def4f0e2221314598f08b56d0fc35f169b2c67df22ce67d685fea66b374a6556

Sharing

Copy URL

Twitter E-mail

General

Target

056ce70ffb94b56a4adb7d2067d38763
Size

15.7MB
Sample

231229-1752bsfeb7
MD5

056ce70ffb94b56a4adb7d2067d38763
SHA1

ea07d46377677921cd717cadd2af64fb8a772d9a
SHA256

def4f0e2221314598f08b56d0fc35f169b2c67df22ce67d685fea66b374a6556
SHA512

c7f6259a6de5a6af460cf16f9087b169a2084990ed0af618b23560a3576d893efaad3a0586ea691205033e1537757276a95e2a72ac11765a5ac01ae15806e1ba
SSDEEP

393216:XiS1ai6iFI55hGkbAcsaOrKgU3/33g7zMZtC9Tuu9O:XitOFIfb/6FUPnATf9O

Score

3^/10

Malware Config

Targets

- Target
  
  Thunder/@绿化工具(VISTA-WIN7).exe
- Size
  
  2.4MB
- MD5
  
  c193f0810e472f468a0562f61ac42c30
- SHA1
  
  1e1dbb4c130614d8d140bcf5a1c5aa525105f97a
- SHA256
  
  37b8f757f605508692c00dd438a757301e2d75fb0a9d746883123bdf8ad45edc
- SHA512
  
  e822a5330bb40bf221b19db761489ab3245aecf8566005e0c8058ed2e0d9b1bdbbbcaadeb4089567e37720458f0fd05690aa7b945142a9bad7ecea80ef9de34e
- SSDEEP
  
  49152:W4Xps2u7PG7Tonawwn3xscdqXEi+JJF9S/8T/UGziRr/cIbdUMmlE:7S7eQ/me5qDCRzH5UMoE
Score

3^/10
behavioral1 behavioral2
- Target
  
  Thunder/@绿化工具(XP-2003).exe
- Size
  
  2.4MB
- MD5
  
  726826075ef0797931061352b5312abb
- SHA1
  
  20ff149cd240a90c4dcfc1184ba8275eb5ae3b2a
- SHA256
  
  af39c6bce74b314aed77aea0d7315da9a381a46121e70957db905dc390be39c2
- SHA512
  
  2799412ba748499086ee6f782f79d1bf6f7b7342958f724db4f3ec0c7459d246db3301c2ead403a9eed64ee6cd206284ca3d0fc7092ec4e7faf3ddd2d6cd1d89
- SSDEEP
  
  49152:WhMHtVRIdAh7O1x9I0FWaj3y+0eyTxaKuW+6ZdmULQd01nS1oF:1VRIi4rISWarRysU1mULQG9goF
Score

3^/10
behavioral3 behavioral4
- Target
  
  Thunder/ComDlls/BrowserHelp/ThunderComponent.dll
- Size
  
  77KB
- MD5
  
  79f3f971689b83163104e3e7835346da
- SHA1
  
  98a4f2396db6b6e28c561cee34e6b75b8aa43545
- SHA256
  
  e02fcbdc1d31fe3582668512c0447907cd0eaa63c37ef6ff8965ce5fb63aaefc
- SHA512
  
  444b9f70408e963619e0b807bcb2e0cb9d999ea290a81f1689d095a47b8b2a32d3b31c84a07a20408ef6b85453a5867283261a05dd77c297fa2299fd7451b655
- SSDEEP
  
  1536:4xt/Dsh84WlR64+O4vN7UPRhAElAG8KlACy8SqM:QshwU4+O4NUPRWElAMlA98JM
Score

1^/10
behavioral5 behavioral6
- Target
  
  Thunder/ComDlls/BrowserHelp/XLNonIESvr.exe
- Size
  
  93KB
- MD5
  
  bff90ce59b0eb5a66947f7bbc94d46d0
- SHA1
  
  3140b0ef0ee52117be898d5f74468043eeeaee23
- SHA256
  
  69ff9a717a5af5d8cd2316ccc9d1b14f3feea37e76c26b4b9f06ac81fd6e10fe
- SHA512
  
  69f4cc43e2400693f8ace73295b92575236c688db1876356ffe12728bb1ce13907a2f829056432cd9d05ae9086e7659419781d89e5a443ca99fe00c6cc8c5295
- SSDEEP
  
  1536:EFLKamZM2LIxQ2a5YfkjEPdCqSyYp6xdGBMwJJqKr6PDvA+28lvDm/eqy:EFLKfZM2YQn5Yfk4PxZtvGFf0Y+HlvSd
Score

1^/10
behavioral7 behavioral8
- Target
  
  content/download.js
- Size
  
  4KB
- MD5
  
  63dd6118f68fcac9553df9a62c4a0914
- SHA1
  
  7e6256fbdb2f0c705bd3c25cacd508ca07955a0b
- SHA256
  
  bc6e4e0b36561508f6fb59c490ddd323140d61dd6ce2a6c86f69d06ea2e1140e
- SHA512
  
  a71edd48394dd8017296a0b0c6243ff5be74953bf4c121dbdf4c311bb6bda71b210be72cf2fabb9ac30cc75bd25e8722755f911c100674b39c18569a7b91cfa5
- SSDEEP
  
