Overview

overview

8

Static

static

8

账号密...ls.exe

windows7-x64

8

账号密...ls.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    账号密码表.xls.exe

  • Size

    1.5MB

  • Sample

    220805-jpt3nshfep

  • MD5

    2d2e2831ae6351fbee7810bfc0d10955

  • SHA1

    52a95894b8551743058a1bfe56e38919f43819c4

  • SHA256

    ffeb7d694c82c2dfa5344d082b61386561202ccde69fc11257916b0da515c922

  • SHA512

    239d6ad7b0654146b8c5c08a9b2f07a770cfb0ddabbbcad03109f82b0e78494f80097a98de7d55487f90f41ac25e09f028b12f60c5fc30863d1c871dfbff8eb5

Score
8/10
upx

Malware Config

Targets

    • Target

      账号密码表.xls.exe

    • Size

      1.5MB

    • MD5

      2d2e2831ae6351fbee7810bfc0d10955

    • SHA1

      52a95894b8551743058a1bfe56e38919f43819c4

    • SHA256

      ffeb7d694c82c2dfa5344d082b61386561202ccde69fc11257916b0da515c922

    • SHA512

      239d6ad7b0654146b8c5c08a9b2f07a770cfb0ddabbbcad03109f82b0e78494f80097a98de7d55487f90f41ac25e09f028b12f60c5fc30863d1c871dfbff8eb5

    Score
    8/10
    upx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

3
T1012

System Information Discovery

4
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks