cb3fc239e7d29e7e2425e7fcdbfa1097d15cc3e1100a4d32cf7b20a9d2cdd5f7

Sharing

Copy URL

Twitter E-mail

General

Target

wufuc_v1.0.1.201-a52637d4.zip
Size

138KB
Sample

240425-jt1q1sha22
MD5

a0d640671fd50e91dd9a86843941dc43
SHA1

09e1837c55cb1932599c9f64237590bceaaf77c0
SHA256

cb3fc239e7d29e7e2425e7fcdbfa1097d15cc3e1100a4d32cf7b20a9d2cdd5f7
SHA512

360ea6bd02e6ad1b5965b469c54d2f5587060097808cbf2bd00e661aa106fae46b1219925766388b48daf7b97fdda80e0d4db0f92f61633003e6b3334e4f623f
SSDEEP

3072:w8RiXRQWko2u8dPhw3TkNIxdsU+Rr70I7VWERxaLliYwfnh:w8ABQWko2u8Dw3gemRrQI73apiYwJ

Score

10^/10

Malware Config

Targets

- Target
  
  wufuc_v1.0.1.201-a52637d4.zip
- Size
  
  138KB
- MD5
  
  a0d640671fd50e91dd9a86843941dc43
- SHA1
  
  09e1837c55cb1932599c9f64237590bceaaf77c0
- SHA256
  
  cb3fc239e7d29e7e2425e7fcdbfa1097d15cc3e1100a4d32cf7b20a9d2cdd5f7
- SHA512
  
  360ea6bd02e6ad1b5965b469c54d2f5587060097808cbf2bd00e661aa106fae46b1219925766388b48daf7b97fdda80e0d4db0f92f61633003e6b3334e4f623f
- SSDEEP
  
  3072:w8RiXRQWko2u8dPhw3TkNIxdsU+Rr70I7VWERxaLliYwfnh:w8ABQWko2u8Dw3gemRrQI73apiYwJ
Score

1^/10
behavioral1
- Target
  
  wufuc/COPYING.txt
- Size
  
  34KB
- MD5
  
  9c25e1cdc3b5122842a6a70fab49a522
- SHA1
  
  2ea9f02239dc6b5fdbfff01fcdf85bcc8c13667c
- SHA256
  
  53927bd0b739d38c87a0a82236fd9b070c2dfff11c0c119be50372005d5047ad
- SHA512
  
  7a0429020657fcf4b6035c393b10a98978360e99f3b0a092373057378a406bf016d8a96f41e3a4ed023343ce6805cd94cb5861df81503d105291efc51119e3c9
- SSDEEP
  
  768:A7Y+tNdSz3ZlqXOWoInuzx3Y8N3WiAD0Jv:AVtNIq1uzZY1q
Score

1^/10
behavioral2
- Target
  
  wufuc/Donate.url
- Size
  
  137B
- MD5
  
  3a0071d2bcaf168a79144b5bc5b186bd
- SHA1
  
  606e51dfefe3f6f40a281d1903ddf245931406c4
- SHA256
  
  a1fdf19ea10c57cb6e322f1ebc7ee61c996191f76279c1e6bad1e827a8978ebb
- SHA512
  
  6f96b692c89cc9f476991202883e8c1cbb466d8575971605dd55f43e710693de3de9528225c1a947130834d09ebd691d0a1eea0c0cc2892e048e5405c55f03ac
Score

6^/10

evasion trojan
- Checks whether UAC is enabled
  evasion trojan
behavioral3
- Target
  
  wufuc/Help and Support/Latest release.url
- Size
  
  131B
- MD5
  
  810479142315094fdc22d4cd683f9a40
- SHA1
  
  35e728af7cbb02605d1208232409d99e88f4602f
- SHA256
  
  ed602ada5797cdbb3239b2420c38de5e69200ed4ee7498f7c25c4093cf6839fa
- SHA512
  
  032965cd199fb9c48a44a1e1e0f57ac9d3806bb27fbc89c6099aa9c6434ad9ca577ed9581f66006101c965a724961b6bbb19937224ec3bf8907487148b375c7c
Score

1^/10
behavioral4
- Target
  
  wufuc/Help and Support/Report an issue.url
- Size
  
  122B
- MD5
  
  060cf72cc6414da9eebffd4c181a80a4
- SHA1
  
  38b1f2ed9ab4d01f617cde5e56e04d967b51bde0
- SHA256
  
  291f93f44ec16b1017503dbb46a60cfe86b1fd7fd0baeba2b914895ce9ae7d7b
- SHA512
  
  e5240f9a186402d59c828d372f998a57de8312643d795eac7278dd0ce474c023f958dca547753d07c5b23c60ffaf8024d3e3d10e0ce11bdeb2d096acbe6f3284
Score

1^/10
behavioral5
- Target
  
  wufuc/Restore_wuauserv.reg
- Size
  
  708B
- MD5
  
  99f25f3eb124c29e24c5352371c6b576
- SHA1
  
  68e203682392be44065b32ee43e8f5536133b98c
- SHA256
  
  e520b1620ae71ffae8908609e99a06d998c7e773c5179532c834d4adbcae8e5b
- SHA512
  
  c2dc2361a4dbdf5da93cb67ca9b8c8b18c52ff93b376a006ac04cc6ee9da1255687c49a5c424d4feaacecdac4299fad5caf75cd7caffdf93accb4643bbeb6736
Score

