cc293a7faaf26797c23a6ae2e72a3b1abb9ec1cd103656daa0a0a427d5449702 | Triage

Sharing

General

Target

2e0e955a0bc281e627eede8c1a54b89c_JaffaCakes118
Size

759KB
Sample

240510-jhrc7sah3x
MD5

2e0e955a0bc281e627eede8c1a54b89c
SHA1

6715f5c50e6baf9cfdd730c7f5a9b301fd305dcd
SHA256

cc293a7faaf26797c23a6ae2e72a3b1abb9ec1cd103656daa0a0a427d5449702
SHA512

b69f75401234b9d6428d25ccb07af9f4dd8e5a89fc940d7c712f1257442b90d3e77325567a294a8bf34b1c1fa3bf2537e1c098c07ae517033c9c5ff31ca59e9a
SSDEEP

12288:WYaJWkvW4hueKLQc//PpFJJD6LuJzTDlYa7O+6wrYeQBvj/j/u6zS7IbIyaZa:SWk+zzV/PpHJD6CJXJYayFwrYeQBb/jJ

Score

7^/10

upx

Malware Config

Targets

- Target
  
  下载说明.url
- Size
  
  51B
- MD5
  
  79dafb9e093a348b8f775a297a4c970f
- SHA1
  
  c49ae01df1c8d4861179500574f416901b144413
- SHA256
  
  72e1b91cd4a23d7d8a77a3f1b1f5484593140f87f44f6b5d77a9ba0d362b9f7f
- SHA512
  
  30e875d36056f72d0e0dd3333c40619f36a2056e678f2d133d5152f4f79861ed5edd18623b7272801e47a4674306ad3a70a3a44a2663bb0a3fa2f5743310e4d4
Score

1^/10
behavioral1 behavioral2
- Target
  
  反聚生/AARP.msi
- Size
  
  878KB
- MD5
  
  db7fe957514871f5be4ad7aaa07efee8
- SHA1
  
  f49dd1e627dd914d14a85dacc88e306b377b4b3f
- SHA256
  
  0421ed4c54a48f579756d9bacef80f47f4d444b1786c304d2db4db72c12d1c2c
- SHA512
  
  80e686ffbec7eb4be3cfb8996974a12416de82403508328a274742470bacd05ae9b12ac2a99d3dc69cacf32315f3967102865515dbf2210729c7fd9b410ec908
- SSDEEP
  
  24576:54e7AuYnISIHeYgrcM2SsZsBMwhB05w7G:54e7AuYISOeY3ws7whBOw
Score

6^/10
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral3 behavioral4
- Target
  
  反聚生/ActArp_MemKey.exe
- Size
  
  18KB
- MD5
  
  8f911ce328d5828494808c464d16fd80
- SHA1
  
  160234948e98b00c2013e8836fd72389e382e32d
- SHA256
  
  c50e50227d66850ef74e9a9822fd8e3c76c8c633133c5f4d1a2c3b47e6e200a9
- SHA512
  
  8168a2948239005da384f4e72366d93a18d30968963b8ae5cf1183c69e0fa36a69a52ac330caf155ae0a6e68eb4d133cad08363ba761b5ea2e99b1b336c4ba83
- SSDEEP
  
  192:dF833cktJVwz7KD20O/XJjHIv8BtRtpusfuGI86zrvHL/vlANQmNJQU++0b/s9qt:b9ktnOvCUzjYbGILvDvlOwDs9f
Score

7^/10

upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral5 behavioral6
- Target
  
  反聚生/下载说明.url
- Size
  
  51B
- MD5
  
  79dafb9e093a348b8f775a297a4c970f
- SHA1
  
  c49ae01df1c8d4861179500574f416901b144413
- SHA256
  
  72e1b91cd4a23d7d8a77a3f1b1f5484593140f87f44f6b5d77a9ba0d362b9f7f
- SHA512
  
  30e875d36056f72d0e0dd3333c40619f36a2056e678f2d133d5152f4f79861ed5edd18623b7272801e47a4674306ad3a70a3a44a2663bb0a3fa2f5743310e4d4
Score

1^/10
behavioral7 behavioral8

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8