Overview
overview
7Static
static
7MSCOMCTL.dll
windows7-x64
1MSCOMCTL.dll
windows10-2004-x64
1MSINET.dll
windows7-x64
1MSINET.dll
windows10-2004-x64
1TABCTL32.dll
windows7-x64
1TABCTL32.dll
windows10-2004-x64
1comctl32.dll
windows7-x64
1comctl32.dll
windows10-2004-x64
1һ....exe
windows7-x64
1һ....exe
windows10-2004-x64
1Ӣtx...mp.exe
windows7-x64
7Ӣtx...mp.exe
windows10-2004-x64
7ı....url
windows7-x64
1ı....url
windows10-2004-x64
1General
-
Target
00451049bee14f4dbffaa66c56d9e215_JaffaCakes118
-
Size
2.2MB
-
Sample
240426-h8cr3abf58
-
MD5
00451049bee14f4dbffaa66c56d9e215
-
SHA1
244b29c0c6b9ce5b60b2f12fe34bedb698e95a34
-
SHA256
a07b6394cdfefb4f3c325f88226af9357d2dd3d0a40facf0364cf31ce75ca495
-
SHA512
b9ababced5f39160851ab38f23d06a00b355efc252358047c3b991c1249e77ff4c54137008aafff091ebd88e1fff9185e8eafece272c308d48368b143e2fcd65
-
SSDEEP
49152:8uWfg68bJCdYCMnx3Y1WFEcgBBLaJzqzkwG805yyd2blytwE9:ygHcuZN/EzBZa98vG95+2R9
Behavioral task
behavioral1
Sample
MSCOMCTL.dll
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
MSCOMCTL.dll
Resource
win10v2004-20240412-en
Behavioral task
behavioral3
Sample
MSINET.dll
Resource
win7-20240221-en
Behavioral task
behavioral4
Sample
MSINET.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral5
Sample
TABCTL32.dll
Resource
win7-20240221-en
Behavioral task
behavioral6
Sample
TABCTL32.dll
Resource
win10v2004-20240412-en
Behavioral task
behavioral7
Sample
comctl32.dll
Resource
win7-20240221-en
Behavioral task
behavioral8
Sample
comctl32.dll
Resource
win10v2004-20240412-en
Behavioral task
behavioral9
Sample
һִ.exe
Resource
win7-20240221-en
Behavioral task
behavioral10
Sample
һִ.exe
Resource
win10v2004-20240412-en
Behavioral task
behavioral11
Sample
Ӣtxtıv3.4.vmp.exe
Resource
win7-20240220-en
Behavioral task
behavioral12
Sample
Ӣtxtıv3.4.vmp.exe
Resource
win10v2004-20240226-en
Behavioral task
behavioral13
Sample
ı߾Ӣtxtı v3.4.url
Resource
win7-20231129-en
Behavioral task
behavioral14
Sample
ı߾Ӣtxtı v3.4.url
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
MSCOMCTL.OCX
-
Size
1.0MB
-
MD5
ecc7d7f0d3446de36045d1d9e964fafe
-
SHA1
da6b0ec081d628c33b150327f3bd16d3b7fa4729
-
SHA256
bc58d624ceea02ab086f1cce809c992bf5a7105e88931853317a2f5aa5afd6e4
-
SHA512
443de697be9886cd97235e6468f3a7f6bf11612711e54dba31431b0d9418672e1434e839ed50cacf28107f692f0c9d9d2f57d90e3a843d81015d459c180db632
-
SSDEEP
24576:s0LiK1d6dxOehwsj5dC33M/jYVRDSfaF0gg1CVGO7oVtNKG:n6dAehwaY19G1u7+Ln
Score1/10 -
-
-
Target
MSINET.OCX
-
Size
129KB
-
MD5
90a39346e9b67f132ef133725c487ff6
-
SHA1
9cd22933f628465c863bed7895d99395acaa5d2a
-
