905e7a135834baf2f139e57b3ba4e59892684221d3132ff6463ad1902a0b11cd

Sharing

Copy URL

Twitter E-mail

General

Target

8ec18b83a6a87ffb4356faf83ef0d707_JaffaCakes118
Size

7.9MB
Sample

240602-va4jcahg24
MD5

8ec18b83a6a87ffb4356faf83ef0d707
SHA1

4ad56c887b307d7b4e48aaed0c1f4a37360618b9
SHA256

905e7a135834baf2f139e57b3ba4e59892684221d3132ff6463ad1902a0b11cd
SHA512

927b6b6b435a0e150c2eb23639e1a98147c71718a14b8621d14054cf4409f4e15733fddea93ead051a532e0e3d746388abea9da1cd37522905da725f2b733802
SSDEEP

196608:nWyrY95J/W5udPJu5kvmtZC5tsaihgwtCgWwBc:nXy5JOOhWIOXJs

Score

7^/10

upx

Malware Config

Targets

- Target
  
  91vpn(3.5.4)/91vpn/91vpn.exe
- Size
  
  307KB
- MD5
  
  3896a09770a42da96db5fbf530903203
- SHA1
  
  3004cce7e3ca6692dbfb61f40560734c492b6f9b
- SHA256
  
  bf9001e1c780d0c0f650c4481a3750c30132b8d932c511215e07c631c6cdc658
- SHA512
  
  9840a2075ea8619b34bbce12224b747fd5789e43796a43d5c82ecddb42a54912d7d4cebd6c3a595d09b23530d6cccd0287f12eb0637d15cb7135d228d6aa1a5a
- SSDEEP
  
  6144:rzmKnGDcrNkB5HG9QYQM87p+CCZazquuq54t5XPg0gQAAitfGFOyCuXwL5ceeLec:3hnXeLHJYQNiZa2uuq54t5Xo0gQAAity
Score

7^/10

upx
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2
- Target
  
  91vpn(3.5.4)/91vpn/appface.dll
- Size
  
  277KB
- MD5
  
  ca69f84b164dd69a96bef1b2761c7596
- SHA1
  
  81f352575d8056a8516b9cbb4f73b8c0c6730c28
- SHA256
  
  e6870e771feb8095b42f03349032cc08ca01948b6672ad307f7355232970e895
- SHA512
  
  f9ffc2ae28cb596f4c010ed860275c2ee2bdf96ac34ee2dd3b20bcf1c636d1f760ece74946c10eb41a031b61882a7eceaeac8b70e6a1d8ca03b02ebcaa38f857
- SSDEEP
  
  6144:FTa+ar8WYs/v9tS08ttqgGEp2zL6UQHNWgb5sZN4rZ2BYejlNTqFg91k:FaDxlx8hngH6UQH3CZNkI3O
Score

7^/10

upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral3 behavioral4
- Target
  
  91vpn(3.5.4)/91vpn/httpproxy.dll
- Size
  
  105KB
- MD5
  
  16848d947d10770269512554a0defb7d
- SHA1
  
  5299bc40a1944a34537904983af7b61ada6227c3
- SHA256
  
  41a8aca7eb8483243676f2473cd98de507d814fdd7db81653c0aee0a69cdaff9
- SHA512
  
  5bde5b62b30365ce14f94d7546ffa015f4c07435211078c5e8767886b1438e361763c09d3e9e05193117e3c5e57bda048eda211b5e36132139ac690b5eafefb8
- SSDEEP
  
  1536:e8/zU/fGxBhO05YAoEYH7Th4F9dxMbRSPkJsBTAALlkWtOnCEePRQyo:tzU/8hOOxce5+beBTAALJOnCEePCd
Score

7^/10
- Loads dropped DLL
- Drops file in System32 directory
behavioral5 behavioral6
- Target
  
