Overview

overview

7

Static

static

7

MSCOMCTL.dll

windows7-x64

1

MSCOMCTL.dll

windows10-2004-x64

1

MSINET.dll

windows7-x64

1

MSINET.dll

windows10-2004-x64

1

TABCTL32.dll

windows7-x64

1

TABCTL32.dll

windows10-2004-x64

1

comctl32.dll

windows7-x64

1

comctl32.dll

windows10-2004-x64

1

һ....exe

windows7-x64

1

һ....exe

windows10-2004-x64

1

Ӣtx...mp.exe

windows7-x64

7

Ӣtx...mp.exe

windows10-2004-x64

7

ı....url

windows7-x64

1

ı....url

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    00451049bee14f4dbffaa66c56d9e215_JaffaCakes118

  • Size

    2.2MB

  • Sample

    240426-h8cr3abf58

  • MD5

    00451049bee14f4dbffaa66c56d9e215

  • SHA1

    244b29c0c6b9ce5b60b2f12fe34bedb698e95a34

  • SHA256

    a07b6394cdfefb4f3c325f88226af9357d2dd3d0a40facf0364cf31ce75ca495

  • SHA512

    b9ababced5f39160851ab38f23d06a00b355efc252358047c3b991c1249e77ff4c54137008aafff091ebd88e1fff9185e8eafece272c308d48368b143e2fcd65

  • SSDEEP

    49152:8uWfg68bJCdYCMnx3Y1WFEcgBBLaJzqzkwG805yyd2blytwE9:ygHcuZN/EzBZa98vG95+2R9

Score
7/10
vmprotect

Malware Config

Targets

    • Target

      MSCOMCTL.OCX

    • Size

      1.0MB

    • MD5

      ecc7d7f0d3446de36045d1d9e964fafe

    • SHA1

      da6b0ec081d628c33b150327f3bd16d3b7fa4729

    • SHA256

      bc58d624ceea02ab086f1cce809c992bf5a7105e88931853317a2f5aa5afd6e4

    • SHA512

      443de697be9886cd97235e6468f3a7f6bf11612711e54dba31431b0d9418672e1434e839ed50cacf28107f692f0c9d9d2f57d90e3a843d81015d459c180db632

    • SSDEEP

      24576:s0LiK1d6dxOehwsj5dC33M/jYVRDSfaF0gg1CVGO7oVtNKG:n6dAehwaY19G1u7+Ln

    Score
    1/10
    behavioral1behavioral2

    • Target

      MSINET.OCX

    • Size

      129KB

    • MD5

      90a39346e9b67f132ef133725c487ff6

    • SHA1

      9cd22933f628465c863bed7895d99395acaa5d2a

    • SHA256

      e55627932120be87c7950383a75a5712b0ff2c00b8d18169195ad35bc2502fc2

    • SHA512

      0337817b9194a10b946d7381a84a2aeefd21445986afef1b9ae5a52921e598cdb0d1a576bdf8391f1ebf8be74950883a6f50ad1f61ff08678782c6b05a18adbf

    • SSDEEP

      3072:R5JTZQu4epojdkYv55RCezn/T81B+ySRdL:RLTbP85RCezbwm

    Score
    1/10
    behavioral3behavioral4

    • Target

      TABCTL32.OCX

    • Size

      218KB

    • MD5

      dc925b6d77ba9ecb532e2f6750be943b

    • SHA1

      f71215e701401f0dd6fe143e3a630b2e168a4fac

    • SHA256

      d10a197fd53e65dc910ca4aed86cb674c613ff14ce6436d1a445bb27a7a499e0

    • SHA512

      ee9c40e695a29de7e7b8a9fe1ca01ebba9a8bdc199d46d98c71a4e3ecfec566f2fc31300a5e9867e8c791b15ac3ebec076f0710e0f6eec6c3fdea3bde37ab171

