3d4ed21206cca50faa9bc5d670d8aaaa99f70619fca1ede637f74a051456ede0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3d4ed21206cca50faa9bc5d670d8aaaa99f70619fca1ede637f74a051456ede0
Size

1.5MB
Sample

230826-p18m4aca7x
MD5

67709e488604c30f3b948c86550d1a36
SHA1

be66a13b2f3258c084ecc47c594ff657ee79b0c3
SHA256

3d4ed21206cca50faa9bc5d670d8aaaa99f70619fca1ede637f74a051456ede0
SHA512

15fa31d1e0762d3b9c7a76a060333a1898f7db831b2dc90faef93de53194391e4f23e101844710e490afccc4c97bf57e380124bb945700420e81d570ad4acba6
SSDEEP

24576:ErqE5uPyrsDLBizi96bu+H+jRqtc1NH6/W7xfhFWVi4ohbVSN+emPESjgi2hDjBo:EB5uPNtiiMufjHWW7xfhIUThgiiFa7

Score

7^/10

persistence upx

Malware Config

Targets

- Target
  
  可能是病毒的游戏/8.26有毒/APP1066/HypnoApp_Data/HypnoApp.exe
- Size
  
  635KB
- MD5
  
  f8603339ade9b29f1eae9cfb07446d4a
- SHA1
  
  a638ce4e832429108f596f0db4656c5a0d0663ae
- SHA256
  
  2af9a3a8f086712d515fc920b52f721ade3f0e14a0a18176232f2a4ebdc82ba5
- SHA512
  
  bb7c3819fc6bebc50898557660865ad8472386c61ab15d6e4c606fc3306beffdcd252c3af5ce19cb992fe67b8bf3c3c808793bc20543430fa8e4e1e1c0acad33
- SSDEEP
  
  6144:Y/7oYfSHQPWTUg4RbdNijJzfaGCjlbgWzAqKqzVz5MlrnjUFmiAbRpkr0zApgOiL:67qTUhWmsWzAqtx5Z1xtvT9e5D2u
Score

1^/10
behavioral1 behavioral2
- Target
  
  可能是病毒的游戏/8.26有毒/APP1066/HypnoApp_Data/HypnoApp_Data/Resources/HipsMain.exe
- Size
  
  574KB
- MD5
  
  a2d882f67ae7c42748a7cb3a2d0fdb2b
- SHA1
  
  057877d7a6cf85a6583dd8646957fda574a3b2c2
- SHA256
  
  a6319736190ee3d714a8849408e1a38cdb509bb051b7b682905530c74330e052
- SHA512
  
  60b2a0b9f0e11b0619fbe6db3c074a2bfad6325379bc0023eeb3c044374b96ec7dcfa79565decbfdc77b420aba6b0cc681bae5ea004272e981ca554a0a158533
- SSDEEP
  
  12288:ZoARTr35AM+w0E4PHimsjg96AATWzqYl8hpWg9/vla:9Vr35Av9E4vIAtTEpWgp
Score

7^/10

upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral3 behavioral4
- Target
  
  可能是病毒的游戏/8.26有毒/APP1066/HypnoApp_Data/UnityCrashHandler64.exe
- Size
  
  1.0MB
- MD5
  
  54a5676b730665aff13d18ba44f12f92
- SHA1
  
  160aec82ce0ef4def8f034115737d4cb075d55ab
- SHA256
  
  29abfd45a2b80c1bcd3dd412824f2fa42a8a7af3ee8110b546584cdd8f2ea6f4
- SHA512
  
  60719860bcea9168c019eb2d7cf7a26dfed81e8492cd6b5b298c3f0233f483359028f9b5b4058f09309da2427bb151c25199b62f9e7ba969aa42d5f20bb752ee
- SSDEEP
  
  12288:/zZxqFzFWXEtl0itbpwvegH3rMETGLZoGQ5xE/K:/zZxMzFWmltbpAHXwETGV+xcK
Score

1^/10
behavioral5 behavioral6
- Target
  
  可能是病毒的游戏/8.26有毒/APP1066/UnityCrashHandler64.exe
- Size
  
  1.0MB
- MD5
  
  54a5676b730665aff13d18ba44f12f92
- SHA1
  
  160aec82ce0ef4def8f034115737d4cb075d55ab
- SHA256
  
  29abfd45a2b80c1bcd3dd412824f2fa42a8a7af3ee8110b546584cdd8f2ea6f4
- SHA512
  
  60719860bcea9168c019eb2d7cf7a26dfed81e8492cd6b5b298c3f0233f483359028f9b5b4058f09309da2427bb151c25199b62f9e7ba969aa42d5f20bb752ee
- SSDEEP
  
  12288:/zZxqFzFWXEtl0itbpwvegH3rMETGLZoGQ5xE/K:/zZxMzFWmltbpAHXwETGV+xcK
Score

1^/10
behavioral7 behavioral8
- Target
  
  可能是病毒的游戏/8.26有毒/APP1066/开始游戏.exe
- Size
  
  353KB
- MD5
  
  132d7c8c6880dbb8e7cf18e7ed4a2a5c
- SHA1
  
  2e23f923f2724f8254daaaf059178278a1375fc6
- SHA256
  
  b6b86a7a3036cdad16309e9fef1e2532ac4602c02f154d246ae5f0e3cf614374
- SHA512
  
  36b719a0ed52f81e008f1faad11a521b1f407238a11483cfd80ee611840ad4e51b19e29f69cfed5e50f5b37b1c535737e1d10d9f171bbbc96960ebfa70f8def3
- SSDEEP
  
  6144:7BlkZvaF4NTBG8ZecxBLnOP1QVUjfcqyDxMXF:7oSWNToRrP1OUjfcqyDW
Score

7^/10

persistence upx
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Adds Run key to start application
  persistence
behavioral10 behavioral9

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10