Overview

overview

7

Static

static

3

CF2.0无视一切.exe

windows7-x64

7

CF2.0无视一切.exe

windows10-2004-x64

7

CF2.0逆天辅助.exe

windows7-x64

5

CF2.0逆天辅助.exe

windows10-2004-x64

5

河源下�...��.url

windows7-x64

1

河源下�...��.url

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    640219ea02c25484734a0b4219396be3_JaffaCakes118

  • Size

    4.6MB

  • Sample

    240521-t8j2xscb5x

  • MD5

    640219ea02c25484734a0b4219396be3

  • SHA1

    b0ab961e9eb4ed4501090a4b60c131987ad89c53

  • SHA256

    1599c2228a1ef2167ba0ba197ed43ade129f4718a5d15ada2cd1492807381191

  • SHA512

    8a5ba581c56f6cbd9a3c9690d6006f22d51c3000f736f629cb495097f347a40d8f4ef3e51a9a3b253dd20843707317a2119b7d53ac819fa8df23cf6a1370c141

  • SSDEEP

    98304:izrUvwvJYVP5o5Hy++nYxn+4TWIbQt6B0Jq//cWN8V979luzwcVv9P1:izHv6VP2y+UriH0wnU97EvB1

Score
7/10

Malware Config

Targets

    • Target

      CF2.0无视一切.exe

    • Size

      1.5MB

    • MD5

      b8338dc3aa0b76c4f479be13e7de93f6

    • SHA1

      14a11740eaacd3d3a833540aa9b1923aaa10d242

    • SHA256

      3f4c085480b95dd31da6577a85ce5d03e1a3651e665ede7ccb5650018e8bc5fe

    • SHA512

      3c15345b5b9991cdd2b6bb2f06c2cdf11f7b8c47c3b539e634f378367ea56748f8d615dc217716fc6c3b1a34ba0ffc436a36ae101bd5a8f09e1fc3e5214615ae

    • SSDEEP

      24576:8s5pCmBYCiHXmJc+KhYixOmqBkK+INuosZSYMkztp8qqNthT:8Ei3PxO4KA/Ffr8qqZ

    Score
    7/10

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

    • Target

      CF2.0逆天辅助.exe

    • Size

      6.4MB

    • MD5

      2c811d671bb7d3844b3f7fa4ecb6c198

    • SHA1

      35c6feb17029681a5882a3a0c686a686e613643f

    • SHA256

      8ad2c142a26fce03d99bb6e6e1feab875764cf29e917fca1e0b753a6ba1457a9

    • SHA512

      d704f64616ed2599877e5441394882802230cdbaf4e8fe77e5e494b2ccdf52e3dee3465eb07297388c90be4680236a7f496f6d12d3063e80c5bb88560cc8b579

    • SSDEEP

      196608:uW/tQLB+2eZx658EzO0MtjnyQRpzzcYANfWxbij78VAzUNM:0LVi9tFJJANfBH8VaUNM

    Score
    5/10

    • Drops file in System32 directory

    behavioral3behavioral4

    • Target

      河源下载站 - 打造齐全的绿色软件家园 - 绿色软件下载.url

    • Size

      216B

    • MD5

      34e996cb2b7276521f864639da2c0d84

    • SHA1

      a95e20b06ee8d884649f3b80489163274fea2017

    • SHA256

      c81c908dff201c6cd53ba51c2379ce6bd4d3c1e00c20b648bcdd3d146a5a88cf

    • SHA512

      2c13f0d1418a6b9153e93cb7075f81dd670e88cd9ea13a9d5d9907ddfd354bf2091c7dcbf13a2bf4e85907420a7b77abbb941886168674cc1c396527a30a97f9

    Score
    1/10
    behavioral5behavioral6

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks