Overview
overview
6Static
static
3APlayer.dll
windows7-x64
4APlayer.dll
windows10-2004-x64
4AssociateHelper.exe
windows7-x64
1AssociateHelper.exe
windows10-2004-x64
1XLFSIO.dll
windows7-x64
1XLFSIO.dll
windows10-2004-x64
3XLGraphic.dll
windows7-x64
1XLGraphic.dll
windows10-2004-x64
1XLGraphicPlus.dll
windows7-x64
1XLGraphicPlus.dll
windows10-2004-x64
3XLLuaRuntime.dll
windows7-x64
1XLLuaRuntime.dll
windows10-2004-x64
3XLUE.dll
windows7-x64
1XLUE.dll
windows10-2004-x64
1XLUEIPC.dll
windows7-x64
3XLUEIPC.dll
windows10-2004-x64
3XLUEOPC.dll
windows7-x64
1XLUEOPC.dll
windows10-2004-x64
1XMP.exe
windows7-x64
6XMP.exe
windows10-2004-x64
6XmpPlayer.dll
windows7-x64
1XmpPlayer.dll
windows10-2004-x64
1atl71.dll
windows7-x64
1atl71.dll
windows10-2004-x64
1atl90.dll
windows7-x64
1atl90.dll
windows10-2004-x64
1libexpat.dll
windows7-x64
1libexpat.dll
windows10-2004-x64
3libpng13.dll
windows7-x64
1libpng13.dll
windows10-2004-x64
1libuv.dll
windows7-x64
1libuv.dll
windows10-2004-x64
3General
-
Target
958b53c49483769260603cac186dcce1_JaffaCakes118
-
Size
6.6MB
-
Sample
240604-t4jklach61
-
MD5
958b53c49483769260603cac186dcce1
-
SHA1
37d3dda6c0535fda70491bbf425f2fa2e809ccf6
-
SHA256
1d1d05ac7e20bc213fc86ebf59393694f74efa59f7f61465db20d6c20c49c6fa
-
SHA512
2b76a1077b1a2fe1e8c9e67bad15f57f3365494db174129de1ff5361ebeea7199917fa5faa74704d5dcbf49a84308477a7002ef6bb366417253c9a1471fc7619
-
SSDEEP
196608:ogToP118Z4xo+m+b8b56PLdeiJYyCeTE1FE5j:ogToP1e1Bb5yLdf5CeTeg
Static task
static1
Behavioral task
behavioral1
Sample
APlayer.dll
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
APlayer.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral3
Sample
AssociateHelper.exe
Resource
win7-20231129-en
Behavioral task
behavioral4
Sample
AssociateHelper.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral5
Sample
XLFSIO.dll
Resource
win7-20240215-en
Behavioral task
behavioral6
Sample
XLFSIO.dll
Resource
win10v2004-20240426-en
Behavioral task
behavioral7
Sample
XLGraphic.dll
Resource
win7-20240221-en
Behavioral task
behavioral8
Sample
XLGraphic.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral9
Sample
XLGraphicPlus.dll
Resource
win7-20231129-en
Behavioral task
behavioral10
Sample
XLGraphicPlus.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral11
Sample
XLLuaRuntime.dll
Resource
win7-20240221-en
Behavioral task
behavioral12
Sample
XLLuaRuntime.dll
Resource
win10v2004-20240426-en
Behavioral task
behavioral13
Sample
XLUE.dll
Resource
win7-20240220-en
Behavioral task
behavioral14
Sample
XLUE.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral15
Sample
XLUEIPC.dll
Resource
win7-20240215-en
Behavioral task
behavioral16
Sample
XLUEIPC.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral17
Sample
XLUEOPC.dll
