1dff50e5e24f1639842ed11500efc704d6c78ddf832c6975a145009bd45a6130 | Triage

Submit
Reports

Overview

overview

7

Static

static

7

一键关�...��.exe

windows7-x64

1

一键关�...��.exe

windows10-2004-x64

1

一键关�...��.exe

windows7-x64

7

一键关�...��.exe

windows10-2004-x64

7

DefenderCo...ol.exe

windows7-x64

7

DefenderCo...ol.exe

windows10-2004-x64

7

Sharing

General

Target

1dff50e5e24f1639842ed11500efc704d6c78ddf832c6975a145009bd45a6130
Size

9.4MB
Sample

240915-yjes5azfjg
MD5

e182d0b8f22d2c7f6281e93dcec88ae1
SHA1

251f0e6b32cd42f50e8d54c5a0d32e91a084422f
SHA256

1dff50e5e24f1639842ed11500efc704d6c78ddf832c6975a145009bd45a6130
SHA512

70f258520b4413349945999e0de113474be7723eccd1cf9c1dab81b40ed6881f03f116437fb2d007deb1c7974c2ec9bc6e9cff8a37a892b066c11eea3abeb7c2
SSDEEP

196608:6mhtu/DNk4FKx2xn188p56lOYQlNMH88Virrsmp0C4PoQ0pkzMP+pZm3eHcCT52P:NGD/Qx2J1jx8HZiHrp0tPoQ0pM1A3e8x

Score

7^/10

discovery upx

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

一键关闭win杀毒软件的工具/一键关闭windows defender工具.exe

Resource

win7-20240903-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

一键关闭win杀毒软件的工具/一键关闭windows defender工具.exe

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral3

Sample

一键关闭win杀毒软件的工具/关闭Windows Defender Service工具.exe

Resource

win7-20240704-en

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral4

Sample

一键关闭win杀毒软件的工具/关闭Windows Defender Service工具.exe

Resource

win10v2004-20240802-en

windows10-2004-x64

9 signatures

150 seconds

Behavioral task

behavioral5

Sample

DefenderControl/dControl/dControl.exe

Resource

win7-20240903-en

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral6

Sample

DefenderControl/dControl/dControl.exe

Resource

win10v2004-20240802-en

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  一键关闭win杀毒软件的工具/一键关闭windows defender工具.exe
- Size
  
  209KB
- MD5
  
  6c3e80698988e854d8acec04665ab867
- SHA1
  
  0b460b2ed05aa3540a66c54ceeaee88051c8f5f5
- SHA256
  
  d97319994f6ff53d32b4a06804a7e234516aa17b257a5976281a3f48dcac15ea
- SHA512
  
  8ea1124dfac6737fc5ca693605309ee8ca86211595529d126b4f342658258923bb7226be5724ae7253d5f00a67753dedf5c9a2fde50922f5487b8b9787c4eb71
- SSDEEP
  
  768:33uIAZ95dkfpS5oSAyF9DB27dStPsQ+TxuKOgMBRCpzdkfpS5LgAbun5tobp5:33+Zlk+0pFuZlC/kfQp5
Score

1^/10
behavioral1 behavioral2
- Target
  
  一键关闭win杀毒软件的工具/关闭Windows Defender Service工具.exe
- Size
  
  16.6MB
- MD5
  
  4efeccf71d4d2d6c9a208f757ae1fb63
- SHA1
  
  71ce8aee46c946d9907b8e4ac9e1698e820754f6
- SHA256
  
  5605621ca26715623bcbae9ba1db1031f5b635395205a33db076a1b899e85eb5
- SHA512
  
  cc12be200e5aa9340a09aac8b2c1367b69d117a3512cfa68fa78c58feb8d048526e33720f587cd0784850f18ef8ae510465a496c0d04b4fc1f3587f63f9692cf
- SSDEEP
  
  393216:MCUwPwE8zHFqxfKsNps7FoPbnXLQfl9Mt2lro:MCU6784xys/5/Qfl9Mt2l0
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral3 behavioral4
- Target
  
  DefenderControl/dControl/dControl.exe
- Size
  
  447KB
- MD5
  
  58008524a6473bdf86c1040a9a9e39c3
- SHA1
  
  cb704d2e8df80fd3500a5b817966dc262d80ddb8
- SHA256
  
  1ef6c1a4dfdc39b63bfe650ca81ab89510de6c0d3d7c608ac5be80033e559326
- SHA512
  
  8cf492584303523bf6cdfeb6b1b779ee44471c91e759ce32fd4849547b6245d4ed86af5b38d1c6979729a77f312ba91c48207a332ae1589a6e25de67ffb96c31
- SSDEEP
  
  6144:Vzv+kSn74iCmfianQGDM3OXTWRDy9GYQDUmJFXIXHrsUBnBTF8JJCYrYNsQJzfgu:Vzcn7EanlQiWtYhmJFSwUBLcQZfgiD
Score

7^/10

discovery upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- AutoIT Executable
  AutoIT scripts compiled to PE executables.
behavioral5 behavioral6

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

© 2018-2025

Terms | Privacy