e8582220f161aef10bcba30369f4d9a3f2a53024b9cd4a5f9f9fecfb98ba8be2

Sharing

Copy URL

Twitter E-mail

General

Target

11d8f6ba19b65595203dfcaf39bd2a5c
Size

2.6MB
Sample

231230-h1v9fabef7
MD5

11d8f6ba19b65595203dfcaf39bd2a5c
SHA1

05cf2cb7eb70b996f4281826f17544d299439e8a
SHA256

e8582220f161aef10bcba30369f4d9a3f2a53024b9cd4a5f9f9fecfb98ba8be2
SHA512

dd382c9c4302d9d84f55911cde5fd8a96d7ccb0bf35e32c880179ce7cd431bd04eb749ec10770175b521ecc446843bcec398ffc2dd147b3a3876b71f8f7ad8e8
SSDEEP

49152:brxD69NJlJfeX8F01YLIZj7rOhICaZ1dOVhiDao2HfGhei6K/6il73SCtKJS:nxD69NbJpsKIZbOhng1dOVhiWV/GhpT5

Score

7^/10

upx

Malware Config

Targets

- Target
  
  WB主题,VS主题,精美壁纸,电脑美化技巧,美化软件,炫目登陆界面尽在稻草人美化.url
- Size
  
  156B
- MD5
  
  3bfd0ef7401c1b4340776a6bd44875ea
- SHA1
  
  2bdfda43a7975008501589839d072ab2b54fe7ab
- SHA256
  
  f52a0557a19abc59a9f0a6123002bf76ed80841236d7c1573ff8d6eaed3b0a1e
- SHA512
  
  8fa0760e1293ccecd9d8a082a185eb82993a14d1f3ab8d3f3fa87f650d43bc06fb50342adf70c8b0b69168ace86725b03aa9aca50208b114c224a80b37556a94
Score

1^/10
behavioral1 behavioral2
- Target
  
  WindowBlinds/Diamond/NS_Shellstyle1.UIFile
- Size
  
  8KB
- MD5
  
  6784b22ad0303de8ee5887af8a0cc056
- SHA1
  
  543a8c2666a15e680e52e4a2b488047818c0aa25
- SHA256
  
  eadb7aef346d6dcd8c0c13076add9a24ffcbab1438d598c22ea3777346d73299
- SHA512
  
  5e683f4b3140785f17d95c07cc91e93261711a9570436cca3ebec29d11ba9c394d4b1f9359adf302ecee08d0e6ef5dbb3918f9e7b62e7f2c05b49bcb85990d04
- SSDEEP
  
  96:VvgaVaIJG1UbLfFP9J7VMnKzsFzAGKB4OS7wFVOcDR1To1+JZAF/AG9OSSwrcE2A:VvgO5JG1uhl51ZxuTqogiuT8/
Score

1^/10
behavioral3 behavioral4
- Target
  
  WindowBlinds/Diamond/NS_Shellstyle2.UIFile
- Size
  
  5KB
- MD5
  
  094d852d42f1f76504ba2ea156eed7ad
- SHA1
  
  367c3e1bb3a02c199983163beeb767d405f9fc83
- SHA256
  
  437bff401f1e7c361b775f155d09f3a68c6cd963cdd7fbd5f86fb5cdd9c4cbe7
- SHA512
  
  21d76ccf4d2c0e470038fdf22bde84dd5da040204703bdcfd10b353ee3819d95961914d1e5344fe8ea9642cb647d59cde2a397ff536349d5f54d3460f06f6134
- SSDEEP
  
  96:AxuTg5Bo2CULXpopgH6dLWexLw3M45bFnptnVpeMWSe15lWGCRxQO9SBSM8MdCF5:AxuTqogiuf5bF/WQe1TexQBMRL
Score

1^/10
behavioral5 behavioral6
- Target
  
  WindowBlinds/WBCONFIG.EXE
- Size
  
  1.0MB
- MD5
  
  d80da4ab2b60bf04b26687a170fe964e
- SHA1
  
  3e1104a2f189d21ea51d94dc466caa1f662cd8a2
- SHA256
  
  38bde7ad0d8e36874266934dd2eba531cd20d5d27a581c6415e8ed117df17453
- SHA512
  
  74086b038ef77b52d0cc5dba982b966c3cf6cc86d7b6e139b587e91a743feb7462e6b771c91a32cb653392482914ff1245679e1b912e74657e47b8ac0b6a20a5
- SSDEEP
  
  12288:V454yRQ7C0M/OmfmomoZtlOw60dM7PJ8KQGZGve1LJGhzIHsozCdadZYr:C9KCHYomoZQ0SjJVxZGWNsozCYdi
Score

