General

  • Target

    9e1d9dffd90bb06ab4e13a8421e8d5f7_JaffaCakes118

  • Size

    3.2MB

  • Sample

    240611-n8ejjswdla

  • MD5

    9e1d9dffd90bb06ab4e13a8421e8d5f7

  • SHA1

    5824710e62b77cf7f311f077b586e0e5519a466c

  • SHA256

    35c1b6d2036ce9d71ba1575d977dd19e1988a7e07fb84dd20a6b368823523fc5

  • SHA512

    b846baaae08ba1414933f2e97de168b16805aab54b9c1f68a8706255c136b305ea3f9263bbbd59a643c4f526fc4098e0bacc274eb02f69cd914d29b3dcf5bff6

  • SSDEEP

    49152:HM0wUN3IK536JER73aCyyBrGzVsi7ZbffDb7oeShuw7z8JML3ftbvBDMT8XdaMK+:HM0wUBJ8BC5CzVs8jL/dShvjfkMqpKZX

Score
7/10

Malware Config

Targets

    • Target

      VisualBoyAdvance.exe

    • Size

      725KB

    • MD5

      98c1501bc322d17bf3b91b51de37d812

    • SHA1

      e0a010951cab6bf9bff0d124d7a944e0457cb170

    • SHA256

      d6920b52db15ea9fb558e0e323f1c1ffed1459b38d7e61f7b368b04773dc1796

    • SHA512

      770bafd882d28f315fc457fade952fd99795c9460632bedff36b5b0ae9470405333eaff8307475dafcaddaff4cc6bae59b09dec4421b2b6bb8f1fb95528d1a7f

    • SSDEEP

      12288:i/U6XK1X+uiI7iSg2jrbSJZzEQGLTPr5NtTird:yKt+uiC/unwQGLTTdTEd

    Score
    6/10
    • Drops desktop.ini file(s)

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

    • Target

      JingLingBaoKeMengPiKaQiu_chs_setup/JingLingBaoKeMengPiKaQiu_chs/7z.dll

    • Size

      892KB

    • MD5

      c2cd12543f14c8bb0e9543082e976592

    • SHA1

      7c0d7fe1bf26620f6300eaeb3a358ad3ecb20793

    • SHA256

      627d39eac2a543d4354a26483104028b638f7c583bd7c2e9f97ba9414c5d6365

    • SHA512

      42a9c4c89123772a78c0c6850309013df80e3c0bbb195a38cd1218a762ebf518d42dde823eec2cac1740bdb6411a9db288d43d9a43ec0f49141aa93baa89f391

    • SSDEEP

      12288:J4JEXg0WoCilbrfC5tVzq14TaZ2/RsAtIqLZm1W7pYzkoL9MyGWg5:WJEpW2lbrfk7q14Tak/RRxmw7Qkl2g

    Score
    3/10
    • Target

      ????.exe

    • Size

      5.6MB

    • MD5

      897f6e6f97d084f143cdd70456095d58

    • SHA1

      d15927d4336014063efae4c3c289f83e9045c4db

    • SHA256

      0389f35f3bdb53bc82a5d660fd219af259575548741acf8073c04476e85c6044

    • SHA512

      362a21a1d54e47281ae9c802de43343bdf4f498f37150e46f72129aa41e74636937ee71c53470ca9e8880619e71255723612cad69fd0d64bde9e9403a2f04a35

    • SSDEEP

      49152:m7LxsrGlPli5thRCe4PCBLHI7FTiQzHqEOri7EX:Mli3pBLo7CD

    Score
    3/10
    • Target

      Unistall.exe

    • Size

      308KB

    • MD5

      4d52ebbb676f69728428d0daf02fab6d

    • SHA1

      7eaa6fefc27235fd700ef63c49fa27cdad9bcd71

    • SHA256

      31781a4ac0aa62dd24468428f5c4f921f3b0dfc40cd91084925b815e7388fd50

    • SHA512

      4b4a008a2bde5f85a1e3e2d7cb722f42f2453fd836b822ca4197b5a797e685eb9a07553cf28e7e344bf2d85f15f76e0e1f4b032496202aef77cd04b1077f9e6d

    • SSDEEP

      6144:uwRwpRnynJqP6LqkEOwL8oLRBBxLAY1v4BSlxlb:u0F8L8oLvBxkYF4slx

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Target

      JingLingBaoKeMengPiKaQiu_chs_setup/游迅网.url

    • Size

      114B

    • MD5

      bdc7cec1adf67b39ed77ad778f69e22e

    • SHA1

      2a360e8a398339194063d2e4abbc28c3e4da5fc0

    • SHA256

      5952be2fa793640e4508ae8e77eb0c169039db059ac39c9ac64b106bd8af0c72

    • SHA512

      5998111addc0b838174741645b3f11903f49e54a60e5d4e301126f2cc266db1277f2d087b4a508fccc756dbf671bb3cf77dd1d6ad09bd6f74e2b45305ca4e354

    Score
    1/10
    • Target

      JingLingBaoKeMengPiKaQiu_chs_setup/点击使用.exe

    • Size

      5.5MB

    • MD5

      ec0e795eaf7b93e154bc9e62982777bb

    • SHA1

      4b54963fde2fb2a0c63a783a792e7cefda3b8724

    • SHA256

      83ed56142fa3502ffaa9cd073c96ee67fc45dc43c0051863c0862ee6d0cc6d71

    • SHA512

      005337c66e4a305e58546b096134e343c087d3b3d86eacc957d8afd30cdad69266ad1d8fa0ea92377b75479d809d1a8fd38e3e4759d92c4ed4728cefe284db57

    • SSDEEP

      24576:JoPR0L/fk2MMuISG7XOmBTtNNJEpW2lbrfk7q14Tak/RRxmw7Qkl2gFt:3k2LuISWXXTQpzVrfk7quTak/Pxmhg

    Score
    1/10

MITRE ATT&CK Enterprise v15

Tasks