83a8a8eafc83415a3f72afb4059079668a6e4cf9ac59e012eb33e2dbab46e8a9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

10d04f7d8f906ec7deff447820c50415_JaffaCakes118
Size

3.1MB
Sample

240503-sk93rscg83
MD5

10d04f7d8f906ec7deff447820c50415
SHA1

45b5f7c335eef5c6a3f38040814eab5ec8efd52d
SHA256

83a8a8eafc83415a3f72afb4059079668a6e4cf9ac59e012eb33e2dbab46e8a9
SHA512

73247fba6214c4f4ff0e90332cf85fe1cf2d5824e37a032e257ffd8a02a0f9ac90dc0a85bd8f93f330ecf8382eaab173ea4f72cf245618080bb1fcfee100fe9a
SSDEEP

98304:xtbHQB3ouRMP+Tb9Aq4pXhxTrm14FSjV9m9Gih3Y6:HbwBrMP+TBiXhxPM4knm9zh9

Score

7^/10

Malware Config

Targets

- Target
  
  gwb.exe
- Size
  
  3.0MB
- MD5
  
  7f4aeafe073e320d9efc9de7ccbca437
- SHA1
  
  6c17de9fbb7fe2d74a1a7468a4cf47957fd2e595
- SHA256
  
  5b1e40c694f550b781b5914a1fcfdf1683975155c161df2dd770da68652599a1
- SHA512
  
  302d314fdfc1d19d291ee6088d3df609ab74bfa367a5c9a07d7af8fcd5b006d9764f5e9a75def7ebab1967758319e5b5a7c783f55a809b866e997a9d1d128f17
- SSDEEP
  
  98304:AMe97B8givKWS7to2xywiRIOQwob+giVsTSczTyd:AMe9SvBSp0w2Lbr02d
Score

7^/10
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  下载说明.htm
- Size
  
  2KB
- MD5
  
  e31159167e6bf59f83538a79942a1ba4
- SHA1
  
  5f4627b3915344a2c2137b078c9d103dd9d03a41
- SHA256
  
  393449e0bc51cf913ec7c0ceb5af646c855ba7959b71c6321f448d98cf0b7f4b
- SHA512
  
  1096ca2d8d75f804538007ce02e239d71b90cae5e9cd0bbf241224a146aa4f3a444024a0557cf2b3bbedc424402bcfc89cec1c5908ee33822174e50f2ac16805
Score

1^/10
behavioral3 behavioral4
- Target
  
  机关公文助手v3.4完美注册机.exe
- Size
  
  193KB
- MD5
  
  61327c652054726dc1999ee8d7800697
- SHA1
  
  31c83757b8f04f50bab210e829614f3c77a07390
- SHA256
  
  a230a034cab8eadbf5d8d98e2d95e016355a823ebb0603a419f2bcae14681217
- SHA512
  
  c27d94f4898685b6e09b0bdea9e334f983c87614b2b1392e2d24c257342a01bf440adb0925c362c61838f52223ffbd4fadda8612ef8e0d1732399a98cebd20f9
- SSDEEP
  
  3072:UJs8W2eob2TA1OkxDBlF6qYoD1RAf3f61iF/sr3n9fXBvJC4CRtD59pvR92LF/Q:fFoSkRBlwqh1RfPpBsXsS
Score

7^/10
- Loads dropped DLL
- Drops file in System32 directory
behavioral5 behavioral6
- Target
  
  飘down精品软件.url
- Size
  
  121B
- MD5
  
  51443532cefd342f1f97d6f7d3c27e3e
- SHA1
  
  3554a5defe7a5d0edb5a5ef4629aabb49a9be10b
- SHA256
  
  052bf134ad493468afa3e627e70b36c83278d94fdd4284afffe99a7d3462ae36
- SHA512
  
  bd26ccc6517f3fe6fcb4e65b2f703dfc05ab216e5244ffa73d03b2f24ea39a65751850986ae0ba460280aa8b8535b0d6b956f97fee82cfe0e3eeec12ab04f373
Score

1^/10
behavioral7 behavioral8

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8