d4ad0e53c0c81f95947d5b83370a11090dabd018f32f0d7a96abc0eaf95c420c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

93e8a9667dd5a97330b175c5d22b37fe_JaffaCakes118
Size

5.2MB
Sample

240604-hjkflsge51
MD5

93e8a9667dd5a97330b175c5d22b37fe
SHA1

19579e58eab6b3ceae75cff6499569cac65e2a80
SHA256

d4ad0e53c0c81f95947d5b83370a11090dabd018f32f0d7a96abc0eaf95c420c
SHA512

105cf59590c6646918ff24efa872bf62a42f525f52bf3371044a26345ef983d67171af541324fe09fb133411c5e16e406215abe924396f00c01ce1a52c099e2f
SSDEEP

98304:/TrsPpz0LXLt0MtWdTt+u9lxs5nXWguyNvK0dGdR6vjUR7MVcAJQHi/20PKiqhW:gpILXBhtaTtn9lxsNXqyNv4EjUqVcAJ3

Score

7^/10

Malware Config

Targets

- Target
  
  FreeRARExtractor/FreeRARExtractor_setup.exe
- Size
  
  5.7MB
- MD5
  
  f94f293fb941fa1e60ef6ca473e07bbd
- SHA1
  
  62ee2e45372f61775a5a22e38b8c8499ceeccdda
- SHA256
  
  76d22b3d3010bf4b628bd3a3870d465891d724441b852be67c50c6a379d17359
- SHA512
  
  d9398ef3310a64c2a84bd947d87d0c79dea0d097513786067a76584301af79185bc4fa728765807bac0a78ab042cfeff1bb80dee4570bdcd7c7db1ffecb466d3
- SSDEEP
  
  98304:ImpUN3ghOA84IPu5LnSdtUzP1GYuQginRajNDqOzfCYy6OKFqZZDx+G0qms:lpUGkx4ZSdq0/EnRajNqOkcCP01s
Score

6^/10
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2
- Target
  
  FreeRARExtractor/lpk.dll
- Size
  
  46KB
- MD5
  
  d678a9bbbeeeacdafcc538171ab5dd8f
- SHA1
  
  fd511a172eb91d35dd71ba37cdfcc6870bb4df22
- SHA256
  
  1ca2927f7e0478c41f94823bb99b74928b36b618ac29a21aeeb95d632089e8d1
- SHA512
  
  eb60111a8d826f3e5aacdb6755de6e9dd952199419c62349f4ac22c896dcccfca8ca4fd3b923de431ce9b5ad1bb5de6e1a62fe71ee681ade6ab39089801f4ca2
- SSDEEP
  
  768:hojY9PKqxdonOp+IKDDCgEeJ9nmJKLVWrVzD5fc5yzOojY9Po:0myqx6nOp+I5kmJKRWbc5yzvmg
Score

7^/10
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral3 behavioral4
- Target
  
  FreeRARExtractor/下载银行-提供免费绿色软件下载.url
- Size
  
  265B
- MD5
  
  8198b90729a29a180d83f169e44bf4b4
- SHA1
  
  808c7001a47365ed66f763540472f71c8ab8f3c0
- SHA256
  
  0472fb354a075029d538acbdd78064da47a19487e4efcaa513417232036ad656
- SHA512
  
  8191fc06f76f598a0f3022115f9904feabce5ed9e5642557a245e279aecd1e447bf359f17b5237fd52117438dd133a214e53886769f97ef3a5850d4e50bef502
Score

1^/10
behavioral5 behavioral6

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6