a13fad0d43b3db3b1f78118c3591a42cca0ed4373414ed82f2351719b2901b92

Sharing

Copy URL

Twitter E-mail

General

Target

7487bfdfc1cb9db8ed8b436ff87c0497_JaffaCakes118
Size

4.4MB
Sample

240526-gqb75saa96
MD5

7487bfdfc1cb9db8ed8b436ff87c0497
SHA1

802b62711cf51227b95631f292305b6ebceed018
SHA256

a13fad0d43b3db3b1f78118c3591a42cca0ed4373414ed82f2351719b2901b92
SHA512

42194a104d2fb89d91f8cc4781bffdb84a5fcc6c1ee4e94d608fb781b3bb06462f5d0519b7657a47349d7eb68c6da81a6afc9b9a456b0210f80fb85d494a8f36
SSDEEP

98304:nTYuqkoZG0rk+ae5bfwzulQ6UzuPJ5Wn1PnIOLkHee3Ir9LOx4fSr:nsTZ7478bfwShW1PngbCFOx4e

Score

7^/10

upx

Malware Config

Targets

- Target
  
  Triworks/乐音 3.0 (Demo)/EyeSong.exe
- Size
  
  937KB
- MD5
  
  6589954ba364e5c985f62b670bc2b2ed
- SHA1
  
  714e8bf7402571788bcbd1c18221410fe3673beb
- SHA256
  
  ba6b0fbc15c3a4a628c2397e630fd51240231aa7cd8eb5d5509fd59a7c7c9418
- SHA512
  
  defdcf8512ab166f8351fbf703f0a4c31e02891ae8a35ee6208eeb46f62f9da6246cf3b61032e4b15cbab38bdac91b1dff860f7561b34d9583eb10bb150b26ab
- SSDEEP
  
  24576:eKN50sRrx2c+/v5dcT3x6WKIlDadP1ucIRl:eCR12PnYB6hOC1yRl
Score

7^/10

upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Drops file in System32 directory
behavioral1 behavioral2
- Target
  
  Triworks/乐音 3.0 (Demo)/LFCMP11n.DLL
- Size
  
  267KB
- MD5
  
  950e34edd3bbd86f4be9729266d11a6c
- SHA1
  
  0f2a79d1c75cf12f6a441700e393a3fe50d6eae8
- SHA256
  
  e38eafdd23f84bb09d71c8217d0755191120601650637510da30040418ce18d6
- SHA512
  
  d3f556069f69b4772686547f44b3563b27b114f49617654d8b274e16068527b31ce76da28ef725594a756598f75546f380f70d3673d536dd4774e7d6e0b562a5
- SSDEEP
  
  6144:ehN0pQpxgijhNdbqwJrx9f+8kPxuMXQj5dCQUbPp/x1p+8eyyjhXkxTcNtRgT78Z:eH0pQpxgijhNdbqwJrblMXQ9dCTPp882
Score

1^/10
behavioral3 behavioral4
- Target
  
  Triworks/乐音 3.0 (Demo)/LTDIS11n.dll
- Size
  
  238KB
- MD5
  
  8e4f6ce7cd1cef47a61d0eb56b971766
- SHA1
  
  7aecb00b3d0c37666963ce5ad0735e0094bfb9a4
- SHA256
  
  94bc985c647145932438a8745d0e0dae3048177596edb75ec8c2241d9a138c0d
- SHA512
  
  2917e2e57d2bfdeba7351f78e299271a635dc52492a91ad70bb243c8ee66bb8e4cb8c10f3dcc2c396a5956ccaeb88c2e147605300c25f62be1c5f9b4e9fa2147
- SSDEEP
  
  3072:cncuRnUPzKUFRIm30xNdst3n2/DRFKU1ZG4GbgoBY1A:ccuFUbxF3CdWmL+U12y2
Score

1^/10
behavioral5 behavioral6
- Target
  
  Triworks/乐音 3.0 (Demo)/cr-esong.exe
- Size
  
  6KB
- MD5
  
  ccbdf9ccb3a70515acf4afd157b588c5
- SHA1
  
  3a05454a0b4cf5cb2ca6e88e9318218f0a820885
- SHA256
  
  11c753f739f53f7b13b377aa7118ca4b5f0f0f4ce8408b6e9a4e71382545818c
- SHA512
  
  5a3ac8fde0ca0c6fc6bc90fbdac2db2a682a8f12c493efa908b57b09f907ffd1d32623574396332acc43dc3d40c8620257c4c86d4afb6f4f4c08a8f51f482a7c
- SSDEEP
  