  96:0a6B0kLpVEPXMOnbUoB/EPFJMOnb/ZCj1IqCxfcwAej:ZktVEPXMOnB5EPFJMOnYCxWej
Score

1^/10
behavioral10 behavioral9
- Target
  
  content/main.js
- Size
  
  6KB
- MD5
  
  56f1683b3627878399eb55aa8143175d
- SHA1
  
  98bbd502e9de524255094311ff428c2870a3d070
- SHA256
  
  64f6bb819e00a2d4341b8779b2390c36d6bc1120dd78ec9235592f583b1603f3
- SHA512
  
  2cf39dcde0e7d2ee61d85be39126f2aab702b5644259aaa9a9f4ccc8c84c702ff492be275454edf36e9dc36025805a431102fcb5e8ddb197eda828022650511c
- SSDEEP
  
  192:ZYOFfCdtOn7VIocoP73JXga2SiMAzmoFT6SiMAz6vFecDbV:3lPjJX5iMAzmoFTRiMAz6vFecDbV
Score

1^/10
behavioral11 behavioral12
- Target
  
  content/product.js
- Size
  
  575B
- MD5
  
  4ad6a989a636609a66484d1aa40cade2
- SHA1
  
  57f8a2cce92aea61b93509b6c5488e24d33a03ba
- SHA256
  
  40480c6c30d200bc4667395b2452062f404fb3de6b9eb22ccadbb45559b3ffdb
- SHA512
  
  4ec8aabc87b697f3369e13a114d17b0fd2e9a9acf0d551938b37115a334c4e96f409f9aecc1d83a30efd409db09c077bbda3c8dbddd3bc13635d8f1490fcb963
Score

1^/10
behavioral13 behavioral14
- Target
  
  content/public.js
- Size
  
  4KB
- MD5
  
  8f418ef9f9608bc85eeeda9a708e3b05
- SHA1
  
  7e67cb71c085a8780a442017ff99363f05d14c9f
- SHA256
  
  2eb92022b4bf81613c1e3b15a9ac25e296edb4b5bae84213c7ed8855dfcd44d1
- SHA512
  
  c9ebefe62e2ddfead2ee419fce98edb5dcac163e2790b0392d5304b30ba28cff43a597f80a4e58837903dac12e834b0d255bddd6d4635c3129b4ea90df37f7e8
- SSDEEP
  
  96:wyABv0XVTT7NCQUCO6Cp3zs6zse9pA+3sb3/Sy3skAJp6pUMCE:wydXRZpUY83zvfK+3+/Pis3
Score

1^/10
behavioral15 behavioral16
- Target
  
  Thunder/ComDlls/LinkSimulate.dll
- Size
  
  144KB
- MD5
  
  419886f607c1f8db0d3a34564cfa551a
- SHA1
  
  68defb5bcf408414cb88744cef38254a7d2f3a88
- SHA256
  
  4d9e630a1144cf44ac5f149dab5c83bf2d1090ba658b20dc85a0ed145fb385c8
- SHA512
  
  f2812528940ef539eee47997e5289cbf678505f0dd60aa85d156dae082b2f03458261da9b0e01d3291bd6ec801b39f5239f0836ab4ace0edb785708d5f07b1c8
- SSDEEP
  
  1536:/X15psBF0DScuvfkxDn0dcJoOc1sPKdJpkpzHYtd/wStRC5tnByL4G2tDI:/X1c4e7vfkhUcyOksCmLMdjts5tBVx
Score

1^/10
behavioral17 behavioral18
- Target
  
  Thunder/ComDlls/TDAtOnce.dll
- Size
  
  233KB
- MD5
  
  ac549002de2b438e24caaa7115358420
- SHA1
  
  a4056cc4d5cf189b928b00390eb9862ace8c3a57
- SHA256
  
  3a6f1895072b9bb80d4c93c98f94b9de7a19acc89c7a88941516f47421f731b3
- SHA512
  
  0ab7cab9ba210a85744229d7cbefc586600a051d44e7d7142f69934c2a342a2eb13db41984464d674dfe46a986448d2091e552b36e5546a12b58f78813947c41
- SSDEEP
  
  3072:vr/zlOMV/oYBHhkVtjXjNwXgVwVcPojmZmYKSQZKMn+fLOR6FVLbDLjXPL9jMXv2:D/zl1dlBkzfjicgjzP4r
Score

1^/10
behavioral19 behavioral20
- Target
  
  Thunder/ComDlls/ThunderAgent.dll
- Size
  
  65KB
- MD5
  
  2d686d63b1d9fe43bbd1d504fbd8bf41
- SHA1
  
  5a0320fb275d0fe91df141cde0b803d6271429a6
- SHA256
  
  8f2e2dd0f0e61d76d357905681dd56771640c14e8dcbb445eabdc58e4661cb02
- SHA512
  
  3d1ead5a67dbd46fb49b4ad8175f4bb93ce890d25eb7486ec8ff71c8498a0bb3524a2d9d19cbee20ba7246245933f347651fe1c204511bd00e360168221881e1
- SSDEEP
  
