b5a0c664d1334dd89f15f3c738f05640aa707f53fb5e157442af5a9d100fcfd8

Sharing

Copy URL

Twitter E-mail

General

Target

07899f5cc4bed844fc23c44fca3a3e46_JaffaCakes118
Size

6.4MB
Sample

240429-ndjj1shc29
MD5

07899f5cc4bed844fc23c44fca3a3e46
SHA1

f2d9acb5bc7c8bbb1f8078bc928794695b3d9755
SHA256

b5a0c664d1334dd89f15f3c738f05640aa707f53fb5e157442af5a9d100fcfd8
SHA512

9dfbc1c9151650016cfe8116c64a6c34b302e1b22ef5eac26d8a9a571905678ed82bb015049e818d5dc42849243b8c785c01e72be985b09a9c1a048a54974bd4
SSDEEP

196608:lNtvPu5KT40IK99mrQ7NM76vCBOIF+7c9LJLp:lNtvPu5A4A9FZTChIsLJLp

Score

6^/10

Malware Config

Targets

- Target
  
  King 2.0/ANTI-BAN/FlatUI.dll
- Size
  
  55KB
- MD5
  
  ea816ec38e99b9366172c94670c3172e
- SHA1
  
  172baed1b292e3fe87546ec9e4d88ed36ded1a37
- SHA256
  
  e450cb34d55514fc111da4a0d4694b9976edc60671289e9778547b2ede009f61
- SHA512
  
  267fbcc845d8c314d25baafc13847a8f50b12e628fffe932eb67b5f95c467e1c7788d8c9940f5a48dcf4bee0029ac91cbf488eeed610851a8f4781c4ced11a1f
- SSDEEP
  
  1536:UgsnXbl4Ss8W5DToAMncqTP7+9XeGTAo:UgsnXbl4Ss8nAEPy9XeGMo
Score

1^/10
behavioral1 behavioral2
- Target
  
  King 2.0/ANTI-BAN/VPN Connector.exe
- Size
  
  57KB
- MD5
  
  64f45c9cc916402b341a71d7e1c3f7e4
- SHA1
  
  6e83dce16882823617466b54dfec4f0324bdf859
- SHA256
  
  c1be45466a84f388735e75e203ec9d16e245552dfde4f923d78daae9d1897694
- SHA512
  
  0dddd099506e0b97eef496af4de26957ae6d4b147b1096f878bfcad6a1932b365eb74a34e3f3e9fac5d04b62d8c5b41f318b40ddefba331652074f1ff3e53d19
- SSDEEP
  
  1536:1DkVWni55lKeWD2gTL1bbOWABRn9h9enFJ3iL0bg:1neK2gTL1bb7AreFJ3u/
Score

1^/10
behavioral3 behavioral4
- Target
  
  King 2.0/ANTI-BAN/VPN/VpnConnection.bat
- Size
  
  116B
- MD5
  
  35ca15d105c9aa8af5a3f8ffa41c8e83
- SHA1
  
  5073ce6f77ea30084132b68354c8ec3569371b0a
- SHA256
  
  60af9a0d54c8e3b3340ff3849a8968e606778e79932f83905033443d2c579a88
- SHA512
  
  acf6503e6b5f5eaedeaa87f5c1160778bf3a675abf856a9d88aeb8f69b595cb92b2cabca1610b166811694e8507dcf313903d9d085e7dd9d6d664f965e50220f
Score

1^/10
behavioral5 behavioral6
- Target
  
  King 2.0/ANTI-BAN/VPN/VpnDisconnect.bat
- Size
  
  10B
- MD5
  
  9c0305d62968097885b0642be15016b8
- SHA1
  
  7ab4f55b5ed7f4e82054f03ea5befa31b88d62c0
- SHA256
  
  5daecc476bb21ce7fc5640c44fbb8d675edf26c9fb0d95f96cf8bdd670868555
- SHA512
  
  66a4aa40944fba7b10b8a4e439a768bbcf81cd6fa467afbfce7f1a16d080d6457288cbd3937e4974b917efe63364eeddfa397193749e6144223b26215425ad0e
Score

1^/10
behavioral7 behavioral8
- Target
  
  King 2.0/ANTI-BAN/vpnconnector/VpnConnection.bat
- Size
  
  123B
- MD5
  
  20a1d3f0643128705c34b3b148986a0f
- SHA1
  
  496d0d032b5a5238655036653f554293e9d4a1e8
- SHA256
  
  0de66efd3f7059d2357dfe97c34f8dfed1b68f2f48156c55858447620381cbe9
- SHA512
  
  a02cf93e5786a71d48db20008d947e8c46f4fa6edc1a8f0329aff5efdb693ef8bccfce2e23a5d91d1572f4bd28e6aa81beea205794ed60e37b4b2dcbe848f8e2
Score

