Overview

overview

7

Static

static

3

FiveH.zip

windows11-21h2-x64

7

TD_Premium...ed.exe

windows11-21h2-x64

1

TZProject.exe

windows11-21h2-x64

7

chrome.exe

windows11-21h2-x64

5

Sharing

Copy URL
Twitter E-mail

General

  • Target

    FiveH.zip

  • Size

    13.1MB

  • Sample

    241119-qq82js1nfn

  • MD5

    16d057034a04567146a574a7a0ef93a5

  • SHA1

    fb9aedccbcc07d4f50513f6e1dfac6ddbc5d1dec

  • SHA256

    16ac090278a8ba3b12405795723b0010f5dc8a34efa873adb134ce8e4fd5cf17

  • SHA512

    24727a9d6fa61b5f61851e3d75f29a55e4d15fc8f59af891355bd1075f85b67bb5440d502812d02b47cc40212430081b4eafc938f4cd356314103e7c0b310564

  • SSDEEP

    393216:bAYOijkY0NWWMO45eqrQTYR0wpCUWFBtA+SJD:bpAYnr5eqrQTbwspFTAND

Score
7/10
pyinstaller

Malware Config

Targets

    • Target

      FiveH.zip

    • Size

      13.1MB

    • MD5

      16d057034a04567146a574a7a0ef93a5

    • SHA1

      fb9aedccbcc07d4f50513f6e1dfac6ddbc5d1dec

    • SHA256

      16ac090278a8ba3b12405795723b0010f5dc8a34efa873adb134ce8e4fd5cf17

    • SHA512

      24727a9d6fa61b5f61851e3d75f29a55e4d15fc8f59af891355bd1075f85b67bb5440d502812d02b47cc40212430081b4eafc938f4cd356314103e7c0b310564

    • SSDEEP

      393216:bAYOijkY0NWWMO45eqrQTYR0wpCUWFBtA+SJD:bpAYnr5eqrQTbwspFTAND

    Score
    7/10
    pyinstaller

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1

    • Target

      TD_Premium-Cracked.exe

    • Size

      1.1MB

    • MD5

      53f178ea0c14b901bc30cc22687d384d

    • SHA1

      b27c9ced6419575d18e0be9a79985a1937a0e8c9

    • SHA256

      f2b707c3cf25fd49571811650b22df7f568b5cdc0c83988094599d0ece04e6c2

    • SHA512

      02aa780af3f9d7cac30dab4718d3e6ec8a71945e022e0f56804f7016396ee2068df018f461b05c580e2555ed5de1c139a9cd30bae3475b4cd7c5ac19b284ea3d

    • SSDEEP

      24576:bgnFJEsu/wiCE7ljNGuhTVU7wgqWJGOyNjbBnT5FW:0nFJEsuoh6WRnGBl1nN8

    Score
    1/10
    behavioral2

    • Target

      TZProject.exe

    • Size

      7.9MB

    • MD5

      f5b6e3497d19e52fb7fa80b74cf3416b

    • SHA1

      305f4579e47bb868ab66caef431a3f9b423496ce

    • SHA256

      53de833dce56fe03194add51c34ff41ed0825618cdd7ec776e6a1d9ecde51291

    • SHA512

      a3fdb1553d316b5c22d44fdf90921e99a36b390d89cf708a4026e79a17dad39db41a4d75c05eb7fccae52cdc1159e32a332ea6ab2455ebca8dc92fa43b3f1a17

    • SSDEEP

      196608:XcwY8XMCHGLLc54i1wN+VPIcu9KYK39shSEo3PPBuMRRd5cx:MmXMCHWUj6cuId9/PBuUO

    Score
    7/10

    • Drops startup file

    • Loads dropped DLL

    behavioral3

    • Target

      chrome.exe

    • Size

      5.2MB

    • MD5

      b14199b7917f2b34868fddb585801474

    • SHA1

      a207f61c1affb9fe2cdbc10a97b12278c5632719

    • SHA256

      f434bad743194cf3a12ea85a4b81cb92c711a021e3193ed5cc0b18851657fd38

    • SHA512

      e80ef20dcebe56b54fe18b460f847132a2d90434e38ccbfc5132e46f440b13f191092549ad747c4f728fd95e8972b1fee2639e1496851ba46dca2a73ba2d2e4e

    • SSDEEP

      98304:KAu950EIvLNIAayheiJdsLaJIkMdXq6cFwSXEnPRmheYjF4hWQE69/H4:K+ESLNIAayXJds2jMd5cFwSK7YjF4hWE

    Score
    5/10

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral4

MITRE ATT&CK Matrix

Tasks