General

  • Target

    b085248de872d99fedb0379c231a4b9163d7bc93327c92e00be414d0b9023816

  • Size

    13.9MB

  • Sample

    231206-h528jsce37

  • MD5

    3552515bdb2438fb8e15c65327a4da00

  • SHA1

    8ab0de4e0a4e958edb7bae1f02def56bd3d2a12c

  • SHA256

    b085248de872d99fedb0379c231a4b9163d7bc93327c92e00be414d0b9023816

  • SHA512

    78148e568391542c66fa0258a8f9ecb45da7da60411a261437bf775616483fcbb3eaa1c9f17c470c01efb584c49c0da8316f309db97eadc0360a1144a2c5ef5c

  • SSDEEP

    393216:loJJ6mgQGWfuPfO7xndYckzQypBeuPakgk2KRfPWe84KeKCv9t:lu6mnGW+O7B6cEMuibve84hzFt

Score
8/10

Malware Config

Targets

    • Target

      破天魔方/破天魔方免费辅助_95.exe

    • Size

      8.4MB

    • MD5

      69152aa5b0d695c19cbed21cd0b745a2

    • SHA1

      e369d1b77a9da8a5eabcfb0cf2f541c205ec2799

    • SHA256

      ed1f6a08d69fbf4232a5dc1fb6583a8466bacfee96dbe0baf5d80b6f2f128ada

    • SHA512

      f2a040900da00582450266fa93f64b05b30544ced7999709eea18721d6630dbea018a89f29c771f5565aad27052647fe04018563bcc4af2f15bc828c267b5a1e

    • SSDEEP

      196608:HEvxgQaycC7lFcyFm9IMH51UUz5jxy018jn:ANaghFTFyjzO018j

    Score
    8/10
    • Drops file in Drivers directory

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    • Target

      破天魔方/破天魔方免费辅助_鼠星.exe

    • Size

      8.4MB

    • MD5

      2e47a8e5029da99194d598a76b7acd8b

    • SHA1

      b0cd056c202832976eacc0010515d8d7ac7586ef

    • SHA256

      830ad5b71b788c9a82c3445379bfb4697703a96c269df69c552dce93afcaf8ca

    • SHA512

      650e3f230c52d7a4021fc20c9d99e51119db6d6333f230459b7737c9ac06ca4071c2f26d18695440a1cecdb7bea501c9375342a179ef302e26fc03519a01bd9b

    • SSDEEP

      196608:tjuvlB9ISZzOJrU0ZxnYQ5ZvxpZlschDuj8:AvlB93cIKi0vxrdDuj

    Score
    8/10
    • Drops file in Drivers directory

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks