56921843b5aa3ca1c6c231ef1bee879a0c3d19f2e3ce5c8acab07151825f2bd3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1a9b721e53669edb7f8897b9e40f8bb8
Size

2.5MB
Sample

231230-q59lmaceaj
MD5

1a9b721e53669edb7f8897b9e40f8bb8
SHA1

a2ef2768720d06c8206576847101c7a11f8bfd23
SHA256

56921843b5aa3ca1c6c231ef1bee879a0c3d19f2e3ce5c8acab07151825f2bd3
SHA512

81c18bc66831d6ed354fe3c45b965548a6bbfe25179d71530cad319c0537196d9860a4b4501717edeeaa8dd38fd029c22167094941e3a63cae3b19fcbbce73f2
SSDEEP

49152:qQpjHMbrA+sSsVkyaVo5Z8GqH2TwJ3uxF9cUmmH28ZAa7dIkPAbbYJ:3HMb8dSsUUZ8llpScRm5bPAC

Score

7^/10

Malware Config

Targets

- Target
  
  gexgg_-10-502/通用的逐鹿中原登陆器配置器/服务端插件/yinling.dll
- Size
  
  733KB
- MD5
  
  c019a810708f59e00b91a2367d56de35
- SHA1
  
  37998b58ed2ad531b521614b9b29b63435e8686a
- SHA256
  
  0eb1cb13f03316c30a3f925d86abd16dd69a7643817aa80d4fb7746e1e7408c2
- SHA512
  
  7bbafb5d90115e0af2d5e50e24a29be0b10db37709ae746527807a8fee32b16316e9103e17e4a06947c78a0821ef1c123503f53ddfb5496a1cd5cfb4fd1c229b
- SSDEEP
  
  12288:9hebLtZ+a5h+ewHFNc4imkkfXgBkSKCxl/JXOtVDXHiWdt5w:vefnb+/s4P7fwqSKynOv1
Score

7^/10
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2
- Target
  
  gexgg_-10-502/通用的逐鹿中原登陆器配置器/逐鹿中原登陆器配置器.exe
- Size
  
  1.8MB
- MD5
  
  8b9177aa28ba0fefa918c8df1f1530d6
- SHA1
  
  ecd7da6e4dfb932a4db3493b431cdc785d2a103a
- SHA256
  
  919aa17c4f94063ee2abd4d98e77daef950af2d6f87a02c79a7e079531865f5e
- SHA512
  
  3b759763ae07eff2862494f1683dc68321aa4de9a55f98b1862d97e3c9b0cfbad6f33fcd19cd87dfd2fbf23a2fa32a0b5a6ad5c458b91d07da18cef2134890cd
- SSDEEP
  
  49152:AkWdZE52R2qzHNBYAouSF/jtTcm+/Drz4ghHatUWsjvkQHHRoTEd:xWUjcHTY5uSF/jxcmy4ghHatUWYvkCHD
Score

1^/10
behavioral3 behavioral4

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4