Overview
overview
10Static
static
3maizu hack v1.4.rar
windows10-1703-x64
3maizu hack...me.txt
windows10-1703-x64
1maizu hack...er.dll
windows10-1703-x64
1maizu hack...fg.dll
windows10-1703-x64
1maizu hack...im.dll
windows10-1703-x64
1maizu hack...er.dll
windows10-1703-x64
1maizu hack...ng.dll
windows10-1703-x64
1maizu hack...2p.dll
windows10-1703-x64
1maizu hack...nd.dat
windows10-1703-x64
3maizu hack...in.dfb
windows10-1703-x64
10maizu hack....4.exe
windows10-1703-x64
10maizu hack...br.dfb
windows10-1703-x64
3maizu hack...er.dll
windows10-1703-x64
1maizu hack...on.dll
windows10-1703-x64
1General
-
Target
maizu hack v1.4.rar
-
Size
403KB
-
Sample
240701-qk8tlaxckm
-
MD5
45768dbe40703c4545fc0c1a0f431019
-
SHA1
68c53d26c48f31bd61042f8b7071c5bb6b78b0da
-
SHA256
cb1bcf331721008e6dd6b46cd0f1880612374d54403836f43f264f924789e610
-
SHA512
c984cc4032e0d276d63a34bc03563f422ca3e258a72a9d734304662b268577af873b33f5bfdc3f8a7e2e34ddd391c99a436a865842b502a9649a141242355a4a
-
SSDEEP
12288:GJwSrUZSQmEyLvIg8eoCrOT70Xr1w4pLZgeOTn+:GWeUZSQZCXo7wXrmSLmDa
Static task
static1
Behavioral task
behavioral1
Sample
maizu hack v1.4.rar
Resource
win10-20240404-en
Behavioral task
behavioral2
Sample
maizu hack v1.4/Read me.txt
Resource
win10-20240404-en
Behavioral task
behavioral3
Sample
maizu hack v1.4/app/apper.dll
Resource
win10-20240404-en
Behavioral task
behavioral4
Sample
maizu hack v1.4/cfg.dll
Resource
win10-20240404-en
Behavioral task
behavioral5
Sample
maizu hack v1.4/data/aim.dll
Resource
win10-20240404-en
Behavioral task
behavioral6
Sample
maizu hack v1.4/data/fover.dll
Resource
win10-20240404-en
Behavioral task
behavioral7
Sample
maizu hack v1.4/data/setting.dll
Resource
win10-20240404-en
Behavioral task
behavioral8
Sample
maizu hack v1.4/data/vkfow2p.dll
Resource
win10-20240611-en
Behavioral task
behavioral9
Sample
maizu hack v1.4/dimaind.dat
Resource
win10-20240404-en
Behavioral task
behavioral10
Sample
maizu hack v1.4/main.dfb
Resource
win10-20240404-en
Behavioral task
behavioral11
Sample
maizu hack v1.4/maizu hack v1.4.exe
Resource
win10-20240404-en
Behavioral task
behavioral12
Sample
maizu hack v1.4/sociebr.dfb
Resource
win10-20240404-en
Behavioral task
behavioral13
Sample
maizu hack v1.4/updater.dll
Resource
win10-20240404-en
Behavioral task
behavioral14
Sample
maizu hack v1.4/version.dll
Resource
win10-20240404-en
Malware Config
Extracted
lumma
https://piedsiggnycliquieaw.shop/api
https://potterryisiw.shop/api
https://foodypannyjsud.shop/api
https://contintnetksows.shop/api
https://reinforcedirectorywd.shop/api
Targets
-
-
Target
maizu hack v1.4.rar
-
Size
403KB
-
MD5
45768dbe40703c4545fc0c1a0f431019
-
SHA1
68c53d26c48f31bd61042f8b7071c5bb6b78b0da
-
SHA256
cb1bcf331721008e6dd6b46cd0f1880612374d54403836f43f264f924789e610