  96:ZrZVTxHIOpRTG85L/Nrc4wo4UbcO8TRUMPKL5VGQ9aBXv:JnT2cRTG85bNLwoRcO8TRUnVNKf
Score

1^/10
behavioral7 behavioral8
- Target
  
  Triworks/乐音 3.0 (Demo)/lfbmp11n.dll
- Size
  
  36KB
- MD5
  
  ac6b78d94a95af60f64d640e9b1329c0
- SHA1
  
  7b45630492efa146d7f084602ef87e01c8d981e3
- SHA256
  
  03bac579951f545c8c9ec1c046233bcc64ae4bfbcdf8dcb24a707b9a5700fe20
- SHA512
  
  c72877561d91583bbe27da144b8c493fd62bade481e19b542a2f49aff854134d02cad35a98ee6b5b6ba040d109a825b75f757b48c3e9b7aa4b26b778b29a18ca
- SSDEEP
  
  768:PGMomi0cW4NOGNzWa2lSMAvXjO74vT0KKbQ1Rnpy9c4hJHxh:O3mi0cW4OGNzWa2ltAvy7MT02Rno9cO9
Score

1^/10
behavioral10 behavioral9
- Target
  
  Triworks/乐音 3.0 (Demo)/ltefx11n.dll
- Size
  
  221KB
- MD5
  
  28f1934585c9ac6010c5413c8e78c66e
- SHA1
  
  0972fae01be756fa25bab171f9db2d61ba055c98
- SHA256
  
  6a8420301a7290328c14df95e0c9840530b71de7f0337d215844524608bf5673
- SHA512
  
  dce568ba6fcccf8cf09cdb70cfcaa34ce50394af50f5391d093c9853211ed9b2a733e10733d324fdffec4bd18060e732faa5149845a7fa816b64836383ee53ab
- SSDEEP
  
  3072:i5yLGAZJtoB/pyAsr9O2cnVApz01EJGMMM0Q/FcZgtj3KgpT1:iapoBnsgVApJJBMMHqs1
Score

1^/10
behavioral11 behavioral12
- Target
  
  Triworks/乐音 3.0 (Demo)/ltfil11n.DLL
- Size
  
  109KB
- MD5
  
  97d0d6675395d5e019d51c1d92ee98c9
- SHA1
  
  53b5eb9b6595367baeee19ecdbdbcb6f56f70c82
- SHA256
  
  92dcdd1b8b85b208da8bcd9fa8010de5296f6404386927abec85d84b83a535e2
- SHA512
  
  f8f84fe1877a218a56a10eca5f0ab0e7ee633b11e9f997084ef54830a9ecdcbdbe2b9cca679dde2be9d3d7e253275864097a12bf8e832cdf4455511d648c7e23
- SSDEEP
  
  3072:zEh/09L2fpdMzZsb5M4K3Yo159WgIotJ:oh/46fpdMCK3JT
Score

1^/10
behavioral13 behavioral14
- Target
  
  Triworks/乐音 3.0 (Demo)/ltimg11n.dll
- Size
  
  124KB
- MD5
  
  5286c0282140edf9df55a843237fa568
- SHA1
  
  657be7db3058ee5e2bb72dc22bd6dc0dc326edc9
- SHA256
  
  af2fc4b3dfb153a2101c136aab8b955bfb81b6c10bfcda378196c49aaf46a9e0
- SHA512
  
  6da0f3dbbaab3c65b8d652e4c766d5cade0e1ff4bb1ba878b7046c72481a07a4a5aea7cedfee1492a35edf6dd4fdc003cf02b90f11f57eb176abad3c1e3be53a
- SSDEEP
  
