Overview

overview

7

Static

static

7

lordpe/16Edit.dll

windows7-x64

7

lordpe/16Edit.dll

windows10-2004-x64

7

lordpe/LDE...mp.exe

windows7-x64

1

lordpe/LDE...mp.exe

windows10-2004-x64

1

lordpe/LDE/Genoep.dll

windows7-x64

1

lordpe/LDE/Genoep.dll

windows10-2004-x64

1

lordpe/LDE...mp.dll

windows7-x64

1

lordpe/LDE...mp.dll

windows10-2004-x64

1

lordpe/LDS...mp.exe

windows7-x64

1

lordpe/LDS...mp.exe

windows10-2004-x64

1

lordpe/LDS...ep.dll

windows7-x64

1

lordpe/LDS...ep.dll

windows10-2004-x64

1

lordpe/LordPE.exe

windows7-x64

7

lordpe/LordPE.exe

windows10-2004-x64

7

lordpe/Mis...it.exe

windows7-x64

1

lordpe/Mis...it.exe

windows10-2004-x64

1

lordpe/Mis...it.vbs

windows7-x64

1

lordpe/Mis...it.vbs

windows10-2004-x64

1

lordpe/Mis...lf.exe

windows7-x64

1

lordpe/Mis...lf.exe

windows10-2004-x64

1

lordpe/Mis...ck.exe

windows7-x64

1

lordpe/Mis...ck.exe

windows10-2004-x64

1

lordpe/Mis...op.exe

windows7-x64

7

lordpe/Mis...op.exe

windows10-2004-x64

7

lordpe/Mis...MD.exe

windows7-x64

1

lordpe/Mis...MD.exe

windows10-2004-x64

1

lordpe/Mis...xD.exe

windows7-x64

1

lordpe/Mis...xD.exe

windows10-2004-x64

1

lordpe/Mis...op.dll

windows7-x64

1

lordpe/Mis...op.dll

windows10-2004-x64

1

lordpe/Mis...ry.dll

windows7-x64

1

lordpe/Mis...ry.dll

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    24de19bb3668e013918f062063187a03_JaffaCakes118

  • Size

    346KB

  • Sample

    240508-ps182scg9z

  • MD5

    24de19bb3668e013918f062063187a03

  • SHA1

    091ea9346c4b5c178acf46b616d6a3b3e4f36fa4

  • SHA256

    538c68a47f67c2966fd821a636e2018855f7ec3992289a8de749f0a7a7cd9cb2

  • SHA512

    404c13efadcbefcc970ddf62050fcbb50dd6b01d68903219099a25fd89b979d2316de5e51d90f16acb4ae0813044cb091792a480a4b7018dc0793183fd0daffb

  • SSDEEP

    6144:J72M282UF3MvNIYSGh17pII6jykoBHeqCHsGZHoM+Kcq2M1JZ/u+8JLhuonktgqG:J749U98h68BHeqCHsGZKIhun5h/kt3G

Score
7/10
upx

Malware Config

Targets

    • Target

      lordpe/16Edit.DLL

    • Size

      18KB

    • MD5

      9e3335a6b7297321ca990afcbe2768a0

    • SHA1

      b61ed4f12cafe2751713a6267742c1540442de03

    • SHA256

      04c9b3f5187b29055c3fe425d66c0a3eef440c66ab6fda34096924d2dfeb8d6f

    • SHA512

      5ef91db1514abf107ae4a47ac07be7de5a2b34b78c7ded6befec75c121362c25c52f6f5f853d411b456cb692e9d9e733d4bbd79f65dd97c0bcebbe4f1aeb5543

    • SSDEEP

      384:9ro2Tv504Cxm9FfZiCr7KLPxYlFvLbt3IbRn:9roGx04CxmvhiC/gPkhNI

    Score
    7/10
    upx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

    • Target

      lordpe/LDE/Cooldump.exe

    • Size

      27KB

    • MD5

      a697ce295485be3cfcff634133f3ca9c

    • SHA1

      401d9b986d576d8caf9d86c8482bca8ebfec584b

    • SHA256

      72f0a552ff61986b4ba28258eb1911dcb41cab810ab91573acd6c843a9548690

    • SHA512

      78588c31af9a2118d34b36be98c0215a1d8fcd737f71fb031e4327cdab70c87cd1de851260603cc5fe46ed60ae12fdcbc28473e01950f5f505dc361b62994dfc

