General

  • Target

    9d62c9754c91289f17ab6a93bdb73c36_JaffaCakes118

  • Size

    3.0MB

  • Sample

    240611-h1c3vsycra

  • MD5

    9d62c9754c91289f17ab6a93bdb73c36

  • SHA1

    663872863bbeefc09339d8c7a98eb759a11551d2

  • SHA256

    ee7b627aab5419fa34ae89bd8cac0666394ce48ba7b84ac3cc978a7a3c214ed4

  • SHA512

    959b62f9bec3051a5dedc39cea3da1801ceef249d5a5fa1180319c5030d634a9eb5223acee7518573882dc5b8d154b71bf1815e91eefdc4c33efd44a814ca924

  • SSDEEP

    49152:rPew9HTX8q1A/7fahINUrXMLuDuLWBjV/Goru/59EEo1FjxZi5Dy4dYcKAItG5PN:CwNQLfIINUrXCuycVunL6i5xI5y

Score
6/10

Malware Config

Targets

    • Target

      TrayIcon.fne

    • Size

      144KB

    • MD5

      f8707fc7275dbd973e9a7f72682450de

    • SHA1

      54f00c9fb0827a69b133757fd67a474a1b35e31a

    • SHA256

      a154fa991b1b8c202ae19a02f8a5f5b57745e9c6d7061908973e2da7f069625a

    • SHA512

      2ed18f1dfaf898acbb8c78476a72a9403b67b25b05f588378a5979bb1e546829842f17a6abdd35d6b22c7a62c61a6e285ccc3aad31e7a8ba1607b879cf1c42c2

    • SSDEEP

      3072:vECrpvY5Kmj56/Fn3UNiAa1o6nOTSDeoCHX:5FvK5c5EWiC+3

    Score
    1/10
    • Target

      eAPI.fne

    • Size

      320KB

    • MD5

      81b2ef644114421c49a191355d5784b3

    • SHA1

      c10631c9cf18f71936537c1ed44b339e2f497483

    • SHA256

      2bbe893567e8096ed823d1a2d672320a98f7aad1d7b3ec92d754025d628c0ade

    • SHA512

      a2da9a68c0b3ca511eb104b66ed6d8f1f017bd9048918c714303372829e91202d276025b427c1fd8969601978d365cceeff12df748edef715272141664bd6826

    • SSDEEP

      6144:jaqRUrCSEHLT+7I3qYT+bMd1PRQ/3u7Gnd4JBqfWY+Dc66A4WVb9c6BbtnRTReH:jaqRBN7LPRQ/yhRY/6vLjBdneH

    Score
    1/10
    • Target

      iext.fnr

    • Size

      216KB

    • MD5

      a868fb58b277699f254ca46187021797

    • SHA1

      7c7dacddb0c46ac729a2c3df7afeca2ac732f516

    • SHA256

      59bf0709273f57ca2b83f9cee4e1cfcd89186b4969854ba724d0277f3e721cd1

    • SHA512

      e380f2ca634bf6b9a4ccf10357ed88d7e78e0332eda7a22fee66fd1cafde4aa0831030eeb74f102c3a9703755c6504e5fcb3aeef85ef38937ee47426a4d57e3e

    • SSDEEP

      3072:acrGPcAlcWYF2jfk1tDotg+eNGK+E8b+kyof9Ob59Z/oUHhCz1pDpAY5syTDWss2:5yPcAls2jfRK9+E8b8ofcxdCBpDp6p

    Score
    1/10
    • Target

      krnln.fnr

    • Size

      1.0MB

    • MD5

      38c70e030b485f196b0fcb86811c0e94

    • SHA1

      2daced5ca4d0aea1d6ffb26f90e445a0c375f928

    • SHA256

      848b97ed09bb400757471dfcb6ac39105902522aae8242d00a2493c1a62f1ef2

    • SHA512

      4b8766b950efb885e7ba70c8d6926a71ce6cab6f736331c65308ca0323472eec16e3c2cfb796ae7f2a65bd013c8e9a156f12064ee9b2a02f3befd6619096338b

    • SSDEEP

      12288:NAHawtoy3Ru4uUlj//Anw46vZwAKVhyVbXIeNUyrGvhvlW0w9Irf+KpbPCl:YThdwwViydIGUhcZIkl

    Score
    1/10
    • Target

      setup.exe

    • Size

      236KB

    • MD5

      54d311a54a5d3c52fe693256e4e990ee

    • SHA1

      e46b6c4e66cdacd98b486df2feebc19dfbfd9a79

    • SHA256

      efcd62398fa071fa0fa9d373d028d457c702998d61c208d603275532ee38557e

    • SHA512

      7310a6b377b9ecde4de741a967254766053f9d6b6cb4fb657c85a62899506ce39c07d543af5e8af98a21f5f6cb6aa998a1868c821cf8d28c1186a4ed647bb52e

