Overview

overview

8

Static

static

8

Hybackup6.0.0.exe

windows7-x64

1

Hybackup6.0.0.exe

windows10-2004-x64

1

hyhelp/howdo.htm

windows7-x64

1

hyhelp/howdo.htm

windows10-2004-x64

1

hyhelp/postbuy.doc

windows7-x64

4

hyhelp/postbuy.doc

windows10-2004-x64

1

我们的主页.url

windows7-x64

1

我们的主页.url

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d81b45b0837ffc94534c3f7fc84ec0f4

  • Size

    603KB

  • Sample

    240320-g7gh7abb9x

  • MD5

    d81b45b0837ffc94534c3f7fc84ec0f4

  • SHA1

    afe1fd794beec5a228bb5387efe54dc14de66ec1

  • SHA256

    d386075cd9644ae405747cc27199d537e448b59bffb123e267fa9e324da271fe

  • SHA512

    2c7f7794e3d0dc13a7a7c8245132fc1f43ce868cc6a338f60ee1ae0cd4021bbbf2f9364f9c129f5c87a72ce43dd2f76c8f7645d4e46d98e77aa9926cf5c79c5d

  • SSDEEP

    12288:8tsy+av7fZBw3VHoLJID2Tcn27x4rKXXdIWb9jMchSKujGU/r:efv7fZa8un/GXttjbhSKw/r

Score
8/10
aspackv2macroxlm

Malware Config

Targets

    • Target

      Hybackup6.0.0.exe

    • Size

      583KB

    • MD5

      ab365d597740145bb4fbc60c94081eed

    • SHA1

      286cc6439c3b2466e11af3e53e1fcffee31b25a6

    • SHA256

      0b5dda83cad70307939068e4b4d7725ecd4b397c260f1517ed38e5b48b4c2a87

    • SHA512

      1afd4b17233274a0818a981f72a2a2eba4fbdf127eb33a56f16a6bf83ec6b387bd5d32e6c91e49bfeb14337dab7bf182365facdec2303b8e138a09d728ebdfea

    • SSDEEP

      12288:VixrrkcVZ8COKFLJMwrET78w/LC4bZFCGvWcYAsDHdK79ydnxy:VQf9TJOnG4zCpssLYyvy

    Score
    1/10
    behavioral1behavioral2

    • Target

      hyhelp/howdo.htm

    • Size

      3KB

    • MD5

      7ecfcea9db032da912ad1cc1ff43a5bd

    • SHA1

      81d65e278e3e1a3a96401d3c13cb53ee31679567

    • SHA256

      b04ac5caf38c00b9333ae97aed744a925ceefe60eb52322aac9f31175635522f

    • SHA512

      81d8729bf3c93593692adb35ef33e136873fdb80031f80fe87fbdf2cdc5bba555f572dbb0ba50eb2a9ee49fc44d667ade2ad7c2309fd31ce3945dffcd8e30ac0

    Score
    1/10
    behavioral3behavioral4

    • Target

      hyhelp/postbuy.doc

    • Size

      184KB

    • MD5

      2d7600575f85b494e049e237185a73b7

    • SHA1

      6f66b46e22c92b408a8a8db8e3d1a63762556245

    • SHA256

      2139707cb8d9cd5a33be5c3dbd4abf5e162d2534cf9f064919fbb1f7e4f95f25

    • SHA512

      75fd1f3384a72e057e6fba5cf7353f6eb82b3816f9bb94cc8f9de1607fdf2549993b88b38ebfbce03da8bb61a2c8fb84083297e155ead81482a4bd21978ac06d

    • SSDEEP

      1536:DgXhznstEiS61ZqYq2OnDw1GzUFba5KhEOqkoll9Xb56j44RWO6Bw8GWPVI4HJAO:Ek9F/1liNRs

    Score
    4/10
    behavioral5behavioral6

    • Target

      我们的主页.url

    • Size

      125B

    • MD5

      4d4971d2e86fa29b6133cbe17854a817

    • SHA1

      c0ffe35473f9148f6131f4ae3a8d447fd1401bca

    • SHA256

      e4239015a07490530b2c3576208418122ec505e41dc81b1a41adc7754c0d5a8e

    • SHA512

      7681eeacd2359230a43739c3480a65665cded144364d8b702e4514c17d9a0ffba6609c1d1d30f91147c635ac5c1f390b11f930539e50ba46b072c65d9f299d0f

    Score
    1/10
    behavioral7behavioral8

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

2
T1112

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks