0b1d4cafae5a68d86a91d3ef9f134ee06e7c1e47031d0d79dfa6405807478241 | Triage

Sharing

General

Target

5a737ef35d8d1a3f277799c17d6cf631_JaffaCakes118
Size

2.6MB
Sample

240519-vgb3nsgd64
MD5

5a737ef35d8d1a3f277799c17d6cf631
SHA1

6eec5820b02777cac92cdf88f8140e19622a7893
SHA256

0b1d4cafae5a68d86a91d3ef9f134ee06e7c1e47031d0d79dfa6405807478241
SHA512

a976860cd65b8f81f37a0886a9d76f143e3be6b0e69071230eafd9a04d6333c82d291c49c02d5cd94a0ebf5f900a31d90c674e1bfff1d9e522ce96fb7a5bbb28
SSDEEP

49152:QiHWSQsqCaf7dbgbg5Cc18KnKwGdN2ak3DRFD5ScBflNazzCtBW:ZQZCO7dbgbgXhKKaEXdfuCBW

Score

3^/10

execution

Malware Config

Targets

- Target
  
  RedBoy 4.0.2/Bunifu_UI_v1.5.3.dll
- Size
  
  236KB
- MD5
  
  2ecb51ab00c5f340380ecf849291dbcf
- SHA1
  
  1a4dffbce2a4ce65495ed79eab42a4da3b660931
- SHA256
  
  f1b3e0f2750a9103e46a6a4a34f1cf9d17779725f98042cc2475ec66484801cf
- SHA512
  
  e241a48eafcaf99187035f0870d24d74ae97fe84aaadd2591cceea9f64b8223d77cfb17a038a58eadd3b822c5201a6f7494f26eea6f77d95f77f6c668d088e6b
- SSDEEP
  
  6144:SIQpxILDXGGMO7Ice9C5kQw2hWHcHTykhb:SIQpxILDXGGlET9n/cHG
Score

1^/10
behavioral1 behavioral2
- Target
  
  RedBoy 4.0.2/FlatUI.dll
- Size
  
  55KB
- MD5
  
  5031bf9275d187b8a6be53eda58ed266
- SHA1
  
  8c5e6e0604a0e5bf1ff069693cda9a8d2f57d0be
- SHA256
  
  404d7f9c9723ed2b5203f396b4d9ca9ff07c34797f4c2ae75313f9bed965e66b
- SHA512
  
  9704c5bf9f8bd00241520469d7e0eefabdd20b34652db7939c07bedd6f954027eeac02b7514acc3382cd0d04525a2fbf7b6b7b737cb77c429f9d6887d30c4129
- SSDEEP
  
  768:sgsnXKcl4Ssft2ViMiiFHYmTbAQnhr2OsGkueF7+rw3qx5eG5cevRbEFUm:sgsnXbl4SslN1mTbAQnPs7+rg2eGxAt
Score

1^/10
behavioral3 behavioral4
- Target
  
  RedBoy 4.0.2/MetroFramework.Design.dll
- Size
  
  16KB
- MD5
  
  ab4c3529694fc8d2427434825f71b2b8
- SHA1
  
  7be378e382e43eae84f1567b3570bca9a67e7697
- SHA256
  
  0a4a96082e25767e4697033649b16c76a652e120757a2cecab8092ad0d716b65
- SHA512
  
  02d7935f68c30457da79ad7b039b22caed11d8aedfec7c96619ac6da59ceb7c5e7a758dced64ec02d31c37a2befccdc8eb59be9e2dc849aa2bc22fabb5fa00a5
- SSDEEP
  
  384:HYAB8KPALBamLG3gckiBTVU6sgFf5L7WTOYKpKG4rw:HyLBamS3gckiBTVkgiVXr
Score

1^/10
behavioral5 behavioral6
- Target
  
  RedBoy 4.0.2/MetroFramework.Fonts.dll
- Size
  
  656KB
- MD5
  
  65ef4b23060128743cef937a43b82aa3
- SHA1
  
  cc72536b84384ec8479b9734b947dce885ef5d31
- SHA256
  
  c843869aaca5135c2d47296985f35c71ca8af4431288d04d481c4e46cc93ee26
- SHA512
  
  d06690f9aac0c6500aed387f692b3305dfc0708b08fc2f27eaa44b108908ccd8267b07f8fb8608eef5c803039caeabf8f88a18b7e5b1d850f32bbb72bcd3b0b7
- SSDEEP
  
  12288:O+/9JcJlYqCNktA+SXfGpq2fHowSqCNktA+SXfvJR9FrIJJaqCNktA+SXfUC:O+/3qlrCNoh+UqgIwhCNoh+JR9FrIJJw
Score

