61238709fc9ffce58efe7d3cff8fc2495d18682472144f7b4a0f38695c04b34d | Triage

Submit
Reports

Overview

overview

8

Static

static

7

CrazyListe....4.exe

windows7-x64

7

CrazyListe....4.exe

windows10-2004-x64

7

Spchapi.exe

windows7-x64

8

Spchapi.exe

windows10-2004-x64

8

新云软件.url

windows7-x64

1

新云软件.url

windows10-2004-x64

1

Sharing

General

Target

67adf7b30c570751f3d3f3737b5d1fb7
Size

1.3MB
Sample

240119-p7fkwsfac8
MD5

67adf7b30c570751f3d3f3737b5d1fb7
SHA1

e15a2a019e50e230e0dd93de5e686e63d6045447
SHA256

61238709fc9ffce58efe7d3cff8fc2495d18682472144f7b4a0f38695c04b34d
SHA512

c3d62cf56322065bf2fd96fd1446cbf482bd8fa63cab5fff8717fd0345a28fbb928f2c1931fdcdeb6d0ccbc668b6a5fbb0726f0d32f2052ea3a54a21caed3d6d
SSDEEP

24576:VZzTStc+a1+NDtaKIB+07+QVE7FFrr+Zwo5NydJzG2WGTrnAWD:VZHStM1+nIB+07+WQFF3+Wmv2rrAWD

Score

8^/10

persistence upx

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

CrazyListen1.0.3.4.exe

Resource

win7-20231215-en

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

CrazyListen1.0.3.4.exe

Resource

win10v2004-20231215-en

windows10-2004-x64

6 signatures

150 seconds

Behavioral task

behavioral3

Sample

Spchapi.exe

Resource

win7-20231129-en

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral4

Sample

Spchapi.exe

Resource

win10v2004-20231215-en

windows10-2004-x64

5 signatures

150 seconds

Behavioral task

behavioral5

Sample

新云软件.url

Resource

win7-20231215-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral6

Sample

新云软件.url

Resource

win10v2004-20231215-en

windows10-2004-x64

0 signatures

150 seconds

Malware Config

Targets

- Target
  
  CrazyListen1.0.3.4.exe
- Size
  
  425KB
- MD5
  
  c17b0fe8d9de5a26951a6fb112363318
- SHA1
  
  4eabbdffc66058eb93e358274e251ba17511450a
- SHA256
  
  7f0c9895208c26750ebe43dcfa7631b3bf9d8a4d6c4cd1da839c711e41372308
- SHA512
  
  8be5b28e82aad1ff1e75f83b2a99cae6f7d9208ea7f92bbf867b7b41d9e146998e72f083907c7e2f9dd479ab53c93a1af93e72970bfc07f7fd91beb9cad26343
- SSDEEP
  
  12288:sjkArEN249AyE/rbaMct4bO2/HA2oGFBtsWn:fFE//Tct4bOsHA2oUBeWn
Score

7^/10

upx
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- AutoIT Executable
  AutoIT scripts compiled to PE executables.
behavioral1 behavioral2
- Target
  
  Spchapi.exe
- Size
  
  824KB
- MD5
  
  d421da9b6a100bf58c7c6d585c73ed4c
- SHA1
  
  79521256aab1fc5d01a661ed0cdff45a88ab2ace
- SHA256
  
  8955ee03217bc2539e2f80e58f51d30aa97e7512d96592f098133c8036e363dd
- SHA512
  
  ca0b75d1a07b125cf3b774483e098a9095d18ee8c1a277a2ff6aeeeef1e1d74a5e55855dbf7f13cc96a82423203ea86336372d48d483dc600d3ead38fe746c60
- SSDEEP
  
  12288:Kz/V2AMT1VXCE92eGFj+oOR98ikw/o1FXDoOci+kyYo3gJqr0KHemtRH/d+w2NHf:Kz3yVyEQFIiwQYiBLU0Kt1p2lRIWT
Score

8^/10

persistence
- Modifies Installed Components in the registry
  persistence
- Loads dropped DLL
behavioral3 behavioral4
- Target
  
  新云软件.url
- Size
  
  133B
- MD5
  
  4f0017b3b346bd0626f0c3b915e6e734
- SHA1
  
  823bf3ff9e16cd636c9dc0dc690d6a586fcbfe92
- SHA256
  
  df65af1fc1e09f6effbde7e0ef1cb64d6caeef1f62b0e6467821efa032533678
- SHA512
  
  0f5eb5024cf6a0323f7998d419995a707c48de917a5899a185369e6acfeb17c09ffa03f7d110adc87b8de20b7d4bf30d50c72479bfb18614d2e21cbe169dc5a6
Score

1^/10
behavioral5 behavioral6

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

© 2018-2024

Terms | Privacy