Resource
win7-20240419-en
Behavioral task
behavioral18
Sample
XLUEOPC.dll
Resource
win10v2004-20240426-en
Behavioral task
behavioral19
Sample
XMP.exe
Resource
win7-20240508-en
Behavioral task
behavioral20
Sample
XMP.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral21
Sample
XmpPlayer.dll
Resource
win7-20240221-en
Behavioral task
behavioral22
Sample
XmpPlayer.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral23
Sample
atl71.dll
Resource
win7-20240221-en
Behavioral task
behavioral24
Sample
atl71.dll
Resource
win10v2004-20240426-en
Behavioral task
behavioral25
Sample
atl90.dll
Resource
win7-20231129-en
Behavioral task
behavioral26
Sample
atl90.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral27
Sample
libexpat.dll
Resource
win7-20240221-en
Behavioral task
behavioral28
Sample
libexpat.dll
Resource
win10v2004-20240426-en
Behavioral task
behavioral29
Sample
libpng13.dll
Resource
win7-20240419-en
Behavioral task
behavioral30
Sample
libpng13.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral31
Sample
libuv.dll
Resource
win7-20240221-en
Behavioral task
behavioral32
Sample
libuv.dll
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
APlayer.dll
-
Size
1.8MB
-
MD5
5015634ba3b9d6535bac2ea730a6bbbf
-
SHA1
da5888eb6d81edee0c25effd857813f2d15f67b6
-
SHA256
313477db6985e3043af15b31c74b192d67270aa838cd0af660f0fe357d7bf963
-
SHA512
237e3351949899d3aa67542e3db919f91c620ff63a9718f053047fb03516a7682952f3859fa985d4fd1458cc868b66184d61f16f711b9a937d192214e56c8741
-
SSDEEP
24576:m5Ue0U9rm5wjnvvG3bY7sdY1Tz8OxV5B8cwF8a0GLoM59oN3VgjUkxYB3hV1byJc:miJev6bY7s1+R8c6iQjUr3hVM2Wq
Score4/10 -
-
-
Target
AssociateHelper.exe
-
Size
349KB
-
MD5
7b9e4d28ba2d534221d8116818376a5a
-
SHA1
50363cff9b16f7a948283c42c8f7789d8c068564
-
SHA256
86a8b894d02fb75215aa7254fc60e40d11e50aedfd33b6c6a12456039dffdd05
-
SHA512
a8ccbedf49d087acd4bcec6876d398fee4c7669803d1c86aa3394b089020d5bc84ee3e89d02cad9b058397fc5390ca590e92b95d8b6d0702154f710fa7e50f58
-
SSDEEP
6144:kXZA0dXwwBx0v2TWh4suie6313oPOCgzy:kXvXwSGiWhnezAz
Score1/10 -
-
-
Target
XLFSIO.dll
-
Size
209KB
-
MD5
e7793d25c0a6aa25e58ed050f4a470c1
-
SHA1
cceb56e9b5e61be3d2e7ec0575303758f7f81b3c
-
SHA256
0c88755f9ee078099fadc6f91ca0bb67e3542ff0be8a222e7cb6585805eb1593
-
SHA512
b93c74e92ac4cb6513931c5ffbe0c1f91b1b60cf311e482cfc941b0af450a94562a2164a156694bf158bc7f834ff8bff4bfbe6c31d2875ba2d9a854f0a9f25b4
-
SSDEEP
6144:6Gx1XQVx0mcFRq3uOFyXsTBqxQmsOy7YPAE:6aXQVx0mwA3uEQsTsxHrAE
Score3/10 -
-
-
Target
XLGraphic.dll
-
Size
730KB
-
MD5
4837f3e55d976f2fd9b28bf0962f5704
-
SHA1
1a8e59d643e831ef6a4b0eeb008292716d7f4e6d
-
SHA256
7221e9f658de48a3b7c4937ccdf15df2e65d9d73e0fc903c64dcdd41365119dc
-
SHA512
5c475196837f22a35483c3dc4d57f20b739e6c392e58571fa3308bdaad1ce714cf020ecf3da8ede2fbf2536a53a09f9a5e7ab2d4ff671dce197373b2dc515166
