Overview

overview

10

Static

static

1

比特64-7.0.1.exe

windows7-x64

7

比特64-7.0.1.exe

windows10-1703-x64

7

比特64-7.0.1.exe

windows10-2004-x64

7

比特64-7.0.1.exe

windows11-21h2-x64

10

Resubmissions

19/07/2024, 13:57

240719-q89e2avbmk 10

19/07/2024, 13:52

240719-q6kc5axgnc 7

Sharing

Copy URL Twitter E-mail

General

  • Target

    比特64-7.0.1.exe

  • Size

    224.5MB

  • Sample

    240719-q89e2avbmk

  • MD5

    2091241627b2fd51f629306946cadb76

  • SHA1

    e4fccb1633cc41ef3c395b1ba5f55fe8e3525a3f

  • SHA256

    43a584ec19f7762207009768bc4c107f8fb75707718f05cf73bc34a41da39019

  • SHA512

    a13bb552a77753480cb8327eda6a5e911737f5ac33047b7ba06b326ae03cb35a3e879762d014e7a0dc6bdd226d358c2c8fa22a46f08900d95c41340063912613

  • SSDEEP

    6291456:E4tc1UG4aJEPpyy4axHx4WKwc5XOYX5CUbAOgOgls:E5EPpyy4axiWbrUbAOghs

Score
10/10
discovery

Malware Config

Targets

    • Target

      比特64-7.0.1.exe

    • Size

      224.5MB

    • MD5

      2091241627b2fd51f629306946cadb76

    • SHA1

      e4fccb1633cc41ef3c395b1ba5f55fe8e3525a3f

    • SHA256

      43a584ec19f7762207009768bc4c107f8fb75707718f05cf73bc34a41da39019

    • SHA512

      a13bb552a77753480cb8327eda6a5e911737f5ac33047b7ba06b326ae03cb35a3e879762d014e7a0dc6bdd226d358c2c8fa22a46f08900d95c41340063912613

    • SSDEEP

      6291456:E4tc1UG4aJEPpyy4axHx4WKwc5XOYX5CUbAOgOgls:E5EPpyy4axiWbrUbAOghs

    Score
    10/10
    discovery

    • Suspicious use of NtCreateUserProcessOtherParentProcess

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2behavioral3behavioral4

MITRE ATT&CK Enterprise v15

Tasks