General

  • Target

    90fb41f93c68ef58b837ad5b56b0c904_JaffaCakes118

  • Size

    4.8MB

  • Sample

    240402-tkkzbaeh6s

  • MD5

    90fb41f93c68ef58b837ad5b56b0c904

  • SHA1

    c140f4a42bdbc532b36fbea071a7b8f68f459616

  • SHA256

    ed4f3e7077fb737802c3f7047e8f096ada1889b0f564a7357122ca3766d23d75

  • SHA512

    61d9eafba3729fa782815155d2131f352fe258023b1a3f9b32f131ddd342dedc7ad9e165c0ce26edd8bed6a4307bfba93264a4e4629132e87694456873d2b713

  • SSDEEP

    98304:slYHpDqNQ7Rq7qsRidBvU3T5B8NZzX9aSxtZ87xJvKyTnrTo6v:OY0mNq7qsUdBsD0NZZdtoxJiyTHv

Malware Config

Targets

    • Target

      满满改车软件V27.8.31版/ManMan.dll

    • Size

      17KB

    • MD5

      df90ce42f06133c93b85fe3f65214ac0

    • SHA1

      243e727a2bc714c5c90807660664f4c23b054e95

    • SHA256

      98540d186022f6f075cd192e9caeababfca40dee6f51290ecc99c9fbe1a58624

    • SHA512

      4bd7bae3e0294b3b3991021583e816befbbd85cf7500014f9d35f6c99089b06d7c8d1d6f32cf0b95b41567cc9ddfcf19b2fe1fb32ed021524f5c4249c9b0747d

    • SSDEEP

      384:y7iTEOGUJAl1n6mIhDwqcW1PSXpeNOuwKUSxT7vvxlL:y7mEOE1n6DesceNWWx7D

    Score
    8/10
    • Blocklisted process makes network request

    • Target

      满满改车软件V27.8.31版/eylogin.dll

    • Size

      2.1MB

    • MD5

      3bdb92b38bdc6a5702ec1454534d0951

    • SHA1

      9276b0c8de889744fcdf34e7c81e158830b8bcbb

    • SHA256

      25ba0f3a0f6ddb0e9b0078640a8a2a2bf7e8948e0579d2080379debc8a272681

    • SHA512

      cff7a9033f7a141f52f0ad3152e97a5313f1185669d9e6da4d60a68602c6a1af3ec5250e1c39ea328758419e5d0a826bb5085f3e96fa4019f3c5c2e586f1c35f

    • SSDEEP

      49152:TFaPO+wdxES1YkPLCenZ05J8bIKSQ9uiij4DoUp5Z6ZsuVxzVYyIJaczFwx:TMGLd51YkPu4cJMGBj4DhDZANxBYts

    Score
    1/10
    • Target

      满满改车软件V27.8.31版/满满改车软件V27.8.31版.exe

    • Size

      3.3MB

    • MD5

      03692a98cefb0bbce57ded33d626d9e4

    • SHA1

      9ac8b3824feb7958d93bcdcf45321b7063613c11

    • SHA256

      825b906cbafeda828d404180a830c54cb272ffff32e1327297e8dde95220bf82

    • SHA512

      e712683cef2c9e7ec4f158efef01a0b327a141455b93accb12103db735f9fc39c55bd8cf82f74a6d23cbd115fc5b0b79e45abf3aaa4bf8aa97b182edccd535ce

    • SSDEEP

      98304:6hapj2MGLd51YkPu4cJMGBj4DhDZANxBYts2pp:byM0LNPy8DpZ+C22p

    Score
    7/10
    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Target

      满满改车软件V27.8.31版/满满改车软件V27.8.31版Srv.exe

    • Size

      55KB

    • MD5

      ff5e1f27193ce51eec318714ef038bef

    • SHA1

      b4fa74a6f4dab3a7ba702b6c8c129f889db32ca6

    • SHA256

      fd6c69c345f1e32924f0a5bb7393e191b393a78d58e2c6413b03ced7482f2320

    • SHA512

      c9d654ead35f40eea484a3dc5b5d0a44294b9e7b41a9bacdafdd463d3de9daa2a43237a5f113f6a9c8ea5e1366823fd3d83da18cd8197aa69a55e9f345512a7a

    • SSDEEP

      1536:Q+hzRsibKplyXTq8OGRnsPFG+RODTb7MXL5uXZnzE:bROzoTq0+RO7IwnY

    • Ramnit

      Ramnit is a versatile family that holds viruses, worms, and Trojans.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Target

      满满改车软件V27.8.31版/软件使用说明.html

    • Size

      263B

    • MD5

      d9ca7d1f89782cd376a0eef1e487335f

    • SHA1

      7db6d01119cc260885b9a524f94d6dd6e79c18d4

    • SHA256

      605116d38bb5a44aa103960cf2e15f437b00a867943c49b3d8d67fb1d598878a

    • SHA512

      1d9744a4865cbe8560c316ee06247069653686d2e8cfc08af531238fb54f5b1ea125875f3a5d38cfbcdf205867cb1d323d2d64e1942f6428f114625b2b3aec5a

    Score
    1/10

MITRE ATT&CK Enterprise v15

Tasks