1d1d0b448b4792b6984d780731dd2b3a9e1194c70c0464e2a845e6169bfd8055 | Triage

Submit
Reports

Overview

overview

9

Static

static

3

使用说明.url

windows7-x64

1

使用说明.url

windows10-2004-x64

1

傲世九�...��.exe

windows7-x64

9

傲世九�...��.exe

windows10-2004-x64

9

极速软�...��.url

windows7-x64

1

极速软�...��.url

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

Target

220d4bb5dba5ae2aeedb0493c8149c6a_JaffaCakes118
Size

2.2MB
Sample

240507-2nwtzseh32
MD5

220d4bb5dba5ae2aeedb0493c8149c6a
SHA1

6347fa6767f556f4448608f516be307b6618b56d
SHA256

1d1d0b448b4792b6984d780731dd2b3a9e1194c70c0464e2a845e6169bfd8055
SHA512

8212e8415f1cbdbe0ffc35a82819901d4f067b68ab37951ce53a72160e6bface173609022a096cbef927334f5113623f342159fe9a4324ab642a7f1d7871a6fa
SSDEEP

49152:7U/G4EDCba21Xl3Fs85MR2RuqrO3n0sihJDZZ0rZa5:7UiudPvMR2kqi3nE39Z0r6

Score

9^/10

evasion upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

使用说明.url

Resource

win7-20240215-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

使用说明.url

Resource

win10v2004-20240419-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral3

Sample

傲世九重天阿布辅助v2.8/傲世九重天阿布辅助.exe

Resource

win7-20240221-en

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral4

Sample

傲世九重天阿布辅助v2.8/傲世九重天阿布辅助.exe

Resource

win10v2004-20240419-en

windows10-2004-x64

7 signatures

150 seconds

Behavioral task

behavioral5

Sample

极速软件下载.url

Resource

win7-20231129-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral6

Sample

极速软件下载.url

Resource

win10v2004-20240226-en

windows10-2004-x64

0 signatures

150 seconds

Malware Config

Targets

- Target
  
  使用说明.url
- Size
  
  126B
- MD5
  
  59b9685cba5d2ac1b35f7eee4a17fa33
- SHA1
  
  68530715b329fedf68518267634094c35d51a9e9
- SHA256
  
  46df9d8dad577577f3da4a6eefeb531616614f62fee20e9de3adbb088d0bfed7
- SHA512
  
  a7f8b6b5bf1978a95195f79bcf1acdb027a737edd70a338adef8a095703cf11c4370fd86c861e802db7d7bb751aee0aee1d58149d62044802ef987c4149719e0
Score

1^/10
behavioral1 behavioral2
- Target
  
  傲世九重天阿布辅助v2.8/傲世九重天阿布辅助.exe
- Size
  
  1.5MB
- MD5
  
  80c29bfd293365fec84184c0a33b0db5
- SHA1
  
  b799255936186ba93be3bbd43d8b464699c52f9e
- SHA256
  
  0875327f258fc4058ed1cafc3769718e54c6a4195d8fd50e6648aa9778eb1f09
- SHA512
  
  f1e75abe4839678d636f55ad1ae6621b8629fde0b2262163a2565dc8718f518bd81c326a318d19e17556f68a602e45fbe80c0758b13e8b1c67b2be76a4d204a0
- SSDEEP
  
  24576:325Qo3CuE4rrMt7mWVBGXUcJZiMe2vPO9+JEX6zMlXlZkAHcr8WSTfcy:32f3CuEMr14cJXe2vKX/lZkq09wf
Score

9^/10

evasion upx
- Identifies VirtualBox via ACPI registry values (likely anti-VM)
  evasion
- Identifies Wine through registry keys
  Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
  evasion
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral3 behavioral4
- Target
  
  极速软件下载.url
- Size
  
  331B
- MD5
  
  48195bcd2fcc73d4ed844ff646587232
- SHA1
  
  0fc74b362d3dcdb639cd86a01e7c4e3c2c0fecc6
- SHA256
  
  49c1ace06a959cf0600de6526917ad47efa7a69860c6372226e295ae451c10f8
- SHA512
  
  28a341d90b11526a8ca30ac1221eb08f57ae00a9c7fab17043f390009ce8f0e4fb4b05040269aeffd6276d8fdf114cbec697997875d33dbc9776220aea490d0b
Score

1^/10
behavioral5 behavioral6

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Virtualization/Sandbox Evasion

Credential Access

Discovery

Query Registry

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

© 2018-2025

Terms | Privacy