-
SHA512
c984cc4032e0d276d63a34bc03563f422ca3e258a72a9d734304662b268577af873b33f5bfdc3f8a7e2e34ddd391c99a436a865842b502a9649a141242355a4a
-
SSDEEP
12288:GJwSrUZSQmEyLvIg8eoCrOT70Xr1w4pLZgeOTn+:GWeUZSQZCXo7wXrmSLmDa
Score3/10 -
-
-
Target
maizu hack v1.4/Read me.txt
-
Size
171B
-
MD5
50f5f8213d683d87ef0f2b518f1f3441
-
SHA1
1f2314548a89fc9d730f309c29f2a8c4a71c6b5e
-
SHA256
6e801521644c758a9c8c4e7834f5925d25f28cb1c94285c99163200d6627c37c
-
SHA512
98163d2392ad1a3c72d1df4ff9b2bc47ad4f5fbf10f784722e3149854a4977e8f26b99ef7ebd55290604d50ce362284f30416c959e214f5601a886d3adc6891b
Score1/10 -
-
-
Target
maizu hack v1.4/app/apper.dll
-
Size
84KB
-
MD5
ed0e1f5710b2bf5b3ca3136cd308cc23
-
SHA1
da966bf237ac052116366eb0616fae2cf36fee18
-
SHA256
57b5197e11101c2e06bdd86d238fbb6c8a3ea565591ca9648200c3ee3a03dbc2
-
SHA512
6b1274f6300074a8b765f16b54947aded0fc1bff4e6feb798ff17977f9149bff25f7e63f8cd2a1ad793b01d1345a9ba054c5e578b6dbdc9b30ab95439fdf412c
-
SSDEEP
3:H:H
Score1/10 -
-
-
Target
maizu hack v1.4/cfg.dll
-
Size
118KB
-
MD5
dfeaa87a10db2d555593e92f295f5a25
-
SHA1
67e42c9b61e56e33fc6d7ab94ca921860628819e
-
SHA256
36cc45bfe3b63ea42af564dd2c221219f7fb2e3f3ce93ca8cba3a53539bceb0f
-
SHA512
891002e2a94dce513706709dad5e78419f3205cc8e102b048ed4d405a84fa5c211711a0b9cc311cc69f6602681dd7da8ac3cc1760828c374b06d51e203872062
-
SSDEEP
3:H:H
Score1/10 -
-
-
Target
maizu hack v1.4/data/aim.dll
-
Size
594KB
-
MD5
34d2ae40522c8aca067172f3108d4bac
-
SHA1
0632a56c3d0fa2b6d46ec689c83c8a7465099012
-
SHA256
0416210832c265bd2bad1319c65478194ec64789a7587cb35b51d1b4869586ed
-
SHA512
372639c3c4532b83d11988b6bc58f81e3a90b1dfd8da98f400e620fe9fe4eb8f2c7c2e3dc91708cd615b82e35374665c3601190091f4a597a553d5613b0f20ac
-
SSDEEP
3:H:H
Score1/10 -
-
-
Target
maizu hack v1.4/data/fover.dll
-
Size
67KB
-
MD5
decaca5914d4409681c179f0f2a314f3
-
SHA1
2a446b3ac2b9c8ec1b53da9a1a45197052a11602
-
SHA256
4d32733ccac8b13505472b3b107e5fcd313d8e192433997dfd5f33548d4245b7
-
SHA512
baa51713b9fedd13d2b02f139cdf656bd1ba3a7fffd320f75b3e2b98ca6bdf114c6bfa7fc01b59c79a7603db0906a7d8a520b79092d3e51e6b22626be6130986
-
SSDEEP
3:n:n
Score1/10 -
-
-
Target
maizu hack v1.4/data/setting.dll
-
Size
135KB
-
MD5
55b437f743590610be2a2501cf2c1582
-
SHA1
41b7e82ab633aa3e8ae7dfbad1e716d730a08a93
-
SHA256
d75c63c3cd03ee4000fe06115b4f03d60d18e075a29ff455ea6ce2c0a6add84f
-
SHA512
c11d58d2b9a469d2a0203808cb731bf4b1c6c3052a4d308ca0f9a1148c53d7daeba0dd761408880c0bffc82cecb2a83b8097d42faab1816819dde1d049fcae85
-
SSDEEP
3:n:n
Score1/10 -
-
-
Target
maizu hack v1.4/data/vkfow2p.dll
-
Size
118KB
-
MD5
dfeaa87a10db2d555593e92f295f5a25
-
SHA1
67e42c9b61e56e33fc6d7ab94ca921860628819e
-
SHA256
36cc45bfe3b63ea42af564dd2c221219f7fb2e3f3ce93ca8cba3a53539bceb0f
-
SHA512