-
SSDEEP
12288:ztFRL0ChvivVwOE5wOn2ML0TngpwBZuU2XvRAQfEWmd5et8n:ztFRL0ChvivVwOE5w20TnTuU2XvRABZb
Score1/10 -
-
-
Target
XLGraphicPlus.dll
-
Size
282KB
-
MD5
1769f5dd9562cd11930e5f148b96005c
-
SHA1
f5341d554234743f239438f3acd2e12cbead47a7
-
SHA256
5ce032d30c8f534a02d35077fc9bb6666b4cf1601045bbcea0006d14d328763e
-
SHA512
e05c96d4b7aa8cb20ebac072984b7acd1ad7af628af56358041ead6820b4f0d85a94f37e2ac549bb83525941c4318ddd8ef5db94382b249f45b871fd643f649b
-
SSDEEP
6144:j9kVjbKcv/K1DnB8Z+L6A7/lOdW1AYI+Dr/OySLoTX:xkVi/nB8Z+L6A7/lOdWGl+Dr+A
Score3/10 -
-
-
Target
XLLuaRuntime.dll
-
Size
249KB
-
MD5
f3178f7941ca599af6d0ad4d6b1af888
-
SHA1
40cadb4cdad59f7abddbcd14dccef259ecced033
-
SHA256
40f00a97e797a8ffe159da3d0e749b387eba309847d000ddc3505cbe8280f37f
-
SHA512
d7f5e61d994dceadcfc225d69083131da3d2175e648d0c359c854ecd3e56d3cff94d802fa2b91ad508b366bdfb46e2a9c7b014084c1871cb18a3c4bf90c96619
-
SSDEEP
6144:+o/eYYpwVt0D0ihbv+52I5bwf3vXOboZRLkhGK4dhrrOyMp7K:+YeYYpMt0DZb25SvPRLYGvdpi7K
Score3/10 -
-
-
Target
XLUE.dll
-
Size
2.4MB
-
MD5
42b7b87e13e9d10be753f32ea9d6323b
-
SHA1
2fb96af4fec44c06a039de15d7f49858128deedd
-
SHA256
1a6221f1c30ee6b7579158066076a8deb1d06adc65bffdb851c82d858f02cb99
-
SHA512
61dab983f2c75c5c94661d55d84bcf5cd7bf2bca9c22f167de333d40f60afdd95495c349e8136596fd861bccdcde12c6c12bc28e8cfd3dd63d1b5ecda71d8e54
-
SSDEEP
24576:8EaZQmfa1YLPVtw8zDhpau3PhP3jYs8XmUHX9vYPiVoy/Dnxjhvtu3:8ZuqPTXzDF/JMs8dHX9/VoyLnxjhv8
Score1/10 -
-
-
Target
XLUEIPC.dll
-
Size
174KB
-
MD5
adb131e958a33e7d9d94db67e6699433
-
SHA1
3208c6a70b3dd63a5d5274cf3d57f8a741ad35c5
-
SHA256
f608b91446e5d19452ac54b432111817aebbe0045c14278f70bb84cb0ff85fb9
-
SHA512
357d7c1671b7a0a334308727b104700a0c4dbc27fa263421195a842a18f7af499b0098c517b2c735e18e821aa2956a20b1ecb17ecd09d7da0224fd981608b8da
-
SSDEEP
3072:njotlEz+rf/r2jsdR5w0CXhZZa7QCk4hO1XD6I3FBpnBQ0g:nWA+rfy2U0CXDp4hO1Xr/nK
Score3/10 -
-
-
Target
XLUEOPC.dll
-
Size
132KB
-
MD5
9a70d2da3dedca14e3748575fd58f1d0
-
SHA1
f311052f500a5e96c8c91d19311964b9cbff93ed
-
SHA256
5f3f6dd914eeec6e4bce9e0901448b3fcd90b81e860325bab3a56530fe31addc
-
SHA512
808bec19cfd21bd86b63532075e456a65ae28e671880e6d5a9ba2f5c8e51459a9abaffe5bc210bd47ceced192a331fd52ec139171b3f852a4d8370b45bc16816
-
SSDEEP
3072:E9HGh6D/KToRNQEEWMCZa7En0mAoOtWslvj2I:IC6zKEROEEW9ZK2OoOtWgi
Score1/10 -
-
-
Target
XMP.exe
-
Size
243KB
-
MD5
969bf290f70c202bf9280ef18c8f2b4a
-
SHA1
04bedb2b78987432c7cf80860eee1e9cbcdb5f3c
-
SHA256
b398a1082ac8f36991f7e694b85bae355a851f6434bf65f69fb5be92a53e4768
-
SHA512
cfdd088bda7f5137518c8b808a1661924b2ce306403538c77b08f3e3fdeaf629f46e4b1cda89031938ca91debc97025e1c6d1f7264cd1d8abbfbb7bddfb61081
-
SSDEEP
6144:SdCS3D/Fj30DrgsCiP0J3v2v2O41fLazF0IpxIpueDLEDBO3T:yCSTNjEAskAYfLeF0IpxknEtOD
