General

  • Target

    904a1842c8217a9860c24fc6ba2b8507_JaffaCakes118

  • Size

    2.8MB

  • Sample

    240603-c7rlyahg84

  • MD5

    904a1842c8217a9860c24fc6ba2b8507

  • SHA1

    0e94d2329eb9e8ab28c5c1edd3647ad1699cde37

  • SHA256

    427be8d59d87591b2c48947a7d0c753a1bc968f9a97581c8a0d1fd231cc0e69d

  • SHA512

    5e8544677cd31ee8ef44f30674a2f191fe94004f811ffdd6da72a9e6b43ab4be658378516d167ca872b4af93feb123586d90918e11ad1ae0c98f1c6f7aa602e0

  • SSDEEP

    49152:ACqNsLONZmB08pukG56TGPm9DvQwQzPVMcXWAvSDL4ZTf4MKW1nZhj4Zj:zOm0gG5gGOlvQwQDPvSDL4TKW2

Score
9/10

Malware Config

Targets

    • Target

      小望造梦西游4修改器V2.1.1/小望造梦西游4修改器V2.1.1.exe

    • Size

      3.0MB

    • MD5

      aae1b4d20ffe4bfc8af082ecd8574e60

    • SHA1

      f728ac1fcf2dee3feb278d7c014ca11abe885938

    • SHA256

      3a7aea33780a37028cb04ff072a103f29b048330b6af70867d04ea44cfb1b244

    • SHA512

      cb4a830e96214aa0803fe46c90f9efba4a29a09e502b8d40e7052dd61674691eba9e939cb511c61b87b9a687a814da7291b78ad28fb177616ded5c53f3040823

    • SSDEEP

      49152:UdW+XK36Qh8Ae0J6/fqEOr59FfRUc4rdPlGk5H9d5XmIUwQLDdaFBXf1mhMAA7:UJiX8AHFEC9FfRU9dth/5Xm+qDdaFBtt

    Score
    9/10
    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Identifies Wine through registry keys

      Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    • Target

      小望造梦西游4修改器V2.1.1/更多软件下载.url

    • Size

      204B

    • MD5

      94e540428ac8f3545fec78c2b3dd8c0e

    • SHA1

      cd46c366b68af03fc8fa4fa097f9815d43e4c2e8

    • SHA256

      357214eb50712a5c8663ef263c458cb4ebbbc27e64d73ab5e32c82f60a7b80c8

    • SHA512

      3c7876c3a18e1ba98329392ac1b940c479552b361386ce3776622ae557e4d3d8cee045d162a614a302a603cb4615024258703e0652f41541e043fcf7ecdff539

    Score
    1/10
    • Target

      小望造梦西游4修改器V2.1.1/飘荡软件.url

    • Size

      320B

    • MD5

      c404bacb30424b525bf6dfcab807f461

    • SHA1

      4fdc923fbbeafcb4ee150f4f82597ae72d1f4df6

    • SHA256

      8dc8673d85feb2d358e80a498ca7e649b46b8af119ebaf32126099df3cc5fea3

    • SHA512

      48b370b8a2a81ae5f3f57752b06f119b8bea0efc19b2ccf31683b5a9456ece68200ee2fb7826bc24c598311be925829be8084e1535f61330d8b91ba4b8d5f74a

    Score
    1/10

MITRE ATT&CK Enterprise v15

Tasks