f91c0dfc57f4d990e3572ea57203fce13090ab3cd52bb57456bd52f398a92c78 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

JangaFXEmberGenEnt1.0.4_DownloadPirate.com.rar
Size

72.2MB
Sample

240222-yzywyafb24
MD5

81961049a2e66ec0bef8bcec724d58fe
SHA1

93198853c10172162f87cd886d7318136e8434b8
SHA256

f91c0dfc57f4d990e3572ea57203fce13090ab3cd52bb57456bd52f398a92c78
SHA512

268baaa015d81ce0212e0e4612740a836d351c3dce3220eb4fb42a8b525568cc470ee55fee89a6c4ec830be211ffb5dcdb6e358f721b2607a78a6975579d00cc
SSDEEP

1572864:fgvNvgV6WwH2U0KO6DB+ftkJpX1OM2r9pfVXpyrP/dCRYNABXc7Wt:f2CpS2UnB9fXP2rbVXEgRYNQmWt

Score

7^/10

discovery upx

Malware Config

Targets

- Target
  
  JangaFX EmberGen Enterprise v1.0.4 WIN/Read Me.txt
- Size
  
  70B
- MD5
  
  59444f863e285f60803c3739e3d42fc2
- SHA1
  
  5cb4665ea8ad843580c361a1a3e52a96551a8cb2
- SHA256
  
  37a0807c2fb6938c0bd02b74cc0f4ffb29aff275ff6d147da089928c434483c3
- SHA512
  
  7500ba6d113e28e3286b64c924add945095f709593aa94a8cbd0e9f9a5a45faeba06f9b56b286dcb7a0446af245a81b1d37e825f2fbbd8d35d4797f30e49fa37
Score

1^/10
behavioral1 behavioral2
- Target
  
  JangaFX EmberGen Enterprise v1.0.4 WIN/crack/EmberGen.exe
- Size
  
  15.8MB
- MD5
  
  bb6bd9f09c70acb22ff432a6870fa71a
- SHA1
  
  5e6c5ad9dd2487fc70c29eb35301004d0accd279
- SHA256
  
  03f833c81a847366426c6779a3cd27f6d88a65c8cbdb0026f7931dc49ebcbee8
- SHA512
  
  442739fe138d80b4d178b7eebb989d282de18108518205f1dc1eb90b0e025467b0321799ae9f281a96f0aa938b2d34479814d3ab57146298ae3bc24cef07f0ee
- SSDEEP
  
  393216:nqpHxeE5taqTk9t60ixAzgu40UirmRAU6zn7G9CVmP9w6:YReE5taqgBiIc0RyRKzn7GUmj
Score

7^/10

upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral3 behavioral4
- Target
  
  out.upx
- Size
  
  27.8MB
- MD5
  
  6e653dc53653be4a4426256a9d75fec6
- SHA1
  
  19f8b8a4a14bd69f38ecdc69d2898c2f5633595e
- SHA256
  
  faa64838b78528ea794b5d4bd401ba1022e1a74073cd3db8b299a98310bf4b8a
- SHA512
  
  523070d0c737db7c26fbf2067b8ed36d7b2cac5a30e323a9b5a3281ad92ee9a8dd30be7ec7fa3ce8b76e75386d43b92e60f97a8ee935c0bd5cf1637a16a11395
- SSDEEP
  
  393216:aZWLhVd6+8cN9JDniY0PtVZ7yRegmNm8qC9o:ssnW89JKQl3
Score

1^/10
behavioral5 behavioral6
- Target
  
  JangaFX EmberGen Enterprise v1.0.4 WIN/embergen_1_0_4_installer.exe
- Size
  
  57.2MB
- MD5
  
  43c20c7a3a57962ba3aa44b3bd00bace
- SHA1
  
  7f05507330c51b165f0e6a7403b777d3e6ef4e6a
- SHA256
  
  6a0d23beb7ac16c0b106fb9e2e8bf11eea02f088a905f9809390c08c4a949cf4
- SHA512
  
  4835bbfb2ef32e1360bfd29baa36bce8201b4f953d36c917f7d755e5815e8a1d7890948d6ab1750208ef7206904c6061d720883315e4d14e4de8893963a5e348
- SSDEEP
  
  1572864:gbvQ1s9XcrVzPPba3msz0ISQEH7HCDNE610hHSS4i4o18N:gDQdVDDIOeEbiDb1MSS47N
Score

7^/10

discovery upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral7 behavioral8

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8