1^/10
behavioral10 behavioral9
- Target
  
  King 2.0/ANTI-BAN/vpnconnector/VpnDisconnect.bat
- Size
  
  10B
- MD5
  
  9c0305d62968097885b0642be15016b8
- SHA1
  
  7ab4f55b5ed7f4e82054f03ea5befa31b88d62c0
- SHA256
  
  5daecc476bb21ce7fc5640c44fbb8d675edf26c9fb0d95f96cf8bdd670868555
- SHA512
  
  66a4aa40944fba7b10b8a4e439a768bbcf81cd6fa467afbfce7f1a16d080d6457288cbd3937e4974b917efe63364eeddfa397193749e6144223b26215425ad0e
Score

1^/10
behavioral11 behavioral12
- Target
  
  King 2.0/Bunifu_UI_v1.5.3.dll
- Size
  
  236KB
- MD5
  
  2ecb51ab00c5f340380ecf849291dbcf
- SHA1
  
  1a4dffbce2a4ce65495ed79eab42a4da3b660931
- SHA256
  
  f1b3e0f2750a9103e46a6a4a34f1cf9d17779725f98042cc2475ec66484801cf
- SHA512
  
  e241a48eafcaf99187035f0870d24d74ae97fe84aaadd2591cceea9f64b8223d77cfb17a038a58eadd3b822c5201a6f7494f26eea6f77d95f77f6c668d088e6b
- SSDEEP
  
  6144:SIQpxILDXGGMO7Ice9C5kQw2hWHcHTykhb:SIQpxILDXGGlET9n/cHG
Score

1^/10
behavioral13 behavioral14
- Target
  
  King 2.0/CONVERTER/FlatUI.dll
- Size
  
  55KB
- MD5
  
  b63f5c816f8799857b9b8f95b6e2a9b0
- SHA1
  
  11840f6df4c32d24f0680ca00febdff899fcd4a1
- SHA256
  
  058c926a8818479b06ab9402f2a6c85eb0f64626c2956102d6699ad413afe2fb
- SHA512
  
  87962db2d06e8c5c487eba689723b61c540efd60b50a5476e2275bf2c0e043e1c131767ee66fdc7db93666c1f52591b043a79f08ae24dcdc012bcceb614d0434
- SSDEEP
  
  1536:ngsnXbl4Ss8W5DToAMncqTP7+9XeGCA2:ngsnXbl4Ss8nAEPy9XeGJ2
Score

1^/10
behavioral15 behavioral16
- Target
  
  King 2.0/CONVERTER/Lua To Lua C.exe
- Size
  
  13KB
- MD5
  
  18b89b1f304115cb96fb2800573f5365
- SHA1
  
  dbbc5fc8c120d553464e35951a472bc31067259c
- SHA256
  
  c18dd7e62292096235bddf28ffcd2c7c6675cda174d6d5a3c713ff3df86c39f7
- SHA512
  
  0a679e204e778bab4236138774a8de9d41532d09cb4442b325102617446d499d085e3b5478d2289f7aac5cd5153f7918d4693b891fab1e6817b39c964c71ecfe
- SSDEEP
  
  384:KS8p1Vkge2naTrVML5811WDL1fTk4e4HSiKb8fNfNqj:V2naTiLW1QUbS
Score

1^/10
behavioral17 behavioral18
- Target
  
  King 2.0/FlatUI.dll
- Size
  
  55KB
- MD5
  
  b63f5c816f8799857b9b8f95b6e2a9b0
- SHA1
  
  11840f6df4c32d24f0680ca00febdff899fcd4a1
- SHA256
  
  058c926a8818479b06ab9402f2a6c85eb0f64626c2956102d6699ad413afe2fb
- SHA512
  
  87962db2d06e8c5c487eba689723b61c540efd60b50a5476e2275bf2c0e043e1c131767ee66fdc7db93666c1f52591b043a79f08ae24dcdc012bcceb614d0434
- SSDEEP
  
  1536:ngsnXbl4Ss8W5DToAMncqTP7+9XeGCA2:ngsnXbl4Ss8nAEPy9XeGJ2
Score

1^/10
behavioral19 behavioral20
- Target
  
  King 2.0/King.dll
- Size
  
  13KB
- MD5
  
  a2abe5b1bf089bd7de815ad7d8eb3ae3
- SHA1
  
  248ae11ebe1460d1399993b63eeec2c6eacf8b4d
- SHA256
  
  d5eee3e2eea0fbba5c9625c4ee4a1c85973bdd8c8aa011ccd43a1a0995ed3913
- SHA512
  
  cac8355a2ebf96eade92647365827b2a229ea49ecf0f84adb7626cec7382ab5154a7edc19a5273ee6c7ac8fa49e28583ad3d332dbe4b23120a1ea9e3ef1970fe
- SSDEEP
  
