红雨滴云沙箱:破解“压缩包+LNK”障眼法
Tags
Common Information
Type Value
UUID 25594fee-9fb8-4d03-a616-2b76f9abc01b
Fingerprint 14658278540e727b
Analysis status DONE
Considered CTI value 2
Text language
Published Jan. 13, 2020, midnight
Added to db Aug. 13, 2023, 9:55 a.m.
Last updated Dec. 21, 2024, 2:20 a.m.
Headline 红雨滴云沙箱:破解“压缩包+LNK”障眼法
Title 红雨滴云沙箱:破解“压缩包+LNK”障眼法
Detected Hints/Tags/Attributes 6/0/17
RSS Feed
Attributes
Details Type #Events CTI Value
Details Domain 32
sandbox.ti.qianxin.com
Details Domain 1
events02.huawei.com
Details Domain 1
cdn.bbq778.live
Details Domain 1
service-q07ntsqs-1301775575.gz.apigw.tencentcs.com
Details File 2
保险java资深研发工程师招聘需求.pdf
Details File 1
00ed693ee39421103ac4a3aabe39b92b.exe
Details File 1
可以看到lnk文件在运行后会启动压缩包中的可执行文件aps.exe
Details File 4
aps.exe
Details File 1
service-q07ntsqs-1301775575.gz
Details File 5
virustotal-multisandbox-qianxin-reddrip.html
Details md5 1
f251ed6259557518dd18b3c28d686b25
Details md5 1
2e11614ce5942cc389ae657cde963196
Details md5 1
00ED693EE39421103AC4A3AABE39B92B
Details md5 1
00ed693ee39421103ac4a3aabe39b92b
Details Url 1
https://sandbox.ti.qianxin.com/sandbox/page/detail?type=file&id=aynksopo9knobtgx12
Details Url 9
https://sandbox.ti.qianxin.com
Details Url 5
https://blog.virustotal.com/2020/02/virustotal-multisandbox-qianxin-reddrip.html