  91vpn(3.5.4)/91vpn/mfc100.dll
- Size
  
  4.1MB
- MD5
  
  07bccdcc337d393d7db0b2f8fe200b3f
- SHA1
  
  5a02b227cb0a22a8e7884cd138c3e8568d083d94
- SHA256
  
  bf38dda13b938b49a4df72b6477342373ee6e151be12c25cb0c17662fcb4bcd4
- SHA512
  
  e5637727a549cf7b88f13474097a71200f0dfa511ecd55c5a42e5f53e9f86ce8b7ce763448830fd073e232876f7537bad96f2ced8d3159558778460264d07639
- SSDEEP
  
  98304:BZP0PvxMJfTcXPSo0akd+BPSLC4IEy+XNy136jCfsqLhDIJJGN8mFLOAkGkzdnEe:BZP2iIE80qLrHFLOyomFHKnPAG
Score

1^/10
behavioral7 behavioral8
- Target
  
  91vpn(3.5.4)/91vpn/msvcp100.dll
- Size
  
  411KB
- MD5
  
  03e9314004f504a14a61c3d364b62f66
- SHA1
  
  0aa3caac24fdf9d9d4c618e2bbf0a063036cd55d
- SHA256
  
  a3ba6421991241bea9c8334b62c3088f8f131ab906c3cc52113945d05016a35f
- SHA512
  
  2fcff4439d2759d93c57d49b24f28ae89b7698e284e76ac65fe2b50bdefc23a8cc3c83891d671de4e4c0f036cef810856de79ac2b028aa89a895bf35abff8c8d
- SSDEEP
  
  12288:iHEqYsrMWIqz473PTiPoH/aGhUgiW6QR7t5qv3Ooc8UHkC2eKq87:iH9YsIWIW4rPTiPofaDv3Ooc8UHkC2e8
Score

3^/10
behavioral10 behavioral9
- Target
  
  91vpn(3.5.4)/91vpn/msvcr100.dll
- Size
  
  752KB
- MD5
  
  67ec459e42d3081dd8fd34356f7cafc1
- SHA1
  
  1738050616169d5b17b5adac3ff0370b8c642734
- SHA256
  
  1221a09484964a6f38af5e34ee292b9afefccb3dc6e55435fd3aaf7c235d9067
- SHA512
  
  9ed1c106df217e0b4e4fbd1f4275486ceba1d8a225d6c7e47b854b0b5e6158135b81be926f51db0ad5c624f9bd1d09282332cf064680dc9f7d287073b9686d33
- SSDEEP
  
  12288:fQmCy3NeRjkpQmj3oaMtQqjoygfXq3kon9IlbgaOxQdVJJ6j5EBKX8hR5:ImCy3VQs9MtLjTgfa3kon9FaOdEz5
Score

3^/10
behavioral11 behavioral12
- Target
  
  91vpn(3.5.4)/91vpn/updater.exe
- Size
  
  75KB
- MD5
  
  1bf4e650ace71c93b6b768db6538fd5a
- SHA1
  
  9b4d3ccb7dc6db7167b00a9720b60f23c6237d7f
- SHA256
  
  3609ea382a9ea5fde45e9c7281a81e3706534a2a4db6bce068c03c07f9dee0b5
- SHA512
  
  c24882e9e131ab609f4f92d8824c444922d86c0b8cb5b71617bb4646c2abe59bf4030dff910dc0f38b7e7e559a37311512a762c08d47b77e4fc04643ef3e83d9
- SSDEEP
  
  768:Pf6DuCdfJSyQ8wXPGjH+9LE+31lwPfJHp4fgKIj6n9+6gOrGdzRleMM2DQvcZL+U:36qwS2y9LE+3DAHp4AVOS9eT2Dbqa
Score

7^/10

upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral13 behavioral14
- Target
  
  91vpn(3.5.4)/91vpn/vpnutil.dll
- Size
  
  750KB
- MD5
  
  2a85f60ed95582d66ebedeec374ea64e
- SHA1
  
  ad1b515b0b72e6d51563e89f40b23e62630c39de
- SHA256
  
  163399e825d23c9c019a9bd03a58328d365a5fc9f80af1e516ca7412de2c49e6
- SHA512
  
  cb2766a0bcd7f6979831f004e84b15df18ba33ad11d6ce20b6432845074e8249de72c906cd4900576831c21d09940b9e30b701db839b0aba299ff364d9e8b458
- SSDEEP
  
