9b34e45f8fde40bb40670a05a23753bd6f7cfdf2a03df5d3e3ca2324573a02ec | Triage

Sharing

General

Target

6bae044059ca735e6bf6a72f96f27e6e
Size

762KB
Sample

231222-fmjmdahfh5
MD5

6bae044059ca735e6bf6a72f96f27e6e
SHA1

bc9ab270c4083d609904b7e3384e969a2e239345
SHA256

9b34e45f8fde40bb40670a05a23753bd6f7cfdf2a03df5d3e3ca2324573a02ec
SHA512

94d1ae7071cf8842ce49b003034fd50318d9b7bcc13de13cf90e2e75c6a8cf313c9ba4043276e95c943f0c82d4aeba2048b2f6cfecb5d4201b63162ad0839b7b
SSDEEP

12288:P6aMDfjCnqBJ9BT4YPcjiSwOXr5KYcSLHATakSOa2UysQFO6dla95L38RQ41F:FnqVBTvPGFL9vcSLHsa2Uys76ra99sRZ

Score

7^/10

Malware Config

Targets

- Target
  
  使用说明.url
- Size
  
  113B
- MD5
  
  622822641b8ab1b7858fc50e4aa7aa72
- SHA1
  
  bb65d6fb3f964e259b6fb0fc791608af104f4ac9
- SHA256
  
  f8a39bce345631858cf61505f79dadbee5c03b8fc91eda59b4e3816a0bdac830
- SHA512
  
  5ca85cceaaa31a0414efafcea9446ec10aeb0e55edc26cdf29d104b46a5bf7142246dfb9cf328a32431df344f95f1d99d0553aabc014c059966bf0c620c9a9e3
Score

1^/10
behavioral1 behavioral2
- Target
  
  多任务网页刷新器/Arw.exe
- Size
  
  1.3MB
- MD5
  
  5e854e1ce186688af119877f823819a0
- SHA1
  
  807f09e581a26e55021e33d62e927cbabfe06dc0
- SHA256
  
  4c0a7c7d9383e06566320400bca03c10193dbed3d7f91abad4238fe85b6d50fb
- SHA512
  
  2bb86bf07e0e890be47936d9aff006563a912c88dc0f2cdf9ad5e124c1447e049010ec9d66e5861a77fa5e8e6b250d538cdd67f97772765f3c23eed114006c65
- SSDEEP
  
  24576:5jpK41cmvd9d5wquMq8i/PPMQKtpwRPsxJPzv5JuZ:5jwiuqHV+PPxywyxHJu
Score

1^/10
behavioral3 behavioral4
- Target
  
  多任务网页刷新器/ArwIE.exe
- Size
  
  554KB
- MD5
  
  402beae52cf4440fe9aeba43e2ccc9fe
- SHA1
  
  789f024f5f51206cb06fb3b075b6ef42519d6b7b
- SHA256
  
  edc364e7065bff329ae39140edacb27b504ccbc00c88ed9dfd198f205850b244
- SHA512
  
  51295b1a245a07b6feedab3b8caf9db82e62769648a01408a18894d6e37c1dca40f59be18a17c858c82e54fe66ee3a31bae36fcbfc6065d684fa60a76b42be77
- SSDEEP
  
  12288:WtM67njj+YnhYeSwvmdl4QURawzX004ueBxlIC:bujjnhYeisD9Faxl
Score

1^/10
behavioral5 behavioral6
- Target
  
  多任务网页刷新器/多任务网页定时刷新器 V3.0.lnk
- Size
  
  765B
- MD5
  
  74c6c65df8d1042fab4e0d8cfd8a83a6
- SHA1
  
  833703974d9764b29f577465d4bc7f5adb450769
- SHA256
  
  855e60d3299e1a417e2e9c2ec213fc35becdd966b3661c9538510779a506bd30
- SHA512
  
  2bd636f38611c1d0fbbaa9341f81f4e2c146a84d773b191b917a4cd40cdbe71e10cfabd9ec85e4ca1dc1fd77dfbfcb482d9691e802c225807c370123b3b76965
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral7 behavioral8
- Target
  
  软件E线下载.url
- Size
  
  113B
- MD5
  
  622822641b8ab1b7858fc50e4aa7aa72
- SHA1
  
  bb65d6fb3f964e259b6fb0fc791608af104f4ac9
- SHA256
  
  f8a39bce345631858cf61505f79dadbee5c03b8fc91eda59b4e3816a0bdac830
- SHA512
  
  5ca85cceaaa31a0414efafcea9446ec10aeb0e55edc26cdf29d104b46a5bf7142246dfb9cf328a32431df344f95f1d99d0553aabc014c059966bf0c620c9a9e3
Score

1^/10
behavioral10 behavioral9

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10