1599c2228a1ef2167ba0ba197ed43ade129f4718a5d15ada2cd1492807381191 | Triage

Sharing

General

Target

640219ea02c25484734a0b4219396be3_JaffaCakes118
Size

4.6MB
Sample

240521-t8j2xscb5x
MD5

640219ea02c25484734a0b4219396be3
SHA1

b0ab961e9eb4ed4501090a4b60c131987ad89c53
SHA256

1599c2228a1ef2167ba0ba197ed43ade129f4718a5d15ada2cd1492807381191
SHA512

8a5ba581c56f6cbd9a3c9690d6006f22d51c3000f736f629cb495097f347a40d8f4ef3e51a9a3b253dd20843707317a2119b7d53ac819fa8df23cf6a1370c141
SSDEEP

98304:izrUvwvJYVP5o5Hy++nYxn+4TWIbQt6B0Jq//cWN8V979luzwcVv9P1:izHv6VP2y+UriH0wnU97EvB1

Score

7^/10

Malware Config

Targets

- Target
  
  CF2.0无视一切.exe
- Size
  
  1.5MB
- MD5
  
  b8338dc3aa0b76c4f479be13e7de93f6
- SHA1
  
  14a11740eaacd3d3a833540aa9b1923aaa10d242
- SHA256
  
  3f4c085480b95dd31da6577a85ce5d03e1a3651e665ede7ccb5650018e8bc5fe
- SHA512
  
  3c15345b5b9991cdd2b6bb2f06c2cdf11f7b8c47c3b539e634f378367ea56748f8d615dc217716fc6c3b1a34ba0ffc436a36ae101bd5a8f09e1fc3e5214615ae
- SSDEEP
  
  24576:8s5pCmBYCiHXmJc+KhYixOmqBkK+INuosZSYMkztp8qqNthT:8Ei3PxO4KA/Ffr8qqZ
Score

7^/10
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2
- Target
  
  CF2.0逆天辅助.exe
- Size
  
  6.4MB
- MD5
  
  2c811d671bb7d3844b3f7fa4ecb6c198
- SHA1
  
  35c6feb17029681a5882a3a0c686a686e613643f
- SHA256
  
  8ad2c142a26fce03d99bb6e6e1feab875764cf29e917fca1e0b753a6ba1457a9
- SHA512
  
  d704f64616ed2599877e5441394882802230cdbaf4e8fe77e5e494b2ccdf52e3dee3465eb07297388c90be4680236a7f496f6d12d3063e80c5bb88560cc8b579
- SSDEEP
  
  196608:uW/tQLB+2eZx658EzO0MtjnyQRpzzcYANfWxbij78VAzUNM:0LVi9tFJJANfBH8VaUNM
Score

5^/10
- Drops file in System32 directory
behavioral3 behavioral4
- Target
  
  河源下载站 - 打造齐全的绿色软件家园 - 绿色软件下载.url
- Size
  
  216B
- MD5
  
  34e996cb2b7276521f864639da2c0d84
- SHA1
  
  a95e20b06ee8d884649f3b80489163274fea2017
- SHA256
  
  c81c908dff201c6cd53ba51c2379ce6bd4d3c1e00c20b648bcdd3d146a5a88cf
- SHA512
  
  2c13f0d1418a6b9153e93cb7075f81dd670e88cd9ea13a9d5d9907ddfd354bf2091c7dcbf13a2bf4e85907420a7b77abbb941886168674cc1c396527a30a97f9
Score

1^/10
behavioral5 behavioral6

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6