  12288:3ysfcCzYEjeYL89XikxFkPBs+OeO+OeNhBBhhBBdlrYj5cEwmco0LgUdj:lzYERL89XikxFkPnYj5zwmd0LgUdj
Score

7^/10
- Loads dropped DLL
- Drops file in System32 directory
behavioral15 behavioral16
- Target
  
  91vpn(3.5.4)/91vpn/zh-CN.dll
- Size
  
  96KB
- MD5
  
  38b5032035c89460e2a2b65373131a63
- SHA1
  
  c463ed6295637980bfb1d397ac8ba556d53cbebc
- SHA256
  
  96db6715ef3dd940c2759dbe74c15c9e0be4b94f2a9661e33bdc9b6794f1ae06
- SHA512
  
  f855b813553164500405f86977f3bf68d928cd263d12306c97e28190cc5ed73c11807a01cd94e94a4c097018e865c9c108c625393ef281ad0fbd5e97665bf6c7
- SSDEEP
  
  3072:7HWhnZ5ceeV4Q6rwJMLUiXMlQZHIOzztDev:aL5ceeLeUMIiXMEzzc
Score

1^/10
behavioral17 behavioral18
- Target
  
  QQ自动加群王V3.3 2014_破解版/EThread.fne
- Size
  
  60KB
- MD5
  
  db8d34f80e6b63fb68d862208b95fa05
- SHA1
  
  903c9ddbaee99cf9204abbb0fea6c723baa412d3
- SHA256
  
  9190853a5adc8d9e3409fcc6d8a2b8c059ee00023b1dc6a111e8cfbfcbba093b
- SHA512
  
  6ef22edfa097e27d7e6f20e011671f9d195cf40436aba427814c2f33871a9d47d331b0d6c0f33beee7a56f5f90b02cb3a0c48d73a8de8a438f2618a2e6527382
- SSDEEP
  
  768:362+frmFBZ7cJa/eDV6zMVMsWl1YUD6Rem5aBwLs7bSra/q6Fq4oO5Z3Vijg:33BcJa/eD3X66RN9Ls7bS2/jboy3Mj
Score

1^/10
behavioral19 behavioral20
- Target
  
  QQ自动加群王V3.3 2014_破解版/HtmlView.fne
- Size
  
  216KB
- MD5
  
  e527a74f8289e3775e593045d24eb37f
- SHA1
  
  7ce6d4e3237d9e2ccaa0fac93eeebc75bcc684ed
- SHA256
  
  da6fb3a53ceacd056736f0334b0aae053dfcabc4f47a26f1e30793ae3a9e940a
- SHA512
  
  2288333e44a8af1afbbabe667a35936dc7cc393fafde7e67a6a13abaa72e569f52fa99283f25d563051e840f237c0446f829695e686262e943a066e238f31a4c
- SSDEEP
  
  6144:rB734tS85aRhOAMMHwZI2yIBpT4JrXeTUWX:N34tS85azBHwZ9/4JK1
Score

1^/10
behavioral21 behavioral22
- Target
  
  QQ自动加群王V3.3 2014_破解版/UUWiseHelper.dll
- Size
  
  284KB
- MD5
  
  dc6b73cbd1f6f5cec640a8c634ae50c8
- SHA1
  
  b83fd1c83c4bf4e9cb9339026bd877f11a72fc1f
- SHA256
  
  3148d4ce90265cf69bc75c62f5c3988c69c944803efd0092dc3499ac3c940c3a
- SHA512
  
  39ea04686c1688fc6de85949b65caec0380e322952de28f86da53d2ed628bf601834c19ec3e57aab74a7566b4e53ec325967cdc71827c0f678887314047162e7
- SSDEEP
  
