Overview

overview

7

Static

static

3

???www.xzking.com.url

windows7-x64

6

???www.xzking.com.url

windows10-2004-x64

3

readme.url

windows7-x64

6

readme.url

windows10-2004-x64

3

syqgmflzcb...??.exe

windows7-x64

7

syqgmflzcb...??.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    9f26ce3de4c90ba0b75eb38761c5be64_JaffaCakes118

  • Size

    12.1MB

  • Sample

    240611-w564dsxajm

  • MD5

    9f26ce3de4c90ba0b75eb38761c5be64

  • SHA1

    6f3db9f8153620c4e92d47713b723243e634ea1d

  • SHA256

    affebdc80ca87f7bdcb49523911b3b06cf0431c4a6f54405e47a14ce623832a1

  • SHA512

    8896127b27a9160dcd744a0df8d0547f7b5c742d28b1f396a597a71c7ba158c44c5a8aa67433c285326c885433185e48bb250a5bfbb49c256994a57e09eb8ad4

  • SSDEEP

    393216:9W68fJEMm5haMoQUKuU4LkukkxRMlCylmbHctn:9Wp+MUo55kkCCylmbHctn

Score
7/10
evasiontrojan

Malware Config

Targets

    • Target

      ???www.xzking.com.url

    • Size

      302B

    • MD5

      f6069f943715d9a180c3d138647cff0f

    • SHA1

      d11eac1bcc2bd7ec49c3640063c5e378cd3c83fd

    • SHA256

      5315aa654483ecb41f08131f411397c4c9629c0a01820c1dc1b5fba2ead4eb18

    • SHA512

      96985ea678c97cff36f6258e0bb08bc1bca10a7f9cc4c6f27941dfed668795caca5bfaacf7939d608f50a234ab2954f98f00a5b1ecdb260adb9851e8cc924b76

    Score
    6/10
    evasiontrojan
    behavioral1behavioral2

    • Target

      readme.url

    • Size

      328B

    • MD5

      63ce37659e34f6542d31a4bc64ec19e5

    • SHA1

      31938110d10a8ebce18ce02d1ebaca0e344a797c

    • SHA256

      36dcd2cc9ef2a279014b4f85915100f62d36bd0c2cf439638d4ce0e9c18cc2ff

    • SHA512

      39dc956c870a2bd80786dd215b503e5f22a1259bb858ff37ae601cb11d425afd5304e6472512c99afcb98569f08990e1d03df5e3d392ec484b1a98dd3f7b86e2

    Score
    6/10
    evasiontrojan
    behavioral3behavioral4

    • Target

      syqgmflzcb/??????????????.exe

    • Size

      12.4MB

    • MD5

      88acaa227fc3155de6804f7cdf7795c2

    • SHA1

      dc40b4a233a86012c903396623ae300cff98d4dc

    • SHA256

      bfc0a8b03dd0bce525423b3109bb025c39d8b3277fff975dea36b74cb067bcab

    • SHA512

      d840976a0e43c2ef52f39afd69c517f8b3c3be9bab71836f1924e45f7627474fa50410aa4b1026e4cfc56bf251f91ab872b0d1b11b63e814c9d2bfcef91bb3f0

    • SSDEEP

      393216:p0ZPBtYsCrPE2i+QYwmC/KGKoFXcnmyFg7DujEA:6ZZ6sQsFrKoomyFg7DujEA

    Score
    7/10

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    behavioral5behavioral6

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

2
T1112

Credential Access

Discovery

System Information Discovery

7
T1082

Query Registry

3
T1012

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks