General
-
Target
6321e4cda46b348f3f5acba99c00a686_JaffaCakes118
-
Size
1.6MB
-
Sample
240521-nlz7qsca3w
-
MD5
6321e4cda46b348f3f5acba99c00a686
-
SHA1
1eaeb662e2ae22ea90df6bfef1ec61dcc1918211
-
SHA256
dec719b460f471670e42d1174a2405706063128b81da992dda953223212e6065
-
SHA512
bcb07da3d3ee7f09f1aad73bfb9429b11d7eac1a6776498f43c34e5253d73e570b2ce876ed91a752c94ba1a0d6f6658dc6cf1e6ddbe600d278d6569663a37171
-
SSDEEP
49152:+dhGeS7PVefIo5v03Cpv1/L4FhUOnfH6HQW:+dhGn7deAoOSp9j0CO/CZ
Behavioral task
behavioral1
Sample
新云软件.url
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
新云软件.url
Resource
win10v2004-20240508-en
Behavioral task
behavioral3
Sample
歪歪团队刷花辅助.exe
Resource
win7-20240221-en
Behavioral task
behavioral4
Sample
歪歪团队刷花辅助.exe
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
新云软件.url
-
Size
217B
-
MD5
e5e80be1cf1a1b2af35991aed091c827
-
SHA1
79e02d122cdf24da7e59044b4bf83572242b4c71
-
SHA256
1016d243a1266c9970996f2847639ecefbecc361cd98fb79d27d048eee3dd69e
-
SHA512
b926f6e34e0e9e260a8f6e59ec8e660af0fea09de91140d968cc7665ea45f840a8951f4a1c0400bfe384d2e269159febfc5e32981b863b9d97830f5eb2521705
Score1/10 -
-
-
Target
歪歪团队刷花辅助.exe
-
Size
1.7MB
-
MD5
8788b56c553d454bab5fa39e625ac497
-
SHA1
6a5066debb0648a02025b96f7aed0f2a25b18bb7
-
SHA256
b50c6855c8a5292fc23d6c410bf84518d5ec5059c6605c9e78041ed11873c3fc
-
SHA512
57ccd0b955944cf54de2987d9108584f94df021072bbef97d391d58e032fd0100329df0c55d21619dd9eea9c1e934c71e8ac21eca343ea1e085a52443698aaa8
-
SSDEEP
49152:9qDo3PoD+UClLOtQgJBy6xsd3Dpj8oB5JOuz:9qDrD+U2LMHJBZsd3WKIe
Score7/10-
Loads dropped DLL
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-