b111bd7914ddab09f3654bde60d0ea7bf0851dd01110787db4a43066b3b7c1ea | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b111bd7914ddab09f3654bde60d0ea7bf0851dd01110787db4a43066b3b7c1ea
Size

1.2MB
Sample

221127-smy4aaga75
MD5

2b2e1b584fb739ea7b7c0d7f5d202769
SHA1

fd63fde2cc91df89695f7d3f732ca20023ba6706
SHA256

b111bd7914ddab09f3654bde60d0ea7bf0851dd01110787db4a43066b3b7c1ea
SHA512

149b89b09796927443618dd4173878137621051902f1fb5add5f27c7c6c21ee11f66c57b2de41fc71a1fe84033efc1e4d99f9c8a4838ffa161050a8ffb651694
SSDEEP

24576:wCAjrxdWjCzuCrSWKNATzKeNdvxcUPObXGEVJQIWBTadm9E3j1/eWbGKjEsxGJ:wCAxQCzZKNATugdOUPOCErQIW939E3jS

Score

3^/10

Malware Config

Targets

- Target
  
  zlibwapi.dll
- Size
  
  70KB
- MD5
  
  5161648a3a88c31fbecb0fe59552e72c
- SHA1
  
  5d7579d722fa2ee311944b45a479feed81af1d67
- SHA256
  
  8de5668663eb929da6b36a42e458abbe9084ae955a09cd32593c307d91a25687
- SHA512
  
  42d1c202f948e2f20ac048d50b63a7dfe90b3ee441453708a5938646f3514b601de19c17f64dd35cbe615ff04f53701d8f4b86c702a1638290d1ee675b81b5dd
- SSDEEP
  
  1536:kCEAqaHdheGQ2tu2uOLewPnToIfrIOrIO+oCy:kPuPQCuoLLfTBfddPCy
Score

3^/10
behavioral1 behavioral2
- Target
  
  亿家QQ管家系列辅助自动更新update.exe
- Size
  
  727KB
- MD5
  
  5e04b03bb743af69939ebc0e0ef181ff
- SHA1
  
  33d18b1395354c3553bdb3fed86a885e1b8f32de
- SHA256
  
  9b73a7df0651120a74d61ab770c6add90c2d7cdc9ec0e260fca2070e83c06a99
- SHA512
  
  5e2dbf82149d396e8b982c4281224bb5cf96dc4295d2338568e3e270eb0f375108b8c95c0d77a560af2ac396b3d895a145cd156f8cd7ab578ad03d6b64c82ce1
- SSDEEP
  
  12288:bhn7ps1sXXMCj35knZU5r8Z/Ub9V2DGw1NATzSeNpznxo4aQToVc1Yy/:bh7e1sXcCz4CnsGSNATzSeNpDxohq1J/
Score

1^/10
behavioral3 behavioral4
- Target
  
  亿家qq论坛 51pc114.cn.url
- Size
  
  143B
- MD5
  
  a27f91b4da2d7979e43c4dc650a3ee57
- SHA1
  
  a9204df6266aab8ee3384537e39aaf954ba037a3
- SHA256
  
  39dd744fe12efadee8dfa5a01b595a0a753cb6901da9fb00b1c6f6a80e3c1146
- SHA512
  
  4a6c845915fe45dc9ed99b0ea3e3aa769f467ca740972cd9bf5406c8063eff7f22f2a1361a27a6552a92f3434719971686265db331a5b5a0c8568557846355ce
Score

1^/10
behavioral5 behavioral6
- Target
  
  海底管家.exe
- Size
  
  1.2MB
- MD5
  
  868d20657fa7049ba69223ed57bc66d9
- SHA1
  
  61bd5d98a21cd28c5be4ac8455563d50a2c0e2d6
- SHA256
  
  c4bdcc2f3394fc9af736f643edbc464d5f5188c7fd11d91d3763948dba661bc0
- SHA512
  
  e365115df1ea5cf04bff643d582e8dcb07a2adca0f6fc0c0ada6271963315efe6009fca245d630ed4d5191e5daa63580fe16a6515ed445bcb057034c00097a95
- SSDEEP
  
  24576:BnDQEgOzAHKRQJWtXFRrsAcjfszm1dnQ6xdnTTJCI0Ry:B2YrRrsHj9DQmdTTh
Score

1^/10
behavioral7 behavioral8

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8