  3072:i1XrFCdwWkAKIsqlF7Lj1Q8RBhAjyf/Pd2XRGkggAL:E7FWwWtKkQUBKuXvI
Score

1^/10
behavioral15 behavioral16
- Target
  
  Triworks/乐音 3.0 (Demo)/ltimg11s.dll
- Size
  
  1015B
- MD5
  
  4809ee44779f495dccf9725e93b6af1b
- SHA1
  
  5a8ffa8599adfdcfd4f875a3a0ef172e361369eb
- SHA256
  
  733e4f674f1185636ea3376c5b2efcc128f006cf21d380c272185f5db1868ef9
- SHA512
  
  a39cdf4cf4fa90a77afb874c9dc1b60228cad4d53ca9162de21d6acc2165659dd70200fa9ab1749823a22bd25f0710637cfa3350bc0a5612e3d6f6aadb8e861f
Score

1^/10
behavioral17 behavioral18
- Target
  
  Triworks/乐音 3.0 (Demo)/ltkrn11n.dll
- Size
  
  348KB
- MD5
  
  efcc6e211d6ca550f0032c5798b46352
- SHA1
  
  9489dbd676673bc6069c9aac15521c7bc9f0802d
- SHA256
  
  28451bdae5650563989dea734d6d6fc3abe6bcb71c3e6663f750419fbe59c746
- SHA512
  
  e4126a0a64d0244f55cd324cc373b3370480eeac84d08a650cc13970940fae36e5c348626ff3af95665521129d1857d23475e0617fd40570e18617525cc9f3eb
- SSDEEP
  
  6144:dn+TTB2FuWBOLEGEKc5j8ORT9R4BsWiKwzmiw0LKF3WW:d+VcpL9R4BsJKIw0OmW
Score

1^/10
behavioral19 behavioral20
- Target
  
  Triworks/乐音 3.0 (Demo)/lttwn11n.dll
- Size
  
  37KB
- MD5
  
  0510120e53c1e5e90c12a0ce7d877609
- SHA1
  
  acd4299465c403cc0169e12b44ac91f4f2294df1
- SHA256
  
  bc12b7f4def8ffa3283a87d7fcc14228029672e45af171a3966134aba403d3e4
- SHA512
  
  443ad4a18828bdd476fe582a12726622e6cde41e0932071ec15665af4f485839928dff546ccf6f728c3702430debc045e7786d9ae7028eb52381bee76dc0f81e
- SSDEEP
  
  768:YcGtlB6j6Ic4zBuOpEJY4OJgFf82UTwtRPc+7j:5GtlB6j6IaMvY82ciE
Score

1^/10
behavioral21 behavioral22
- Target
  
  Triworks/乐音 3.0 (Demo)/mfc42.dll
- Size
  
  972KB
- MD5
  
  f5eb87f5223e30dcf89816ce655be74c
- SHA1
  
  572d36c80092e747c57904f4c4f1a0183f6ae988
- SHA256
  
  fee6fe55134e6a8b81bc64ebdd40b87460f6d11cc124bb73ddad4fddf619bb3c
- SHA512
  
  ac006bb4a1359d9a22a91c3f08b8c2fd651e89c6a0e2897674b26885db9160097794062925a7eff5af5db2e54e673a864e3bb216882aa07d5be12c15e9ba49d4
- SSDEEP
  
  12288:Fmx6gFUsyB83EExxdO49JzF384Z8pgi3WqBQ5eCmAbl6HuTp1Ksbi8Ii8:FdgFUvD49VZggi3WqBwlR6HKl8
Score

1^/10
behavioral23 behavioral24
- Target
  
  Triworks/乐音 3.0 (Demo)/msvcrt.dll
- Size
  
  288KB
- MD5
  
  055b02d711cdedb8c5997274c4e99cb8
- SHA1
  
  5c816eeb6e4d5f1c11e9f56c992ee7d452e7c0f9
- SHA256
  
  d7cea69a98579d928e534070f5293e80ed7df38baf611b20717ef55aa1344a18
- SHA512
  
  4774431fe768e424f46c833236a41d68f05d98ed14353b04428a5d190dbe213bb56087a5e5cca5cd98598f2c1611fddfed3a7a79bbd362bc02e586cc367907c0
- SSDEEP
  
  6144:yk54RkH8RKDou3LlG/3Roe0Ro4zJsdF9gjFMgiFjNr7mcl2oZhogKLOmJxZR92l3:R4RtIR3BG/3We0RVJsdFFUzchogKLOmc
Score

3^/10
behavioral25 behavioral26

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Targets

UPX packed file

Drops file in System32 directory

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26