Overview
overview
7Static
static
7FLBATTLE.dll
windows7-x64
1FLBATTLE.dll
windows10-2004-x64
1MSINET.dll
windows7-x64
1MSINET.dll
windows10-2004-x64
1SubFLBATTLE.exe
windows7-x64
1SubFLBATTLE.exe
windows10-2004-x64
1discern_battlenet.dll
windows7-x64
1discern_battlenet.dll
windows10-2004-x64
1vbzlib1.dll
windows7-x64
3vbzlib1.dll
windows10-2004-x64
3vsflex8n.dll
windows7-x64
1vsflex8n.dll
windows10-2004-x64
1国外魔�...��.exe
windows7-x64
1国外魔�...��.exe
windows10-2004-x64
1第一次�...��.bat
windows7-x64
5第一次�...��.bat
windows10-2004-x64
5General
-
Target
43c0604c849d1c45f365e078d5ed662e_JaffaCakes118
-
Size
1.0MB
-
Sample
240515-angxaafg9z
-
MD5
43c0604c849d1c45f365e078d5ed662e
-
SHA1
127e3d1b8cbda82daa6dc6b6e6e733cc81695838
-
SHA256
e85e784b18c4a04c2c748b411775204e284efccbf076c2a59c17a3a27b86e906
-
SHA512
e46eb4137ed0a4ac0c82d8bd8b12e14280bfda67376174fb7d1beba2b7c5f295ebd8055c6cbe070e3c49868317bd2110cd2b70b1c3d426603db72e953782fd42
-
SSDEEP
24576:H4JWhHYU9X7eNGV8qAOOyX/OAiJ0zFBJfBq8uph5W/gPCZ:H4JVUVekijp6OnJ0zFHfY9ph54GCZ
Behavioral task
behavioral1
Sample
FLBATTLE.dll
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
FLBATTLE.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral3
Sample
MSINET.dll
Resource
win7-20240508-en
Behavioral task
behavioral4
Sample
MSINET.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral5
Sample
SubFLBATTLE.exe
Resource
win7-20240221-en
Behavioral task
behavioral6
Sample
SubFLBATTLE.exe
Resource
win10v2004-20240426-en
Behavioral task
behavioral7
Sample
discern_battlenet.dll
Resource
win7-20240508-en
Behavioral task
behavioral8
Sample
discern_battlenet.dll
Resource
win10v2004-20240426-en
Behavioral task
behavioral9
Sample
vbzlib1.dll
Resource
win7-20240220-en
Behavioral task
behavioral10
Sample
vbzlib1.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral11
Sample
vsflex8n.dll
Resource
win7-20240221-en
Behavioral task
behavioral12
Sample
vsflex8n.dll
Resource
win10v2004-20240426-en
Behavioral task
behavioral13
Sample
国外魔兽战网查询助手.exe
Resource
win7-20240221-en
Behavioral task
behavioral14
Sample
国外魔兽战网查询助手.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral15
Sample
第一次需要先运行.bat
Resource
win7-20240221-en
Behavioral task
behavioral16
Sample
第一次需要先运行.bat
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
FLBATTLE.dll
-
Size
79KB
-
MD5
24bc63ebb80eeefb0ffbede89b280cc5
-
SHA1
9a4dd80342146ec523a38719716618c7c4eee3f9
-
SHA256
9e1a705c119cbe5dbd0eebf243de7c3eb51bec869ef996b98c130441008c6a93
-
SHA512
3a510ccf5b75ece6a6415f3183a050f7f24f0e90783250e4f7e874cfb910d7ec2512b287ac0d71cf35535e240bd4be12f1dfa10d177a48ac4a8edf3928c01b9a
-
SSDEEP
1536:zcmgj67DXK1AbJrygqleUHrypRyeyaMf/TJgc:omgj6n61AbJry5ryw
Score1/10 -
-
-
Target
MSINET.OCX
-
Size
129KB
-
MD5
90a39346e9b67f132ef133725c487ff6
-
SHA1
9cd22933f628465c863bed7895d99395acaa5d2a
-
SHA256
