General

  • Target

    6f0c8f744b18a0d2faba681ec12381dda4820796536acc3619320a71d841bdd5

  • Size

    3.5MB

  • Sample

    240430-mbw7naaa6s

  • MD5

    8eb651256e1858682bc7b4ac94bb81a0

  • SHA1

    33cdfaf096ea179c11ea31280309c6949aada470

  • SHA256

    6f0c8f744b18a0d2faba681ec12381dda4820796536acc3619320a71d841bdd5

  • SHA512

    fd1b9dbfffed1a0e81115290296218273a560bda4e2920e31e5624ed4faf5373b770091a399cf79be6f101e3e7cdb8a0c507e9dd8e6f217cf3e6f1c1a1575ef4

  • SSDEEP

    98304:lRoKmLT1jONcdIgEAFtq8XQRzvPAZlpYqZ0L1UkD60Gf:l/mLtOWd+AXiRzvYbpYDLt+

Score
7/10

Malware Config

Targets

    • Target

      Aria2/Aria2c启动器.exe

    • Size

      1.1MB

    • MD5

      a8d6a582bca24327455a9a9ecab2f664

    • SHA1

      374cfc99afffac7557bc767de9b9f211858b30b9

    • SHA256

      d028cf003f5a59b566df0d77c68ebd63769cd3ac936c1392ee804756ce84d6a3

    • SHA512

      2ae0918f4057163c0110c6e80025b738c20b0bb7eb088d262d71acbfa3a7feeb9a7c46534d5defdce6d0e2e07a427cdd897fe35578f86f494854cb52aecc2a20

    • SSDEEP

      24576:goNolOhBCfXLEX2kr/KXE9UI7EkJqTCuq2i:GlOhBCfLUjME9UI7JJqWu

    Score
    7/10
    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Target

      Aria2/AriaNg/index.html

    • Size

      1.7MB

    • MD5

      ba08c74b7929e25bddeda7fbfa2a0392

    • SHA1

      78fe4459f98b049e3ad601b98e1349879ed16b58

    • SHA256

      c8d0022cfc00c64c3d8bf03bb19b38d11957fe000fd1b8f12a7b1f993e39ccfe

    • SHA512

      73d69f01116000b70811f403cdb178594c52b51c376b85d91664942419d293fc28bb44295683c453e3b87b1acb356669f9beb4a74d2d185444af24c955206bd2

    • SSDEEP

      24576:Axo7nqyehVg9Js+WxM5fp1cE9rTvexEDFIxodZA/p0ImuIz:3wVg9Js+WxM5TTvfIxoLA/pI

    Score
    1/10
    • Target

      Aria2/AriaNg启动器.exe

    • Size

      1.1MB

    • MD5

      a291b6b6055ef4495dcac47aece1940d

    • SHA1

      f5f329b903701ed86d8acd376d77e4a3c78d7e10

    • SHA256

      634c0b94e6d2e4eb8f2789f4e559607fce968e72bd784cba041fd8b62f93da5b

    • SHA512

      268d39f6d1cae327bc3c84ad53d24c0debe66fd696e4c246df90124c8d6d68e071609a0194b82eb66da5f3055944cf27229e582f5a83aeadd9b762c69b88608d

    • SSDEEP

      24576:4oNolOhBCfXLEX2kr/KXE9UI7EkJqTCuq29:OlOhBCfLUjME9UI7JJqWu

    Score
    7/10
    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Target

      Aria2/README.html

    • Size

      37KB

    • MD5

      1b9fdeef48764795ba655493f0fba471

    • SHA1

      bf1cad1d1987e9cf1efd764f39d6edb120e1cc5a

    • SHA256

      b8a15c1db9657abcc7dd26da49e1cece0390071b99f9aa482b016350ac5d4ca6

    • SHA512

      69a05e7568a3be00ea2d908dcfcf4fc4ab473aa3cefc61f37695b1a4d6aee684945e9a512d032d11b4ab53c04f2a1e42d5d9b5b7bfc642ca49b69d07939d177e

    • SSDEEP

      768:CCAR+fgShWp8WiTG/Kdini37mIppUjtEQGK:CCARhShW3/Ti37mqpUjqI

    Score
    1/10
    • Target

      Aria2/aria2.exe

    • Size

      16KB

    • MD5

      867a500cec870b8d3bea3ae536539c22

    • SHA1

      9c2a8902612074bdbfabbe80d7808366b71865df

    • SHA256

      af2f0607d25e45251e58a4a5ce6bb0d1397faa334f963cb2208529698df11c17

    • SHA512

      4d8589e11813fcc75879f03ddc651216887d7f2d270c109875132803c290ddc617a3dd95e2edbea0ba892f1de74dd5fb3c1f34aea31ea1fb9c284ceee7a9bd5d

    • SSDEEP

      192:SBxYNapkZ0+PoOMeF9wAndgMnzmE6HPmoynvXUUN4aHcdvIzZcM:+xaHZlgq9pzmXm9Xdt8dvu1

    Score
    7/10
    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Target

      Aria2/aria2c.exe

    • Size

      1.8MB

    • MD5

      6d1fe9171538df42e013e6ecf330ec48

    • SHA1

      a85203e77419c484a4434d56f96a0404b73ec588

    • SHA256

      ef342516f4e2c211cd70cef033e558d598229c75e39292b668ae4ea7bf09eafe

    • SHA512

      6603d1a60aa610c3269f9592877ef1a56f4dfe0f2496c017434ae1074fe8c3d0348386316129607d5dc09af1e7ae35f67e12fd72131652dc95e308b5581e1fbd

    • SSDEEP

      24576:PmJskgkn52UNo5xIoWyKhrYpnVSusT/r8f7qcSeKHY9w8YH+K36QLiSxGJ08liXX:eJ3NmPxJu311YwLeI6C2aAxbk7R8E

    Score
    7/10
    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix ATT&CK v13

Defense Evasion

Modify Registry

4
T1112

Discovery

System Information Discovery

6
T1082

Query Registry

4
T1012

Tasks