    • SSDEEP

      768:m+0gKCyhpCaaQUkpo3ZjYp37RRK/zdUdY05:mXTCyhqkpo3Z0prRRMBqY0

    Score
    1/10
    behavioral3behavioral4

    • Target

      lordpe/LDE/Genoep.dll

    • Size

      3KB

    • MD5

      5d0b17de94c05d5be9f86c926dbb4cc1

    • SHA1

      8255f53cdc0e85113212b0cf066afd7a85c013d2

    • SHA256

      1cbdc2dce9ee1c2ef270fa51c1cfa0f2f178baa312205fd13478c84340376418

    • SHA512

      c3452acbb75b0b87656680e83c9b787c10d9e6d4e97f32e9a069efdb1be2c50f839d73d6cc363fffa4eceb4130368b9b34d245a1da02cf35c4824ac6ac951a1c

    Score
    1/10
    behavioral5behavioral6

    • Target

      lordpe/LDE/IntelliDump.LDE

    • Size

      3KB

    • MD5

      2e4206aebc4f39a57915e5c53ad27da2

    • SHA1

      d517d80008173767b3c3d99719cd11db78a363ac

    • SHA256

      f6d409742821f5db40986b53291a4d5466d79c6600c89b6292ffad19103c61ce

    • SHA512

      a2bd00ac6b28b9059cf030923d6478fe8660016560520c82a5731fd0cbc73ff2ac2022d3085bbd1853f037cf23a90a0f01536ce6593c724f9c21fe95e2f544ab

    Score
    1/10
    behavioral7behavioral8

    • Target

      lordpe/LDS_Clients/CoolDump1.4/Cooldump.exe

    • Size

      27KB

    • MD5

      a697ce295485be3cfcff634133f3ca9c

    • SHA1

      401d9b986d576d8caf9d86c8482bca8ebfec584b

    • SHA256

      72f0a552ff61986b4ba28258eb1911dcb41cab810ab91573acd6c843a9548690

    • SHA512

      78588c31af9a2118d34b36be98c0215a1d8fcd737f71fb031e4327cdab70c87cd1de851260603cc5fe46ed60ae12fdcbc28473e01950f5f505dc361b62994dfc

    • SSDEEP

      768:m+0gKCyhpCaaQUkpo3ZjYp37RRK/zdUdY05:mXTCyhqkpo3Z0prRRMBqY0

    Score
    1/10
    behavioral10behavioral9

    • Target

      lordpe/LDS_Clients/CoolDump1.4/Genoep.dll

    • Size

      3KB

    • MD5

      5d0b17de94c05d5be9f86c926dbb4cc1

    • SHA1

      8255f53cdc0e85113212b0cf066afd7a85c013d2

    • SHA256

      1cbdc2dce9ee1c2ef270fa51c1cfa0f2f178baa312205fd13478c84340376418

    • SHA512

      c3452acbb75b0b87656680e83c9b787c10d9e6d4e97f32e9a069efdb1be2c50f839d73d6cc363fffa4eceb4130368b9b34d245a1da02cf35c4824ac6ac951a1c

    Score
    1/10
    behavioral11behavioral12

    • Target

      lordpe/LordPE.EXE

    • Size

      204KB

    • MD5

      e59e119b3b2d3fe2a8ac8857c7dcecfc

    • SHA1

      e9f9cddf3fd5aa84fb747c749816eaedd8212c35

    • SHA256

      354aa2ad5d67f8ce77497ccca2207be8f1bdc368bbe8bbed9689576951be1706

    • SHA512

      9242fee686662d29ecead70fb9a1476587370ec3ce65fc9aa79097fd4139bb9b20d1cc99de62d6b9026f89e33907bca3178cecb2593395b0e83f9c764a840fcd

    • SSDEEP

      3072:e2ssD59xVlcRRrg4dR5NHqJf9bWDrS1pE23hhjXnYJpqy3W:7hgRlrPabT1thjXnY

    Score
    7/10
    upx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral13behavioral14

