Overview

overview

8

Static

static

T8830第�...��.url

windows7-x64

1

T8830第�...��.url

windows10-2004-x64

1

lpk.dll

windows7-x64

8

lpk.dll

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    257a77d33a7a712ae3ff0113ebd4061d78d27f7060e3bb9584aabe5f9c2746b7

  • Size

    4.7MB

  • Sample

    221128-d8mj2scc22

  • MD5

    2c4d9162467cc9c570f5963e5f9154cb

  • SHA1

    701016a4c712b1f4165ced6c375c1b498688a53e

  • SHA256

    257a77d33a7a712ae3ff0113ebd4061d78d27f7060e3bb9584aabe5f9c2746b7

  • SHA512

    00bd6af85e1a2adae5f12ea0c04a0613522731f8cd968a9f3db9f74f578b898a2f4902c2035685c2dd827feabe19c28885fcd07958148ef1608e0cadf68775ee

  • SSDEEP

    98304:3iIXv27hwSIRz1icV5iVEdRGE960nRMBYB+lJ8fzm0Mv3Rwxd+lpTq/qr:3p2O7Rz1icVHRt6hqsaK1RM+l1Ui

Score
8/10

Malware Config

Targets

    • Target

      T8830第三方Recovery/使用说明.url

    • Size

      78B

    • MD5

      3866e68dd93873ec09c201f9a3e6e3c2

    • SHA1

      0df6c9a0345c3ddaa32e2304f3853de93bb31ae3

    • SHA256

      2aa4de412e95043f262165a96166d04e21a93bbcbb3c31f395dabb57916b4573

    • SHA512

      d6e51215a662304c5c7599a307f0b6d2bdabf747472a8b11efb95c4685b36f16f12c7a5493bc3e6354b6d37951a0f303a79d691133b008f27dbe63c9e90fa067

    Score
    1/10
    behavioral1behavioral2

    • Target

      lpk.dll

    • Size

      85KB

    • MD5

      8f114be9125798a2e24ab55fafb09590

    • SHA1

      aa070d571279542fe8c06a16f06afe6945d28d6e

    • SHA256

      9a542bd4f4349030fcb8c557ce997be76a8f12c2bcf38a03dd918ff3f6c6a4e5

    • SHA512

      b8cdcca1c5f9ae7701eaef596ff629e9febd3e3929c05aba62602821f311fd4edce8924576ff07dc6ed7094a7992e60bc44bbf9f7b9289bed21c97a41587201d

    • SSDEEP

      1536:0O3H4UYT7knSEUHAC4H3Pt9tyHpO3H4UYn:RX4Uo7kSEdzXPtPyHsX4Uo

    Score
    8/10

    • Executes dropped EXE

    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

    behavioral3behavioral4

MITRE ATT&CK Enterprise v6

Tasks