r77 | 95cf89ceea509a4768095b387136225aa631bb773e795ca82e6c1503853aefa2 | Triage

Sharing

General

Target

95cf89ceea509a4768095b387136225aa631bb773e795ca82e6c1503853aefa2
Size

1.1MB
Sample

240311-p7bxpsfd46
MD5

eb4c5322154a11fe51f2e1a24a093aa3
SHA1

a22254442bb8d0cbc285c5f72eb6d00d8a64eda9
SHA256

95cf89ceea509a4768095b387136225aa631bb773e795ca82e6c1503853aefa2
SHA512

4700ec93367ead8993404e0add30d9a2d02487ffc31103005969ea39dc51dc32662724ae48b642882ebeb496cdf69696e22792d0143231063cb8413e0bdb5b21
SSDEEP

24576:xTVUjpEh/ZFipw3MCV7nVfyNS51jT5M8uRVy1FlinNdN:xT2ja3FiiyN4T5VuRz3N

Score

10^/10

r77

Malware Config

Targets

- Target
  
  95cf89ceea509a4768095b387136225aa631bb773e795ca82e6c1503853aefa2
- Size
  
  1.1MB
- MD5
  
  eb4c5322154a11fe51f2e1a24a093aa3
- SHA1
  
  a22254442bb8d0cbc285c5f72eb6d00d8a64eda9
- SHA256
  
  95cf89ceea509a4768095b387136225aa631bb773e795ca82e6c1503853aefa2
- SHA512
  
  4700ec93367ead8993404e0add30d9a2d02487ffc31103005969ea39dc51dc32662724ae48b642882ebeb496cdf69696e22792d0143231063cb8413e0bdb5b21
- SSDEEP
  
  24576:xTVUjpEh/ZFipw3MCV7nVfyNS51jT5M8uRVy1FlinNdN:xT2ja3FiiyN4T5VuRz3N
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2
- Target
  
  Warm Snow v1.0-v20231205 Plus 15 Trainer.exe
- Size
  
  1.9MB
- MD5
  
  0c0a619fe74916c19c8db8cb94b63c35
- SHA1
  
  eee29377b3baeb61ab963d34d166f69d04ace3ec
- SHA256
  
  da18f76629df98da6c859fdda178f411ff3f05b326416a0994ae676cfd658e41
- SHA512
  
  4a119c63118f01f77d411147b675ff9c4d367a485ee5c8d6d72c963c2f60a9c16041722d08c21ca87e90271cb8ae8ac869b1c11c23637ce60bd1b7cce1c15e50
- SSDEEP
  
  49152:TmJeoncYOmlmJRGPlJeAp/nyxXT5XtzQx4I1:QmJMPl4D59z9I1
Score

1^/10
behavioral3 behavioral4
- Target
  
  游侠网最新单机游戏.url
- Size
  
  182B
- MD5
  
  5195a3742c3af3bfbf051ff4aef262df
- SHA1
  
  08100c8b17705a26e6973efb147169a0a84148b9
- SHA256
  
  e3706b783ec5373a70044492ff4a5ec6462fe114854c3b57b55d7ea7db0ad133
- SHA512
  
  5de4379e782cd805ebc982d0c975336f9a2078f0efaaf9a924a5144ff54f72c116ac5541b8368ce7e0eb478e0e4b863db6e296fd3804c63acd614f3ca6df4741
Score

1^/10
behavioral5 behavioral6
- Target
  
  游侠网热门MOD补丁.url
- Size
  
  183B
- MD5
  
  1240cb2f6fdcd17b166496bd17f72cb6
- SHA1
  
  2c4e10cb34c961bd93b977f138a2b04a0fde54d0
- SHA256
  
  b309f388ad3192343d775f071c46d20e2c7cfff64e757c20071f164eb46be0e5
- SHA512
  
  3723249fb3b771aa4b2fb17d535b2aee241dcd16091c90ec55993c1821f1b29f919406ae012b8ce7bf446616acd401cd4ccedbbff254d6b90f1027364c16e690
Score

1^/10
behavioral7 behavioral8

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Subvert Trust Controls

Install Root Certificate

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8