1^/10
behavioral7 behavioral8
- Target
  
  WindowBlinds/anim.dll
- Size
  
  27KB
- MD5
  
  4b9dfff37633f83e57c0d47c48d47415
- SHA1
  
  8e21411b7c72d76cd189e769221ee585ab56164e
- SHA256
  
  ed922a46f5c7d2346d93dcb42b0f66076dcc4d40a8d6cedcea2d19a867048171
- SHA512
  
  6d9f6c3cb4618d31a4a15a90e674ed8dd905fb98e6293aa28d8d87df8e8278649df0b90e2a2568c4fc2c7d517c323eaf24cb295a07b1e15f7c13ea8a73a5c8bb
- SSDEEP
  
  384:pocBdzctzL9TnYUqQbtQlM+EIZ9LqbVsQBrZzwIf:VBZKhnQ6lI/L4FwIf
Score

1^/10
behavioral10 behavioral9
- Target
  
  WindowBlinds/clock.dll
- Size
  
  7KB
- MD5
  
  55006ed14230a5d4c3c6a3f12522e9d2
- SHA1
  
  5682f96b5e1bc03b9a45a562a41b15c1ec401cfd
- SHA256
  
  e069b7969005fc16e197e1a61b42c01a3f356ccea8f2de208df0108997e22bb2
- SHA512
  
  f2bc54b1d3f532e2d67a75277ea061695554b0daa8ba75b415c10609a8c8eb34cd06b0f0e5ea7ad8124767eee2f21444610ad756feea614f6235629a4e50a9fd
- SSDEEP
  
  96:Z9JqRoyWNt702+UhQ8i3Bbhd1JgDa843nbjka:Z/qRoDNx0u68SBbrwDaTnbT
Score

1^/10
behavioral11 behavioral12
- Target
  
  WindowBlinds/core.dll
- Size
  
  309B
- MD5
  
  70714a9c324bc0e7075c2d54ef0c4e6b
- SHA1
  
  537c2df06036d9ab9b92a76925af2e42d665b35c
- SHA256
  
  1d0e78b93141337b7e6e637bf00f6ec04d7e4ef8cf4844270f2a35a1cf61b735
- SHA512
  
  8e494329341e2cc234caa110ada0079a55c6fddf48dae79365645dea1398ea642df3d7fa798cd7b941be87143adde87c500d014e145a783308c5ff06647cfd4e
Score

1^/10
behavioral13 behavioral14
- Target
  
  WindowBlinds/patch.exe
- Size
  
  36KB
- MD5
  
  31ca2744a3501cee069cc6179e44c057
- SHA1
  
  6eb3e2fbe56f06ed7389357cd31e8244af66cf05
- SHA256
  
  1134e33a50dc10b8f8a99d586f7075c586f0b8a8360cf393189a676c67521058
- SHA512
  
  e0d0c7b486f8e1a03d30cf72872ec61f0327772c723c7525c978260794cc30b431cb75e2af3884d35198688938e3d170692733a5239ae1a727e4d02171d5c28c
- SSDEEP
  
  768:NqGFvPjopUeWTcog4duXftugTzAicY1PCL:UGFvroyeWXg+uXBEiZKL
Score

7^/10

upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral15 behavioral16
- Target
  
  WindowBlinds/screen.exe
- Size
  
  228KB
- MD5
  
  e5d24769e601a8d8d23579e8222108d4
- SHA1
  
  6fa66b7852570774012b44d25b5d88258321e909
- SHA256
  
  d2092ebaf2875ab9d9539b4bbc1a688eae2b919a09a2060a6153cf2ad1079f60
- SHA512
  
  82c89f3dcc62d9d31b053a1ec35b9d3fbf920e1bd73d01e954a75a46b62eccdaa56bf5748e5cf9d2a371cae487fd1f34a7733e631066de6b61dfa7605868a82f
- SSDEEP
  
  3072:fir/c76bADCGUO7Z4b+kelpFl7dzM5kroBh6SgosPd:64WbquO7Z5Fl7pM56kh6SgosP
Score

1^/10
behavioral17 behavioral18
- Target
  
  WindowBlinds/smart.dll
- Size
  
  36KB
- MD5
  
  c904da5b9b2c5a3109a19c3253036857
- SHA1
  
  660a1072b3b7223f2dc39e8a76511ce0da7b89b3
- SHA256
  
  34a10a06eec4617bc2e8ce45b9798e93444f40aaca2d784a39764a7084537c21
- SHA512
  
  96ebd1973f0c4cfc0943a2539abd8bf692a5585de984ef61c20b2a8bb19fba28c994f79051acb33c7d99ea42fd0a7c32b0811dc088a8a4c060626f5d0c611089
- SSDEEP
  
  384:/tQtSH1WJETUqTha67WM8qLBc4cml8YnyDcdN6OM5KSKez0o:1Q64qT86yMxLSynH6R1Kez
Score

