5b0d995008c6a7972963f45c27f2be4c21ec1e6baf4e72bae7cc0068d3906596 | Triage

Submit
Reports

Overview

overview

7

Static

static

7

东坡软�...��.url

windows7-x64

1

东坡软�...��.url

windows10-2004-x64

1

造梦西�....1.exe

windows7-x64

7

造梦西�....1.exe

windows10-2004-x64

7

Sharing

General

Target

eac044175d02a37c60492538b742f26b_JaffaCakes118
Size

3.6MB
Sample

240919-g421qavfjl
MD5

eac044175d02a37c60492538b742f26b
SHA1

526bb36d594b192233dfc85fa8af8bb1f1d51ada
SHA256

5b0d995008c6a7972963f45c27f2be4c21ec1e6baf4e72bae7cc0068d3906596
SHA512

1b6170af3ee39e46e03f650c1ac86461a291ea2748418864a12931c2697e450425eaf006255ac5662045da788336bddccaadcf3b098c329b0a63a0b020e6a41e
SSDEEP

98304:Ru7vzSEryJ9tRNSLoVHrhIpF0gx+ra8Mru+mL/:RopYNbBhIAdadC/

Score

7^/10

discovery upx vmprotect

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

东坡软件下载.url

Resource

win7-20240903-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

东坡软件下载.url

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral3

Sample

造梦西游5武神辅助1.1.exe

Resource

win7-20240903-en

discovery upx vmprotect

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral4

Sample

造梦西游5武神辅助1.1.exe

Resource

win10v2004-20240802-en

discovery upx vmprotect

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Targets

- Target
  
  东坡软件下载.url
- Size
  
  219B
- MD5
  
  122e953f3a92541c27cc62db2d9bb0f7
- SHA1
  
  5c85d98b4bce0daac9631297ddb00b005161d131
- SHA256
  
  5bf9390d32df4da5ddb91425fc5002768a85305964a8e0cb8eda391b4b6511dd
- SHA512
  
  77240964186d2e9c9c73ed6bf13edccaeb40c0d8cbf477080c9a40a76d044964330e97421e4b45818bfbb2688e6bfaf6720a52f2efdd3b944f3624b1b5767583
Score

1^/10
behavioral1 behavioral2
- Target
  
  造梦西游5武神辅助1.1.exe
- Size
  
  3.7MB
- MD5
  
  bf0a6b2047b1278885a185568b384625
- SHA1
  
  ff790c5a4f4eff5f91ca3ab9266be2758f01ea0b
- SHA256
  
  d5143eb62fd8df693961220955ae76d0c32b2cf50d7cce470d81cb1821654869
- SHA512
  
  bb9fd83a4d16bc4060f4dc4b3e2ff20c4d71ad40b5db9358c422426cece70e3fb48cef405b3cb3da13c79d72a244dae72817e0b06bc00d2a1a61d0e25bdd9503
- SSDEEP
  
  98304:t7pJchxq0t9bNM+SWTR9fkOc7XNqQyV0:7JIB95BSeR25qQyV
Score

7^/10

discovery upx vmprotect
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- VMProtect packed file
  Detects executables packed with VMProtect commercial packer.
  vmprotect
behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

discoveryupxvmprotect

behavioral4

discoveryupxvmprotect

© 2018-2025

Terms | Privacy