Score6/10-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
-
-
Target
XmpPlayer.dll
-
Size
5.1MB
-
MD5
a5cdd00acd6875499a0f69e56bd3f4bc
-
SHA1
cf441aeefd50e2b7561596c29bfb67b65edb4065
-
SHA256
6eaa8cf0e7b1380e0daa6226e8dadfe64023f584facc5a1c8e36975fdb20d748
-
SHA512
61f1d34d320a77c1e59c48f8b76ab92b69611b592e79a3d6097170ce6056e0d7b9754cd153ce7feeb70e87803d6d1a52f6e64ed9ba6b0027e9e95c4386b2a2ce
-
SSDEEP
98304:LJIPEAn3FEi6tI8lpNEDL5IBPmkj9YRt0TLnDd1ulFBabhueu:VWnT6tBlpGLqmkuRin7ul2c
Score1/10 -
-
-
Target
atl71.dll
-
Size
88KB
-
MD5
4edd8d74ea48f58d3eca7e9297f19221
-
SHA1
c874f24787c7e487f16113080a80d8241297d5b0
-
SHA256
d422497febaa2fbb83a8a2ec342e08884c5a77fbddabde7bec4e21884f56d0ce
-
SHA512
6816c9d43aa3f78bec77d0e9be5e4e549a86f5ca2afaa19167d01763dd15fc7c18db609249e70271b88162460929d7cba13354e38eab0c9b03769fc0b498c32c
-
SSDEEP
1536:nrikoNDxHopwlej/A+KZtI+nG+efsCPJOnb/lDwT/XvTjZoxzvN4Zwm7aI5Y:u8pwBI+tefsnb/lDY/X/KVv6Zwm/
Score1/10 -
-
-
Target
atl90.dll
-
Size
155KB
-
MD5
338f1f7137860d3bf6094941ac2a9ba2
-
SHA1
ee174fc0f8cffa3b5717eaf17c97713099d69ad7
-
SHA256
5122e4a2e48e34326b6267d48bd007da76a15243b90550ea565f1654ccc64877
-
SHA512
da9dd23ba13928f1623566d10ca155d2a06112844cd7ae8ff0ddb5b31624e7e7e59289aa2b7b7568da4cec0070cddc925dade8312501415ade0f4cd411b554b2
-
SSDEEP
3072:5HJXmwllbA995vqNRoom9OSft0osAZT/NX+cZSyh53Pa63CLZ/V:5pXmwzA99hsaN9Jt0osARB+cEybyV
Score1/10 -
-
-
Target
libexpat.dll
-
Size
668KB
-
MD5
430c0f9ae8dee52aafa950e05b7bd9ea
-
SHA1
88adf0368cc2d174328fbf041b284d630957b1d3
-
SHA256
f325cc0f3c0c878fcc0f0d1c97943af64d55f64e989e0e16a5527d63e80afd80
-
SHA512
c52f6fe2a49684cb748a55495d7bd8ef49c1a0bdcb7bb0d12d832dc5b43df8264c501a08cc9cd8ce14458b564eb5d9ac9081258f61b6b8f9734bce48bed6ab0b
-
SSDEEP
12288:iQb3PSTroic4EaZ1R0PJcZmMsCTFvA8GMDTW7:iQaoic4EOw+Zmg
Score3/10 -
-
-
Target
libpng13.dll
-
Size
158KB
-
MD5
a8794d6f82a210376d00139f389f65bf
-
SHA1
fdee801459bcebc72814f96ae39b961d3f2090d3
-
SHA256
6a4c59183c8ee23a51fc75a80caa28147899e5b17cd7c64aedf5f93db8958528
-
SHA512
a6d01e3bffce264d4338452f3ebc28d6ec2394372edb56d2e09e60d8bb097852c57d5187cebb3aea1d5c85f7143e32e6426c20c0cfc6dbf5a4ecfd295596f293
-
SSDEEP
1536:nXa65bRbflXQIW+jiyqmYqcVtF6GpMCHN2itcJmvoPLEOYUnKHZVOpPe3tCjEiig:XLBRZXQIQyyZMCH5tymQPLdneb1iim/
Score1/10 -
-
-
Target
libuv.dll
-
Size
157KB
-
MD5
1ff774d1fa19a521b6830ca4346e60d3
-
SHA1
12637dda711a4a81bd79e5528d2d9d9c996ebacc
-
SHA256
54c0567f644c3fccf3742e0cb819e6801d555ff931af59c01c0c186be48bec66
-
SHA512
2958213f7a71a478136e05f52279a4d570402091e2740630e0b46eaed75a4a3c7fead23f089ad29f9b27a8a52bbafe96be5740d4964125edaafb3ad2f9cedf6d
-
SSDEEP
3072:oqRvhznkO33d94H6rTQvm+yOINN00jYwpYpaWCQxKobHteYZKztN2BWCdsClXv01:zDnkO3vmcQew2NYwpYpaJZXZtz
Score3/10 -