050a3db985fe0180e985301a918783faea7dd720cb7259c597f1ef5a0dad325a | Triage

Sharing

General

Target

050a3db985fe0180e985301a918783faea7dd720cb7259c597f1ef5a0dad325a
Size

7.3MB
Sample

230819-rt11saag42
MD5

766010cc63264001098949a68bdbb1f6
SHA1

f579efc9bfc672d38df6845583327d2c8a347e28
SHA256

050a3db985fe0180e985301a918783faea7dd720cb7259c597f1ef5a0dad325a
SHA512

e4f40b6368a9ce06af1b0c577007103344e307db2bf7aaf09a86db285b962c2d42c8a84c66a8ba057668b90b288a29b3f97652eb884a127f044b0e01749e0729
SSDEEP

98304:GklZNmkeavXaWUPrDW306XkNLJiz1umPiG7ABe5hA5lCAbYNlt/hQdb6JqxCf98W:vgavX306XdwDG0BquEAbYNSdeJqU8X/e

Score

6^/10

Malware Config

Targets

- Target
  
  winthrusterpropj/HookDLL/H_Hayat_x32.dll
- Size
  
  15KB
- MD5
  
  fb6220758edfa39039e72a39ca14f66e
- SHA1
  
  d129c107e6eef34dc9ee45ead2a9266a9d9f5c0a
- SHA256
  
  567559749b615f54722897814baa4ab7e5c51caef0704805cc04aa1bc89f99eb
- SHA512
  
  d759b5692cfc5efdfdc167ee1747726a7082c71b43dccab650f8096fff9b2fcb2ac824f0c9353c0acfdcdbb83deef32696a0ae5fdd04a2ceb4047c659f315524
- SSDEEP
  
  384:gVeKO4bBl0324W1MeHwy3prDcquLaKUAqgT5TprWG:oeKO442X5DcquLaKU3gW
Score

6^/10
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2
- Target
  
  winthrusterpropj/HookDLL/winmm.dll
- Size
  
  1.8MB
- MD5
  
  f0de5fbb6bc4ccf4dc7fa75cefbde6ab
- SHA1
  
  1d31386e208a0d6ad5c3251985a5861e2c3e6ed2
- SHA256
  
  fb4e1856d5ed28ae0c98d14199409d18a0c7cddff887d0c53c77aabec95dd646
- SHA512
  
  bbe0613d0ae4d4854666b7fefe91e553d1f5562253c862307d931b9b330e693d24902a519ddcebf61ab90aa9eb388962f347203009f0c5a9cd171ebfd5a4cf48
- SSDEEP
  
  49152:70NFi1E6dgWippxQxQ6Mhxj0NFZt0z0UPbxFWk/J:70ZcncoS6vrE029P
Score

1^/10
behavioral3 behavioral4
- Target
  
  winthrusterpropj/Setup_WinThruster_2021.exe
- Size
  
  6.1MB
- MD5
  
  426fd133506f9bec04b326330e2b31a9
- SHA1
  
  973bbb18d2c2ae7a12812700ee5253e68802bc0f
- SHA256
  
  357f1b029541bda80fb1b5dc0c099069f32c93ac182a16219fb30d50229fd498
- SHA512
  
  158e1049285bc4fcbb1104b3b7f9facb84813bceb9b25c0fa3d144252227abd5deb9161a39ba13e65563a7d0e0b2d9a9a9c9f951a825a73f27d2eae2f19c1278
- SSDEEP
  
  98304:0SiSFxonB+Wh4y5C9etJ4PlsczYNz1bhkPf+lMF8PRGAlWDjzK4f:IExy89m2SczYNcPmlMcGNHN
Score

4^/10
behavioral5 behavioral6
- Target
  
  更多下载.html
- Size
  
  410B
- MD5
  
  7bb7ae902ffeb8c37fe00b88fe68c1e7
- SHA1
  
  c839f12d71b57aafbdbd7bca481e9438e8801579
- SHA256
  
  8d518dfe520c4464fe9fd28724ae8d9700ab0a6e5a648f9be8a85a526b095c87
- SHA512
  
  46ccd91f2d826b19b272c1440b5f8ef7c96261e0ed8cc40d064a0ddc547400e8c35831280999ab37fb7df2a525c8c88d1d5f3e36161b0b633249c7f226b66803
Score

1^/10
behavioral7 behavioral8

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8