General
-
Target
9c13434d707e9941405c5487f30faa6e
-
Size
2.9MB
-
Sample
240214-tbqhfafg63
-
MD5
9c13434d707e9941405c5487f30faa6e
-
SHA1
8a2e90def4fd3b1469d86ba5d65026c2970af439
-
SHA256
20c5eaf7e431931ddbe3f49e7fc2d03fd4b8fd77c3adf3bb542c660b8eb2ee00
-
SHA512
ca93cd208a01458b7a47c521cfd016ffb5d2ca2eee058077c3100ee6a023855048edfe894738b16e7860f1f40b896bcf5f384994bfeeaee1dc9b924351ec44d2
-
SSDEEP
49152:poX8Ki2B7LvE1e2P3jQsh6++nZQWN5loWzfLU71+5O2PPMV94f4bbHkh8:pvx2BPhi3jQb+tH71+5O2HoI4boh8
Malware Config
Targets
-
-
Target
东方微点主动防御软件辅助工具V1.4.exe
-
Size
2.5MB
-
MD5
4e8aaae02d90d4e8179a563e9f5d2967
-
SHA1
f6efd0d7c97b3e7ba8b8b972ef2c635a8ef48761
-
SHA256
2953b50f211299fadbb4d57b6845e8a9b2c33588d5536164ea3fd34cdc29f378
-
SHA512
17a0641f7ed12302d121835ee19a1040f510ad5fd2a0f8b16850ed15f9810b0cba8edfe0fa2f3dbffbe7a93f31a303303d21ab246acaaf1ce6caf4b02221e8e2
-
SSDEEP
49152:3N5OXaDWtiB2KVElnhIJqvlzYU3RyVhJvOxclS0aDu5QYo:9JugVEln9zZcJvOxb0Uu+Y
Score7/10-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
-
-
Target
运行库.exe
-
Size
620KB
-
MD5
ac9b896c75e7608271852cfafa25e9db
-
SHA1
f46185b8c69b20625c3fab265c4759116a600093
-
SHA256
e13fbd06674fa6552147ee7c226d4d6f0066b21c3dd83d5f623490c3edf3348d
-
SHA512
28f8dbc9235eafaef00f7f4c145f5ed6dc9d4bc0971d67316c565a97228baab32104fe45a0e3502316d19adaa7b2fb5914f467b646c95049f1aa9ef4b80cc84d
-
SSDEEP
12288:5zE91hovxPz5zYBvrSfR7FWd8WhUdzJlW551BUfR+VHMEFAN1MM59:5ze10P5YBWfR7Fy81zlW5DMcrqMMn
Score7/10-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Loads dropped DLL
-
Drops file in System32 directory
-