2549f40e75b7518689a795f55cea3f2ac7c4027faa75f7736727377183dc3a86

Sharing

Copy URL Twitter E-mail

General

Target

2549f40e75b7518689a795f55cea3f2ac7c4027faa75f7736727377183dc3a86
Size

1.8MB
Sample

240829-mbn62sweje
MD5

ba577e011d392ea4742f5ca37a222793
SHA1

2efe5c17f36ed727f7466f492adffa0eabc15d2d
SHA256

2549f40e75b7518689a795f55cea3f2ac7c4027faa75f7736727377183dc3a86
SHA512

d7b880887646b76730b63234257baf77ccebe44546e2558d3a62bf814b31fb03c48579abaf8a3f8ef168240850dda2483df30fd7731585a7ace958a0be27f099
SSDEEP

49152:QTMYIKahs2p5eqwvkMaz85rq5hdjDKCm1ZAO4bwG2j8VUYJD:QTJos2feqVyrkzDKfqDbwG2joX

Score

7^/10

Malware Config

Targets

- Target
  
  TCP&UDPԹ/TCPUDPDbg - Shortcut.lnk
- Size
  
  1KB
- MD5
  
  6644dbff30ad2b4b6085e41a51388f0d
- SHA1
  
  5f1616f0ca10a9e4efe3bf8ed7e93536b5473d54
- SHA256
  
  443cab0a9b7fd07094d8fc9cc9fa3cab1964ec1bb5cd2dbd70db73811146d038
- SHA512
  
  1305dc92d69c07aaf0ccd124d15f35f06df89ce302385487ec2fbc647c0408c8ce23653ed3d05f3465a6fc125ce5c1c63685dd47714e48cd9e37be804ea5dcaa
Score

1^/10
behavioral1 behavioral2
- Target
  
  TCP&UDPԹ/TCPUDPDbg.exe
- Size
  
  148KB
- MD5
  
  05df9f0e3982641a755e505d5b740c61
- SHA1
  
  5756e29ada6b36d76700ab140861de86bffafb0a
- SHA256
  
  9213892f3096ebac669f254fa3cb26cb7f8b6a33273044fed4f845571c17d361
- SHA512
  
  5f4d6b4c1b19be16267129e394ef66c8156b4d67a1389383338f0505742a94ded5c09ad9e24e14f2eb69b12300b63e15e6380079690ca5b2b6677f3f6a9c8c0f
- SSDEEP
  
  3072:l4TO2vMJDWBjvCOur4OP6AFobKImGyrJ0GALvhs2sbM0gVwD:W6O64yrFwt++xsD7
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  TCP&UDPԹ/XTP9700Lib.dll
- Size
  
  2.6MB
- MD5
  
  ead2b5b05d23b1af184fc31795ed277e
- SHA1
  
  e179491054378a36c3f6ab02d2dd94245ccb3d05
- SHA256
  
  c0fea75a41fac116aae211053dbb62a751391cc3423e7dc1a0737d382958abc2
- SHA512
  
  519d7f904a9ac2688e02c2e1b96b0b018ee9d95f28e0c4aae5a8df37af63ebbd50a16c7bcb32252b3b12d6e2b4b2c713e838370fe6e2149da2cb604da6154a7e
- SSDEEP
  
  49152:l5q1k6fwUaA5Cpsx+DGgxVKqx3UQI3V5pPLEsLL/eQUyAYLr:XruwUrbTpPLE2/z
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  TCP&UDPԹ/config/intro.htm
- Size
  
  1KB
- MD5
  
  542adf79c530a89b402de8fc80fc62f0
- SHA1
  
  c58c839f96bcb48744ae9486b92519623dad46af
- SHA256
  
  3b8538ed6986df4b8627dc1df13e4279f1163eba79cff39313d4c8cd7cbd19c1
- SHA512
  
  f549c710cd16140d4399861ee18dae59ffa2dfd3f5e205117a69b5b45ce2f01271832053f8d1fa09e6d78bd295145bad485bf13164e368224262b302275676af
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  TCP&UDPԹ/uninst.exe
- Size
  
  58KB
- MD5
  
  997d4a1d92ce7a15521fd5d8702268c4
- SHA1
  
  2a7c4fc3c5831dfef3c19e8b9e6581353ff8b1f8
- SHA256
  
  86292932afb4dd2e365d4ffe16294ad494c032ee508c1e0db48c2bf2af3024c1
- SHA512
  
  83a91f53e3ea928a6b3c570ffbad727fc09a4b1e276641129ca5e9867d3d921878c4b88292cc01841c49f130bc2443509901e9c4311c03afa4396e25bd32a1f0
- SSDEEP
  
  768:KFanSb4pR38buHvhJr8LmTwfh1FjvAmRCV0D3iFoHLLkkJdOQc142FtWwSICP8n7:tSUquHvjjTcf9lIV0DikJkQcREYRNXgw
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  TCP&UDPԹ/update.EXE
- Size
  
  627KB
- MD5
  
  a10d97ee1cd437f38a710b30ad211ed4
- SHA1
  
  53df6afc483436b7ccccd31cba87849c27ef6c78
- SHA256
  
  8330cafd230fd24643930a0a05b11f80e0fe3928a81a3e60151cf860d212dab8
- SHA512
  
  03f47ff9d3e703d02283522a23b92e9f9128b3c050522a92e7909426059b5e9a48ca023b8bde40996ef416161b7fd53c45dbfee5c8d57e4c5672c000285a8548
- SSDEEP
  
  12288:dhKomDgVAXL0heCP//yhsuMwzUQymuHYTd21fvn1578uxF4gRjK:dNMgVAQBKhsuXHy3HYTdKv1577F4e
Score

7^/10

discovery persistence privilege_escalation
- Event Triggered Execution: Component Object Model Hijacking
  Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
  persistence privilege_escalation
behavioral11 behavioral12