Overview

overview

10

Static

static

10

狗道周�...��.exe

windows7-x64

3

狗道周�...��.exe

windows10-2004-x64

3

驱动/E2E...��.exe

windows7-x64

10

驱动/E2E...��.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    31eadfff103e8194b9dc7dcf71f6461dc867469b6e1ba5c5b9e8341c06193d9c

  • Size

    11.6MB

  • Sample

    241121-j9cdcszpfs

  • MD5

    c7b7724d301571f07801aca2dd02fa64

  • SHA1

    20e52fb996017fa06dd32c8ab78ad26c3ba4f512

  • SHA256

    31eadfff103e8194b9dc7dcf71f6461dc867469b6e1ba5c5b9e8341c06193d9c

  • SHA512

    71b2eb625289702429661cf632950e62a8a45f30f46c39e92cb0efa5f199ec700a14f67f1bd4dc98537506d6b87ede7d71e64813b3eba3e24e1d71b6bb1f7f74

  • SSDEEP

    196608:ufm81miIMgd2tFFlB/NFRvhug5nO21tZ+6jOiYNqVfcEmEOka4n/HSBGnrDj9IV:ufm81eY3BVjvBNO217+tiYac85a4n/Hq

Score
10/10
xredbackdoordiscoverypersistence

Malware Config

Extracted

Family

xred

C2

xred.mooo.com

Attributes
  • email

    [email protected]

  • payload_url

    http://freedns.afraid.org/api/?action=getdyndns&sha=a30fa98efc092684e8d1c5cff797bcc613562978

    https://docs.google.com/uc?id=0BxsMXGfPIZfSVlVsOGlEVGxuZVk&export=download

    https://www.dropbox.com/s/n1w4p8gc6jzo0sg/SUpdate.ini?dl=1

    http://xred.site50.net/syn/SUpdate.ini

    https://docs.google.com/uc?id=0BxsMXGfPIZfSVzUyaHFYVkQxeFk&export=download

    https://www.dropbox.com/s/zhp1b06imehwylq/Synaptics.rar?dl=1

    http://xred.site50.net/syn/Synaptics.rar

    https://docs.google.com/uc?id=0BxsMXGfPIZfSTmlVYkxhSDg5TzQ&export=download

    https://www.dropbox.com/s/fzj752whr3ontsm/SSLLibrary.dll?dl=1

    http://xred.site50.net/syn/SSLLibrary.dll

Targets

    • Target

      狗道周年跳阵营工具.exe

    • Size

      4.7MB

    • MD5

      5db7a602f9769566946fe0717d6ebdbe

    • SHA1

      7c212e732023d482e920fe9013339657b5c63ce2

    • SHA256

      0a0828a1b11c53cf9119efa02549ca184af6e6708bbcb70351c056b1b9b9e26d

    • SHA512

      6be9286306bfd65bbb1a97d929d5aaa05283983b98a9696f08dd51cf2824f5c712795757cb4ad649b1a9d4e75ecd5dc4de1addc4b3a005fd47fae6af8e07f140

    • SSDEEP

      98304:rbYzWm8ZK+MLgXrPMjA3MDlFlhtjTXSNfYdtSufV/NzngxkTX1L2AwC6cJRKGK:Ptm8ZK+MsXQjA36FlhtPLBfV5fXDwzzd

    Score
    3/10
    discovery
    behavioral1behavioral2

    • Target

      驱动/E2EE.ODBC安装器.exe

    • Size

      4.8MB

    • MD5

      5251f4c9b600a325a4711cf145a6a966

    • SHA1

      a6fb4b906cbc8ed90fd50f1644ec078b3f7b619a

    • SHA256

      ff11568b5035014c309a5b33f3d167cf08df06fdaf7bc5470227d8327236cba6

    • SHA512

      9ebc865438c5b7c65672ea1b6f6ca9fa397ed31777b82e6857d4cbc69d38b14dca76258f5810684ee345b3b67a86ebc034e211050cdbf51de7ceaa039bb1b1cf

    • SSDEEP

      98304:xnsmtk2aaIFHgMC6T6F9628sPyYFivvKncMpzJOPBn:NLMG6z28whivVBn

    Score
    10/10
    xredbackdoordiscoverypersistence
    behavioral3behavioral4

MITRE ATT&CK Enterprise v15

Tasks