7882eab29859c18474d3674f7802e17c2c78616f3dc9c5afbba04bd30db1b213

Sharing

Copy URL

Twitter E-mail

General

Target

CAD迷你画图.rar
Size

37.4MB
Sample

240704-xqa8vatenp
MD5

b3104f6d8eeb7114adce2a6648b0cf6d
SHA1

4cd8fa6f07d2a3d1c7461f8b5bfb8cef4b95a97d
SHA256

7882eab29859c18474d3674f7802e17c2c78616f3dc9c5afbba04bd30db1b213
SHA512

dc012cf8f2e9e616d17749de359427c74517f75d829bffc3f6b22e1e0cb48b271a437787c7b3367822e3c099037f51542d40abd0a5361bf2cb43193124947769
SSDEEP

786432:zJOjq385hHQKU6DcSoTmEzNLxbtI2TLFMU8g6G:kt7wN6DcbJ1hIsLFJZ

Score

5^/10

link qr

Malware Config

Targets

- Target
  
  CAD迷你画图/CAD迷你画图.exe
- Size
  
  58.8MB
- MD5
  
  8618247cd1d9147e819d443b6c07cc3c
- SHA1
  
  1ba07cfc8ed6b990dfcd60a12527f7cdd8699ea1
- SHA256
  
  e623a013196f5d9c2ae248091c835fb1291a1d30f552d9fbf74af3be622a713c
- SHA512
  
  1ffa13f18da4815f6fdd548f09a599007c441980bdac448d8740abfe5458532d7de185bc8f0970c54df499c2ec7160a55936074a8d02e15b8c2c7be2dc5bc189
- SSDEEP
  
  1572864:/FcaaoFSyHS+dLzEaBo4SpF7C1lIelaoepL4XzLld6DT:/iCwWf6DT
Score

1^/10
behavioral1 behavioral2
- Target
  
  CAD迷你画图/CWSDK.dll
- Size
  
  163KB
- MD5
  
  5ac4bacf9a60686a745057d61fe91196
- SHA1
  
  daedc2346ed99d4cf21593de5e9f42ab228f204d
- SHA256
  
  4f85cfae95aa351b539da8b31ba2cef6ee6a171eb31e239bc9c17448da11b34a
- SHA512
  
  2370be1acefcc18190d93b91cfc6044ba64183e4818fda89fe07ef6bfd6cb8740fa2fb6bd8f94dfc8844e66ff7db6b621c943bee5df4e2ff3147ae2ed46ec6db
- SSDEEP
  
  3072:6zyeU8Rq7zUKaBCzwMwcxMVeQRgEQx7jIfJrFn6F8RgN0OZuvH3n8iaVni4RwV:X7IKaBCzwM4LkjIfJrFn6+80z/3n8ia4
Score

5^/10
- Drops file in System32 directory
behavioral3 behavioral4
- Target
  
  CAD迷你画图/CaptureScreen.dll
- Size
  
  56KB
- MD5
  
  f12fd0bbefee4eb156d4a14b7ad9d531
- SHA1
  
  7abdf0d026ebcab24a8b7aeff47791de7b62f224
- SHA256
  
  59b3f5ca40d9db7d942ac89b523e62b565699727cce5dfe87fba3843c74d09af
- SHA512
  
  f6a6dcf580ce2f563926af0590e9cac251350c85656cdb909e4c8b5fa9181c0d1113ba45b476cf6361f6fd066cbbd4a5ac43537b501f28dcfc9a03920f7577f2
- SSDEEP
  
  768:odfRD6I5PR+NbJp5QQBCv4YOzlolOm0paG1k8kGzYpbkCpU3hvt:odZPR+p5R+AxolOm0L1nkG+AoU3hvt
Score

3^/10
behavioral5 behavioral6
- Target
  
  CAD迷你画图/CloudMeeting.exe
- Size
  
  3.5MB
- MD5
  
  c68f78427873553b89a8e049280e4507
- SHA1
  
  78ba2284a045fff3ee75ff2cb9b54913852db6bc
- SHA256
  
  450fd13c6708e3876a60aaa4b906bba4e9fe0814d55c00dc9bf454456958b27c
- SHA512
  
  ad809b2f0c15c6a2d5d3f250a231104746dd3d45cffb3083767ff81b4f743cc65ecc2b66bdd2500d8bd5c888b9dcb215cd9ac4e00d72d8a09c780763cdb213ab
- SSDEEP
  
  98304:Yr+Ok5tv71vNfDwk4btRm5uiFLOAkGkzdnEVomFHKnPoN:M+Ok5XNbytRm5xFLOyomFHKnPoN
Score

1^/10
behavioral7 behavioral8
- Target
  
  CAD迷你画图/DWGDrawRun.exe
- Size
  
  59KB
- MD5
  
  b05f1ea54a62abb2956b8ad1cc7a59ed
- SHA1
  
  5456816d5baf0fe7cd2d16bfac6e6527f9097e7e
- SHA256
  
  b8fdf1e9035c4e322946ba2b6a0e94df95844c442c663956730a23b50ea0308c
- SHA512
  
  f99efce73e269d825c0e95ccb27a621d047f897fae7f52933274948ad9b3e173e96740f1cdccfd44885dca4be09eba6139208d2ce34c75dfd3726549e1285515
- SSDEEP
  
