General

  • Target

    28259b80b5dfd68aac23044f25dcf902_JaffaCakes118

  • Size

    1.8MB

  • Sample

    240509-d9tpragg3t

  • MD5

    28259b80b5dfd68aac23044f25dcf902

  • SHA1

    c1b1ecc858ccd75d06b7c9fd4f03cdf9cf66a193

  • SHA256

    8f83d2ebf1432f032bb308db5faa318d334e3c804b4670fca82fde807813f4aa

  • SHA512

    739f6d4d7aee19184a9383c2f753c478f6565ee30926f26f83cd6e0a1fa2fcda57b8b3710e9aaedee9a7cf34b0f36b732bebe75e391cc2db2b2c880cc2482c50

  • SSDEEP

    49152:2hyAH7wSS/Ql96hU2xJavdN0uq7dmupUEabdwOAr:wyWKc6u+avdN0OupUEwdwOAr

Malware Config

Targets

    • Target

      注册机1.3.exe

    • Size

      908KB

    • MD5

      4d99ca221758f65dc947fa8b8dbae62c

    • SHA1

      ddcfe9a951b942aceb84ac0ca19a9a29aac31976

    • SHA256

      369b85d184da3dadfe166871d4260ce9c125f52322614d12119afc9fe3cf4ae2

    • SHA512

      7bc75bd6a08def65f668b717757ca99d287b80dd23ac0696b59f8260c8400165b224027a3d1a40429c645ff93154ae1b217413df59edb207cfe30c6e338f0760

    • SSDEEP

      24576:kfwzcXavYOOHLoWvIpjZc7BebpYjWb8FQNGN2:kf8cKvYOOHc2IpjZOBUPGKq2

    Score
    7/10
    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Target

      注册机1.7.exe

    • Size

      590KB

    • MD5

      333881cbddd33e7081f6f4a1a0a30023

    • SHA1

      ca214e2cd65f1415529ae4b7d3cfbfac7f67be5d

    • SHA256

      be6dcf2932461acad2413415b54b10340f6db02973cccc2b18f0a2606756ccf2

    • SHA512

      b3a894b8ea05bdfe32741b88faca233896333f98d80429b1e3a79e18e1732be80bd792a60321831ff650c3a49b9c99ffe1efcc730f1af8647031590fe78d66cc

    • SSDEEP

      12288:EQaTwJbyRaVUN8SmsYdKf3DLYfcRIQlWHnU6HdEnifDSt1nGmKT:v36ys5ffYePWHUydxqGPT

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

    • Target

      迅雷VIP账号获取器V1.3.exe

    • Size

      926KB

    • MD5

      c11772b4430194806ae884d0b2020709

    • SHA1

      5569f57353ce3bb27dd12b55bb708d5826600624

    • SHA256

      38d61aeed652662b205998d104420f01e80e7c58a383d1caca253973ced53591

    • SHA512

      73ded597125c09ef45297274857dd637884a6fa79e46e741a81620421bce4a64bd5e61a2d01e3df63a675de0c2bd6d213e9581900bfe900f2474bd3a0526ea2a

    • SSDEEP

      24576:NdYneTd/nKCv8CI+/AAJj/K/Ft6meRSFrVDg06QX//B:NdYeTZKMnwtpeRSpRgyB

    Score
    1/10
    • Target

      飘荡软件.url

    • Size

      328B

    • MD5

      e97aad722245bfc4a60be0e6f453be6f

    • SHA1

      c7b7c9585109f71526ed65616668ef7573841d9a

    • SHA256

      3f6b8de5ca595a2e7371396fcb22b303e0f664733aabc940657c33324d5f269a

    • SHA512

      f151b723079fc09ac4b44c540b278b8c273f3958d5b661a6b30e31b119dca6d017ab0f987c52c60cc46e917ef9626e943971017d8e1dfe11c4cf27b93a2c772a

    Score
    1/10

MITRE ATT&CK Enterprise v15

Tasks