Overview
overview
3Static
static
3ALINK.exe
windows7-x64
1ALINK.exe
windows10-2004-x64
1AW.bat
windows7-x64
1AW.bat
windows10-2004-x64
1AWD.bat
windows7-x64
1AWD.bat
windows10-2004-x64
1CONSOL32.exe
windows7-x64
1CONSOL32.exe
windows10-2004-x64
1GORC.exe
windows7-x64
1GORC.exe
windows10-2004-x64
1HELLO32.exe
windows7-x64
1HELLO32.exe
windows10-2004-x64
1RSXNT.dll
windows7-x64
1RSXNT.dll
windows10-2004-x64
1awbat.com
windows7-x64
awbat.com
windows10-2004-x64
General
-
Target
8cef1b49be373b1916e1bff963130263_JaffaCakes118
-
Size
459KB
-
Sample
240602-fgwdzscc33
-
MD5
8cef1b49be373b1916e1bff963130263
-
SHA1
6d939dd5098fcd054d01b9f86c3000062dbffc1b
-
SHA256
774f501dfc863dd85f5971e11293031458bb8be61fbe4a87fb528a89c4b228ea
-
SHA512
18f42ade95a56163b6902922f3801caab97c174b40291236e62991a0ce838edb282a1d1f2c45d6b99f7f28041179aa1839af64e2ef66f3a32637f3a516e53a86
-
SSDEEP
12288:GvQ///dZAOJ1goVdvDVbQaBY28KRLsq7McaMX19Zm+J4ryRzlOo:Gvq/bmgbQa1RLsqQVy19rzlOo
Static task
static1
Behavioral task
behavioral1
Sample
ALINK.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
ALINK.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral3
Sample
AW.bat
Resource
win7-20240221-en
Behavioral task
behavioral4
Sample
AW.bat
Resource
win10v2004-20240508-en
Behavioral task
behavioral5
Sample
AWD.bat
Resource
win7-20240508-en
Behavioral task
behavioral6
Sample
AWD.bat
Resource
win10v2004-20240426-en
Behavioral task
behavioral7
Sample
CONSOL32.exe
Resource
win7-20240221-en
Behavioral task
behavioral8
Sample
CONSOL32.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral9
Sample
GORC.exe
Resource
win7-20240508-en
Behavioral task
behavioral10
Sample
GORC.exe
Resource
win10v2004-20240426-en
Behavioral task
behavioral11
Sample
HELLO32.exe
Resource
win7-20231129-en
Behavioral task
behavioral12
Sample
HELLO32.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral13
Sample
RSXNT.dll
Resource
win7-20240215-en
Behavioral task
behavioral14
Sample
RSXNT.dll
Resource
win10v2004-20240426-en
Behavioral task
behavioral15
Sample
awbat.com
Resource
win7-20240221-en
Behavioral task
behavioral16
Sample
awbat.com
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
ALINK.EXE
-
Size
474KB
-
MD5
419038b9c61b14d369b5b8c31159be3e
-
SHA1
b8282dde7b737e16c976ca3273b91b773f653dbe
-
SHA256
d35d490fa3a3c3200449afa0d8a20d8992463d34327383cb005341d44e57fa9b
-
SHA512
6edc28a5a34a11c9b2741ae6f8fdf38f6ab60826e9bd0b95520a3269ebb546c8b0922985f83994fefeac84986a7bb02c0a062bc21925729935c35366bae5a04c
-
SSDEEP
12288:vNJhoJ7udPJNevtVJkzFoaby6ytRAwMj:fhi7udPOvtQhoaby6ytRAwMj
Score1/10 -
-
-
Target
AW.BAT
-
Size
44B
-
MD5
