General
-
Target
c9796e1f0f01e7a5b8cf935f7e7791a0404896b5b163d5e683466476a026674f
-
Size
2.0MB
-
Sample
230815-f69ynsah9v
-
MD5
7415b196485ef546cc820b6e712ecc87
-
SHA1
63883b4670d0a1d0a0d1909f9fbc553bda5b43b5
-
SHA256
c9796e1f0f01e7a5b8cf935f7e7791a0404896b5b163d5e683466476a026674f
-
SHA512
2fe69624187139d10db887fa420b705ccd01c4600bac5f17c7d5ba0a5f88b5c572d203283b2ee006c8e14c1735d663596cfaf41fa9332733c8c742a3753d3828
-
SSDEEP
49152:8LmrcalR0trlTCemikUugo8ttijutK8BTlp8nf4uuFbq9l/bh+y+qRCKDUQUO:8Lmrcg0trlTRv9uyfijuE8Bpp8nfvebM
Static task
static1
Behavioral task
behavioral1
Sample
2000xlsx.exe
Resource
win7-20230712-en
Behavioral task
behavioral2
Sample
2000xlsx.exe
Resource
win10v2004-20230703-en
Behavioral task
behavioral3
Sample
500.xls
Resource
win7-20230712-en
Behavioral task
behavioral4
Sample
500.xls
Resource
win10v2004-20230703-en
Behavioral task
behavioral5
Sample
800个.xlsx
Resource
win7-20230712-en
Behavioral task
behavioral6
Sample
800个.xlsx
Resource
win10v2004-20230703-en
Malware Config
Targets
-
-
Target
2000xlsx.exe
-
Size
2.3MB
-
MD5
efb770307d1ad984b1ce99d495955d33
-
SHA1
045043140c84837ee2eb60afeed3c32499ab5343
-
SHA256
64f12cbef2b73d7fd8cbcb9260c77d94db1761964031b1e9c78cacf7a3b6b666
-
SHA512
cca246cf661520082974be53dfd8263876dd343efa0999bc8ae5e268158a329e2b29e73a9429f83aaa603592f1de4fd7632be838b65e44447ed3e1d1961cbcad
-
SSDEEP
49152:Av4ZPcazR0Djlbk6YiiUSeyleOU0oYTxReVjGKCodEfDTQsvD/DX+y4onCYDoD5:HZPcK0DjlbfH1STlefqReVjGJodErTQ1
-
Gh0st RAT payload
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
-
-
Target
500.xls
-
Size
39KB
-
MD5
5c612525671c64c49e8eecf1ffc4b3fe
-
SHA1
2f30d4395ea2ad16e7a9f74bdb202b5e37b64532
-
SHA256
4d668686bd651cbff85549ccb2a301349ffa36f2167d254468a0bfc9d64943a5
-
SHA512
70180ef400920783dbf39f2985ca373cac11c9e79890d5b1600a2793aff473d039c0a631c7230e4e28fc3e6877d45290f4cb6b3be380e186495b513446bc1016
-
SSDEEP
768:VCCCkRQS4zTbQleoPE8KI0fXb/0T7Eusxu3EfeH8wmoNWBIeRw6x65:VCCCkRQS4zTbQleoPE8KI0fXba7EuqfQ
Score1/10 -
-
-
Target
800个.xlsx
-
Size
20KB
-
MD5
fc03c4c5d61b219794956b5690cf9731
-
SHA1
3e8aaf112c7c110424a15b1ccb7455d7e4f75be1
-
SHA256
648e715364b9792dc4b73cfd1113983bfd39b78077b13bd14d3ebbe5713c08b9
-
SHA512
dd6b9022f8d099377bf20a033b045e5b604c8815c8c8004eacdb7aefcc61cf2cb7bf705ca57eb91a7eabaabe7ee6cd8f0de2821d1b3d27879bd56cc72837aad6
-
SSDEEP
384:J8L6eit9kTCrYONMM0mPnvXo0RhYvwAv5PVPZykFO5KLAaWM/wbID:CL6eizkTC0OPXo0RhYvxPVPAkQPaWMow
Score1/10 -