    • Target

      lordpe/Misc/16Edit.exe

    • Size

      2KB

    • MD5

      a3f82c6078a30c34b2735d6b57a07a27

    • SHA1

      968312ac5cb99351a4a85a1aa68797d88d54e1b1

    • SHA256

      5b16a8403136d9eb3428fe2dfbf1ce0456b7b8771520ae9718c5c49d13216a9f

    • SHA512

      58b0bf6cc6a7b472c59b32472855cc5dea7eee07b3ebf6055ad201070491dbe3d52631c9253a5eb7147981e3df66e6e206fcdc8f967429584e2b1815113c860b

    Score
    1/10
    behavioral15behavioral16

    • Target

      lordpe/Misc/16Edit.tXt

    • Size

      916B

    • MD5

      d2920125bd9edf754a24e03d29c003ca

    • SHA1

      c1da3cee76f3c3fa8effd4c772e1438be1f49724

    • SHA256

      4115afe3c13f2624827924c638dbb5a904e6bf8c34b825b71290dad1d7c1dfa3

    • SHA512

      52646dc9d546986be9b4a189654da716c34a8fd2dce02b1764aa1f6928838d657d211bde00d8456249d30728bb8b2021dc81dbf37ddc5df9e1c094a7501122c7

    Score
    1/10
    behavioral17behavioral18

    • Target

      lordpe/Misc/LordElf.exe

    • Size

      17KB

    • MD5

      2d4fd32d52ca6acae9e0c91c937d26d1

    • SHA1

      818679b15dd81c9319cf3aa8aab74930a8f6e2ad

    • SHA256

      608bc05b2f1f0eee92a58b1123d5ba34cf60b1c4e21b7db5facf645a7d21ecac

    • SHA512

      e17c302cd0ccf9fac69dd3bfc89958515a8c9ce54c3d25efb9a52453cce5f1c39c782ae0cfd6c816f8c4872921b2ad3279d7ef3745d24cf2c65749d6ee1cd740

    • SSDEEP

      384:RTw8ZtDruJBc3HTFZIZRsM0GA4x44CbxSnbduq:1Zt4G3zDGj3A5Jb0gq

    Score
    1/10
    behavioral19behavioral20

    • Target

      lordpe/Misc/MetaPuck.exe

    • Size

      92KB

    • MD5

      a4499771dba2865f466b479225b45029

    • SHA1

      3750021ff78b25da8c4fd8ccd303f85b8839b5a7

    • SHA256

      1a7b6c35c1d1d5ad1c0486140f8c59680310efa913fbab7ef8e330963384c0ba

    • SHA512

      6121d1f2f77620efba0a20a54d1f626003432af15b4d3e841393b954ef026438690f02403eca9126643f5af29d42188f77492e50ef8c3cc0a70378646288159d

    • SSDEEP

      1536:E6OQvPBJRIE8CXmcsJemoIcJVc5w4yAAXF5mrKQpemch:E7QvJvIEDsJuJVcenFsvplch

    Score
    1/10
    behavioral21behavioral22

    • Target

      lordpe/Misc/PESnoop.exe

    • Size

      20KB

    • MD5

      28f6c45492824b68300ad5926cf9e33c

    • SHA1

      b8d566b35444bcf1d3d0ecacfdc1a16df47051d4

    • SHA256

      df9f965798a2aadc939cc485d8b8beec9a6896fa55c8cdee3ce7ac9f8e755060

    • SHA512

      3735ebf3c065091fdbf71c3dca771e6e06c9c759ab4ce8e291f1143f8c81bf94d64b12ec6fefdcd15a9ee9b00a1fccab81b616998ff6731bf3bbcd74a56c26b5

    • SSDEEP

      384:d3x/5CIR8m5qpjvp5SXruA4J4SaVLicOULdYIEry8JJrhLS82nV3:RxlR8ZpLp5yPE4fFOUJ8LJT/s

    Score
    7/10
    upx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral23behavioral24

