83c388c9e07889ff9989f4c404a8252053a99526d791059d8e11cece41f382d7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

83c388c9e07889ff9989f4c404a8252053a99526d791059d8e11cece41f382d7
Size

13.4MB
Sample

231104-nbc98aah85
MD5

8c1341f1c3c4305979903139ebcb092d
SHA1

a62e98714e3de8f850e5a67db8c64dc632573a33
SHA256

83c388c9e07889ff9989f4c404a8252053a99526d791059d8e11cece41f382d7
SHA512

3c2f345b940dc8f659ec194aecad3bc60cbcfe5fcf7ccbe3fc37a8614a3df8cff1454456c59e8b196ea296a40c92cd18afed77042bab785aff2a24862aa0af1e
SSDEEP

196608:MhzRbB/BHuttAcM9cXeKQGFEuzd4Ij0/+FkUIAY7DQpdWxqbvgMle2stuFBHI6e:MhzhBZO/AcMqwmyIVA97DSd/1gMhIT

Score

7^/10

Malware Config

Targets

- Target
  
  HTTP Debugger 9.10/Crack/keygen.exe
- Size
  
  5KB
- MD5
  
  ce7aff41b893a07cb610151d4f732002
- SHA1
  
  d5655dcc3b292b12980fabe71bf9653b68ce17c4
- SHA256
  
  0b182848cc93a7b90e26a0d1846a1d4639f0116ea13bbe90c5c7b239895fb18f
- SHA512
  
  c07009e1f9bae9cbc8a4309ca49eb171b0f2633459c1eb59734927cbeadd4af49fae639051cdf5f55c9813bd12c139c55a2c6e890f2b1fd97173914d3b320943
- SSDEEP
  
  48:68Dcn5z+lGiXNevej5LRApI8V6FX96tRBDWXU/bin7+7BW:tAn5z+l5NGej4D6FX967Mk/eC7B
Score

1^/10
behavioral1 behavioral2
- Target
  
  HTTP Debugger 9.10/HTTPDebuggerPro.msi
- Size
  
  10.3MB
- MD5
  
  f2877e684b78d8ce0606a5560bc4a6d6
- SHA1
  
  3962aea5eebff7a1be8321b6d4feef64ae578b82
- SHA256
  
  d8965c3ee41afdd1107406e5bff609408c2979231618ebf64cf6c90266150a29
- SHA512
  
  bc76d08b433bfc099295c195e65fad27964b641de74279e37b147f8be469313ed54e3bde62109e7c6fae4683974292e9de5d75d816abe2f06ab1bd93cd9b7101
- SSDEEP
  
  196608:4DjKEDfNxRiRQEMyyPxHFY3So/vkYduV0m4W4wET9yZ9p2L8zB:4DjKCf7kWEMyyjCcYu25T9s9MK
Score

7^/10
- Loads dropped DLL
- Blocklisted process makes network request
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral3 behavioral4
- Target
  
  HTTP Debugger 9.10/汉化补丁/HTTPDebuggerUI.exe
- Size
  
  8.0MB
- MD5
  
  950844b172c23916cb3cb250c136dacd
- SHA1
  
  186cadfb6f694eca2a9fd96cd156276dfab7d6e4
- SHA256
  
  99e1c96b24574a0e6eed7805a73ca5ddcce448939e90f47ad98aecfbc7b16d46
- SHA512
  
  80c0ea228c68f4ddcbb9af979bff593486dcf9b9289cbe072ebed5dca9021671e6461a0934698f3f0837ea038143572ca18fa188c1f2bd2310c858331cdb0e40
- SSDEEP
  
  98304:p8EpwCvw2Csv+ydOvrv6uRVhCdj9h8g1PsOfkb1pT9K9VS4soGFUIGO8T+6owOwC:pFHvw2r+p6KhW86sOfkb17toGFUU68
Score

1^/10
behavioral5 behavioral6
- Target
  
  六六工具箱.url
- Size
  
  115B
- MD5
  
  2cab10f9b44da30b99be74aec0f12eeb
- SHA1
  
  2ad2aede2c40da6ecd9a00d625b7a4ac5e7e38bc
- SHA256
  
  b524169f50f97b64a0face2766234d90951d388cf34c04f24a57feed95414988
- SHA512
  
  e0a4725378543b0764b607f0f2c43bfe3fd6c4f1fb76fd3fb5474febda3840a7f6bc480a5971b28d31558a04059ddb4e770192c3bdcd857d663c0a5f0f6e0aba
Score

1^/10
behavioral7 behavioral8

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8