeec8dafd9c5574c2bf92f52797abec
- SHA1
  
  ece59f1f265701d4bab9835eb4f162c16de607ea
- SHA256
  
  f54dd7a6724c32ce7dd5d978c2120411638e2120c40df25f8fcf570b56ca99a8
- SHA512
  
  43fa8cd75fea6d59cbcb4c7c019d93e519063ee204eac5d008d32493336ac19c4a80b44f01e97b3b4494f971d2c2936c282e86dedd882483e5eac2d0bc091fc6
- SSDEEP
  
  1536:wBoWdHaDLw7iJju+EFEJah1B+apGLatf1n/qr6:NWdHaDfJjwiahOapJtf1/qr6
Score

1^/10
behavioral1 behavioral2
- Target
  
  Stop.exe
- Size
  
  69KB
- MD5
  
  1b9e79d01355e1e66889f1a5144a559b
- SHA1
  
  b3addb8785a42247e1983dfe9383caf544a60279
- SHA256
  
  994322d06e38af6b94b8894dc9e65af98af89b5c944bdc2067f3f116deef480c
- SHA512
  
  b5140f9eece40bbc58d0bf4d70a2566cfec0e13766d0516b166ab2908d1c3f92c264a612c67acf6657e389a01a7909229c15cfcc26e7e82903e383c79e09afed
- SSDEEP
  
  1536:QBoWdHaDLw7iJju+EFEJah1B+apGLatQV7qnx:tWdHaDfJjwiahOapJtQpqnx
Score

1^/10
behavioral3 behavioral4
- Target
  
  contrib/geo2nginx.pl
- Size
  
  1KB
- MD5
  
  35670709be7fc98fb47013f565f55730
- SHA1
  
  f5b8473781ef13c55f9e9d4df3c615cb1fd58d05
- SHA256
  
  710cc6ea2fefe73c908addf6cb84c08f1da1310ddd9fba87f3bd8c87e3d4a350
- SHA512
  
  d33685d39c6cd521d6e9fa6d0ab39cee125d9c7484d32afaef1832ac78bef35fc2a7b1908761198e547cd5bd61cdf5cda1e6bcebbf04e928dd13dc73a7a4cac9
Score

5^/10
- Writes file to tmp directory
  Malware often drops required files in the /tmp directory.
behavioral5 behavioral6 behavioral7 behavioral8
- Target
  
  contrib/unicode2nginx/unicode-to-nginx.pl
- Size
  
  1KB
- MD5
  
  84975d779d465085b1b16a76626c5efb
- SHA1
  
  f93bd0a066ec89d30bd39d9d6ee5973fbd6df4d0
- SHA256
  
  5960a08bdf1de428f1c4176c81d8e161d61f608be7b22d47a2401b8912062629
- SHA512
  
  963b9b6fcaec8d61e074ccf174d17f618b30ba4d7a2584bac7a034e8cc1e44f6dab78df82ecb57edf2f5cdacf3f35861b07ed5060fbe37d3a23ac9bc8b2726fa
Score

5^/10
- Writes file to tmp directory
  Malware often drops required files in the /tmp directory.
behavioral10 behavioral11 behavioral12 behavioral9
- Target
  
  dituhui/index.html
- Size
  
  3KB
- MD5
  
  886c7416f57362e50059359c9cf16f98
- SHA1
  
  168fdb82fdb3779ea4f8b5df333cb5457244574a
- SHA256
  
  4f4e67e4fdbcda6654241243e17ade20ca742054e9c8d65ac99b29106af1e12e
- SHA512
  
  b9633a4bfd6082d73096bfeb0affbdf243ee1a3a260ee76226c89e169831dd8a7a63fb700787e9eeb06d8d21e0ad270a7d67898fb69b5a8803ec98b00ec2587b
Score

