06234c2ae5986e4fbdb15e8dd2012a7f46ae50bad5a0e0dc8576c99553664f01 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

06234c2ae5986e4fbdb15e8dd2012a7f46ae50bad5a0e0dc8576c99553664f01
Size

1.9MB
Sample

240526-qljwvsga4v
MD5

b87fc78faf0141befc988ad853db513b
SHA1

36514bff30a1ffca9d1e2b5a1bf6b078d6356d08
SHA256

06234c2ae5986e4fbdb15e8dd2012a7f46ae50bad5a0e0dc8576c99553664f01
SHA512

68230f1b0c676282c5cc55453b400486033448ce920c9f80767f6bb3b2582bd06af812b32f7a81d651576b25908a096a4b6e0630c2871bb1644bdf488b84993e
SSDEEP

49152:bcsH1840nSnIazs7qkudPpvyRcsH1840nSnIazs7qkudPpvyB:bVKSIaz0qkuhpWVKSIaz0qkuhps

Score

7^/10

upx

Malware Config

Targets

- Target
  
  HA_UPXShell342_2020_chenmy/UPXShell.chm
- Size
  
  20KB
- MD5
  
  b9ef63ff8c788febe7216442c5c44b91
- SHA1
  
  2083ee63d98d3b591131580031c2be1b9319a2a4
- SHA256
  
  17e7038476a8e4966498b8e846cc5c0081ca9bf52669d96914afaddf9db96009
- SHA512
  
  985c7753711aa5f9faa428a7a178b0983b0d27cc78edc2be4a6a55b9d8dd559d1ba7358916e0b99f3f5782b76b0248d922888c485e8db78128a4db9fcd30d9e1
- SSDEEP
  
  192:asOcN7pT73dq+4durrtKDxLRovR0Mrt96aHEQhsLND+yQqOjlhyRyqO7jxyRE2GD:asOcNV/3dx4dkpKNLyZ33zk7x+JTo2
Score

1^/10
behavioral1 behavioral2
- Target
  
  HA_UPXShell342_2020_chenmy/UPXShell.exe
- Size
  
  958KB
- MD5
  
  641f9f9086b659dd20452fc1434625fc
- SHA1
  
  8429f54291da3a5200bfd2f54e6aeca8892be03c
- SHA256
  
  a6b6251c672ff13b764a3dff72fc19b80de531b55194bfedcf288ac5b40058d5
- SHA512
  
  470c81cc9c34f53cbffa378cfcead556a1187f9c8357ac8a739e3fe084095a65e2d6e8c98a5a013a4c39d144d675f3f893a1c4db2d6dd3cee1e90c6719be3d7f
- SSDEEP
  
  24576:fcATHXl840NRM+ADP6iIZfv1KaMzs7qkdISmPnpN9cb:fcsH1840nSnIazs7qkudPpvy
Score

7^/10

upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral3 behavioral4
- Target
  
  HA_UPXShell342_2020_chenmy/uninst.exe
- Size
  
  35KB
- MD5
  
  ed4834949ba14d1779c6ccdbcc68dab7
- SHA1
  
  0e126e293cb9af587773f745713be2c622af99c4
- SHA256
  
  a1090a3e24c9c2f99870748dc6607f960bf5e97a406fd96776ef55f96e12ee71
- SHA512
  
  6486e88ae564f7c675b240429e41b9e94cd07c0e7742ac85d6e6873d6e14bc82e4688aba71f4a572a8186db14139ce7d1352094c6c427dcc4081c6d56bf7e8e4
- SSDEEP
  
  768:R1cVhpQI2EQK0iPDh84nScF15GYbWjXO3XJcJRnTT:/QpQ5EP0ijnRTXJcT
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral5 behavioral6
- Target
  
  更多系统软件下载.html
- Size
  
  410B
- MD5
  
  7bb7ae902ffeb8c37fe00b88fe68c1e7
- SHA1
  
  c839f12d71b57aafbdbd7bca481e9438e8801579
- SHA256
  
  8d518dfe520c4464fe9fd28724ae8d9700ab0a6e5a648f9be8a85a526b095c87
- SHA512
  
  46ccd91f2d826b19b272c1440b5f8ef7c96261e0ed8cc40d064a0ddc547400e8c35831280999ab37fb7df2a525c8c88d1d5f3e36161b0b633249c7f226b66803
Score

1^/10
behavioral7 behavioral8

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8