  1536:IF5/ETpNvAFPby+IkmMbPf65ftwdY3hhQd:2E9Kcuz65ftwdKQd
Score

1^/10
behavioral10 behavioral9
- Target
  
  CAD迷你画图/DWGGallery.exe
- Size
  
  1.2MB
- MD5
  
  773dc516e20193225dec5903e9eb7d89
- SHA1
  
  6b42a649b96a57e325e1f255919319a997675083
- SHA256
  
  e8ca4b3f5128a55e33f9113e77fccb9d445daf8a6532f544cafdedacf471ce28
- SHA512
  
  6164c80de7ba133cad050492d5c885461c31ff28f6f4cf7fd5e4087e869ea793e3c1a02d3744d2aa230f302fab2069f0e6c8644cc5c26f9e4d8d37f59be843d5
- SSDEEP
  
  12288:frvHEu+Owl0bAj+DjxQoQ9xEpqaSaXaHaUsaHa0i5po9:T/3cj+ZQoQ9xEpqaSaXaHaUsaHa00pu
Score

3^/10
behavioral11 behavioral12
- Target
  
  CAD迷你画图/DWGGalleryPro.exe
- Size
  
  2.2MB
- MD5
  
  535f2ad8fc76532fe85c7469d453a3f5
- SHA1
  
  a118885b60351bf618b9fb87ae9bcbfbf6252956
- SHA256
  
  52b3f6530722a798a15bfd8205d7514eb1c38aae84966923dc94a75fbed01ea0
- SHA512
  
  4271c08425aba7cdcd42e03684f26b37becfb6986a42a2585b1cb5fe357648d8b9fb61342094c424a0861dc10dd9befd2e94f3cb2098ffac045c3961da4a40e6
- SSDEEP
  
  49152:nf/OgXzBHsifFNkYDNMJ7n2hh3p5EUTPn7LYsSs8p:HOgjBZdNPNMJ7KHEs2
Score

1^/10
behavioral13 behavioral14
- Target
  
  CAD迷你画图/DWGViewInstall.dll
- Size
  
  91KB
- MD5
  
  f0c25c150a434f0918c8c6e087e9c41e
- SHA1
  
  06be3491fa4810320fea0ab337b717ba94bce04e
- SHA256
  
  9b67a5c58c59c84f5008ff5bd04c23b29f0ae7973d4b48642cb9fcbda042d893
- SHA512
  
  8553e0eae4939f33a516df00b320fcd30f628ea6bd77a2c54e0dd5b27d47067e3c5c5d9005000449d7b174ec071454064af80e31dc22087287327b119e9d9a57
- SSDEEP
  
  1536:ZvgOmJuUKX8x7Voy8lX9oRr3NrjJGcAkK0lxmMD1sXaIY3h9u:ZvgTJuUKMx7Vodl2RrdscZlgMD1sXa1u
Score

1^/10
behavioral15 behavioral16
- Target
  
  CAD迷你画图/GeoSymLib_Res.dll
- Size
  
  24KB
- MD5
  
  e9582f5a931ec0d7a4dbfe15abb00830
- SHA1
  
  8e4518b52ae313d42556b2eecbbbddc09e7aa4d6
- SHA256
  
  56fe676506482caa553d36bd9017646fbd2a001b2ac0dd8657014072cde41383
- SHA512
  
  8dc05adafdd849e81e27c52f525062baaf3ecb878fc111855092386a11e98b9f85512011e45bde5f4c4a0ad33bf1d87d142baa33f987a3054434654ddd818a43
- SSDEEP
  
  384:iFQQgyOv3PVYJVZXnYPL1phdpt9Sx8JN77hhJD:iFQQpy3dYJXXYphdp3f3hzD
Score

1^/10
behavioral17 behavioral18
- Target
  
  CAD迷你画图/ProDfsShlExplus.dll
- Size
  
  2.0MB
- MD5
  
  88482877799f2d68ca0beaf36d679838
- SHA1
  
  d8cfcd5575363daf2352d5f54216cbe74dd92341
- SHA256
  
  9fc20a888236e1918a195f23b269c0b031f0c6ec8ce796e9aea28c0f43455fdd
- SHA512
  
  831f42a56231bf6f83078cba05c1f7f06e1316f49a63d5c7cda6323f05a69a139d03ab7b2d74cd3bc84e74a2cd3507c2812b42a1f45ff88cb4f6fd83d6fe2dfa
- SSDEEP
  
  49152:+vHQ10oc+LODj31iPgcWAJ+jDCb5tgqtKQKXn+sJ8NTQEoKt:+Q10oPODDEP9J+jDCb5t2QKXZ8NTQE3t
Score