  768:uQE9PE//bA35yxq7gtSZQA1n4nzXX3W/0bdDsCbJqtKQVVWQiilSxgPLG:H/b8YtU11mzXnbdDBJxQPWQnlSxWq
Score

1^/10
behavioral21 behavioral22
- Target
  
  Thunder/ComDlls/XunLeiBHO.dll
- Size
  
  93KB
- MD5
  
  4c3e0c0ac6b7657b50d481f850c6285f
- SHA1
  
  5437dbea79687cd689e79773df180820108d624f
- SHA256
  
  0736b83d2849106ccfe28a7df5ecf3d8e1efc83878b7163078254956b458fb7a
- SHA512
  
  45d6b670744a17a71a72ceed25990ffcd2090df27a9d33b13eab2c258896d7a4f8ea33a1b4059b2826d57427d012658c74bcef5836dd585549f7bb47833d78af
- SSDEEP
  
  1536:8rsrdlf3WZbkBN+qZ3njt+AqJQ4Y2BV6gqcrJEuuVcI9ix1x2pR5Zq:rdl+l7qFJ+lY2BV/rJEuuJkx1xo0
Score

1^/10
behavioral23 behavioral24
- Target
  
  Thunder/Program/BaseIM.dll
- Size
  
  209KB
- MD5
  
  346ef364638b7a854ccb8f203b97ab81
- SHA1
  
  6dfc5ce8a4baeee507c30439702ebe2b68f3a24a
- SHA256
  
  3cb182403c60e42fae9e98c0cde52c9d38b524a5fdbbc195009aeb9db42421ce
- SHA512
  
  0a5829846053772c657e2b6c8fd54dd6e5ca0906b2f793478a1ca75bbf616f3f94254c4ed48251f95827484ea437486cd2fee800fa72cc9a6c443c1d5752e809
- SSDEEP
  
  3072:wQcQ262Ej6IvVrk4t12Lvw832xol170bgAboRF0eydHiLntdRSrZb/8QK:w3ieEpkoQoxo370ye7d8RSly
Score

1^/10
behavioral25 behavioral26
- Target
  
  Thunder/Program/BugReportU.dll
- Size
  
  65KB
- MD5
  
  753eccd625b83be8f228ce20a580d661
- SHA1
  
  c8fa563948f812ff8240eaf63dc316022a73fb75
- SHA256
  
  7067a0a9fa9f733bd2a78b461cfcf2d1a464e69e68398c71b075974663509423
- SHA512
  
  c0a4ac0d8a874d2fc7b25d649798c8b442c6625f991eb38a6ec0a05b2609a354410741f0d4ccdff17439a3659e400dce56258b5c7b77aba3f1a768e5b293f510
- SSDEEP
  
  1536:8j1YpvXiXSz1wKFo7Rv4frKJZA+52Lt5nRpq:61YpeSz1N+UrKJZ92Lt5a
Score

3^/10
behavioral27 behavioral28
- Target
  
  Thunder/Program/ConfigPane.dll
- Size
  
  261KB
- MD5
  
  5064015e8d17ebdce6e08218554a297c
- SHA1
  
  48ee6b15f4ae3396c362f1af015bfeb44210b96c
- SHA256
  
  b8a12195ba453bfc13bc80333d75d08d79ce24c47b814725488f64fb98770e01
- SHA512
  
  8bc1f5270be5c73c89befe58fea4a45fcf6577f476eb247897565d2e6c0bc6e9649d6c5ae084bd43bce80248460650df4c114ac3b270390f2a4fd98732efa2c8
- SSDEEP
  
  3072:mDPiAXA7EYOvOozFmlRdzT09aJsypT8VJSLGlZnYYZjdsqwmOH7YZbJ7EomDr+pz:mfSEYOrQlRdv09aJhVHFu17UwIW
Score

1^/10
behavioral29 behavioral30
- Target
  
  Thunder/Program/DllNewTask.dll
- Size
  
  481KB
- MD5
  
  76df37c492bf44f1f525a29657c582a0
- SHA1
  
  c7f5db29f225378ea34ac324c54422fad4293875
- SHA256
  
  3c88afda3b7bbe34ace1a6ecd6328f511777070c33f904d0990904c11b0566ce
- SHA512
  
  f9df003945a5f9aaa577c64ed869a1c160d3b8e6f5e6d0d3d3eaca1365a154b04d8bd3d6efcdfa9fb8f9dac89d829e6091024ac382424ec20bba026684e863e6
- SSDEEP
  
  6144:ELH2PAlCYdLwG9gTDdEhheJOwhFeUQxMkIriOrJCV+kO8Z98:ELH2PAlRdZg7JOwhFhwISVEQ98
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32