7bdbc9c96d08ae37f7ec2845584727ee301a7a26d1bc03b015b52d5804caffbb

Sharing

Copy URL

Twitter E-mail

General

Target

688ebdd89eb6b98118defeafbd4aaa06_JaffaCakes118
Size

13.0MB
Sample

240522-zgdnqafg51
MD5

688ebdd89eb6b98118defeafbd4aaa06
SHA1

a7c521cf109cb9d3bb49c2b2dfae40cf6fdf2c09
SHA256

7bdbc9c96d08ae37f7ec2845584727ee301a7a26d1bc03b015b52d5804caffbb
SHA512

06fb8b857a9fb3f0c8f31aa68568f98279a11c9e097e8c8b2345398b2d4589671ac0b14a7b505fdce023824fb540b7a11ad130b6aae9a82a8e14c1d6dc46b066
SSDEEP

196608:Ojp8rPccZBiQktIdybKgReuH85adDo+BNGuBTj7phT9C/fJcTYdaJUg65Mo3Z0Y:OjGrkcZrtGhRf85Ockxy/fmQrg65D0Y

Score

9^/10

Malware Config

Targets

- Target
  
  360Base64.dll
- Size
  
  1.1MB
- MD5
  
  78daff414cb587699bed6980cebbf8a5
- SHA1
  
  eafca98f4b33643162eec9b2d6e1f558e3bad06a
- SHA256
  
  d972d608bc83e3642a8236f8f482d60dcf3138bbed55ef86fd228ee96aa9cb9e
- SHA512
  
  0f60f11d6ddbc8e38079093cf0889b6fd8cb9c2fb598fc83d838776771ce4c78c908c00f8980c14b8eb8ffdb6ecae9561db1291ea5cb68bfe8be9c2f1493b32a
- SSDEEP
  
  24576:OeMfpl5ChnUgQym+D5Lr6GQlTB/lb8Bf:OtpvCV6SD6TBNb
Score

1^/10
behavioral1 behavioral2
- Target
  
  7za.dll
- Size
  
  784KB
- MD5
  
  675df218585cc989da3655a8c40f8f43
- SHA1
  
  adfe145af9129f52164d32b1c055832b9f9a0313
- SHA256
  
  c797237dc1afe4a72fe44cead190d0f93d24c9444b0df135581fa11934dbb85e
- SHA512
  
  2f7b20000950ac67082ac046887932dc19bfb615ac58739fb426a7beaa402b7bf0fd0f81ac9da4b7fb824bd769627826a6ce479ed737a57aba07d009b22021a7
- SSDEEP
  
  24576:sITUed6re8xVQW5eZqfpMAHBEMiqqqYv0:pTge8wWqqfHRqqY8
Score

3^/10
behavioral3 behavioral4
- Target
  
  DumpCreator_x64.exe
- Size
  
  129KB
- MD5
  
  518e15c451374865735f3e3afd931d6d
- SHA1
  
  4ba28eaf23a9f3a645cf38049d8b5a8dd68a9972
- SHA256
  
  471eceab741d3121ad6c9312b876e6315541e7a4cf7761b4fd9b5fc3d1db70f7
- SHA512
  
  230717aa05f8b57282e32cc3dc405113444a709afae28a1166eeaf9efa6959e6b2ea6b8a70201ab3944f32e327408188a94cfc3b88fc903f9392d5192a37ebba
- SSDEEP
  
  1536:9k0CdgroxlsjE/1vrGXhWyKGRo1s3pjIB5g4AC3pWTjo+0ghx:iXdgro3+E8TrR1pjIB5gwpWTMy
Score