1^/10
behavioral19 behavioral20
- Target
  
  CAD迷你画图/QRGenerator.exe
- Size
  
  42KB
- MD5
  
  da75aac26fe5b0e5df48f5daebd2490f
- SHA1
  
  1843d0c45cfed281cca172e624a323d3532a7a4f
- SHA256
  
  d583785025df76facc584d56314a258d6a2fe52fedb5bb6e6a2b9da3dd5d14bb
- SHA512
  
  10d87e6d45bbd5feb0eb414d32c9cf075c433a1029e56bae1534b1291ccc02ae1ff95df38f7cdb4f9f3fc7299b9bc809fd302cd562953fbe6e3afd1827d0fcb6
- SSDEEP
  
  768:MSKOeI0QS84vLvAwmKSx6mZt3SC51X8IwYpip63hF8:MSK7I0Qe2fCgXnI63hF8
Score

1^/10
behavioral21 behavioral22
- Target
  
  CAD迷你画图/SkinControls.dll
- Size
  
  137KB
- MD5
  
  6d01a6c7d6d1f37c07aba23485fcb214
- SHA1
  
  384f2c2e13e5ead09216ba474091b841f3de06c3
- SHA256
  
  fde851c24cc7d9437632182545c104addfb4e84f71896fcf276f2df1f61376d0
- SHA512
  
  4f3edb4676c828b9e32921f13e0cc00e7ac080dd458c616fe41ce3927cdaff4b2ebffe9a98c0bb13893468d354379e03586497e2723aa02fb6144f8120a18d65
- SSDEEP
  
  3072:QoGlwbDSqZAVOsKmY2s29IgOBvpIMxCZHnUpa5Lc:QoGOy0sKmHOBvpOZH6gc
Score

3^/10
behavioral23 behavioral24
- Target
  
  CAD迷你画图/Skins/ad/loading.htm
- Size
  
  1KB
- MD5
  
  3f7a3f04984e989da16e6ee79b77dbc5
- SHA1
  
  19baa962cc8bc56e84253f6b8b5bc64ab2d64c25
- SHA256
  
  054ce9ae92d4867b2605e8eebe446608c44c12a949ac8281c19cdc6ffea2492d
- SHA512
  
  83e50afb949a41d2fc00ec96a33789513440e3286f77d1972e5711f3525d36d7f086af7f1067460cb50ec021005b259ca633152bb8815e8bd44c5568b511124a
Score

1^/10
behavioral25 behavioral26
- Target
  
  CAD迷你画图/libcurl.dll
- Size
  
  271KB
- MD5
  
  ffa35d67d3bedc686d9dafda2f470f0e
- SHA1
  
  2bafc7e20a75a7f905154de486baeb61730832ce
- SHA256
  
  614f75e15cb3103c105988c4b4bfe7b0b7b8594e08c91a66359b8b732b6a3ac2
- SHA512
  
  5f2269325e2046eb3ce20b16d28046d27718aa1f93fe86ea57f290b5be6f67f34d53f735199a01d2c97c64bdb05b14cafe7163b35bfe4c84f803c69dbfa505a2
- SSDEEP
  
  6144:OowDwI8+DMP4ZpATqRQEWBH3VOCBW71edpK5GF3:O/y+u9qgNksc1K3
Score

1^/10
behavioral27 behavioral28
- Target
  
  CAD迷你画图/mfc100u.dll
- Size
  
  4.2MB
- MD5
  
  f841f32ad816dbf130f10d86fab99b1a
- SHA1
  
  0f8b90814b33275cf39f95e769927497da9460bf
- SHA256
  
  7a4cfbce1eb48d4f8988212c2e338d7781b9894ef0f525e871c22bb730a74f3e
- SHA512
  
  6222f16722a61ee6950b6fbcbe46c2b08e2394ce3dd32d34656faf2719e190e66b4e59617c83f117ad3793b1292a107f275087b037cf1b6e4d9819323748079a
- SSDEEP
  
  98304:zge9f+eJ5LbHVlaHqQ1NaXJw9QxCqk23i3ggGe9SfcoLDPiHkKos7FLOAkGkzdnR:zxf5cBudLps7FLOyomFHKnPAw
Score

1^/10
behavioral29 behavioral30
- Target
  
  CAD迷你画图/msvcp100.dll
- Size
  
  411KB
- MD5
  
  03e9314004f504a14a61c3d364b62f66
- SHA1
  
  0aa3caac24fdf9d9d4c618e2bbf0a063036cd55d
- SHA256
  
  a3ba6421991241bea9c8334b62c3088f8f131ab906c3cc52113945d05016a35f
- SHA512
  
  2fcff4439d2759d93c57d49b24f28ae89b7698e284e76ac65fe2b50bdefc23a8cc3c83891d671de4e4c0f036cef810856de79ac2b028aa89a895bf35abff8c8d
- SSDEEP
  
  12288:iHEqYsrMWIqz473PTiPoH/aGhUgiW6QR7t5qv3Ooc8UHkC2eKq87:iH9YsIWIW4rPTiPofaDv3Ooc8UHkC2e8
Score

3^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32