Overview

overview

6

Static

static

1

软件安�....6.msi

windows7-x64

6

软件安�....6.msi

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    af15ac4a12cc187a694321153c3fa650b6d12c6cf7b17b0548d64eb99a9f1a17

  • Size

    10.9MB

  • Sample

    241119-p57atswdjb

  • MD5

    4c3612d594b9337fa39a49364dbb92d7

  • SHA1

    849baf59f7f047e766a2e29e90c2180884a1dbff

  • SHA256

    af15ac4a12cc187a694321153c3fa650b6d12c6cf7b17b0548d64eb99a9f1a17

  • SHA512

    e4b687fc439375c6138def75afe60687211e210d3479287237f19997f9d316ce69e46c1ac40202745c09cda806d1ba581f3237a30ea080b90623378d3d4733ee

  • SSDEEP

    196608:tDnJ/fiVaO/pWvNGWnjssAUQUipwA42AGrvXPigon3YwiKovNS0V9SxkUq99V:dBfceN3n1HA2vIwiB80bSxkp/

Score
6/10
persistenceprivilege_escalation

Malware Config

Targets

    • Target

      软件安装包u5.2.6.msi

    • Size

      12.3MB

    • MD5

      f128e0366847f75148a914540c8d43fc

    • SHA1

      d94a75e313329d7787aeac6c6010cce8c6368bdd

    • SHA256

      570c265082d625f99c178ac6565c18798f614e97d1edbeff6fd5acbdfcafdc9a

    • SHA512

      08875de029a89d5005203883820391695355cffdb0caa819b418bea0bfe4733926a4268684b8bb8ca65777b4b448ca8c47d5028fbbefd9fcc1f0e100fe5e9d75

    • SSDEEP

      393216:e49ccZUpj4f7eUFVg9UwfegD8ZVCrnRji:VKJpEfqqVg9dfegDCVCrnRG

    Score
    6/10
    persistenceprivilege_escalation

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks