General

  • Target

    daccd7ef1980eee614b03946fb4095e2

  • Size

    646KB

  • Sample

    240321-f4t5face68

  • MD5

    daccd7ef1980eee614b03946fb4095e2

  • SHA1

    c751948c53a7096c0ee8409b41733fcdb7f7f8c0

  • SHA256

    d513e6b6840937c10411d6b8e8ae8ad10473fd3b1df58e79b74aa4a9c60fe8e2

  • SHA512

    9aed4a50a99fb95371a5b4622e1621fb702deb228483dc8a57d280c53e9f30f44bb61e55889c50da5fa2faed3555b3d64a3fce789fe64f9f28abdac057052b2c

  • SSDEEP

    12288:zuFLYB1355TKQX6GQFAhr50RQhiciKhrUEek2Dmp+czteA97HR:zs69/6jFE55iyXeep1zteEHR

Score
7/10

Malware Config

Targets

    • Target

      Tank/pic/Begin/RegSrvIn.dat

    • Size

      229KB

    • MD5

      ca699d2a1332a564e939fdc166b52121

    • SHA1

      ff879157f258f18fb809c137b672495458678b0c

    • SHA256

      eec4709c39246fd15e929dbeaf891fee5640270b50961f233e31638adcf64451

    • SHA512

      7376a8c6853c52a8c29dfcbfad4220864b646fbdef337364ff6331ec24a33e72d01b90ef421dffca322c88df85d7a8d7e3ddc25d2402532d0e5ea9831be51838

    • SSDEEP

      3072:zCUGRvs4raDMR7MbLBZvbQ6yr9PiQc83W+b9PzKhAREyv3d6LxzPZKxpOcxYJw96:zCxhlD4b9xiLP3Pex7jH

    Score
    7/10
    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • Target

      Tank/pic/Begin/Woyaozhi.dat

    • Size

      566KB

    • MD5

      e1d3088a9027568eefa80937862c2d3c

    • SHA1

      e760db20e838dc5ed1aa8e837fa73d5b4707e07a

    • SHA256

      d1eb414b9e57c277c20806a820c24d40a9d1e9ece1ecf8148be02274ddd4cb97

    • SHA512

      17facccfe7a0892408777f53a9d98e782609307a855160c32b46c7442ab7e58e38c70a9415171f85a47264a82c6f7545ab97add619ee0fb0078ea0dbe13e3d98

    • SSDEEP

      6144:TYUUCP1+kF7sxU4cLKdYshPSXu/TCwYv4iGOz/ojd+qBAc1N1fstvy3rZ//qPYMH:TxP1+x7cmd4nGoojkqu+9l3qPTTwxe

    Score
    7/10
    • Loads dropped DLL

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

    • Target

      Tank/tank.exe

    • Size

      372KB

    • MD5

      299acd001bc01fbb25db5b7dfdc94b6f

    • SHA1

      3fe760736c0100e6bf3689286dfb57f483d734ad

    • SHA256

      4aa598bf85c84ae8bd8438288eb7170cf2b652acaa75224bada14cf450e5957e

    • SHA512

      127be21f827c5bcdf3b4736a53c4ba9021de40e243884f29022f127016c17cd1e6d40d2270b6ce5fe2bac451ddc944194c29b1a1faae6eec2ef4ad98d9a33904

    • SSDEEP

      6144:44gcuXULobDALCEcdZsaSTtwfcLz+u074/H2eJ0MrjEJu0RRRwRRRFRRRwRRR:0bDoCLdZnIwfcNFqy

    Score
    7/10
    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • Target

      Tank/新云软件.url

    • Size

      133B

    • MD5

      4f0017b3b346bd0626f0c3b915e6e734

    • SHA1

      823bf3ff9e16cd636c9dc0dc690d6a586fcbfe92

    • SHA256

      df65af1fc1e09f6effbde7e0ef1cb64d6caeef1f62b0e6467821efa032533678

    • SHA512

      0f5eb5024cf6a0323f7998d419995a707c48de917a5899a185369e6acfeb17c09ffa03f7d110adc87b8de20b7d4bf30d50c72479bfb18614d2e21cbe169dc5a6

    Score
    1/10

MITRE ATT&CK Enterprise v15

Tasks