42eebae7c3a631b189e7cf4e837c4e2e29a00d1700ef3cb7a3171527d6116b65 | Triage

Submit
Reports

Overview

overview

8

Static

static

7

Adobe_Flas...V4.exe

windows7-x64

Adobe_Flas...V4.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

Target

Adobe_Flash_Player_一剑全清_V4.exe
Size

1.8MB
Sample

231229-k8yqmsgcf2
MD5

fb6f16d2ff1b606ed063e685a09c324b
SHA1

4c13302fe6d4fbea358d84e98351edc460c1891a
SHA256

42eebae7c3a631b189e7cf4e837c4e2e29a00d1700ef3cb7a3171527d6116b65
SHA512

5bb2752881173bbccd7db5215b2e06c86ea10dd4b221fd0835265d46c07e9c3316e2e07b7b15b54a69fafe4b8e7017a7091c98b21a9d2225edd2c5069fbab791
SSDEEP

49152:fUdIWWd8LXbYYdm3UuGxZu74lDaW5zYhKDn4wRxa4VMoXZe2y:fUdJ8A9omPuUBNzwYMoJW

Score

8^/10

evasion persistence upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

Adobe_Flash_Player_一剑全清_V4.exe

Resource

win7-20231215-en

evasion persistence upx

windows7-x64

16 signatures

150 seconds

Behavioral task

behavioral2

Sample

Adobe_Flash_Player_一剑全清_V4.exe

Resource

win10v2004-20231215-en

evasion persistence upx

windows10-2004-x64

23 signatures

150 seconds

Malware Config

Targets

- Target
  
  Adobe_Flash_Player_一剑全清_V4.exe
- Size
  
  1.8MB
- MD5
  
  fb6f16d2ff1b606ed063e685a09c324b
- SHA1
  
  4c13302fe6d4fbea358d84e98351edc460c1891a
- SHA256
  
  42eebae7c3a631b189e7cf4e837c4e2e29a00d1700ef3cb7a3171527d6116b65
- SHA512
  
  5bb2752881173bbccd7db5215b2e06c86ea10dd4b221fd0835265d46c07e9c3316e2e07b7b15b54a69fafe4b8e7017a7091c98b21a9d2225edd2c5069fbab791
- SSDEEP
  
  49152:fUdIWWd8LXbYYdm3UuGxZu74lDaW5zYhKDn4wRxa4VMoXZe2y:fUdJ8A9omPuUBNzwYMoJW
Score

8^/10

evasion persistence upx
- Modifies Installed Components in the registry
  persistence
- Stops running service(s)
  evasion
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- AutoIT Executable
  AutoIT scripts compiled to PE executables.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Create or Modify System Process

Windows Service

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Service Stop

Tasks

static1

behavioral1

evasionpersistenceupx

behavioral2

evasionpersistenceupx

© 2018-2025

Terms | Privacy