General

  • Target

    4e88a40af47431ccc64cc047f655a10c_JaffaCakes118

  • Size

    1.8MB

  • Sample

    240517-fqz4jaae8s

  • MD5

    4e88a40af47431ccc64cc047f655a10c

  • SHA1

    38cfa4d551c2ed14f40d54fae521b9c9a4507720

  • SHA256

    b92841f934adb8f8a4d611ab15dcce01b452e807c794c0f2ca9e312f5c5f956c

  • SHA512

    1e46500b07103891fd20b9d20d579b139aea08b613500ab7c9d74c1383b819ba577fb91da4ed4d63a3b4c08b947269f766af2d338e06903b0d0946a64674f3f3

  • SSDEEP

    24576:UpP6wJichMBP+7jIZMF6xDbGmCoQZGGVJb62iReMq8WGn2Yuf67DxzpdyC9:8PT2+PIZRnQQGVJbDiMD8WG2Yuf67Db9

Score
7/10

Malware Config

Targets

    • Target

      jishiyuwaigua/及时雨7.75稳定版/JSY.dll

    • Size

      175KB

    • MD5

      ef3f5a40307a485ceeedb798715554ed

    • SHA1

      00dfbe112273845bdb45daf8a26ee78183148366

    • SHA256

      3d4d06ebcfd1339dede06faadef4da8d1ea1d64e39d32a007dc824e3299a8a4c

    • SHA512

      ac864a25229fa92700f2afe54416c2f9acbd5814954c504156ad6e773c1f2f59f7bee8f1fcd35360687a7e37430673eaa2b0e7921e9937cbec653334826883c2

    • SSDEEP

      3072:SMJShfPyLyxQTWZt/Hwxb6asKHNqzkyp/hyHuFI+du0p2qxw:ItPyLoZtvE6asaN2UO2+bw

    Score
    1/10
    • Target

      jishiyuwaigua/及时雨7.75稳定版/WGSHELL.DLL

    • Size

      15KB

    • MD5

      a74f8ab273e54a3057612b64ee7eb7b3

    • SHA1

      7fc16b11fbe2636d440a23a83f6609a9531d050d

    • SHA256

      b3641f407ba390bc548cd4231041b51bd223e725db97cb68942403b29cae1b9e

    • SHA512

      0b837d9d76363b709bd24e7a3aac1c797569eb284b35e2589d12656d1b2c39db9a8dfb34afd0674ba7f49f807e773ae4659b93e6972d08bdb77b2b9ac2db491d

    • SSDEEP

      192:smR+paap3nsVLHqc1BYQBWzNQX1u1WEwzA99yVjycjK6qupUWWPuRtgRg8EDj2+N:PRuzOAWwzNzgbzA94VjlxkPmtg+8T

    Score
    7/10
    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Target

      jishiyuwaigua/及时雨7.75稳定版/jsy.dat

    • Size

      167KB

    • MD5

      41585b26bedef25293adb0b5858a41f3

    • SHA1

      9193b7761b3c292a033d4cc5b5733537a7e0eddd

    • SHA256

      479d02a43572bd269b473d80ee6ec57f9ca1a863d2fe20eed7ebbd81b9c34164

    • SHA512

      28726745e2ef5aabe5ed336b1f860290a6f62cf0b8bbd40cf25746baafa4a990a8e5b4f33ccbaf0a8f56bb2c2f03fd99335f82361b250cd2ad291e0d78fe4cce

    • SSDEEP

      3072:+M5OAQmIM5QTETX/8mEXJhBgYC5PNNYRrKFYXHkj5olvXK/62H9o1:+M5LeTW0f7BgYsgKYe5ol/K/XH9U

    Score
    7/10
    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Target

      jishiyuwaigua/及时雨7.75稳定版/启动及时雨.exe

    • Size

      849KB

    • MD5

      897844fef8b8ea024e527039fe3a517e

    • SHA1

      34ac8260ef6e61f861b25180d38d01c4f7a7968b

    • SHA256

      0feeeb35f8457c9b112c0c85ca6f4e339c160c00fae1f5a90195e9d6cdd8d2e1

    • SHA512

      00f7f61fdf062e9df0eda629a5f3b88acb5ca39d5e91876a171fa6fae71a0b2b3b02492f57d06cdb9face5cc9abdc5867f99a9bab4f37ec233b51dbfb2288419

    • SSDEEP

      24576:GLI7MP+h264PxXlaZ/pZLxIu7IT2Bv+ZcL45/oVPricME7O:YTPxoJxIu7IT2ZTb1ri/

    Score
    1/10
    • Target

      jishiyuwaigua/及时雨7.75稳定版/孟度斯-免装软件园.url

    • Size

      78B

    • MD5

      20667b33dde8ca304a1ff977560496b5

    • SHA1

      3608583d8af2890a1a158dd29e5c2dd7d5e03f39

    • SHA256

      76a38d95eded3d8e4b71d4f3be5788936d0f206a15b5b9a63b5a22d5eca00440

    • SHA512

      39b316c1bdf97f9a4dcf087d581613cc95dc2ea76ba71da589efb7962b215089c4faa9b99a227f2538b1f7fc46344b6c3192bc43fdcd54d8a8a7b0611f1e018a

    Score
    1/10

MITRE ATT&CK Matrix

Tasks