3^/10
behavioral19 behavioral20
- Target
  
  WindowBlinds/tray.dll
- Size
  
  37KB
- MD5
  
  767e5bd6c98a60757c6b1b49747b4a11
- SHA1
  
  48f6e8fc1b5a37661df35a6b23d3cc4f46475588
- SHA256
  
  c75adb8f22773a19adaf4ddabd63f0374b00b779540fed085118f9f4c51e95b4
- SHA512
  
  b24d82af5c081f7eb475c291e993bbe07d089bf8595b52d976eec514a3d396d2a98251b3193622eefe70a9bfd601d58ff42a6efc54e68fa22010dda13b527b2c
- SSDEEP
  
  384:OV+w0M9em9+HI7sdoFFjIR7pDrDDD7A7l76vWnNYwHiLV:yn9eMpaDrDDDWrn1HiLV
Score

1^/10
behavioral21 behavioral22
- Target
  
  WindowBlinds/txtscroll.dll
- Size
  
  6KB
- MD5
  
  8f73ef039d65226ba78c401ef53c9d36
- SHA1
  
  c09cf24174d5a416342a06f50ae386d0a492e413
- SHA256
  
  a2fe888bb3b561245af5391de7b06af62eb942cb6db2c233e8784d847faafb8f
- SHA512
  
  27d7b16ca9e7f2a86cff52783bfa9d6f6e5be5f52fed5506bc5fffb5ac2553026bad5fcbd4a5d856fdd5243748ded0a84ccbded1ecb084f4a2cb6e4b93f2104d
- SSDEEP
  
  96:2qgO4rVw3Aq2nkucN+xA4jsULSS8t18J3mTB1614RkL/Rs:2qgO4r02nxcCRgULSS8t1lTBZkL6
Score

1^/10
behavioral23 behavioral24
- Target
  
  WindowBlinds/unzip32.dll
- Size
  
  137KB
- MD5
  
  a9ef418674bb2412b0a541bac0c6b09d
- SHA1
  
  f9afd16abed066501d97ca3cb0128b25dea97ffb
- SHA256
  
  35c3adf79dcc6753f3bec3c63a39075990f48fd52041465fade0ad1e4a1aa051
- SHA512
  
  c716834c6e1e9e9d808b3db1798765cc2fd658706159a21d6baa89f1929e2e4803f0833602d2d4ce7235c96769dc0398bd61b7723ae75d1b497c18151a5d6c2a
- SSDEEP
  
  3072:nWCDE6d2WQZx11o9Fav4uJXOpAzPNfIUfWTVzjgVigTz:W6d2LjFzXOpAzFgdVzA
Score

3^/10
behavioral25 behavioral26
- Target
  
  WindowBlinds/wbdb.dll
- Size
  
  149KB
- MD5
  
  ecbb1a6f1384006b9e60fbebbb69ab8f
- SHA1
  
  5c2a0854b3a228ebe5f8fa0e87331a136a959420
- SHA256
  
  a4e044bbae2233592cabf3fdc0fea5d9d786ec4ff656a7cc411c0a191390eea6
- SHA512
  
  e0fad27bee4dafdebb11c7b805c4259f05af9e3944d5b9bcd8767246d87505b85a3fe22e37a8654799be250761e3c5c2a02775de2d5ab3e4e3a31ab6b1707a4d
- SSDEEP
  
  3072:Pt09EtZHvELVsgt9SMrpXrVcdTIjA4tp9y:PuutZHcLVs6rxrMIhW
Score

1^/10
behavioral27 behavioral28
- Target
  
  WindowBlinds/wbhelp.dll
- Size
  
  28KB
- MD5
  
  4f3909b0a61f32ccf85cacaceb8c6d04
- SHA1
  
  dcf28f563c85286056f44474d8d149b691509f0a
- SHA256
  
  7a06da54588f6d4d9352e8e5e07f35e7b62306a76bc33c4a336ce2c340d8e325
- SHA512
  
  8c2774ae938e16144b0aca8aa190563819941276e792394be03e9ea2ab8245c398f31c43701688d4eb9af744ccbdd3b3a4f0b7be46fa0855b784cbcf8b055112
- SSDEEP
  
  768:ejtEgEDBzRPCKK3ojh2sTZdUa4wfyixrl4:7gEDBztNK3oksTZdXfyix54
Score

1^/10
behavioral29 behavioral30
- Target
  
  WindowBlinds/wbinstall32.exe
- Size
  
  97KB
- MD5
  
  f96d39caa6b1db84d2879a8349183c23
- SHA1
  
  d84ed7353e19936ab4e3ed015baba8e2e79bb10e
- SHA256
  
  7260ca00ce6a7f8051968ad34051927339422f4c7fd77454ad35aa165f61ef72
- SHA512
  
  19274dd0b3776e82a76504daf327e084d8bc990da247b3d2b576e1a5868ee0256546ece8b711fef3c8cee636f08e54d2230666a1c5f2d35ad2bed5658cdb5623
- SSDEEP
  
  768:Z8qi7LkxK8zBeN/g+XPj/6XGYSF9hkmeYbzkPCG5aZU9qZU9en1HiLo:Z8qi7IxKuAR5XmXGYSFHk7Y8d5aprnIE
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

UPX packed file

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32