e6ff0b90662e2720c18345c30722ee6128c27dcc85acee4d8ee9c785b9bc44ff

Sharing

Copy URL

Twitter E-mail

General

Target

a1a55be885faa367a0cc23178b7a3040
Size

2.1MB
Sample

240224-mk8xtahh7w
MD5

a1a55be885faa367a0cc23178b7a3040
SHA1

fd954c4d9c64f09e4c572d7319263f3258671e78
SHA256

e6ff0b90662e2720c18345c30722ee6128c27dcc85acee4d8ee9c785b9bc44ff
SHA512

feafdc495d7bcee358c4755df520a3765d35eda860ffca4ab3853e19de982af99a2245e0a5b30462e174719f048943a79fab3204376845694b44a9b27cd2ba3f
SSDEEP

49152:ii8YFTyJbBt5V72djag5TRFYgtz/xUYgvZbk0uVoIE9fjk:Ol572dRJRFjp/+YgvG0uVoD97k

Score

7^/10

Malware Config

Targets

- Target
  
  Images/新云软件.url
- Size
  
  133B
- MD5
  
  4f0017b3b346bd0626f0c3b915e6e734
- SHA1
  
  823bf3ff9e16cd636c9dc0dc690d6a586fcbfe92
- SHA256
  
  df65af1fc1e09f6effbde7e0ef1cb64d6caeef1f62b0e6467821efa032533678
- SHA512
  
  0f5eb5024cf6a0323f7998d419995a707c48de917a5899a185369e6acfeb17c09ffa03f7d110adc87b8de20b7d4bf30d50c72479bfb18614d2e21cbe169dc5a6
Score

1^/10
behavioral1 behavioral2
- Target
  
  RkSrv.exe
- Size
  
  1.6MB
- MD5
  
  0018db3612226940c06d12dea767c9ab
- SHA1
  
  dcc5f86428edbc38716730de647647bd28f7cac6
- SHA256
  
  140c20bd67a0e4eed979ce22c855b80f171217cf0edf2c2875647cae7e2421d8
- SHA512
  
  b222b3df8c011132a3bf87e40261eaa9aa58e7a0d79faa087b75a5c3d92596cd6989b6883f001a77880e8ca9727837e75446a0683c4b2726a3720575d5639df4
- SSDEEP
  
  49152:uhlqm/a96hZ+marOl9+e0e5MAuVTs2CdgJQE7Szfj7oM9a6Qo6GTXU:u7qm1CmarOl98e5MXVTs2CWJXCfvoM9e
Score

3^/10
behavioral3 behavioral4
- Target
  
  hrk.dll
- Size
  
  1.6MB
- MD5
  
  8e3ebe121097210f1e630ed01436ddef
- SHA1
  
  f21c9b8be299bc136e07d5f127d59869d5ffacd0
- SHA256
  
  48a748acf18f8c01e0b1f39af47d49dcdf4762bf0de873bdb156eb2e5d7e24b2
- SHA512
  
  3de9c26d8c78d568e4a08dd1a0dfd69f579657d1895e3cb69e20e714d2d05bf7bb6c02bd24994da1257a4d8b3d08b226c30dd017849e986d329aa65b9b67221b
- SSDEEP
  
  49152:EAaEMaCRxowAQTVYACGdN3Vu9VP1QCgBzHAom2/O3DAKxVTvkBnJ:tMaCbowAyV6GdN349VP1QCgxHI2/O3Mn
Score

1^/10
behavioral5 behavioral6
- Target
  
  irk.dll
- Size
  
  32KB
- MD5
  
  6e1f66b487f1a8fc7d804f86c226b19d
- SHA1
  
  13ee1349f2535bb1f6c6dfa31e53bd7b6a336224
- SHA256
  
  05a6e3c6d1ce2a1554e01398f51b81b8b18fd8628d20cf04dc47595847508b01
- SHA512
  
  1feb237da33e765fc620ca30e5c56591e8c2ccfd2e815be5b40574c85b2611cbe9cea0be46867137712a15587c5e344dd0efb5378e768cf2157252bcc23b415e
- SSDEEP
  
  384:zB4aK3S3d0wL+9iQEkG+cHuKFT3phU8klbParh+lnu6EDHJRDarx1/NC7vyd1q/1:zM7inkLcOcNhD8LQGnTEDXDN7vyq1
Score

1^/10
behavioral7 behavioral8
- Target
  
  jpg.dll
- Size
  
  1.7MB
- MD5
  
  23d91f2e638117b63c617d9869570a08
- SHA1
  
  8b7ab94b72c62de02f6a37b73e823b696ecb86f6
- SHA256
  
  b53cd8dcf24ed6189a09a3e4f3fee22fd0f21fbff74cae538e717273de05a21c
- SHA512
  
  750d49a2b02ed2af79bcb0bba30acc289daf4d328dfbed3b05fd6af1c2974e7d57851987bbb7e084a3e9d04e02955a275a7c87c18a4338e0fdce59631291f88b
- SSDEEP
  
  49152:9GuReGXtSSI2kaVxg32/0cR13vLG4a6QQ9e6XtjvoWidc5MN60v0:9GuRrHI2kaVxh/71/LG4a6QV6Xhpyc5Y
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral10 behavioral9
- Target
  
  使用帮助.html
- Size
  
  8KB
- MD5
  
  70b9a1d209b3bf2536dc91c6accf3d13
- SHA1
  
  41aef6f617e7e6a8a9be30f9e55669909f9c4d46
- SHA256
  
  8757516fc55d7da58772fcafeb1bb33c25adcee0fbaebd0d74d3b53b74189d98
- SHA512
  
  1407d4651db36279699aa84a3678b4a9b4a187aad852b75764bf45d945e44856173d352fc40ba553aeb5e486c7fce395ce65218738d60f958f682f61a46d2b8b
- SSDEEP
  
  192:1iuQAI4XATSuDv9l3yH82LsjC4p32LVpKTiglFZ:1iuQl4XATSuD9l3qICs2LVEiglL
Score

1^/10
behavioral11 behavioral12
- Target
  
  键盘屏幕全能记录2010.exe
- Size
  
  1.8MB
- MD5
  
  7bb68d7b7f3eaf968af7e87afffbd81b
- SHA1
  
  74cc99ef7f5ab705c1976a1230afdef5ee116690
- SHA256
  
  f2713b3165f2b9adda758024f6989d644c07d8a68f3f3937dbbd3ccee99a6201
- SHA512
  
  9e3c91470dccc774a1fe1081898a0c64fd8bdfa9a2aa7ed45521fe5c3de16f90f01ddca235a43856b4a4b9759f819c9e9cfa73f6e628c07a0b178a62a35a5abd
- SSDEEP
  
  49152:wE1KaaNKWU1BHoUwSFEYVeQIRAia0j2/p1eziuWTZrKG/D54Xu2wkWDPwAdLAck8:wQn1poPSFEYxQW0j2/p1/uWTZrUe/kWB
Score

1^/10
behavioral13 behavioral14

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Checks computer location settings

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14