Overview
overview
7Static
static
7LOL百思�...AT.exe
windows7-x64
7LOL百思�...AT.exe
windows10-2004-x64
7LOL百思�...CG.dll
windows7-x64
7LOL百思�...CG.dll
windows10-2004-x64
1LOL百思�...ib.dll
windows7-x64
7LOL百思�...ib.dll
windows10-2004-x64
7LOL百思�...��.url
windows7-x64
1LOL百思�...��.url
windows10-2004-x64
1LOL百思�...��.url
windows7-x64
1LOL百思�...��.url
windows10-2004-x64
1General
-
Target
65ff5f86ec5fe7dbcaf90b05c3e5c7a7_JaffaCakes118
-
Size
3.2MB
-
Sample
240522-e3nqlaca65
-
MD5
65ff5f86ec5fe7dbcaf90b05c3e5c7a7
-
SHA1
63fa98f24db8c538a4faf102ffcb495fb579c9dc
-
SHA256
4436fc32b00dbba7cfd575d82d987ece10e988773f6182a63c6e8f0be9c7937b
-
SHA512
3ef181abf121fa9c3a9f90a17c779a3841d19096f2407457d84d61780da2e9f3dc0c727e7fb6aa1c8701e64d2778b3f96c20f63634498d45180b52c10475469b
-
SSDEEP
49152:JPAjl5+/NWeVWjImi40+NhYfVT4rpBeuef0+5IGUuPc7+Zxy63rsIkE0EBXnguWH:JPAD+WeT40+fGVg3r5ucisjw+uWY/ub
Behavioral task
behavioral1
Sample
LOL百思防封工具12.15/AT.exe
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
LOL百思防封工具12.15/AT.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral3
Sample
LOL百思防封工具12.15/CG.dll
Resource
win7-20240215-en
Behavioral task
behavioral4
Sample
LOL百思防封工具12.15/CG.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral5
Sample
LOL百思防封工具12.15/zlib.dll
Resource
win7-20240221-en
Behavioral task
behavioral6
Sample
LOL百思防封工具12.15/zlib.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral7
Sample
LOL百思防封工具12.15/华彩联盟论坛.url
Resource
win7-20240221-en
Behavioral task
behavioral8
Sample
LOL百思防封工具12.15/华彩联盟论坛.url
Resource
win10v2004-20240226-en
Behavioral task
behavioral9
Sample
LOL百思防封工具12.15/华彩软件站-使用必读.url
Resource
win7-20240221-en
Behavioral task
behavioral10
Sample
LOL百思防封工具12.15/华彩软件站-使用必读.url
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
LOL百思防封工具12.15/AT.exe
-
Size
864KB
-
MD5
2623d9c9e1bf1b12228d1c408d5661e9
-
SHA1
bf261cd02a7ea96b888e9e1f8d6561553ce75912
-
SHA256
d616834a294500e79ee3d02c7405e3693e86efa4eba7498a4a223cff7cdca580
-
SHA512
1e95ae9dad16956980b3f5f8d327f7996b7fcfaeb86e18a0b1dbd377fb9f008a52145eb3421fc390d515a6cb0ef4d07e8a600ea536c1cd24fa3020221e76c28d
-
SSDEEP
24576:IDi00DwTTiigOy2UIhZCdXmleG1NviBstQ:I8wTTid3pIhZCdX6e0NaBsS
Score7/10 -
-
-
Target
LOL百思防封工具12.15/CG.dll
-
Size
6.1MB
-
MD5
175b4b3a53e158d92fc945319a24f1b6
-
SHA1
be9e5b9cf2e2fc3323f3ff71a33ed4c376e88a3c
-
SHA256
109e428919f854d7b7c77703b0906294900ae941424a90113df589fd8632d3f6
-
SHA512
5e51a77ede35e95eed2d8dc74e933157b2dce585b88c9f19cf826d07c19238036fb335e48d8be75a1ccf09e84fdd08dbce45066710170cc59816fd3e2419751c
-
SSDEEP
49152:CgVwABBDyjMxQikK9FTqU/TX0aXAE34OkTBcN5:FfejMiikK9FjLka9k
Score7/10-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
-
-
Target
LOL百思防封工具12.15/zlib.dll
-
Size
1.2MB
-
MD5
7a1ff030d2112dca6868cefab25cd839
-
SHA1
3a14f072a78f21cde2153d88f07071dcea96ad0b
-
SHA256
810a958c49bc0f18c53eeb52a56df33172d267ae116d6745626d13745ec16ef8
-
SHA512
2d4b03dfbdba1ccbdcd9620a7e32d3327c085b64afcc50fdaf6a51f4035458c5ea4b35929b937c18823652930b6b386a1fe1976872983af13fa4a425ac807f92
-
SSDEEP
24576:ngpX4KgYWafsYHWKZXuk5cd3CCmbqb6i98JeVkPxKEVsvp0Jg/al:ngSAsY2Arcd3CxqbFGUk+x0+/al
Score7/10-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
-
-
Target
LOL百思防封工具12.15/华彩联盟论坛.url
-
Size
195B
-
MD5
058c6dd31a6a2d90f0a773170084821a
-
SHA1
81fcaeb55848e7ee386522e516fd1650bff0f31b
-
SHA256
4ce090788a79b4ee816322f0fa57e7020f1108911fc6cdf1ec7b437cd2187782
-
SHA512
bd9feff103ba9c78d89da0e7205a4f9f18e3bc87b3a26a987b667124539efbd2d3b6fc26e06ff8dffac61241ae1d4915ddfe784c34c15f4b4374b358e630a3e8
Score1/10 -
-
-
Target
LOL百思防封工具12.15/华彩软件站-使用必读.url
-
Size
195B
-
MD5
584c19af540c6f9f9228f18b41c54d07
-
SHA1
5a3eee9fab9d553f5edddef0cc06630e35446dd8
-
SHA256
ee0e7e1a20dd376bd088291e97394ad8c2b43f6638e69179a288e8d2c986d9df
-
SHA512
69207b24fff3a72ed5861685a667034f9597fdd1cf1b4bce941e295f7424562db1628da32f036f9fb5f9d63ff12b3a4058bbfe38f562a9c52c46f7b310f1a2c9
Score1/10 -