General

  • Target

    9db1af550180fe656b11cf815611abc0_JaffaCakes118

  • Size

    17.4MB

  • Sample

    240611-lbpxxasdpj

  • MD5

    9db1af550180fe656b11cf815611abc0

  • SHA1

    96f41a8dd6e9893d9f09e96c705e5b67c242b86e

  • SHA256

    32ea40c5dabc0ca2123bd18132fac596867f8340642cd88c6f3956431e20aa4c

  • SHA512

    eb7b242adb4371ec40ae024a5b28418c6ee01628e4bd1a195ffad9ca9fdf46aa8113ba7a1150ea3d7901082ae0b369b79d1da55903e401b199f0325d324ee8ed

  • SSDEEP

    393216:75GtXWgI6m4KfBG9gYxeUwQk7S9LMu2vJw5s9lZo9WoIz4U7gZuogyA4h8S/r5dv:oNIpZGfxesMXvJ0s5noA4U7qzAW/ddem

Score
7/10

Malware Config

Targets

    • Target

      KBOXSetup_xp510/636网址导航.url

    • Size

      345B

    • MD5

      3688d42285b5e6a8a3c9f5658483ddba

    • SHA1

      d2cd42dde9489bc9f18a373cbf991c8e71e2b632

    • SHA256

      2881c14825731cd79568620bb74affc43349874fa6f2f4dc51e1557a6877384c

    • SHA512

      337abfc0f709ae82336d474f8d6854fce9bf3424feeb1a7ab52cf24e7f0700047fca43c4e64c13bb4030b30a303e8d83a25b056c47992e3500970c2bf9101bf0

    Score
    1/10
    • Target

      KBOXSetup_xp510/KBOXSetup_6.2.1.6.exe

    • Size

      17.7MB

    • MD5

      5f4a727f2a7e3b223801a708226e40b5

    • SHA1

      4483c4bd76b2ff68831ec2598fde0c9e567fd1b2

    • SHA256

      50196ceb18519926ebeb5930b618dacb22ff18fa6d3723691f8afcd5c472f7de

    • SHA512

      ec11c1aa1a74eaf45b25dff42e2b080230631dfbf42ec8764b66e470c80dceab9f58e8eaa113d3746f2c0030e25671f83890536153c3ea4d6892a08406e2e54a

    • SSDEEP

      393216:yt2KMJ3nWq2YoYlNyMxqRd1rcsvTj6FCl5KThG8Aq8J5qj:g2KMJf2YoE8q8n67dGyRj

    Score
    7/10
    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Target

      KBOXSetup_xp510/软件使用说明.html

    • Size

      263B

    • MD5

      d9ca7d1f89782cd376a0eef1e487335f

    • SHA1

      7db6d01119cc260885b9a524f94d6dd6e79c18d4

    • SHA256

      605116d38bb5a44aa103960cf2e15f437b00a867943c49b3d8d67fb1d598878a

    • SHA512

      1d9744a4865cbe8560c316ee06247069653686d2e8cfc08af531238fb54f5b1ea125875f3a5d38cfbcdf205867cb1d323d2d64e1942f6428f114625b2b3aec5a

    Score
    1/10
    • Target

      Setup_oemtongyi3.exe

    • Size

      1.1MB

    • MD5

      ed6ff687fee915e03b263e47b72de974

    • SHA1

      22ba071eb2548035cb2259c75c37955c7eb18ed2

    • SHA256

      0f34a6e2491d4c2fe3e13c547b8d9b4897a7e70c78d5f1c5187537ea7e651a63

    • SHA512

      061ae98e3660ec1acf76a60ec975cd5e750e16bb7dd8fb67c04a0440cedb8b394c363bc8999d2fc0903f0656b0cbe54e6714bb65acef5bb276facfd727d991ca

    • SSDEEP

      24576:SlO/GEoCYHU7oh/Dz59f6lhvtTfRPR5anQvHWwM:xH+aoh/59GlTJZ2w

    Score
    7/10
    • Loads dropped DLL

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

MITRE ATT&CK Enterprise v15

Tasks