5436b335e7bd94178d6ba6a9d3e1b0d1d65ac84a5d36410792dd808e9691aa9d | Triage

Sharing

General

Target

5436b335e7bd94178d6ba6a9d3e1b0d1d65ac84a5d36410792dd808e9691aa9d
Size

7.6MB
Sample

230818-eb4mqsfc52
MD5

39aab3a79e72523c8c259a751a3ff277
SHA1

a40b2c38a291b5046092cd27d8c8db35eafdf9a7
SHA256

5436b335e7bd94178d6ba6a9d3e1b0d1d65ac84a5d36410792dd808e9691aa9d
SHA512

068a6e4cc149b2918a53b99e6aedb97b4e8455052e56e85806cc9ccfff3285f65a8b08526e44628508831e22d744992082999191adefb66689d56c24e36d0d7d
SSDEEP

196608:RtL1Y+UdSVX5O67Qmnxy7lE968KGftHFjfl1gF8/NJ9BKoEH4N1QUe+e:Rx1Kk5MI58UD3gCz9BHEHoe+e

Score

10^/10

evasion trojan

Malware Config

Targets

- Target
  
  CKC210/KuaiShouCookie.exe
- Size
  
  5.0MB
- MD5
  
  75017ed5b2ce20e69a88a8d42b704551
- SHA1
  
  21b511d55f4cffc74d1e20cc0e48c471f0ddf8b5
- SHA256
  
  9d3b383b331b3d5dc2b6a73c881c88e18424fefd455f7bdb969971f910c14d10
- SHA512
  
  c1920bada242445027e68cc469c7070e7ccd6fecba36c32b86f9d94e751e5bf7812ece7141dbe76b7b573bd19dc8cd362a20a54274d61336ffce461882eeb046
- SSDEEP
  
  49152:sVcK+w5sMtIaflPXUnf+8uyqao5wSceGDktpPF7IbzPDWvRH0YIBt3c7xhTetB1G:GtVPEfgyq8YPSbzbWvRtIBt3dtR
Score

10^/10

evasion trojan
- UAC bypass
  evasion trojan
- Modifies Windows Firewall
  evasion
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  CKC210/localFliter.exe
- Size
  
  13.6MB
- MD5
  
  d21c3019c3ca68ecd4498137c4c50779
- SHA1
  
  8624eb874d5d91869201e5647b5d72dff89e0534
- SHA256
  
  34cf1474832c9b4473c0dd813cebebe87adecc5dc9f01708efa712a8bb90941b
- SHA512
  
  654525cbefdd55874f7fa6494b238c9f7c60d798379ec3b44ddac18c8607de023f3222986c450d6485d47e05e3daae82aa06939bc02f1713fb4bac8d08428b0e
- SSDEEP
  
  98304:dabROOj3NMvFd7FkFYp/RyzPz1QrmNAMKj0xYXPVg2VPkM+K6j3121:dwgO2vFjkFYp/GzXAMKjlXZkyY3121
Score

1^/10
behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Abuse Elevation Control Mechanism

Bypass User Account Control

Create or Modify System Process

Windows Service

Defense Evasion

Abuse Elevation Control Mechanism

Bypass User Account Control

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4