r77 | 801633ba2e18afba233745cfbbf6826e660aab11b69edca4ad388ca8bfd1b11e | Triage

Sharing

General

Target

801633ba2e18afba233745cfbbf6826e660aab11b69edca4ad388ca8bfd1b11e
Size

679KB
Sample

240310-1w9v5scf49
MD5

1b162e7a683d5c829ed7b1906fa5ea6a
SHA1

9ee20699b9428dae1100946aecd05431a0906fa5
SHA256

801633ba2e18afba233745cfbbf6826e660aab11b69edca4ad388ca8bfd1b11e
SHA512

7eac44584852f2fb6497ac4fc60031eb54fa037e563076eb645f6f520e9e7ddad14c690864529ff6a9b79563c40639978a8c68bd6c58ad1d979bd2c6bbb4b7d3
SSDEEP

12288:kzxpze6JxZHQcepiTPIOOmcpLGAdIGlqg4/N2yrmTk1clQjOUq3E8Y4/a:QLVJzHQQMOOmcp9IGl21FKYKlQyltY4i

Score

10^/10

r77 evasion trojan

Malware Config

Targets

- Target
  
  2022年全部热门单机游戏及汉化下载.url
- Size
  
  147B
- MD5
  
  f4f991d2ab8c37612a931518f0e84fe2
- SHA1
  
  bc468d41d0ac8170663be3f2f3004fba4f3e539d
- SHA256
  
  49d2095c4d0017c5ecefce4aa579485ff1773643c0dc4f6c59d3fec906465003
- SHA512
  
  a0fac66c4e6ccd569ce000946d6d8d53fd0649f60f8baa6dc69abbf15c465d0e588f3c4075e957d1d42ce86af3b11a48b6503a58a76e57bdc50898a2cac3f4fd
Score

1^/10
behavioral1 behavioral2
- Target
  
  Warm Snow v1.0-v20221104 Plus 12 Trainer.exe
- Size
  
  1.4MB
- MD5
  
  2b36f947f49eb3185c574b1186f704c8
- SHA1
  
  1c87fcc8aadecf9ca59c716929b25da1e33772ca
- SHA256
  
  8f4215d28ac72f97942fcad3c0273c47a68e3a22024f4b8360f6ef1348d2c835
- SHA512
  
  438e97fce83e037dfa594a335fd0594f3d2b6ad07e405610ae519e6d405502f78eb51b3ad0f891a8f3e848771d14d2d2ea1544d6d2487d542909f14abd0c7bca
- SSDEEP
  
  24576:cAjQiHz39MLcCmArz+Z8HhT9TIc+CG/uDSuObJ7kAWOE:gUrOLcCmAX+Od29oOV7f4
Score

1^/10
behavioral3 behavioral4
- Target
  
  www.3dmgame.com.url
- Size
  
  122B
- MD5
  
  49cbfed4fa9b3fafdc9d499b6163fa62
- SHA1
  
  28decd9138bd3f7b3ef38bf9e40cd0d6305d1cdb
- SHA256
  
  03df27e82600098c34c413cc2e45b43638d3ac33666960cfbd913f1c3f9a0b11
- SHA512
  
  64e91ed564ef64d7687599012c4728b811fec2661dcb7941374cdd3a8450563073c67c452d97d43545f49182fbda2c26702dd35088723ace21717282d1233627
Score

6^/10

evasion trojan
- Checks whether UAC is enabled
  evasion trojan
behavioral5 behavioral6

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6