SHA256
e55627932120be87c7950383a75a5712b0ff2c00b8d18169195ad35bc2502fc2
-
SHA512
0337817b9194a10b946d7381a84a2aeefd21445986afef1b9ae5a52921e598cdb0d1a576bdf8391f1ebf8be74950883a6f50ad1f61ff08678782c6b05a18adbf
-
SSDEEP
3072:R5JTZQu4epojdkYv55RCezn/T81B+ySRdL:RLTbP85RCezbwm
Score1/10 -
-
-
Target
TABCTL32.OCX
-
Size
218KB
-
MD5
dc925b6d77ba9ecb532e2f6750be943b
-
SHA1
f71215e701401f0dd6fe143e3a630b2e168a4fac
-
SHA256
d10a197fd53e65dc910ca4aed86cb674c613ff14ce6436d1a445bb27a7a499e0
-
SHA512
ee9c40e695a29de7e7b8a9fe1ca01ebba9a8bdc199d46d98c71a4e3ecfec566f2fc31300a5e9867e8c791b15ac3ebec076f0710e0f6eec6c3fdea3bde37ab171
-
SSDEEP
3072:UYMPPBTUImgJO39KAVpfm+IoXgRpiAcahtplVEkpg3//WttZDbtUSREm/UmL/8N:FC9UvEONTmFkgRpiANhtpliGtXDtR4N
Score1/10 -
-
-
Target
comctl32.ocx
-
Size
594KB
-
MD5
eb5f811c1f78005b3c147599a0cccf51
-
SHA1
19e8153569d1379634ba9d12e84dc35b10faf689
-
SHA256
bf4147f8a12bec3d54e3ef941475e29d852a1876117c6ce88f47b882ef6d4a03
-
SHA512
2eeed9e02c2fbff39c021340a8fa10417a47e243ae2d6d5a54e3e69114dccb402f2d836500c6d771ff971cf0070def3004f3e828a9e7686ef0e1457e1583ecec
-
SSDEEP
12288:0kec4KwGf99MSOeMkeXrnhIcVthDGn2mwCyP9tDCcrcJIVul+:0k6nTSXJI4l+
Score1/10 -
-
-
Target
һִ.exe
-
Size
36KB
-
MD5
ebd9f2e0966069085a2ecbd51aa16dce
-
SHA1
59ad52b71e36be08729f55d23ca72728edf460e7
-
SHA256
514ee4656b5701acb69aa533bc07b4a7fbef822d5905345b6760aff82f98a5e9
-
SHA512
1b546c3f0230389c0f7e4dbcac1805fac0608111c29d57f1f1c52e871bd3246f261a1547521250d171d1f8206fb9c547ee838ea267c311fd7854cbe0226fcdc3
-
SSDEEP
384:qPWXdmfH7UPeEpE3kdYKckDUpymW4qT7L56jsS5t5+XdmfH7:qcdmv7UW8dAssDW4qT7V6jL1cdmv7
Score1/10 -
-
-
Target
Ӣtxtıv3.4.vmp.exe
-
Size
1.4MB
-
MD5
b4b2d942b0253d5d88d93fa52d93ee3e
-
SHA1
f950bc8726372b0ba835c905a3cf93d80cbf5b78
-
SHA256
504826650e5f3d4e3d3fd85744bf2c46ba9f3c8dd772771a2840463e6530f827
-
SHA512
d16f12ce017b49174120cf9db996473404dff3b8b9437a23a0be35d27caf110b97dca9c1eb92a3fc043f123040ac18fe56225fe4c856cfaf801e5556382eb52e
-
SSDEEP
24576:cVbv2jofKcEr/Y3Wt9W3C4NieGNwPhhpOy7J9AypSXWCWs1uV8Y:cpDfKcEr4Wt9W77pfOSaypH5jVj
Score7/10-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
-
-
Target
ı߾Ӣtxtı v3.4ɫ_ - pc6վ.url
-
Size
5KB
-
MD5
d43c2de4dd1c45f633275328706f00bb
-
SHA1
abb8a1c1ac29d87f418d9a224f726669efc5aa59
-
SHA256
896355a285a1cc22e81ffa202ea5f028f4daa3a5918447f35357052ebcae8b07
-
SHA512
04c5d665b082a4ee38ddd7d75d199327dfd085ea128f15ccba00d4389359b49d2081933785cbc1d142b59d5585cd4a7b8c2e607b28328930ccbd20e34043127e
-
SSDEEP
96:YbM5OrLrHUS1Mru+V3RS1Mru+V3811Ms1MxRT011Ms1MxRT+Ew1Ms1MGhw1Ms1MA:plN9Nv/1/KS/Gx/G26SiXSi1VjR
Score1/10 -