1^/10
behavioral5 behavioral6
- Target
  
  DumpUper.exe
- Size
  
  686KB
- MD5
  
  ce1696485ad018ad2bee84be3875b049
- SHA1
  
  49ec38b481f5a946dc6c3d8cfebc9503a7783548
- SHA256
  
  5a886bb855189d4f9344f63a2aef3cbcbec4e9dc8afa411721561758cd0e0b46
- SHA512
  
  92e2787fdf1b4e24d4d3a3a02ba1327efbd05d83f5de74bec86f1f7b4300728ecb7fe2952562658c8e60e64370944205a558e2569c0dfb74316fddd6c039cc64
- SSDEEP
  
  12288:8QGJD2hWogy5E1I4mkdjA06zkRUDWOOdeSnLMmATCZLM0Kf0PJ1Kcs:UXsEawdMkRlBeS4PTC08Jsr
Score

6^/10

bootkit persistence
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral7 behavioral8
- Target
  
  GameMemoryOpt.dll
- Size
  
  513KB
- MD5
  
  1879948b9af2572a7c3b0841422603f9
- SHA1
  
  fc20653f50e6d32a621c104b286f1671ae1ac410
- SHA256
  
  9638678a98ed5d3530cc6d794506f61c6bfa70c7d57326065e75fcc4f37f4382
- SHA512
  
  cd1b19bb9f645beb0536d994e599acb839112007cc8ead162c989ea2c93bef9ce9851515b239ccfc17f6aa11534e141174c40a9ff712b0d0d9f1cd713d00b971
- SSDEEP
  
  12288:1zXPhDpl/A88izTEqdcv8fDmZjXhoyfAXK0:f/Acoqdcv87mZjmyfAXr
Score

1^/10
behavioral10 behavioral9
- Target
  
  GameMemoryOpt_x64.dll
- Size
  
  611KB
- MD5
  
  3e0dc4db77e7a5feaa7d6be62592a9d6
- SHA1
  
  21b968369a2881386fdf2109a84e1f05dbdb76df
- SHA256
  
  83119bcea617e27954fdc545ff07c826eeded29a4283d1daca9116a647ad1f6b
- SHA512
  
  3c0eb32826069a8fca17488fb2d8f768f2160a2a11b0ded06cf12e87d0bacfe6cceff44322c5ef8d44a9ead101734e3aee7f2adc644d519233bffbf6cb47e43d
- SSDEEP
  
  12288:50/Cc8xSbBAXHqCU4EfuRZiCwAQoyfAXD:50/C1SbBKqCwWR83AtyfAXD
Score

4^/10

persistence
behavioral11 behavioral12
- Target
  
  LDSGameHall/LDSGameHall.exe
- Size
  
  5.1MB
- MD5
  
  728f856fca04ba6ddd98e90e2d720968
- SHA1
  
  dcfbf627f49241023ef5dcd80689fc3cece893f3
- SHA256
  
  7b01d636cc4adcb5bd99906a68dc1c3090ea4e91cc7c7de6263b7697b391ecde
- SHA512
  
  eb2eceef9c6b10350ec8e0f51e7335c3a55b19eb62cbdc048a739ceb90afe7f8756d05396845306d6cda6d6d31fbbfe06262b40cca91dce76c196d0b48efb88d
- SSDEEP
  
  98304:HcEzW1ERES012WRxdos4MB1yLSgGo01eNbIe/9ErF:8bRISB1yLSshI2ErF
Score

6^/10

bootkit persistence
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral13 behavioral14
- Target
  
  LDSGamePlayerPK/LudashiEmulator.dll
- Size
  
  430KB
- MD5
  
  3666685a6d4a369ee0a2e1a3fd1f3ce9
- SHA1
  
  7ecabe1b4b8745d0b8e332b03eb927021bab008b
- SHA256
  
  eccfcc153e1a6816fbca5d8afeb4115bbe08ecb787d0c190522662f5fa0a1405
- SHA512
  
  df469abd1f1692de7baab4085cc1c7acd1531c0680fb015dec3efb7301c2b9b54617dcb3876273b9772c312f5ae0ef427c30d62ce91683e148f5ba456c602d25
- SSDEEP
  
