Overview

overview

7

Static

static

7

易CE/imeOP.exe

windows7-x64

7

易CE/imeOP.exe

windows10-2004-x64

7

易CE/safemode.dll

windows7-x64

5

易CE/safemode.dll

windows10-2004-x64

5

易CE/注入器.exe

windows7-x64

7

易CE/注入器.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    68c2dfc69c7e5c406b7739d24bbb1768_JaffaCakes118

  • Size

    1.4MB

  • Sample

    240522-1r8saaab9y

  • MD5

    68c2dfc69c7e5c406b7739d24bbb1768

  • SHA1

    99b263fa73ad78d98b4806df325f73995686214a

  • SHA256

    44822ed98fd21211f8716fea25c452b021980945e84a30fa1dc02850d6b9c627

  • SHA512

    1f0b0297ad15454c2505307b2c069830f74f69eed0d789e24ddcba7ff146cdd4add9e0013bf1e5168e76cdf9bea578c6c14256bae28dd340b2cd3a0fe7433117

  • SSDEEP

    24576:TmNw3Hs/P9XDd+joPpA3UFAMb51rqn1vw8d/NZLinpq/BmQ6ualKc8BcZ+sjVf5c:TowylR+ATAqhq2C1Z2nAEQtalb8BmjVm

Score
7/10
upx

Malware Config

Targets

    • Target

      易CE/imeOP.exe

    • Size

      343KB

    • MD5

      7f66b698a914a5195b52d5a7970cf27d

    • SHA1

      aa76ac30ad92f59542aff4c32e09a37be25de06f

    • SHA256

      535f2e255cf55bea3abaf6602c11bf1acf871c208675fc752ee7c6eb75a4643c

    • SHA512

      f64c8fa21635bba8247cc30e0e8540d5072e39792c318118f1555b76c1abd3054bbfd35b1d334c535d5b562879067d13f255b314746b0807e136d6db343f993e

    • SSDEEP

      6144:xCBQLbubHkGaAfS+dQ1KOTrJM4TmPVG4hAUjPmhi27NK0dxKThDDKV:xCiiLtfzQUu1x+V3hxmi27NhMC

    Score
    7/10
    upx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

    • Target

      易CE/safemode.dll

    • Size

      2.0MB

    • MD5

      44872cd22bef04e8f364862ebf3719f7

    • SHA1

      c79c02d662c06d884cbc5e7f2d99f620be98008e

    • SHA256

      6834692e8eb27ee91b98ed7375f67cbb355913f3d19f74bb294b981d5565c7c4

    • SHA512

      3b8e0d32f53dcf83168139c06cfa2c6d9aca64b9bfca1e4809e647174354282559705c5207c0c60711ab204ba6e0cdfed0d9b6db998e0c3226e877970e48e1ae

    • SSDEEP

      24576:NdCv2XMtGtlNMcaKFz+gA8clVOBghpYWUpPb5juUFayb0gaGau73BxKf5Ub3Mt64:NdaM03OBeIaJ43HK+b3Mt66c8DJ

    Score
    5/10

    • Drops file in System32 directory

    behavioral3behavioral4

    • Target

      易CE/注入器.exe

    • Size

      440KB

    • MD5

      9eefe2a6eea099fdac641e2a3866fca3

    • SHA1

      54e81e8dff8aa7bd63db0103d0c5daab0d789d1d

    • SHA256

      0007651c07993b4f17a8f13f5b341486d89ba4c6b2f0068c2846cab9f819f1aa

    • SHA512

      4fee79aed340fc89cff0447b2bdfb264b0c92918f02f07d365b49b6476f813a1ebc38e1d7c4327b355d43f6b834246011207da44aeb336b8924d3d226f370e1d

    • SSDEEP

      12288:QU9R+XolTi+xYoPcx0AE1httt5BQq6zKcPa+wQ5pszinh:QHolu+xYoPcxhWhzt5BuK6dI

    Score
    7/10
    upx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral5behavioral6

MITRE ATT&CK Enterprise v15

Tasks