1^/10
behavioral13 behavioral14
- Target
  
  dituhui/js/jquery.min.js
- Size
  
  90KB
- MD5
  
  e0e0559014b222245deb26b6ae8bd940
- SHA1
  
  e2f3603e23711f6446f278a411d905623d65201e
- SHA256
  
  89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
- SHA512
  
  60740da8f871b8263675db2421b0e565fc18e95c772f7c3d5916f224263cd71a6a2e6acceab2f6f8ba1c0607951f0198f525d87d0589fa57045b1d5f292dacf0
- SSDEEP
  
  1536:q4mCgi8DyCuXXFiJ+L0kJQsJVPEKLQRZdC/RlfDknv+p0WzH/IoSZ7qABZnu0sFv:qGsKXlI2p0WPSbDrstfam
Score

1^/10
behavioral15 behavioral16
- Target
  
  dituhui/js/jquery.zclip.js
- Size
  
  7KB
- MD5
  
  ed3ba6e9aeed8aa665844e5ade17576e
- SHA1
  
  8c8b08b8592734439278e62bf913646b61412f23
- SHA256
  
  ae63c897e26d3cab90b28bd9fa6adde37fc323582619ad9318f48e117cbf64ab
- SHA512
  
  60715d6a8f50e8c4127d6298af44a884a1f69c2a1dcec637e9966a060f42aa60729a6e10457012c1d0054c8605105f87b1102fb6f3d3fb4690e919ef6cabbcc7
- SSDEEP
  
  192:iJBycsQEyvg2BN9mb1FBnQXvKsg9asEnED:4BTsNyvgKOFBnQX9gEo
Score

1^/10
behavioral17 behavioral18
- Target
  
  dituhui/maps/9bd1e64d01ecb83521ce85c652bad6cc/dituhui.swf
- Size
  
  895KB
- MD5
  
  40f27f33abaafcf1a00d9b962afb3ea9
- SHA1
  
  4d2eeaeb79000d0a9988d0593b96c497ce3820ca
- SHA256
  
  437e6e4a48b798fa0890b807ebb4ae6715bf6157a7ea7d68a81402a008fc2a6c
- SHA512
  
  ca5994f2305a68093ac443e936d32624328cd29b82fffa7db683c1fa9ff2a06cb13e30814e06bb4057279f98b51efab74dda8c8f1f1089f833a0e9c00a80c776
- SSDEEP
  
  24576:wpo7hVll0wjmMTxdRctaYsl4b2TymmZWVGvSE0rOHbRXpODX:w6lltxrKsCbTWVGvXHnO7
Score

3^/10
behavioral19 behavioral20
- Target
  
  dituhui/maps/9bd1e64d01ecb83521ce85c652bad6cc/index.html
- Size
  
  5KB
- MD5
  
  9c764082b2cdc45f8fd7ac741754f8c0
- SHA1
  
  32997ebb2841dd9b08f8a04c22da66e1440cef46
- SHA256
  
  f311ec0cd1064b0513007e0b0cee24715cd89d358076c4940ba461a179068801
- SHA512
  
  5f11ffedfb67af7eb8ef36d23fb1a8ad16e46075f9aeb54d9b6d08335606746014f0e08ea19a773724b55238530de44dca859219d8a1428ab3b0e6adf9027827
- SSDEEP
  
  96:SC9dXLTdzAd9XFBEtKnBwpLp+AKBjv2FHL:SC/Xfid9DEJt+H01L
Score

1^/10
behavioral21 behavioral22
- Target
  
  dituhui/maps/9bd1e64d01ecb83521ce85c652bad6cc/swfobject.js
- Size
  
  25KB
- MD5
  
  b9697feec5732af790e8ebe7e1203268
- SHA1
  
  06bca3cbc44ef36774ae8734867767cdebc5be80
- SHA256
  
  0d2feb3f93e3218ca3330bfaf1e91712cf1189723b58654a26e91697c05388ff
- SHA512
  
  4a59700e1aec26c7396578403a644c0760aa2c050ea48acb1b726920f512ba138d6573f9f299b44ba91fa1f0fab5c6a574a039a0b04d3c9b4f54eb83a661e4de
- SSDEEP
  