  6144:kdMZ8iS+i99HLodnlw0jqXP5leLhsA7rQ1:2+i99rofw0jqXRleti1
Score

1^/10
behavioral23 behavioral24
- Target
  
  QQ自动加群王V3.3 2014_破解版/dp1.fne
- Size
  
  128KB
- MD5
  
  86af6e57e2702817d6f090dc659a9966
- SHA1
  
  dc750beb60c2f250181ca8af09c33e63c7ed74a6
- SHA256
  
  60cd1dda0e286bdc0ee530c8522229f0473feae5e5b67dd6a2ce3feaaa2855f9
- SHA512
  
  a883e724c8398c0fe88c2ea334523a39f7db3a77b833868a332013efa4ebfa1cf0df49ffda1a4d14c70240cc0213c2fa0758c6d8afefb1e53b2dbac119fd6b77
- SSDEEP
  
  3072:90WQBzFzvXoXZP0D9P3j77OvG3oU1ISuM:CWSxzvXoXZI9PX6eIk
Score

3^/10
behavioral25 behavioral26
- Target
  
  QQ自动加群王V3.3 2014_破解版/eAPI.fne
- Size
  
  308KB
- MD5
  
  7c6127e7a5d356eb0bafa501b007b07a
- SHA1
  
  e2407e3916cf9e27b2e8d85739b8d0118d93e2cc
- SHA256
  
  4c6c425c60996b2cb111e7ee361396e6efd6ae5876d9f264dace6b343d6d080a
- SHA512
  
  eadfbe4f1b795236f878c266b1a1617a38d9e24761d6d6587e12fa80af96d03b090095591cc9a2b24cf7b1581e6f475343c9917dc430dcb082c94e30d48c65f7
- SSDEEP
  
  6144:icAd9vB5FOlBMrxKicm3ym5yUzQEJheXltoV7vX1UztxFQIsxmV:icAL3IMNym5yUzQk8ltoRvX1UztxFQI3
Score

1^/10
behavioral27 behavioral28
- Target
  
  QQ自动加群王V3.3 2014_破解版/edroptarget.fne
- Size
  
  156KB
- MD5
  
  97f7c4fbfba371da85daa16d2b6361e4
- SHA1
  
  38ed0559ad650bcd6829b1a727ff952e9c7ac0d2
- SHA256
  
  6dc5166cea229e69f66fcb5241c7a47515db4db0e4fff79b9b3ccb528e27e378
- SHA512
  
  5576d028dd0d0fde98d7406e5c9ada9df493d81747937842b504a783259dbd11a68317dbe9da219d79fdf0d1eb375210c39ce191a75526cceb95d3bbf5e2e410
- SSDEEP
  
  3072:RP2pXJ7gQo4/YeC8bGfnG1jklrTGWmGdxDoWkVesmn:RP2H1iWSuovzdUesm
Score

1^/10
behavioral29 behavioral30
- Target
  
  QQ自动加群王V3.3 2014_破解版/iext.fnr
- Size
  
  204KB
- MD5
  
  558f74091abc57e742291bdbad2380f9
- SHA1
  
  47f2884a4208adac9e561f9048433bcb3124910f
- SHA256
  
  f388f8fd2984df6c07c3efde836714ad32ba96be60b074442f178093c77e9190
- SHA512
  
  868b2c9406a4f3fe2272b15edf2d6aec11184d20b06d46b141c94faf9ea34f63c8da42c29fcd94bc41f06bdc13aa6bd200d6264f9ea84fb674d4699e29e26425
- SSDEEP
  
  3072:P3XRb5lLa357oof6s975EYWGXkEmWvW5KoUThKmg/NsMfULcsGKGg5k:PRb51a36ois75zKW7TasMsL7H
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Targets

Loads dropped DLL

UPX packed file

UPX packed file

Loads dropped DLL

Drops file in System32 directory

UPX packed file

Loads dropped DLL

Drops file in System32 directory

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32