General
-
Target
邮箱升级补丁.exe
-
Size
532KB
-
Sample
230512-llcekace93
-
MD5
01edc3a3885e09d53064331159173217
-
SHA1
6dfbc89921b6f73aea6a71f367173dc284c2ab6d
-
SHA256
cc86d62510abdeea2b7162d0e1db859a6be677e3585099678f3d9d8683df81aa
-
SHA512
879e53c271dbcffd28ad0e227c9e2ed1cf6a4b3ad915a46ef5460b298415db64068d9001743965e9511e398040187f29ed8e0dbec94440547365876764bd64cc
-
SSDEEP
3072:QkvZbBLzNa6haoKpaagaNSTtu1xF0DN+ew3q6IL99pGU2PlwFaEFkVUX:QkvZbBLzNa6I5xNSYxuN+e7xSlQS+
Behavioral task
behavioral1
Sample
邮箱升级补丁.exe
Resource
win7-20230220-en
Malware Config
Targets
-
-
Target
邮箱升级补丁.exe
-
Size
532KB
-
MD5
01edc3a3885e09d53064331159173217
-
SHA1
6dfbc89921b6f73aea6a71f367173dc284c2ab6d
-
SHA256
cc86d62510abdeea2b7162d0e1db859a6be677e3585099678f3d9d8683df81aa
-
SHA512
879e53c271dbcffd28ad0e227c9e2ed1cf6a4b3ad915a46ef5460b298415db64068d9001743965e9511e398040187f29ed8e0dbec94440547365876764bd64cc
-
SSDEEP
3072:QkvZbBLzNa6haoKpaagaNSTtu1xF0DN+ew3q6IL99pGU2PlwFaEFkVUX:QkvZbBLzNa6I5xNSYxuN+e7xSlQS+
-
Detect Blackmoon payload
-
Gh0st RAT payload
-
Loads dropped DLL
-
Adds Run key to start application
-