Overview

overview

3

Static

static

3

{34B742A1-...ge.lnk

windows7-x64

3

{34B742A1-...ge.lnk

windows10-2004-x64

3

{7824CDB5-...ge.lnk

windows7-x64

3

{7824CDB5-...ge.lnk

windows10-2004-x64

3

78m3shxO/S8cZgOvL.exe

windows7-x64

1

78m3shxO/S8cZgOvL.exe

windows10-2004-x64

1

78m3shxO/python27.dll

windows7-x64

1

78m3shxO/python27.dll

windows10-2004-x64

1

mORPUcZ4/m...ll.dll

windows7-x64

1

mORPUcZ4/m...ll.dll

windows10-2004-x64

1

mORPUcZ4/yJvR6csh.exe

windows7-x64

1

mORPUcZ4/yJvR6csh.exe

windows10-2004-x64

1

全国各�...31.exe

windows7-x64

1

全国各�...31.exe

windows10-2004-x64

1

国家税�...31.exe

windows7-x64

1

国家税�...31.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    b43baed296affb0e2559f2743fd9b9d3b5edfae8bdfa6863521ab9314675bf93

  • Size

    600KB

  • MD5

    9b4805f16fed7c5b7786ca1c17753a3f

  • SHA1

    9ff0ac0627c40208ce2a300371d3d8fe7b435db0

  • SHA256

    b43baed296affb0e2559f2743fd9b9d3b5edfae8bdfa6863521ab9314675bf93

  • SHA512

    14ac69ce8261996cd979e216912ce8be1c82d33c898d6c633912299932c0712d19627733ea626bccb8c99d962a925da7176c430c4c66b3f9f2d96061493938eb

  • SSDEEP

    12288:f5HcSq80Qi6sCERonmGzUa3yPUPaI7rQ4UmBNLfhyvVtOkL/+zyZmol:fySqLQZMrtOrHQvVYjzS

Score
3/10

Malware Config

Signatures

  • Unsigned PE 2 IoCs

    Checks for missing Authenticode signature.

Files

  • b43baed296affb0e2559f2743fd9b9d3b5edfae8bdfa6863521ab9314675bf93
    .zip
  • Local.zip
    .zip
  • {34B742A1-CD71-465c-A3E8-C0A155F3F0CB}/Windows_Edge.lnk
    .lnk
  • {7824CDB5-D84C-41d0-8DA2-A337F568813E}/Windows_Edge.lnk
    .lnk
  • ProgramData.zip
    .zip
  • 78m3shxO/S8cZgOvL.exe
    .exe windows:5 windows x64 arch:x64

    f8b7506fd959a298ea819871425c0e6e


    Code Sign

    Headers

    Imports

    Sections

  • 78m3shxO/python27.dll
    .dll windows:5 windows x64 arch:x64

    7b5dc56c68a7d612db831f83c11b5c4b


    Headers

    Imports

    Exports

    Sections

  • mORPUcZ4.zip
    .zip
  • mORPUcZ4/mhRCPlayer-dll.dll
    .dll windows:5 windows x64 arch:x64

    86572152788c632a4772fcf99fa008ec


    Headers

    Imports

    Exports

    Sections

  • mORPUcZ4/yJvR6csh.exe
    .exe windows:6 windows x64 arch:x64

    81a37a48eb09f7abc5aafc3dee49e770


    Code Sign

    Headers

    Imports

    Sections

  • 全国各地区基本工资调整公告4131.zip
    .zip
  • 全国各地区基本工资调整公告4131.exe
    .exe windows:5 windows x64 arch:x64

    7022f8553a6b176845c1e46eb6e65139


    Code Sign

    Headers

    Imports

    Sections

  • 国家税务总局年度税务稽查随机抽查结果名单公示4131.zip
    .zip
  • 国家税务总局年度税务稽查随机抽查结果名单公示4131.exe
    .exe windows:5 windows x64 arch:x64

    d723f5989598c08a026484b4c696d6cf


    Code Sign

    Headers

    Imports

    Sections