  6144:oL7sOVPxZMlHE6HkprE2TsdHSFXEdIAOwAOiIdfPgtK:oXhVPxhudHSFXEdICcoPgtK
Score

1^/10
behavioral15 behavioral16
- Target
  
  LDSGameVer.dll
- Size
  
  17KB
- MD5
  
  0a322bd8569e13240cb97d87118058b6
- SHA1
  
  5a64996a79e28149c479761c84ad2bc95432fb81
- SHA256
  
  0fc02d785036d6e10e457fecf038f40f8740f76e9854a8b9ad5f085eeecf3f0c
- SHA512
  
  bce009376a9a2a0c614cabf00b6cbe1b5b65908ebbb5ce31d4e217657de7cc66502858d89688b644d65b44bebf8bb1d1d72ac12228471cd2fd7b2985326e4475
- SSDEEP
  
  192:79U+QjqdM5sHdtVku+pdhh24rW58gr9ZCspE+TMUrzyaWYZh5crw+Uuio7z0m1fz:79U+Uf5sbI7deML2Mwhov05MQ3dm
Score

1^/10
behavioral17 behavioral18
- Target
  
  Plugin/ConfigCenter.dll
- Size
  
  443KB
- MD5
  
  e3c6ab52c6ed4d14e7fbfc32309f3ba9
- SHA1
  
  f372c4a8599d46ae23ccc9325a08b9da689d86de
- SHA256
  
  c0d5a190b0daa1e06ddbe5801827b50eedf6bf70bd48271686a613726c97d04d
- SHA512
  
  ce8e2fb5c982b8c0c4622416d4af5a7a648eb793e027ecec6ee522b1cd7119490e682398a2847fe4c7e19b7a525577e5ae978544bc647d1a879a825957149d9b
- SSDEEP
  
  6144:iCkfLsNQigo5pnev/CX7OXcwxhH7n1W7FDcYBXAOQtghUau6:i1AaiTvneH+7OXR5w5AYBX22O6
Score

1^/10
behavioral19 behavioral20
- Target
  
  Plugin/ConfigCenterStub.dll
- Size
  
  226KB
- MD5
  
  1fcd2e7a7201286b8dc26f241f953618
- SHA1
  
  9d6b30df85e8ed16e72d2843b38f43922d9568cd
- SHA256
  
  fc5b93b4a773c0d8f657c873fa210e1e7702c8948163a12ad88e32771eaf240c
- SHA512
  
  f4253da097fbbe6f265339bef875374a5e34de85a0e96869667432b4466be505b503a28210a3e56f7dea28e0a50ef680b59493b0ab3e17eb03c853a621428cf1
- SSDEEP
  
  3072:paUfIPxGuULh0UJFuPw0W7rz5gzvVzEpF19E25QAZkiDt1mFk:SPx1phwl7rcNzEpJmmFV
Score

1^/10
behavioral21 behavioral22
- Target
  
  Plugin/PopMgr.tpi
- Size
  
  1.3MB
- MD5
  
  62787027f2adf82c2e1f07b93eb964d2
- SHA1
  
  7640575961d58f414e5f2ff78ac1f34aa7c67d33
- SHA256
  
  15675015eefb9bc51e991f3a0fd05f836694dca01a9b7fcdd1e42ffc7ce727a6
- SHA512
  
  19f935aff0056df79a62b151ff09691967c288010ce99c3d99b388837a32271b61dc7a5d11ad459aabe625d3a169b4395289eae3cfdcb4cb5c15ad18b435948d
- SSDEEP
  
  24576:K2QO56cvFDe0+KpYQ0LnePuoIR3T6XtYhLkjt5xhX:KWbDeLKpYQ0LnePuoIR3wtYFkjt5xhX
Score