    • SSDEEP

      3072:UYMPPBTUImgJO39KAVpfm+IoXgRpiAcahtplVEkpg3//WttZDbtUSREm/UmL/8N:FC9UvEONTmFkgRpiANhtpliGtXDtR4N

    Score
    1/10
    behavioral5behavioral6

    • Target

      comctl32.ocx

    • Size

      594KB

    • MD5

      eb5f811c1f78005b3c147599a0cccf51

    • SHA1

      19e8153569d1379634ba9d12e84dc35b10faf689

    • SHA256

      bf4147f8a12bec3d54e3ef941475e29d852a1876117c6ce88f47b882ef6d4a03

    • SHA512

      2eeed9e02c2fbff39c021340a8fa10417a47e243ae2d6d5a54e3e69114dccb402f2d836500c6d771ff971cf0070def3004f3e828a9e7686ef0e1457e1583ecec

    • SSDEEP

      12288:0kec4KwGf99MSOeMkeXrnhIcVthDGn2mwCyP9tDCcrcJIVul+:0k6nTSXJI4l+

    Score
    1/10
    behavioral7behavioral8

    • Target

      һִ.exe

    • Size

      36KB

    • MD5

      ebd9f2e0966069085a2ecbd51aa16dce

    • SHA1

      59ad52b71e36be08729f55d23ca72728edf460e7

    • SHA256

      514ee4656b5701acb69aa533bc07b4a7fbef822d5905345b6760aff82f98a5e9

    • SHA512

      1b546c3f0230389c0f7e4dbcac1805fac0608111c29d57f1f1c52e871bd3246f261a1547521250d171d1f8206fb9c547ee838ea267c311fd7854cbe0226fcdc3

    • SSDEEP

      384:qPWXdmfH7UPeEpE3kdYKckDUpymW4qT7L56jsS5t5+XdmfH7:qcdmv7UW8dAssDW4qT7V6jL1cdmv7

    Score
    1/10
    behavioral10behavioral9

    • Target

      Ӣtxtıv3.4.vmp.exe

    • Size

      1.4MB

    • MD5

      b4b2d942b0253d5d88d93fa52d93ee3e

    • SHA1

      f950bc8726372b0ba835c905a3cf93d80cbf5b78

    • SHA256

      504826650e5f3d4e3d3fd85744bf2c46ba9f3c8dd772771a2840463e6530f827

    • SHA512

      d16f12ce017b49174120cf9db996473404dff3b8b9437a23a0be35d27caf110b97dca9c1eb92a3fc043f123040ac18fe56225fe4c856cfaf801e5556382eb52e

    • SSDEEP

      24576:cVbv2jofKcEr/Y3Wt9W3C4NieGNwPhhpOy7J9AypSXWCWs1uV8Y:cpDfKcEr4Wt9W77pfOSaypH5jVj

    Score
    7/10
    vmprotect

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

      vmprotect

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral11behavioral12

    • Target

      ı߾Ӣtxtı v3.4ɫ_ - pc6վ.url

    • Size

      5KB

    • MD5

      d43c2de4dd1c45f633275328706f00bb

    • SHA1

      abb8a1c1ac29d87f418d9a224f726669efc5aa59

    • SHA256

      896355a285a1cc22e81ffa202ea5f028f4daa3a5918447f35357052ebcae8b07

    • SHA512

      04c5d665b082a4ee38ddd7d75d199327dfd085ea128f15ccba00d4389359b49d2081933785cbc1d142b59d5585cd4a7b8c2e607b28328930ccbd20e34043127e

    • SSDEEP

      96:YbM5OrLrHUS1Mru+V3RS1Mru+V3811Ms1MxRT011Ms1MxRT+Ew1Ms1MGhw1Ms1MA:plN9Nv/1/KS/Gx/G26SiXSi1VjR

    Score
    1/10
    behavioral13behavioral14

MITRE ATT&CK Matrix

Tasks