General

  • Target

    b4d26e59fe61962bd16782c4378d27b8

  • Size

    4.9MB

  • Sample

    240305-qt23eagh44

  • MD5

    b4d26e59fe61962bd16782c4378d27b8

  • SHA1

    e51396be4c908ea95ed4d3ccc82702d4d023fe43

  • SHA256

    47aa3999ec19c5d5da2f43783acdcd43cc12decbb4a89870d5d9e8651e4b4982

  • SHA512

    98890ed2229691fa7bc29a3ddde3e7656b3df01c48520719e43096bbe60ddc729956c3126a3cfd7706cf4ae8a42f15f3836d841a6e160b9eae4b3f7890cb4945

  • SSDEEP

    98304:0NCWcPNMSqJ1Zp341m755NQU1149qz/6ejeIwU7gpuvCh2q/m8q:Wq2SqvZA6vJ18q764BwU7sntmL

Score
7/10

Malware Config

Targets

    • Target

      MirServer/DBServer/DBServer.exe

    • Size

      382KB

    • MD5

      d7a8eec0e18be329c93bd2095f0df1f7

    • SHA1

      f2b90bd2c0013ee4a518ad130bc481606dd9e3f1

    • SHA256

      3cce2cb4ff76b4ff4362699003fde1375e82a05932794ba09f0809f287128922

    • SHA512

      8719727a47803c95df24095aa7cd9c8af19223d6d59490117cc589c62ead8663583a35535bc7e8ea92dca40feba7c95958be7cf539319ed827564ebe8291a871

    • SSDEEP

      6144:YFM/VTFE7hlI9yNgX8fIlEIS2qVUDA6rGafN8mscrEe0PyIEVqmQ5iJCJt6U3pRG:CMVe7hlM5lEZ6AhId0PtmGKe7p0q

    Score
    1/10
    • Target

      MirServer/GameCenter.exe

    • Size

      267KB

    • MD5

      935ed40f01658ce10baef215912a3422

    • SHA1

      43042f9bd9586e3a0c41a6370c1cefbf198168fa

    • SHA256

      eb81deb3a6676cb16d3f3520989b2fff5bcdd5a73dc145e42d4113fc1056c2ba

    • SHA512

      a42feee8dad0801b84e481deaf57a11b476cc6f7d785860726211161c17e1e4033ae3017d9c562a58ed5885ad583c4ffe346bc19e9408d99fa8a641c00f6fd9c

    • SSDEEP

      6144:YcERY7dT6CLL6jbX7f6OJbYLIQDeXZWifmjzo5:6mJeCLLEzjbYLzeJJfmzo

    Score
    1/10
    • Target

      MirServer/LogServer/LogDataServer.exe

    • Size

      1002KB

    • MD5

      01d8cfd1c73c1c991a2dfbbb9d871f13

    • SHA1

      4fde81699d40b761b6d194912d23e0af89d9be5c

    • SHA256

      b92ab6838cea8b03b78d11505db50bd233274b08884c9b436f42afbee39fa1cd

    • SHA512

      999e3d92823a5a76e7143852786fae000d297b0faf32b8b96c61e34eecef5771bf2130e224ca43afb3293dc6ffde2f967efb1c0a899d3fdc6fa631d2b681bdd4

    • SSDEEP

      24576:NGFDvix3x3XsWiiQ4q78+Q+66qC2Ze3XKGQR1oXv3:NAm3x3XsWi/hIA66qY3XK2v3

    Score
    7/10
    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Target

      MirServer/LoginGate/IpList.txt

    • Size

      1KB

    • MD5

      91bc11e38fa304036d20b36614bc80ea

    • SHA1

      3b380ed8415f11eaf4b27aa263a0eb02c1db6d46

    • SHA256

      8e7884e28fad3f71d2c6d939ab6c50b27553d1bed23e1fa117f999561d74a281

    • SHA512

      cd865b2dac1a249534f1ec86db18a9810e7fca97db8d84f3c1e93226b0a16074ce620fab9400278127e50dbf9b70a0d38e06e0b33d92bb97b1873597d41a20a0

    Score
    1/10
    • Target

      MirServer/LoginGate/LoginGate.exe

    • Size

      212KB

    • MD5

      700f370afb01ec1e2d5be6d92ca30dcf

    • SHA1

      2366dada79cf49b1802962d387107637099ff3f9

    • SHA256

      30aaa1a59c1b295e26fcff124e5b8474458d6c972de4f36982105ca37f63a0d0

    • SHA512

      e61c8a08089d25b4ff2bf46e4c0c6df0c1992d7158cf5bc9212adb096daec0f6edc2669d5a5678be86b6e42581b03521a64d9347ef5fb54066220ccddcfb7ad9

    • SSDEEP

      3072:G7v5I31Wr7Rm2pfna1vES43tkM3wQPyfrdHDOilQAM0csASL5Nqg3JnIZ:G9g1WrkRES4Z3wJxDJqh0cs3UIN

    Score
    1/10
    • Target

      MirServer/LoginSrv/LoginSrv.exe

    • Size

      246KB

    • MD5

      7f5de1ca3a879695e175b4e4261eb5f4

    • SHA1

      90f89b980c62e8de88fd4a880ede6117981b8139

    • SHA256

      92c6dfa26a49ba334778a928b6f0a39b46d123a87a47e6f713d82b9d14f139f8

    • SHA512

      febdebc98eb9c0d08a6c59fb7fce48e47dbb8a348203f2ead5f27d19deaf1e1bd337adce68a127bfb5bf322847b70351c65e82669ee4bc3fdf6211faf9154485

    • SSDEEP

      6144:3CnpCPZNM9ouEX6zWiUvt61g+C88XQ5SGA+:3CV9BEqzZUvtL+rX5S3

    Score
    1/10
    • Target

      MirServer/Mir200/Envir/QuestDiary/16sky.com/牛牛/MSCOMCTL.OCX

    • Size

      1.0MB

    • MD5

      f7bbb7d79adb9e3adc13f3b3c33d3d4d

    • SHA1

      cacb4b31d22419e6a9ddbffcf61ae42da0d5fb8a

    • SHA256

      18a83d7a420a17fcb6f56eb3ba5362c975d32e5ded7553c6fd407f07bdb7b006

    • SHA512

      4870ddbdf283d7f7f64d3f4bf556600a78804f6a94fc2ca7eb778e85d70b6d2d017aa35cbddf773b6a1b6d9a2813cd67fe54ede7859050a254a3e3c05616ae0e

    • SSDEEP

      24576:mnt4M/pL1wAEIqSBanK6CC33VTj+1R8xRFLqqmbD1kWIAqPA:mPL15EIqS1e6q3FmKbt4

    Score
    1/10
    • Target

      推荐服务器租用.htm

    • Size

      225B

    • MD5

      34a2528d4d30e12c314193fc77891234

    • SHA1

      6ebe43bd1ac4ea0e2390cf52996296ec0a9526de

    • SHA256

      ee789d5055484aa7c69e8d48aca2791a36b9d6ec75616279d8733f4390b1b78b

    • SHA512

      58ceb18f5eb259e93f69a7d108f730d8cacb9308361bcbef0dbf55eec965f18731a8cdda8e1832a7d7f00b04ed01989e3fac8b2d9a616a3dc337158bc840a910

    Score
    1/10

MITRE ATT&CK Enterprise v15

Tasks