00b735bed487a30253c87ae92fc54bbc9cdde19c7f3e9f420a48b28eb6338804 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

02cd088eecb647c992544ba5f355554d_JaffaCakes118
Size

397KB
Sample

240427-j3pecafb3t
MD5

02cd088eecb647c992544ba5f355554d
SHA1

4ffff139829236bf9cc9a7cff1e00f525e8f5177
SHA256

00b735bed487a30253c87ae92fc54bbc9cdde19c7f3e9f420a48b28eb6338804
SHA512

8bc3195a684379e3989e4a7d796fc73efddf6238fabc4bee45fb490740de9aff49aeb7863208adc231651f56ce8567dc8417837de0e936d1b8778e7858e56a05
SSDEEP

6144:yo4bhjBVcQBZoBbYz5tSg4FNGSiEX2k0hr1/9UZqdVL/mDYJX10MfsQKisFkNkp1:youfabaFtfGGSiEGkI9zJFcQzsiNkoY

Score

4^/10

Malware Config

Targets

- Target
  
  广州铁通增城分局沙庄局点龙地村FTTH接入工程/广州铁通增城分局沙庄局点龙地集客接入工程.doc
- Size
  
  150KB
- MD5
  
  c0fd286e813634e1e42b4fb160d8a3ce
- SHA1
  
  ca09f941ae3f4e3e0e4c4a81d47e5ce05a4804a3
- SHA256
  
  16d63db725c224fcc7af0bba7585fc3fab83ea07c937a5ab8119514b3e51d3f9
- SHA512
  
  8df3a61abaca0c1679c8fce24670a425918681826f1f73b0184e009d114dff0ae64f9abc1b9f260867c3fd26040be8dbad51a9adc13de9e5c08ed7768ba3a496
- SSDEEP
  
  3072:HbUJpmZvx8J3ndZUc+L2aJrG0ahLC1CAQPmMBt0Eqo1GFqR:Hbp5MnUtKvdhLC4AQTBtNqdY
Score

4^/10
behavioral1 behavioral2
- Target
  
  广州铁通增城分局沙庄局点龙地村FTTH接入工程/广州铁通增城分局沙庄局点龙地集客接入工程.xls
- Size
  
  80KB
- MD5
  
  27858f1e2325498b4aa3cad987e8c293
- SHA1
  
  01152a9666bb81da01cfb467d2a6eff43fc2d5f7
- SHA256
  
  c1f6dec8986541d8478c12e862edbc9cbb726507dcccae297822a462162c3339
- SHA512
  
  4b700613b3be594d152b8756099582d5773a177e1cf652120c5aa1a70d45bb555327a42bfbe37ac136eb58de0b37c01af2d463c435790df3a7b874ad5625ac9e
- SSDEEP
  
  1536:tJJJlJULf1DUREVDjJrMNDveiaL7fgAJLD6dhhJhJhhG1HrTCi9SGxRICqzswYap:Hj66666fbDxbBHhc6ArIvxsWG08YohOu
Score

1^/10
behavioral3 behavioral4
- Target
  
  广州铁通增城分局沙庄局点龙地村FTTH接入工程/立项估算.xls
- Size
  
  66KB
- MD5
  
  1b00407596841a66e446d79ec65898c5
- SHA1
  
  89c7ae0698e189ff6cb8366d62ba77564ec90868
- SHA256
  
  802e67cda9a23a7e02a7e7e38e604c2e5911fed474a34e87a47bc72d3c03263e
- SHA512
  
  86479c2e7e6eea138c64883124859fc69582550232318788cdbff0d3db2eeda6dcfc7cf56dfe7f716919777d93898f02086b6902bbf943c76fe72a87c99a5a50
- SSDEEP
  
  1536:oeeeqPzme9POPmOJtV8bckS1Q8vePszQWOmmeWDGIkteuXxxxxxf6vLaBQ9+1kL7:dxxxxxfvKRMK
Score

1^/10
behavioral5 behavioral6
- Target
  
  广州铁通增城分局沙庄局点龙地村FTTH接入工程/需求信息表.doc
- Size
  
  37KB
- MD5
  
  605bee90c4a4bf5741a6a310560e0e6f
- SHA1
  
  72cd54974ffb074f8e7c6be9115c8b44a0868948
- SHA256
  
  4e5cdc63c90b99a35f74d1e1608d4ba01fcb52860049809628598a527e7a90a7
- SHA512
  
  255e3ff2290dd02ef8eff118d9f2cf09767b233a142e5d95395a9872d03b0ff50fff26b2bcba08c5b2db736bccc0d59a17921591a45470f20e7e259dfc9780e7
- SSDEEP
  
  384:iIAoU/C8BLIxL3X7T5yGcSxwAjLRN59hgV:izLBUfRlhq
Score

4^/10
behavioral7 behavioral8
- Target
  
  广州铁通增城分局沙庄局点龙地村FTTH接入工程/项目技术实施方案.doc
- Size
  
  140KB
- MD5
  
  ec41142fa4dafab07b183a226d215bd1
- SHA1
  
  6488830c6408977c277f21a4bebcc8d238504aa1
- SHA256
  
  e95e630070accf051f1099be8657985b2d821ff893287c405151c53f85ca367f
- SHA512
  
  3f75c581fcd9f31c50197489d56e5885c970dcfa762c7ae233a75577cd4d593c497b75dcc9fd40b22e8c81799115d9d9131cb24aab86fe84c974a10d6219ea5c
- SSDEEP
  
  3072:CD1CAQPmMBt0PL2aJrG0ahLSx8J3ndZUcG:CD4AQTBt+KvdhLaMnU
Score

4^/10
behavioral10 behavioral9

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10