General

  • Target

    _51动漫 稀有视频,24小时不断更.rar

  • Size

    883KB

  • Sample

    240503-s5cm1adc48

  • MD5

    6e647b75ce3685a1061ed559b67fd51b

  • SHA1

    a709f5b24206a8ffb15b6b2f7f32e67ea99e68b5

  • SHA256

    d5cebe4a1c84c8cfc3f542c2eb59a22d64ccc1a1b176050ba251299c4e6844d7

  • SHA512

    a9d6ecdf3ddb8a4993e3f7e90a327954afc34ca0ca79184a5bac21cdd3528cce1209c555a1fe904172537e896202e33e95252a35b49d680186eeb194800e0cd7

  • SSDEEP

    24576:E1fXvy0WN1fXvy0WlRJ9CTROIfFRJ9CTROIfI:E1VG1VSC1

Score
8/10

Malware Config

Targets

    • Target

      _51动漫 稀有视频,24小时不断更.rar

    • Size

      883KB

    • MD5

      6e647b75ce3685a1061ed559b67fd51b

    • SHA1

      a709f5b24206a8ffb15b6b2f7f32e67ea99e68b5

    • SHA256

      d5cebe4a1c84c8cfc3f542c2eb59a22d64ccc1a1b176050ba251299c4e6844d7

    • SHA512

      a9d6ecdf3ddb8a4993e3f7e90a327954afc34ca0ca79184a5bac21cdd3528cce1209c555a1fe904172537e896202e33e95252a35b49d680186eeb194800e0cd7

    • SSDEEP

      24576:E1fXvy0WN1fXvy0WlRJ9CTROIfFRJ9CTROIfI:E1VG1VSC1

    Score
    8/10
    • Blocklisted process makes network request

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Matrix ATT&CK v13

Defense Evasion

Modify Registry

1
T1112

Discovery

System Information Discovery

4
T1082

Query Registry

4
T1012

Peripheral Device Discovery

1
T1120

Remote System Discovery

1
T1018

Command and Control

Web Service

1
T1102

Tasks