Overview

overview

7

Static

static

7

歌曲排�...32.chm

windows7-x64

1

歌曲排�...32.chm

windows10-2004-x64

1

歌曲排�...pk.dll

windows7-x64

7

歌曲排�...pk.dll

windows10-2004-x64

7

歌曲排�...32.exe

windows7-x64

7

歌曲排�...32.exe

windows10-2004-x64

7

歌曲排�...ol.exe

windows7-x64

7

歌曲排�...ol.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    782ca150b9f076d2c0cf6b77ed84d95f_JaffaCakes118

  • Size

    479KB

  • Sample

    240527-g2rrzaag5w

  • MD5

    782ca150b9f076d2c0cf6b77ed84d95f

  • SHA1

    f9827698697698db02bc097584d53ff6d62a3f11

  • SHA256

    734444487ecda2415875052f39dc1ab186040390a038a410bb804880d6545cb5

  • SHA512

    3ab3a516f4216fd28b046a160c8fcdda78b5da7f871cc144f8dacead63a4490ea8f4906e86c71dee192a6c2d9a8c44deec0af00c3201a7d616901b4dd2f0aba9

  • SSDEEP

    12288:gEDMZKPA8UNtdlF6AuSUwHBuT7jLqQfmHNdE:3DMZ7NtdlFNNUhh0S

Score
7/10
upx

Malware Config

Targets

    • Target

      歌曲排序工具/QMP32.CHM

    • Size

      28KB

    • MD5

      369c81a2bacb0ef282a88967ff090672

    • SHA1

      08fafd17124e92d1173a36a0c9a73fb2e5a19a22

    • SHA256

      c89c7a07d97338f3f6702c0444f79570625ff092c6f782aa15a562fc95ec84d0

    • SHA512

      2ca7e19a7350b8bb83a778796ba38dfe153364fa0f93c257bd338ba7b0e83e7e432562f4c76273e462c706b50a053805bd3062ab96590e02483dd7d665f210e1

    • SSDEEP

      384:0yOrAU+7V/5RBj+tW0o/4rQX1PcwQX5YSF3MunxlZZHTVLZ6a2/9EoHd8tV:0yO0bV/5RB6tihXlsKIxxNTf6J/9Ec4V

    Score
    1/10
    behavioral1behavioral2

    • Target

      歌曲排序工具/lpk.dll

    • Size

      70KB

    • MD5

      c55c8aff84d53ecd128dd5ac442d0313

    • SHA1

      fcf5768c1225f933609f9f945ebcf2062428d151

    • SHA256

      50a5f3fc40cbdf5fc0e890b65f52d96eed6512cf8f2b58b3442423dad243f548

    • SHA512

      65ec5c270efa5c37d28b9f1585f1b38eacb51992f475025ba443ecb13dedf8321641308e3346cfc8b1e8186072a7533babeb48734434692732f862126fbd3596

    • SSDEEP

      1536:b0qfWT5MJhKENBnfblrmON0XwzfspwF0qfWT5M:4wWT5MNBhtKwopwSwWT5

    Score
    7/10

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral3behavioral4

    • Target

      歌曲排序工具/qmp32.exe

    • Size

      542KB

    • MD5

      4ae03947311a2b4a0130fa241e4cadfd

    • SHA1

      36a81880859fc739247ea3210fcdf6c9392e080f

    • SHA256

      feaea99dc5ca0a412ec49ef17f79f4fdac6a6a79531f18230bdc19b1ab9f90a2

    • SHA512

      ca9923525ff636e8475f5d6e72695a930b2eccfe30c9247c764cee91b177712ebcb6ba55fe674713dfb6a34a701084947ab04d1417251aea2ae8a9135398753f

    • SSDEEP

      6144:TCDUOC24K+d8p6SqHt9wWTFeqxsjn+G+6Hm5qqBLT6SliW11VBjQ9/Z:Ks1Ke8p6vHt9/FWjn+CG3eKiWrDU/

    Score
    7/10
    upx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral5behavioral6

    • Target

      歌曲排序工具/qmp32tool.dat

    • Size

      35KB

    • MD5

      664cc2d5b5497830556390407024bd62

    • SHA1

      7f7c0147d0efe836e497b8947a6a4a28294cee07

    • SHA256

      6f7ee3ed084c3205dba13b27a3099fbd9b97de1d64d144823d5699faa3347c98

    • SHA512

      212c94fe1890ddaf50535e503bd5b6f0af8a3e222b2eacaa5975197d106462325c2315efbcd2b875236496c62b33c330988b9f0b4e0c543aae7685aeb8b4457b

    • SSDEEP

      768:hMmzAYizd9AF8BVZ+vBOKmjaXgILj7jPEQZISO/e:hD8Y0iiK/QIvnPFZo/e

    Score
    7/10
    upx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral7behavioral8

MITRE ATT&CK Enterprise v15

Tasks