e55627932120be87c7950383a75a5712b0ff2c00b8d18169195ad35bc2502fc2
-
SHA512
0337817b9194a10b946d7381a84a2aeefd21445986afef1b9ae5a52921e598cdb0d1a576bdf8391f1ebf8be74950883a6f50ad1f61ff08678782c6b05a18adbf
-
SSDEEP
3072:R5JTZQu4epojdkYv55RCezn/T81B+ySRdL:RLTbP85RCezbwm
Score1/10 -
-
-
Target
SubFLBATTLE.exe
-
Size
45KB
-
MD5
f8bd687e5bcc7560d7684dadc7abe311
-
SHA1
22b17a0dd954ab796c42284b7472ead728e9f7a2
-
SHA256
b782cf0835b33a50bf6ec29d49094f69fb386b97e75451567897989a8734d430
-
SHA512
b22c2d05e808a8e2be49ebcdd94c627766cafb68c3985bd535154d560c8a647de72896c1d2e6537a5fe4e5148cf87908b30df0233ae7c6eaf9c9a50e34f9efc9
-
SSDEEP
768:Rm2vNaCwbo4f6O1SmPUqSTRsd2rcQOugtP3s5QMMzO2FxGha52:kUNwbo4fZ1SmsqusdKoPTPm5
Score1/10 -
-
-
Target
discern_battlenet.dll
-
Size
1.2MB
-
MD5
113d078a3f14f863d46365ad11facfbb
-
SHA1
2a6b3a7a7cde4f36eea8eb5b42edcb1970a2ba25
-
SHA256
ebce30b50799aa0a48236e44d2895a3905ce0dac2ff4fa960d68d093ed7994db
-
SHA512
4b4c75978808bc9c506a063468916896e885bf99fe85d869af2f6fb60e4090574ddaf4fab1ae760fbab9e8aca8d36ebbceae54d7ccb3724424e30b1eb0ec3206
-
SSDEEP
24576:2Psj4mwuvWMtjREdX0DzbRwU2RDKdmeZoHCXYzMsXNmmifj+FCqFghH7iG4uPhHK:2PsjQprgR5rhilLLNTy2owsNm
Score1/10 -
-
-
Target
vbzlib1.dll
-
Size
72KB
-
MD5
82d58fc961ddf0ec5c61cdc0c3f14fe6
-
SHA1
f748c3a7f9bc9f0868f3229545ce32913bbe1ef4
-
SHA256
44bbc47f55d74133c3cd0097da62f8736029cf3e9d4c5d1f46433d9bbb9b6db6
-
SHA512
a66bf6e183e5a81980aae28b7192d4370680f808103e59360f3d7d0a384cc0641e06e7e3d3c507d8861bf7e99b88ed5c2e8bf80ad1ac4f0a1a6d5b745436505b
-
SSDEEP
768:8+VAnYsLaQYpbO3ylb/A6Ano5r6gpV+yBNTAnToIf1lIOlIOu3VZ:8+fQyO3P6AJ8AnToIfjIOlIOu3V
Score3/10 -
-
-
Target
vsflex8n.ocx
-
Size
592KB
-
MD5
9fa630f3e01edb9647afc5b98029b24f
-
SHA1
5a0e3d6637963c12254857cf8b000af61d5ae9dc
-
SHA256
c63ed2884e9ae1a2aba43159a6ac9a3ee8c23110cc3404c44e68e6613a01b198
-
SHA512
55774cd2670cc0b86ecbc82a6358cd9a205bbf4672677b9351bc5c98b2aecf808f2ae574b3c9d723cb2b2713b3d226070aea615d074c881d77564fdcb9fb7a46
-
SSDEEP
12288:qokD2n0yj/nzP3aawddIPEwOZGV2u3mV+:qokSn5nzP3adwEGTV
Score1/10 -
-
-
Target
国外魔兽战网查询助手.exe
-
Size
333KB
-
MD5
81b3fb639b49c77d7dc88c5c363fbb7c
-
SHA1
093bebffa2e50e644a8f2f321d67d87326bcd75f
-
SHA256
6d7a9fb4bbfcf47a5779aa51b052d789bf7e9403d6b9fdd77a50bcc89995b529
-
SHA512
f22162050391fbfefb635f183487a92a610d8e975508d0dc5e6f64c7d22782a51917766aba811a0927e1febb7f1cb4ff2190630f50a8f95c8dd9532eaba8d5ec
-
SSDEEP
6144:kttbJT7QgD7/jR1cNjTPSyfof44y60iEbUQXW5UAwmeO1CX9dhAkEa:U7QE/l1c1PSyAnH0UQ5XmBqdOkEa
Score1/10 -
-
-
Target
第一次需要先运行.bat
-
Size
130B
-
MD5
742c875c5ba09a15a41c8173caa01010
-
SHA1
381554e243c192ec986a1a36a3ae07babfcb9376
-
SHA256
7900e4f2ee524ec36063b74997aff6ca7313ab1e28df2dae1d90ec5f0e0e7fbd
-
SHA512
abd9cfd8a41fd1dfa3a943ffdeba919c0412179e1c937956c9532bbea3f54f2cb7548dd6b5469e5ba99bd64a889945a9b169c8eb7aebf23fef413e510cacf15d
Score5/10-
Drops file in System32 directory
-