General
-
Target
2024税务总局关于企业和个人所得税新政策 .exe
-
Size
203KB
-
Sample
231124-n3c4jaad66
-
MD5
01059b0a810a040b435a9bd540880d09
-
SHA1
a17dfd4c1a248ec2ebbffb53f62aecba71f32de0
-
SHA256
5b1c60e43cf34f5c5894438362d52fd8280b0b4061d70d171ba2dae40d764d84
-
SHA512
1181d2929f9c75140beab13f54dd3518930420446d433112b52a99fbca15b091bce0eba5e80bacb5e37cd753a102ae869a254ea34b9678cf0de31b0fe0a82cbd
-
SSDEEP
3072:DE+COyprOTLLvfkgev+oHvE0bMzhHkFTeVxLsc7bZJMs0yDpDkvhxBh:DzQprOTLbkgONvZ4hHD3Z7kvV
Malware Config
Targets
-
-
Target
2024税务总局关于企业和个人所得税新政策 .exe
-
Size
203KB
-
MD5
01059b0a810a040b435a9bd540880d09
-
SHA1
a17dfd4c1a248ec2ebbffb53f62aecba71f32de0
-
SHA256
5b1c60e43cf34f5c5894438362d52fd8280b0b4061d70d171ba2dae40d764d84
-
SHA512
1181d2929f9c75140beab13f54dd3518930420446d433112b52a99fbca15b091bce0eba5e80bacb5e37cd753a102ae869a254ea34b9678cf0de31b0fe0a82cbd
-
SSDEEP
3072:DE+COyprOTLLvfkgev+oHvE0bMzhHkFTeVxLsc7bZJMs0yDpDkvhxBh:DzQprOTLbkgONvZ4hHD3Z7kvV
Score10/10-
UAC bypass
-
Downloads MZ/PE file
-
Modifies RDP port number used by Windows
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-