10^/10

evasion persistence
- Modifies security service
  evasion
- Sets DLL path for service in the registry
  persistence
behavioral6
- Target
  
  wufuc/install_wufuc.bat
- Size
  
  6KB
- MD5
  
  e858df69705b2181e876cf2c10f21c60
- SHA1
  
  4afde93213d0bca2d8d42c6cfdd1d85f81362be0
- SHA256
  
  dcd22a63446d7ed51498c7c6aa0aac7de970ad3c8b655d6868c89022d554f2cf
- SHA512
  
  cee57ee3aae8392f63c9f1f7b7202d95c7114faf332c5e4bdfebddd182a40cda084b2bfa742c01a8f63ac7309e50e2e47c04a8df3fabae531630ce1637f01d4a
- SSDEEP
  
  96:1HaK1BTMWP/ZYIPjqKHNoYW1JVAkJqCSNBFawwLOIErYZMtUYfavKg:1HaYBgElTtoY+Ak4BBAwwLOIErQ/zvKg
Score

1^/10
behavioral7
- Target
  
  wufuc/uninstall_wufuc.bat
- Size
  
  743B
- MD5
  
  1997ce4faa7ba7034aeb39520e385ae8
- SHA1
  
  f684e417881098ddc7840691fea3ec0af47c974a
- SHA256
  
  d37252527c2a8b33bf0d7b26ca0caad2c255dbbdaf41685abb7f7a2bee2b0224
- SHA512
  
  e637f2878b59f063e3745e5d31594f3fba2d40d5df84f1cea6b56b0496ab2e548148617787ac3587ed74430d77504f6703bd9c20261ff31ea76d2e2c02dafa37
Score

1^/10
behavioral8
- Target
  
  wufuc/version.txt
- Size
  
  21B
- MD5
  
  b419a11ee4ca30e940a2c24d07637902
- SHA1
  
  3b5d68ce3996e32abe19af6b3a8f6d39a97f7c39
- SHA256
  
  64e5d99d87351823ef7c6eb19752a8e8109460509ae3710b45372a38672019bf
- SHA512
  
  55e2fd9023bdb5d39a50d1c3dda4b3b9f82bf0a7f025f73be1e2244a7c129e18ec894b69b2e2ded49a27014bd563ef7a93f8b05e9f7562b0b54ed4a7378d0461
Score

1^/10
behavioral9
- Target
  
  wufuc/wufuc on GitHub.url
- Size
  
  115B
- MD5
  
  8c60ffd02b9fac6e43d2f32d4e5f73a8
- SHA1
  
  a7a3597f284c20f7f205481a936f03c07345a71f
- SHA256
  
  bc03df2985ed70eb13fb9caf81dcd8a4352cc484c90bb3e22ca25d458b69f9ef
- SHA512
  
  df85b1e9fa36f2ebe48fdefb6b218aa6a6747963a4f489e77b3a281e4386be46241ac93502adf53ea8c442c6bc995fc820b1e06bfb2d666c0a48d16237280542
Score

1^/10
behavioral10
- Target
  
  wufuc/wufuc32.dll
- Size
  
  108KB
- MD5
  
  6bc409fc75080049505e3a34c035fc93
- SHA1
  
  26c10b2d15376777c95b11587c664a607722579c
- SHA256
  
  dd97107afdefc497a6df5914b79fc69560b6bd4b0a7fb6bbccd87df9034e73fc
- SHA512
  
  8109ac4cc06fab1149503f453c021a7bfc7da69f227b4cbccda8061fe279d27a8f464c010396d540ff46bd3f956e96773bb7ea03080e66ab1bab58366e96c09e
- SSDEEP
  
  3072:Xs/wj+Nxk3zhj8bI47u77QHASTITZ0FCTxJcsPnO4X:XseyAzhgbI47u7MHASEPX
Score

1^/10
behavioral11
- Target
  
  wufuc/wufuc64.dll
- Size
  
  125KB
- MD5
  
  9dc9fefaa9143f2fe1f17f9afd82f6d5
- SHA1
  
  469b6244ba3af7f7382c41e91889f8d423be8353
- SHA256
  
  4611789b164b1ef2ee54f0685302fe2b15ec4842d481ad2bc72799208a41b8c4
- SHA512
  
  c67d8ac6295f1d7d164676a119f6925a216a051bd38d9ac3686a5d6f31035d02c2e5f214176c0939f1762fa53eaa25ffd31f3e2994e8f476b92c3f77dac4eada
- SSDEEP
  
  3072:PIXYSnTBjkoLse92T9osAsPujn6ZOGAxjxI:PW11vse0TksPo
Score

1^/10
behavioral12
- Target
  
  wufuc/wufuc_ScheduledTask.xml
- Size
  
  3KB
- MD5
  
  5ae902cd9305daceb68df0186d40a4e9
- SHA1
  
  6520f5174373be4e6ddeb79b6b1ffa7be99f95f9
- SHA256
  
  36a49eae2560fe57f925920e1dd8ac1262c626681c6367fda472cf8d136af1e0
- SHA512
  
  4b0a4c546746e98607616a64a63c34edcd3a1d272c6e6b4a4f3feccd6ccb8a63eeab26d95d50b9fabd13ef4fb3e63314b29c4c36fde4def1424141f906c5735e
Score

1^/10
behavioral13