1^/10
behavioral7 behavioral8
- Target
  
  RedBoy 4.0.2/MetroFramework.dll
- Size
  
  345KB
- MD5
  
  34ea7f7d66563f724318e322ff08f4db
- SHA1
  
  d0aa8038a92eb43def2fffbbf4114b02636117c5
- SHA256
  
  c2c12d31b4844e29de31594fc9632a372a553631de0a0a04c8af91668e37cf49
- SHA512
  
  dceb1f9435b9479f6aea9b0644ba8c46338a7f458c313822a9d9b3266d79af395b9b2797ed3217c7048db8b22955ec6fe8b0b1778077fa1de587123ad9e6b148
- SSDEEP
  
  6144:M4S7k5hdCpU4YqfkUGz6KpQQZQHDXjNCdOZgLdL5DXBK:M4S7k5hdCEQHP1Zgj
Score

1^/10
behavioral10 behavioral9
- Target
  
  RedBoy 4.0.2/Monaco/Monaco.html
- Size
  
  6KB
- MD5
  
  22b3c30b025d532acdea8f5e600e12b1
- SHA1
  
  37e5a2ebb3eade5accbc90e18a3ed9f1aa13baae
- SHA256
  
  d62c99db6c3c2169af9242eabf92da4981020b165e76dc220283c25dd9087e55
- SHA512
  
  09f7805287407aaaff7a5ce86ace8c6feaef9ac07e90788232295beb8bd2d21edfd3a2b44b43aa62e7448705150744e0710cb867df8e44cfa070ea9d21e30a80
- SSDEEP
  
  192:wEod3Porv5AmQp5keghKcCI2MCTJ3+NLSaPh/WCY/jt:ud3PoFBw5keghHwjt
Score

1^/10
behavioral11 behavioral12
- Target
  
  RedBoy 4.0.2/Monaco/vs/base/worker/workerMain.js
- Size
  
  149KB
- MD5
  
  27ead90c7702154755785e0e53398755
- SHA1
  
  86b59485fe6f6ccb1805183fa75062a2ac1c859e
- SHA256
  
  bdf9433692a08851e13dd58504eef19f51bd2ec7241923a68edf5772e0e53af5
- SHA512
  
  6829681575179c90bb7817b17feee60e7d44d8abb15264ab39d7f0edf95dd1d030b99c12b005c753cd786c26ce6f17ff09b058c16f3363596f785e386ef78e82
- SSDEEP
  
  1536:XNSxrkwnz+dTHHfvYYdBwDZ2Ogvh52xgh2hQXIvTBaB7hU74Yc6aphU1PblosJEl:XzdTagJkb+6jFlJJEt9yjjTCD2zw
Score

3^/10

execution
behavioral13 behavioral14
- Target
  
  RedBoy 4.0.2/Monaco/vs/basic-languages/bat/bat.js
- Size
  
  2KB
- MD5
  
  4cb475399c4490eea41982dcd6d9653e
- SHA1
  
  fc97d57206ff7fa1c89ff0fc9f6e2f04a20ea185
- SHA256
  
  9bca42394fe8922fec24b768eeb8ce04692de6fad82f9052d5b7e70f5c6b0f40
- SHA512
  
  27eefe83cf38a7d784414d99b472f6fcd7e595691eb0f368254ba1f71aaf702840b62bf232c30c515a8fada234699fefeef496c0c24669cc158cb567227e4783
Score

3^/10

execution
behavioral15 behavioral16
- Target
  
  RedBoy 4.0.2/Monaco/vs/basic-languages/coffee/coffee.js
- Size
  
  3KB
- MD5
  
  9d0c4ac1691eed0a480c3e9246490d29
- SHA1
  
  38258864fd070c35cec6b68715d58771df9fe3e1
- SHA256
  
  e706c9f8e5c5a0cb01b2f4e4879ec34a050d6eb2a8840284eb7badd9d78099f9
- SHA512
  
  437a703607a9f0cb96ffb56312d149b95f596290591d14098c36d978b2e1fdba3c3712c9099923bc0a709c5c0ebd7eea868f63dfbcc69cdf5a9325b8a67006b6
Score

3^/10

execution
behavioral17 behavioral18
- Target
  
  RedBoy 4.0.2/Monaco/vs/basic-languages/cpp/cpp.js
- Size
  
  5KB
- MD5
  
  0a16509e6cd0155fb622e785cfe976c7
- SHA1
  
  7afa7f823191c43d7a4bdd7d91577495de62c21a
- SHA256
  
  a7c2bea7ca3d9e203a3a286735945fe010c8f4f8d46620386ee8befc6a78b32b
- SHA512
  
  2cbc48cb10c467561c6a84f59405e9c2f864640b3a21e6fe5cd14ad1a7ca5667b766b3c0511df26f28205dd17338a878bd1164a4f5875235a73214f3e4aeb49d
- SSDEEP
  
  96:hFDMgRs/rbV1+gqVV1+/LVb9ZRC2seM6jjz13MwVcEghhb6Yw76wGcmvRBNIs:hZGrTOcVv5M61h8hSeiYL
Score