  192:gHPKSlZqzMKcBe3AQM1ft7dj7COVk3COrBdUBmTsX802Nfa5TeUiI194xxW:edli21PjFVk3C+BdUJ802Ni5TD6W
Score

1^/10
behavioral21 behavioral22
- Target
  
  King 2.0/King.exe
- Size
  
  100KB
- MD5
  
  07e2cb358ab9a0eb898a8d5e1d638e69
- SHA1
  
  3914cd440828a1885f1acdf2e5a4b257dc43f754
- SHA256
  
  f2593c5e31093a2bcf5132aaeda1eb66cc6b78067774570259d851af40f34978
- SHA512
  
  f4a958cdb4b9ce7a8e82d99e443dac9cb4d84783f3b388d3bb2449427a2c043a423d2bb6f1e00efb89b8b2b142db118f43ba0f17713f488c4cfa08938646f0c4
- SSDEEP
  
  1536:lLa8ChHYP7IGZ8dD216HThn62KZx4Est/NODD+EIu+o0mX7A5kkJWKWLcO:lLe4P7Lz/ZXst/MD1rAl8F
Score

6^/10
- Legitimate hosting services abused for malware hosting/C2
behavioral23 behavioral24
- Target
  
  King 2.0/Script pack/Big lua/GalaxyTitan.txt
- Size
  
  174KB
- MD5
  
  80118909a0ba46f6b92eb1cf7d4bd19d
- SHA1
  
  f8a08f48f2a6db14cdf8b2f2940162180260192d
- SHA256
  
  ef5fdee78aa2a78ce2f4037518c73b6bf418a46f33aaaa44438cae166ccc96ac
- SHA512
  
  401f88b2e22683afe27c54910c2250042de86727070778ebecd2d025897c99dc84cbf2f8cb65cd644517b06a8be3d44a09d9d1459cbaeea694383b54e8ab90b6
- SSDEEP
  
  3072:Cw0fO+MpQuOlboCsK+Ugh13Kc6X6u6AwKB6X6+6US6xzX6066m6Hebteq6HXhc:CdfO+MpQumboCsK+f13KUhXC
Score

1^/10
behavioral25 behavioral26
- Target
  
  King 2.0/Script pack/Big lua/GoobysGuiUPDATED.txt
- Size
  
  297KB
- MD5
  
  88db04ddc26c28001b84e3d64f160912
- SHA1
  
  5410adc17a4e6c847d2f5fa8d15505a09158ffd1
- SHA256
  
  818a15acbc050a689475a9c2a707d8c71b98437b65d7516ffdfa403f5a738a1c
- SHA512
  
  def633b144607846b45ba62f13826552bc8eeb5e00eb2ac14c2ac590420ff47f3c12335038fbf3919e60b2791e8bf1c7256b28e8daaaa88973c91174dc65fc45
- SSDEEP
  
  6144:w2SXGEYf8g88zigyoGP3imVYezWffRd0wuaC+uMqyr+DrqU6ya1GBv5J5GeaJKs5:waEY3RaYoYRa5J5GeaJKcmjT/5bYrx/
Score

1^/10
behavioral27 behavioral28
- Target
  
  King 2.0/Script pack/Big lua/Scary_GIANT.txt
- Size
  
  58KB
- MD5
  
  22ba74244514fbff5210059ec868e695
- SHA1
  
  368de0825e0156cee58da36302a90c9dfd2b3f07
- SHA256
  
  fd5217bc03fc0faa33f11a464ac3607208e2cc51cd4bfcfb14c9123b9f2e2e3e
- SHA512
  
  10577879c5fed86898c699c41a588f843002e59499a144ed8e487c2b11ac5f91a1ec14d03b13424638eede163ce7c6ed50f147a4beb5a075bddb4488f6e08f02
- SSDEEP
  
  768:3OWZxyCgVKCByJo6DL9JeX/X6c5g0UAAflDKI0/BEeceyeLF0pOWhy69PR:+AZjo2SX6c5VUAzIfpO96r
Score

1^/10
behavioral29 behavioral30
- Target
  
  King 2.0/Script pack/Big lua/ScrollGui_v2.txt
- Size
  
  310KB
- MD5
  
  afd0026a72aa76f808d7cd6e41d00a26
- SHA1
  
  38224929d5f17ed4455b32da4fd9930b6ac0d1ff
- SHA256
  
  dc3143ed97916e98d375b8bd795d725aad6bbfeed25fcea128c516ddee128335
- SHA512
  
  1837e78a27838cdcf532df173fbfc010affc615b22dca03a8063e2d8f9539e458f8ec8b97f1bd68fab271aa47d2bdfb81a377d51b518bdba4bb94d356b4c2397
- SSDEEP
  
  6144:/B9g/DO2+h+yovPBP4plkDt4oyf5Stpzp/InUZk/nUtEt8zTR2SX9mYf8g8gnXb:/B9g/DOhoyfoRJmYJL
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32