  384:oNg2yZ3tDj/iHGbH7U7iNZHu2EF8i65iN0tXLDF6JfbivJzUh4H7JKJxUin:x2yDDj/qGbH7U7uZHu2E7dN0tXjhdHkn
Score

1^/10
behavioral23 behavioral24
- Target
  
  dituhui/maps/c4f8dbc03cdeabcec5912daeb0b10058/dituhui.swf
- Size
  
  895KB
- MD5
  
  40f27f33abaafcf1a00d9b962afb3ea9
- SHA1
  
  4d2eeaeb79000d0a9988d0593b96c497ce3820ca
- SHA256
  
  437e6e4a48b798fa0890b807ebb4ae6715bf6157a7ea7d68a81402a008fc2a6c
- SHA512
  
  ca5994f2305a68093ac443e936d32624328cd29b82fffa7db683c1fa9ff2a06cb13e30814e06bb4057279f98b51efab74dda8c8f1f1089f833a0e9c00a80c776
- SSDEEP
  
  24576:wpo7hVll0wjmMTxdRctaYsl4b2TymmZWVGvSE0rOHbRXpODX:w6lltxrKsCbTWVGvXHnO7
Score

3^/10
behavioral25 behavioral26
- Target
  
  dituhui/maps/c4f8dbc03cdeabcec5912daeb0b10058/index.html
- Size
  
  5KB
- MD5
  
  9c764082b2cdc45f8fd7ac741754f8c0
- SHA1
  
  32997ebb2841dd9b08f8a04c22da66e1440cef46
- SHA256
  
  f311ec0cd1064b0513007e0b0cee24715cd89d358076c4940ba461a179068801
- SHA512
  
  5f11ffedfb67af7eb8ef36d23fb1a8ad16e46075f9aeb54d9b6d08335606746014f0e08ea19a773724b55238530de44dca859219d8a1428ab3b0e6adf9027827
- SSDEEP
  
  96:SC9dXLTdzAd9XFBEtKnBwpLp+AKBjv2FHL:SC/Xfid9DEJt+H01L
Score

1^/10
behavioral27 behavioral28
- Target
  
  dituhui/maps/c4f8dbc03cdeabcec5912daeb0b10058/swfobject.js
- Size
  
  25KB
- MD5
  
  b9697feec5732af790e8ebe7e1203268
- SHA1
  
  06bca3cbc44ef36774ae8734867767cdebc5be80
- SHA256
  
  0d2feb3f93e3218ca3330bfaf1e91712cf1189723b58654a26e91697c05388ff
- SHA512
  
  4a59700e1aec26c7396578403a644c0760aa2c050ea48acb1b726920f512ba138d6573f9f299b44ba91fa1f0fab5c6a574a039a0b04d3c9b4f54eb83a661e4de
- SSDEEP
  
  384:oNg2yZ3tDj/iHGbH7U7iNZHu2EF8i65iN0tXLDF6JfbivJzUh4H7JKJxUin:x2yDDj/qGbH7U7uZHu2E7dN0tXjhdHkn
Score

1^/10
behavioral29 behavioral30
- Target
  
  dituhui/swfs/ZeroClipboard.swf
- Size
  
  1KB
- MD5
  
  9f4401cdc4405d0730362256b4c04cc0
- SHA1
  
  406ca1ec9595fd96424e6c8f3802bc898f080116
- SHA256
  
  fd10a7c583c9ee895180c4d03bcd9d57eea93a0f169a7149f1c3ad7ec8020676
- SHA512
  
  c93d78fe6bda092aec414fab5d54928b334ed65ab85be4b73fbfa88643031c8febf877d68c2bb1d99e0d4456028f260cc2d5a16eb9ea0c6596c0f64b2dc1245a
Score

3^/10
behavioral31 behavioral32

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

Sharing

General

Malware Config

Targets

Writes file to tmp directory

Writes file to tmp directory

MITRE ATT&CK Matrix ATT&CK v6

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32