    • Target

      lordpe/Misc/RunKMD.exe

    • Size

      3KB

    • MD5

      03257a86135f3a7b032983ca6f73f3af

    • SHA1

      86687fcdf4667943a7e0c82014b84c150dcffca0

    • SHA256

      08de60d24f338b89b5c57f886fa44b8f7b66d61e5a63fbfb285ba7f319cde0bc

    • SHA512

      50a2808cc567334bbf5d7d7d40651ba17e0e1461217a95a1e7934a5b4a0848da485cee5cc4980ed73ee5cba343b3acde909f744a1cc696b3bda7f68bb7f77b71

    Score
    1/10
    behavioral25behavioral26

    • Target

      lordpe/Misc/RunVxD.exe

    • Size

      2KB

    • MD5

      46bd7685a552b4ccd789d7f41b19595c

    • SHA1

      7ec94801593a13966baf5f2deeaa5a20061db630

    • SHA256

      b282286186d2382554786f4d159047ed2d487d1d6cc1ff60f7541c707475fc7b

    • SHA512

      b13039a9660c53a2d3f2c7024bcbf6c8b1992aec378f51d7d2f100b88477057f2548b4034c244370d342e481feeced85a94055a1aecc0ada5d6227d3ce9d3e49

    Score
    1/10
    behavioral27behavioral28

    • Target

      lordpe/Misc/SoftSnoop/APISnoop.dll

    • Size

      4KB

    • MD5

      1045725f730e78fd784d83be5871446a

    • SHA1

      e559e4809e934fbf7f38402a4448a7c702de36c2

    • SHA256

      7e52ae2658cd326a5f410b4807d1f240b796a5fb9490843a75305a9a4c758507

    • SHA512

      80154c070624b8a18b682b1c4fa34676f3ac1cf2f4094598429f968376368786aa8c4f2bef96b729b03fc2f97d1eb69ddfa5e7ec40a962a9c07acf84c4ff6943

    • SSDEEP

      96:oNhzCF4XbgR1s0q+HSuR+gMpNrjNach0:xiXb+13qGFR+vX3

    Score
    1/10
    behavioral29behavioral30

    • Target

      lordpe/Misc/SoftSnoop/ForceLibrary.dll

    • Size

      10KB

    • MD5

      b1c4110f097ba835fc837ae8f769ced5

    • SHA1

      6583f357e672846763532c88157948570a994d51

    • SHA256

      844b7d5029105bc3fb06ef64ac50eb67db31e87a01cdfbd39343e9611c6ceac9

    • SHA512

      9aa7425efcf8d1f10b07c21f8ca864506a27f546799eb1bbc5cd59d6eb89e4cc0ab9ad7dd069669c735daa40b08c13677ed37f7c3bf61f7e49d76ee7401c0e50

    • SSDEEP

      96:q6trb+4veKCb0iCWvW3zWqJ1Mxw0NdGNVAQngUlCqJnENfJH9Re3a3tfUqg:Pu4W3b0c+MDdoblCj3Hymcqg

    Score
    1/10
    behavioral31behavioral32

MITRE ATT&CK Enterprise v15

Tasks

static1

upx
Score
7/10

behavioral1

upx
Score
7/10

behavioral2

upx
Score
7/10

behavioral3

Score
1/10

behavioral4

Score
1/10

behavioral5

Score
1/10

behavioral6

Score
1/10

behavioral7

Score
1/10

behavioral8

Score
1/10

behavioral9

Score
1/10

behavioral10

Score
1/10

behavioral11

Score
1/10

behavioral12

Score
1/10

behavioral13

upx
Score
7/10

behavioral14

upx
Score
7/10

behavioral15

Score
1/10

behavioral16

Score
1/10

behavioral17

Score
1/10

behavioral18

Score
1/10

behavioral19

Score
1/10

behavioral20

Score
1/10

behavioral21

Score
1/10

behavioral22

Score
1/10

behavioral23

upx
Score
7/10

behavioral24

upx
Score
7/10

behavioral25

Score
1/10

behavioral26

Score
1/10

behavioral27

Score
1/10

behavioral28

Score
1/10

behavioral29

Score
1/10

behavioral30

Score
1/10

behavioral31

Score
1/10

behavioral32

Score
1/10