3^/10

execution
behavioral19 behavioral20
- Target
  
  RedBoy 4.0.2/Monaco/vs/basic-languages/csharp/csharp.js
- Size
  
  4KB
- MD5
  
  f8f841d13c9220e15dcd6bc386b37ba2
- SHA1
  
  2b8b7003820d19ed83afde98c845db5e3d5753f8
- SHA256
  
  6b3be9a86ee8e3202f51745d94d24cc1eefbcf7d9e6d94fbaf70146b084e835f
- SHA512
  
  0b167865b8d7847792c80144e83bdf33655db6ecc0934bb3290f8b5793fee8168aeaf9d74b3541a9424c4f180aad496c2d8710e3847a5bf9d4b2c960ddea4ae5
- SSDEEP
  
  96:hFDMgRsVx+rbV1+gqGV1+hmQuq1cBh8b7gj8/pLxb6J994wGcKU7dYIkI:hZi+rTtPsRXpw9SiKUJGI
Score

3^/10

execution
behavioral21 behavioral22
- Target
  
  RedBoy 4.0.2/Monaco/vs/basic-languages/csp/csp.js
- Size
  
  1KB
- MD5
  
  22ada25d590811dcff4e5f5d698e583b
- SHA1
  
  c43d4846967d5037ef05b102e49d1fbc54e45fbc
- SHA256
  
  4b5a5d7d50986b86b00833447e097c0f01a4388ce1765b48e7e371d06e3a4789
- SHA512
  
  c8373ea0b78114f82e8bf027473f72ada0d8acd51623152a0072111d8b3b7d5ac310a1cc510c4e4cd2e97a7686db3c87b2da675fc910898bd11108e4b50ed189
Score

3^/10

execution
behavioral23 behavioral24
- Target
  
  RedBoy 4.0.2/Monaco/vs/basic-languages/css/css.js
- Size
  
  4KB
- MD5
  
  49ad30f1151cfd7a74677fdc6dd13da9
- SHA1
  
  286d47f0a4cfa26da2e4d1f1317a8c87000bb5fc
- SHA256
  
  bd331fd3bd2c37b0c3150035325f163ac9266bf6d942310764815e676d856d91
- SHA512
  
  7337706bfd5bd54938da0fba35e97f8e5780491c04b58d43fc6d905bd2dca92897f1ed8d48e42665f166da7684cc6e29a63ae73f8d3779a9feb97c397a642f0d
- SSDEEP
  
  96:hFDMgRsozIq+q17qcq6V1+/aMj1cqTroIrqjKf8O3lzXY0Jc:hZzzv9VmjoOf8O39XbJc
Score

3^/10

execution
behavioral25 behavioral26
- Target
  
  RedBoy 4.0.2/Monaco/vs/basic-languages/dockerfile/dockerfile.js
- Size
  
  2KB
- MD5
  
  e32de981bdaf75e6ffb8fe40bc955a68
- SHA1
  
  bef1af7b26ea01c987c7a6295bb7192d83a32068
- SHA256
  
  65b86fc54e9b35d6cb84f01dfb905680dbcad6605757de1d6bca84e3029889af
- SHA512
  
  a3eadd8c1389dff6c2c6e595efff69be3a573d01e4e16b8e4a8b28f63e4c48c9c439b5dd93666d81d703d1c6b5bf927cc8e47d04af270128095f0d579407c2f4
Score

3^/10

execution
behavioral27 behavioral28
- Target
  
  RedBoy 4.0.2/Monaco/vs/basic-languages/fsharp/fsharp.js
- Size
  
  3KB
- MD5
  
  de122b3bc44a8714f386dc80282dcb12
- SHA1
  
  06888a9b616993e9af9797cec64c6d419065f2cb
- SHA256
  
  1390079babc117d3f376735780d98f409f317eb4628d17106642c6933ea1da7f
- SHA512
  
  ab48f2e5bfa6ea0024530141bb5d35b9090ee0254a3e8f8b86fa36cc8c2fca8000a3caafcfffc1d83e21c488e1f1990c91f537290b54fbbca1d3c7be090dfba5
Score

3^/10

execution
behavioral29 behavioral30
- Target
  
  RedBoy 4.0.2/Monaco/vs/basic-languages/go/go.js
- Size
  
  2KB
- MD5
  
  5b4484c914cd97aff4510b803f2517ef
- SHA1
  
  8f275ac36c57c4c464e30f92f525ffbd0fd436c6
- SHA256
  
  46d1757c3cd3dbc3c7b465a338880144922a1c34c30e36f06ff2db8c2ff75b86
- SHA512
  
  b34c64f9997f4b72760eca270d2a0c2e22d83467d3f0bc82e7c0e63d62d8f9d74a144a28d676a223cdefef417af723801ac0535375d0dd64bb3a81e87617fed0
Score

3^/10

execution
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32