95d60cd2c564773a198e9fd75b9584fb1ee8613e5a8664c3b419fcba629736b1 | Triage

Sharing

General

Target

0c325e2b4018d2f45f0de319d2783b20
Size

1.4MB
Sample

231230-dcm6psfddp
MD5

0c325e2b4018d2f45f0de319d2783b20
SHA1

64f9eb34e90cea01a2b0d6d5258f2a42894f0f97
SHA256

95d60cd2c564773a198e9fd75b9584fb1ee8613e5a8664c3b419fcba629736b1
SHA512

42d9513346bd20c651fc6ae46a5484858b4e40fb033d34d10d258b3f6b534377f124226fb3e4065b8dac3257ca94075d88142d1b971ff24d8c14cb6b24d72703
SSDEEP

24576:htg6I3xo0V42ijsQ1vx+rzyKqbiNDBCKncgxqgDhoBY1AC7Yj7SWbDNuKGdLOt3r:hS6cVjPQ1p+z/q8CKcezDhf1Aue7jpuw

Score

7^/10

Malware Config

Targets

- Target
  
  黑客风云全套抓鸡工具/1433.bat
- Size
  
  1KB
- MD5
  
  8bb50b97954e49897d35746fe4a70e99
- SHA1
  
  3ee42ada95d8e490472fe35b670495b1fad3043a
- SHA256
  
  900aafbff9329e46eea707a49170c4bff998a9741fcd37e0b438cffcb8f57f29
- SHA512
  
  48f64c49ea3a7b1910b9f4a62a7350d0f4b175c9b4e41bc12f6a2445faf45e9b4b4196ea846db07f77c1aa437d455617ad60914a389fc66c0aa6e87db3f1e516
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2
- Target
  
  黑客风云全套抓鸡工具/173绿色软件.url
- Size
  
  76B
- MD5
  
  d8e7092ff6f720432743d7e79e57faa0
- SHA1
  
  668e6f051a20be06f24bfea992405f139e1c6271
- SHA256
  
  1cf24d7a7e6b7a85fa438bec1f72a5ae48cce898b247ef7729713bd1237ac665
- SHA512
  
  be4fa5f9fc22304c37b2be577d7bae720692879c098150ea841c3be6160edaa5d31dd2e80fe3594883ac1f58774629bee7f0192dbb1fba068c5f3e082f476cfb
Score

1^/10
behavioral3 behavioral4
- Target
  
  黑客风云全套抓鸡工具/s.exe
- Size
  
  18KB
- MD5
  
  44683a6ef9d3aaeabb5995d0310192a4
- SHA1
  
  ae98699117be1f6e3065714ec821a8056eb25df1
- SHA256
  
  301aeb4a214edfe7a8bf531ecfb0a671e0f8682da58932fabd3e52fab764d574
- SHA512
  
  d7b1be79892b497fe4af48024d9ad9daf4809050758d47d046e7cd113d4b43ae41f6655b669af0229e11394f2a06520845b7d4cc6c8b6a946dda1bec2923fcc3
- SSDEEP
  
  384:f8q+3GqFVSbEmwGqDARZiYTH+EBVGG4aUhKhsdP:CfkbECqC7aamh7dP
Score

3^/10
behavioral5 behavioral6
- Target
  
  黑客风云全套抓鸡工具/vip.exe
- Size
  
  7KB
- MD5
  
  54fcfde88d27205eca93abd3a1bc8bff
- SHA1
  
  02e1157f3605bbb960bb435d8bb6d333ebd2acb8
- SHA256
  
  0e80af2679ad8cfab53851746a7e16bd9af168a594651c88860947d9f2344378
- SHA512
  
  956a187a90f23ebef6ef67ec5977fbd2c2fb50fc5459c1f0b071e8471c43eb279e22a6c1bafc553076821a875a404cebd8d2800641933ab6d9e50c2e59d536b8
- SSDEEP
  
  192:e8DMXfs9ft8vnBQxdJXCkmZsKUCy5c0mRv:PwftBQdCfUpa
Score

1^/10
behavioral7 behavioral8
- Target
  
  黑客风云全套抓鸡工具/黑客风云全套抓鸡工具（国庆版）.exe
- Size
  
  1.7MB
- MD5
  
  237a6d32fad2b9fe5d303a4b8f0c6a75
- SHA1
  
  ee5e6016d26f2d7ec9d96df2ddb154c52b4a96db
- SHA256
  
  db9f15f37064b074b861ccf8a8b6571ac44db16e24bcf2cf899885f74b5ea412
- SHA512
  
  9f5069d11f7dddc0e1c07087094b7e4367794527e3d28b1eb4f995aa3a6be4dcfb866972bb9dc4d3347827f2b57b44730c7199397abc32e3b4fa1419bcb689b0
- SSDEEP
  
  24576:Zh1M9wWpAUTkuzHgNZucH8SZWrMG+74v0yrAbKwXiQPYQFk0b4ono:ZhOeu8LucHfZWrMG+74v0Ywhnbk0bE
Score

1^/10
behavioral10 behavioral9

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10