891002e2a94dce513706709dad5e78419f3205cc8e102b048ed4d405a84fa5c211711a0b9cc311cc69f6602681dd7da8ac3cc1760828c374b06d51e203872062
-
SSDEEP
3:H:H
Score1/10 -
-
-
Target
maizu hack v1.4/dimaind.dat
-
Size
509KB
-
MD5
1040f641d8dd01f38ee4888772506c2a
-
SHA1
46e63895e37a82147bfc01147d04b6effc450e6f
-
SHA256
51cb1292c9198346c8f943b5787d57502b8a580bc20b1de9a425970abb02a7c5
-
SHA512
87bbd4b3691ef928c80580e3ba9468f8bb7e4375e4f2e08dfdb3472be0a2d9b8726e38cc46a08194ef8c2ed883a4172bc495a7f134631df11098a2e59f17b4d1
-
SSDEEP
3:n:n
Score3/10 -
-
-
Target
maizu hack v1.4/main.dfb
-
Size
152KB
-
MD5
20b8e57e778d8c1b65a9f965b5b7050c
-
SHA1
4dc958b8e8e1e95cea82beac1afe2f91b88f835d
-
SHA256
99e7ffdb58bfbdb05b3f326655029cacb932809567b01392c63dc3d6d50fa50f
-
SHA512
b081b0c1ae9ef62fa3e37ee3900da84c7a0d81945cf8a7e81087999391f9366b07a46227008096e226e1800553afce5675f7ed8f72ad505324035be03da2091c
-
SSDEEP
3:H:H
-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Event Triggered Execution: Component Object Model Hijacking
Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Legitimate hosting services abused for malware hosting/C2
-
Suspicious use of SetThreadContext
-
-
-
Target
maizu hack v1.4/maizu hack v1.4.exe
-
Size
507KB
-
MD5
5241cbe1ca5ad91d9701dcd3e86d0be4
-
SHA1
42e2343018e6f26747f21310e1498a0b7558cee7
-
SHA256
18b8ddccfd60b09d5e7148f3a5ce61c61d37da4de9e4206ad28155ad92d70a5d
-
SHA512
208b7e3efce893a7a766d03f5185f065e0067b100ec5917fe9a3030906ce0740669d95ad2a128cdecf7cd70051cd04e1befa1fec5ce855a6a016016ae25950e1
-
SSDEEP
12288:1+0NNkaifVNXUYLnft4Com2511gYTqKoGlGnzc:17yaCTXU+t4CoP5FTxoG
-
Suspicious use of SetThreadContext
-
-
-
Target
maizu hack v1.4/sociebr.dfb
-
Size
84KB
-
MD5
ed0e1f5710b2bf5b3ca3136cd308cc23
-
SHA1
da966bf237ac052116366eb0616fae2cf36fee18
-
SHA256
57b5197e11101c2e06bdd86d238fbb6c8a3ea565591ca9648200c3ee3a03dbc2
-
SHA512
6b1274f6300074a8b765f16b54947aded0fc1bff4e6feb798ff17977f9149bff25f7e63f8cd2a1ad793b01d1345a9ba054c5e578b6dbdc9b30ab95439fdf412c
-
SSDEEP
3:H:H
Score3/10 -
-
-
Target
maizu hack v1.4/updater.dll
-
Size
67KB
-
MD5
decaca5914d4409681c179f0f2a314f3
-
SHA1
2a446b3ac2b9c8ec1b53da9a1a45197052a11602
-
SHA256
4d32733ccac8b13505472b3b107e5fcd313d8e192433997dfd5f33548d4245b7
-
SHA512
baa51713b9fedd13d2b02f139cdf656bd1ba3a7fffd320f75b3e2b98ca6bdf114c6bfa7fc01b59c79a7603db0906a7d8a520b79092d3e51e6b22626be6130986
-
SSDEEP
3:n:n
Score1/10 -
-
-
Target
maizu hack v1.4/version.dll
-
Size
203KB
-
MD5
a5b8f7deff0734c7e985d2a756b22ff8
-
SHA1
656f8fe90c2d59942171f1e081827b3d038c1414
-
SHA256
9d86f442f65c177cf2a6e659c974ce81e16acaa2663c378c6c6052da8e9c3e6a
-
SHA512
404aa5fd2c6823fe71ff0c2b6dc341b64772b936645e69a805e67a4217f3fe1d73b398eae445f2e7745324f4ae6f23707f5258027fbe1ceb98947b59c44897f0
-
SSDEEP
3:n:n
Score1/10 -