1^/10
behavioral23 behavioral24
- Target
  
  Plugin/PopMgrStub.dll
- Size
  
  1.3MB
- MD5
  
  518da492cfbd3e8faa7eb3b8b7a68ad0
- SHA1
  
  274d3c5db56923a770f23518775e9748abb2c21f
- SHA256
  
  73fa5520e612cd8f15eac65ed5df3eb8ec3dd21d411d6f9ffc003d6b37d5af3b
- SHA512
  
  ceca19d31f3cdf1c6a70238a4309f7569b5908c5c6f981434ff284cd48ef82528cf56b06700854e25fd3df9059ba2ecb6491bf0b8555582c7cbafeedeb1a7f04
- SSDEEP
  
  24576:ED/1gTa2SAc25iiWwdZnHLGh/l+YBsXRk+liYFhMmEm9HZ:Eh2Xc2MZwdZnHLGhl+YeXRJiYF6mEm95
Score

1^/10
behavioral25 behavioral26
- Target
  
  Plugin/RunExtention.tpi
- Size
  
  410KB
- MD5
  
  24ca7ac4d0412adc64c88c66b8b5f013
- SHA1
  
  c113a62b140a4edcb52a003ac6b5a4ad14d6371e
- SHA256
  
  22cbef303dfafa9b192e31b803178083010dfa7de716d8da9dd32d046dc8e946
- SHA512
  
  969ab24e742810f3ffa56fd4e3fab6087557b585bd38b292c632274fd004e2c6f11eb1b10510bedea8c7d102de326fa5dfb01eaaefd8f9ee7e838b8bc23df3fb
- SSDEEP
  
  6144:Ynagjoki30GF8kbBfvsJQ8JPHpl6LbzjrroENm2eK7mnoUSgpAY8ODcDcm7cIsQ8:10KlBEJPpwf/ozDSemg+wy3f7wI27
Score

1^/10
behavioral27 behavioral28
- Target
  
  Plugin/ShellExt_x64.dll
- Size
  
  393KB
- MD5
  
  0d83f9c3fd4686065c2b043cafc6cbef
- SHA1
  
  21d1d93bd079269d5b80685caac952d097fead21
- SHA256
  
  653aba53aa7825b89065daccf985fce3e7386d5891f1ace71e79f2cd326c4ed8
- SHA512
  
  271cfecb7badd32b968d2d3535edca6ab08ce37e863371c079d34f8f5c0cea2f3b668ae42aa10343ca3878ce402481c20427c002261a0d0d21da56b51c978c17
- SSDEEP
  
  6144:nmE1o+/RLkgfIs64GhIL912xqtpCFZIN6D8jWiLLaj8TBzGcBXIi7NRCvB:nmE++ZLkgfp64GVqi7IN6DQjTlGclf8B
Score

4^/10

persistence
behavioral29 behavioral30
- Target
  
  Plugin/ShellExt_x86.dll
- Size
  
  352KB
- MD5
  
  744cf96dbd2755c2d35ffb9585bf905a
- SHA1
  
  3acd2db4152d44e26341884786cfc44e00237ccb
- SHA256
  
  3a643bff2038e2b841f21264f152cab26f352d47f979f311853b975930250803
- SHA512
  
  c24aed66990d9ba63d51354374d6ed91787e7173e9ff25d548fcbeacd8918f3a606aac35c398f84f274e4aa338d49a2659a121fb7e269f0f17cb3f1c3581b3df
- SSDEEP
  
  6144:aUzrcRjZ7vtNL4166H3N0hEbUQU20KWZYpUa1ZxTBpGMWM0B4/K9uQ:jcRjZ7vtNL8qc0KWCUa9T/GMWZwK9uQ
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Pre-OS Boot

T1542

Bootkit

T1542.003

Privilege Escalation

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Defense Evasion

Pre-OS Boot

T1542

Bootkit

T1542.003

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Writes to the Master Boot Record (MBR)

Writes to the Master Boot Record (MBR)

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32