Overview

overview

7

Static

static

3

GiF.exe

windows7-x64

7

GiF.exe

windows10-2004-x64

7

新云软件.url

windows7-x64

1

新云软件.url

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    58f08a07ae6623bce954808ba7f8494f

  • Size

    1.8MB

  • Sample

    240113-pxjjssbda8

  • MD5

    58f08a07ae6623bce954808ba7f8494f

  • SHA1

    14f7b6655f3d615019c4407771f3f825d2553cfd

  • SHA256

    bd9746682dd79bd6c0cae33d68baa998f7dc636c059637e6cecb4606d7f6f8f6

  • SHA512

    7c5417a7b7648a95faf2d045336434363baf3892d36fcd24e8f9932719c1880bb03fb696691c72ab718527bce9c0df5897af45a8b7bbfe15bb8fb75d58c00295

  • SSDEEP

    49152:9LHeRQQW2G4WGEOf2P9PxkHOnadLzV5t+sqEf8vxhx5zP2viTk/7xOl:9L+RnW2G4WGEOuP9xQOaVngLogxVzP2M

Score
7/10
persistence

Malware Config

Targets

    • Target

      GiF.exe

    • Size

      3.1MB

    • MD5

      46f57a9bb8636f0a1467c72eeb6b5eb6

    • SHA1

      c78f9c9b5daccb904f1d6d458dbfdd2b0f9d60bb

    • SHA256

      cbb4e6fee72b9d3c115c3fba3d2dce221874c8842b3b8af8d85a14e1dca46fc1

    • SHA512

      6af573033c674ad6fa26f2fe61b9853a3dd3afa40937503b1df25614210f9a2f32c835612f9b072381962cbc779f11829e559b23372ec46829506ea67a13889f

    • SSDEEP

      49152:zhguTy/bSqfmNlXd9SQ2qTYPFwX5PwOcmOue6eKfITUhTEnBgN+e+Vzzixa0Ba2O:OuUOMm7XbS1nJzT8aqj+

    Score
    7/10
    persistence

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

    • Target

      新云软件.url

    • Size

      133B

    • MD5

      4f0017b3b346bd0626f0c3b915e6e734

    • SHA1

      823bf3ff9e16cd636c9dc0dc690d6a586fcbfe92

    • SHA256

      df65af1fc1e09f6effbde7e0ef1cb64d6caeef1f62b0e6467821efa032533678

    • SHA512

      0f5eb5024cf6a0323f7998d419995a707c48de917a5899a185369e6acfeb17c09ffa03f7d110adc87b8de20b7d4bf30d50c72479bfb18614d2e21cbe169dc5a6

    Score
    1/10
    behavioral3behavioral4

MITRE ATT&CK Enterprise v15

Tasks