2bcff809101e9f2f871d18ec97dab59e
-
SHA1
e1e8bf0ae21fafec0219125b41ab5cf98bbd331c
-
SHA256
bf1f0b63a25075a734cc6bcf0bfd6e2e455a62d0e9daada815f3bca2dbe183c7
-
SHA512
1c8f8b6e9e6bdc2c8fa9ad640eb5d89028b8743e3187c184a8e970b4dea65b28b01212f658918b9a5964c598e908744c4b77f1f0b893fdc74a090703b81970d5
Score1/10 -
-
-
Target
AWD.BAT
-
Size
122B
-
MD5
a780ff1ccf4a255b36734319c897ad3d
-
SHA1
6d2658e6d4c2884319fb04720dca9618f1d8d351
-
SHA256
0ef06d05bb1dea79ac9ae7bea2a1e8f61db1943a4f36d5695baa6c9c6c5c3a55
-
SHA512
b3b9fb7ff3c8012ccc265b09961f770cb811cfb3723bc6fef24c9a341f24185f30357272f48ce076ab848178990b0e8e3ec8b826f19ae98c6490849adeaccff9
Score1/10 -
-
-
Target
CONSOL32.EXE
-
Size
2KB
-
MD5
bed4a30b0ef436a0a986e4df4b2b9fdc
-
SHA1
4a17b14b642faef3dd4df1693fb3b682b285e23a
-
SHA256
2aa634d9d1d046fa50e91fd219bd0d98bd4e6c217e74dc3f7e337ca7c8889fd3
-
SHA512
5228ff6f2c80e7afe0b319bd40e6e8bab576f4f58d5d039579be75dc6f1cff2ac952ccd3a96f6dfd88ab0e4dbf77217adcd02b7a2ff5c096e9e6e498f18107fd
Score1/10 -
-
-
Target
GORC.EXE
-
Size
52KB
-
MD5
46ad2f747a029d67aa0317658de1fb3a
-
SHA1
1a3ce7b89e1ab26af865a4979782fe58c3ad7c05
-
SHA256
030db9c703c8db2ad18dc9c99e3d5f812c6a94bc73bb0c0f3fb62100dcab5d8b
-
SHA512
038fca00a699dfae05021d24e4cb022ab81ef13f4cb6db730929139edd428dd48dce1c34fc6bb2ff67687d39b380dfc706f8be145f6f21845159bc6655e77763
-
SSDEEP
768:phFDR167tyT2hQLUl6pvcfhS+zZeEsw02x4TCiEF4Pe8kGSYLC60JqMYaRfRuERW:jxi6LUl6Rc5SGG2gPzkGSYOmhGfRuE
Score1/10 -
-
-
Target
HELLO32.EXE
-
Size
8KB
-
MD5
4695c1bc1cf402d26804fd1204124636
-
SHA1
52fcd98a78f62cbc2182432c6045792d1dbad266
-
SHA256
e4b990b7fd017e30879e0a8eb0549f931147b5417e6e478cf4932c32a36fa96a
-
SHA512
0ff832ceee915837eb4f7c0b11b0c0bfbb4629ded76a5fe92186f1f7235eb041c462ffb7d5a187d4d716a2ba0d7c3f86c62ede0d6dbf4e3e6c35557ce895177e
-
SSDEEP
192:dT80/1+8RXp5tk4OkrhSSSSSSSbSSSSSSqBDLvSu0vTdjra:F/fR24PdSSSSSSSbSSSSSSqkhna
Score1/10 -
-
-
Target
RSXNT.DLL
-
Size
79KB
-
MD5
cfc109ae116142e3d287e40e864f11ac
-
SHA1
07f042b7fae61d0ef51be68651c5ddaf2596d691
-
SHA256
ed2d0185db0e50e3ece77a673a2b68c5d44c774e475760d2efe93a0116acfd9a
-
SHA512
312e26b1a0159a3b74059c7f9ef8012b35d83fb84f9648134bc8527af2a424ae3d073381ddb5e64026d359f69036637170d0eb96888c93a4e9aef5f570b30c0a
-
SSDEEP
1536:/XSHhmUlYtTDmbcDvPUhZebM69I0nH4w/:/XkhmcYT6byvEyH4w/
Score1/10 -
-
-
Target
awbat.com
-
Size
2KB
-
MD5
b587160d0092cb2fa053fd9e4cfe53dc
-
SHA1
06fe4de3c474f90c32767730515ae134cc57ef4a
-
SHA256
49bba2c0e12e8f292537ffb22b531fedfe9ad8d2a587651bcecc088dcc364398
-
SHA512
e5098da209fba94daec7cfa20429be8e3f645e768658a215f5ed8ebfad600149c4755cc0f0bd1985d41577d9d2a64f6351d2e2ba6ff1f59bd8e37216270628eb
Score1/10 -