    • SSDEEP

      3072:QfYklD4NaRysBSfuVISsD3OfzjBzU/R4ZTkPvsFQDQpdL/siXVOo3OR6HoBus6w1:7KDFNjVIBYzNI/R4ZTkPucBB6wA

    Score
    6/10
    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Target

      shell.fne

    • Size

      60KB

    • MD5

      98174c8c2995000efbda01e1b86a1d4d

    • SHA1

      7e71a5a029a203e4ab0afc68eee18c39f4ab4097

    • SHA256

      90284c2ead0598faa715cc90c1f53b83b916099c918ce7f816f0b4550ff55ac6

    • SHA512

      a37059062a99cd2a9fae15850b49068752ccf0be9f1d86c3f812a689b7c4d024771ec2b66adf9ce950bc5b8b117d457aba87d586cf112a1a30239531bfc8cd06

    • SSDEEP

      768:eeZWaAKT41c1IYc8HBbrYNYVw2Fj9oNIqF42eofVU:eBKT4fkrymV7oNIqC8f6

    Score
    1/10
    • Target

      xplib.fne

    • Size

      80KB

    • MD5

      504fd7bda2ecc39a437f7d381fae3cd3

    • SHA1

      0102ceeaf05d9841bf2d7e9e75d455e611522dfe

    • SHA256

      ffd9e21cfeb704c46ddd0df30df69eeff74ded70480fa0bd778acb3cea02af44

    • SHA512

      c678006a08b0184ecdacfe07339cb36767153bba7a32300bf9ce5aca8d71536bfa3dadbc6584c85819b3139b6f83d0017b8e07c1610eed23091518d155edaca1

    • SSDEEP

      768:GoOLh31Eg8JL3S9zWfNWWMsHi40hYn01HIE17VXd+oi6SDYGH+toY4vvNgAEqY6:GRdJ8JLS9zANbMsZ0V3VNSTCoPvqAE

    Score
    1/10
    • Target

      下载说明.htm

    • Size

      3KB

    • MD5

      0b8fe8ff07dadc5d6ebf3f51a2b0f553

    • SHA1

      e963810e7fd5b205808460e657717bfc37de60be

    • SHA256

      dea5ace1f689f26b16a395e31f38203fe064bd3fd118cd1cf0f54d79669b42ab

    • SHA512

      b06baaec4bf4d8b9c4888a9ee04cfdb36a3a78a0792d03782f6d7ca34baef3fcf8186cc44514336c9d609b804e4dc2c54fd82fe49b0b04f1edd858dec1639cf7

    Score
    1/10
    • Target

      使用帮助(河东软件站).url

    • Size

      216B

    • MD5

      6a29fdd9a578559f631bd0c0919539f2

    • SHA1

      7ba1e243d907b6893f798dbd6169ee057e4845e9

    • SHA256

      6592450b9c9233d6d1a751020b3514bd20512d1224983c774e633ab2dee7b2c9

    • SHA512

      6eee5fe42d1105523e0555ba90f6a98237293983238a80342a62bb7dc1cb1a5b00081a447ae3a0d36f67ace197f288315f816f6da9ea27457753efb625793cc1

    Score
    1/10
    • Target

      自述及操作说明.doc

    • Size

      191KB

    • MD5

      f7ff2ec53e33e65a49fd987722e4aee6

    • SHA1

      46658b60a53acee2e461a6c1c65bfe785922c5f3

    • SHA256

      afc8377922fe3dfbbdc99306f3c984fb4ce4a53fc0f222ad6d3e624ce8f4d2c0

    • SHA512

      8d03d08dc2d48cb668149c689c1e4f57bfb92ce0c27e2345f450c4025a861138912ffa637d82fb23cb935041c31191723d285ead0f1cea6e9931a09864937e2e

    • SSDEEP

      3072:wQvpCS1VAaurOLXf3EdCg2AhQrVqQZTgQ4Gm4Z60i91:sSkfOT82AhQpqQKHsfi

    Score
    4/10
    • Target

      问卷统计.exe

    • Size

      20.3MB

    • MD5

      cd7ded4b640e002afdb683603d47d4e5

    • SHA1

      01de15e2963b2856d6cbdadf761417ccba0c8615

    • SHA256

      3d919a97a29318d6a261a81bb7c3aada5b3491d970da91fba43aadb89e9a2feb

    • SHA512

      340d8b0b2810cf6524c5c7e71376e35dc6a5a042941551d5b2cb388b3998b57b7a5a38fa67982d293f2e265a5bb3f8d31ca6f6911962243b8bd14b41db23112c

    • SSDEEP

      98304:MN5BAh+YVjQ1QkZ5TtzfMsRfYLAE6Q7Vw5AVOtoJMDoWN1WM62z:oBAhhqQYT9fMsRAAYViAVOtIkoWF

    Score
    6/10
    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

MITRE ATT&CK Enterprise v15

Tasks