General

  • Target

    ab29a453c683c7540d17d700385626fa_JaffaCakes118

  • Size

    11.0MB

  • Sample

    240614-yhsctsxbmq

  • MD5

    ab29a453c683c7540d17d700385626fa

  • SHA1

    33ab9b2002bd85a030c386a4eb9d69b9f0a2030f

  • SHA256

    0d74d4f6a70b401cad08f23da259e13a0149e14db85830324ea58f20f21acf73

  • SHA512

    1fc542315bc76fff70c5829f8d62fcd2cae2aba9ad9a4c67f06b42898461d650bd1d5f9b5ef81cdfedcf97c9e23aaa1a7de524ff5123dcb24c9f605173d87a8c

  • SSDEEP

    196608:88gkyICCXNeaPpxf3KtO2AfakY8qSHJY+aK+NSKRK/hRbTZrEw2rZh:88KCXbvfffHqQsSjr/Zww+h

Malware Config

Targets

    • Target

      ybtbsdzj/HtmlView.fne

    • Size

      224KB

    • MD5

      c38e1e3465b444affe243bbbcfa4eab5

    • SHA1

      b1ea6cc6a5a9797b62592cbfce9487b39d2585fa

    • SHA256

      6dd78f0e44248251fb1edf9e4e0d3811ffba3401d37f443fa16ac778bed10e4a

    • SHA512

      4e040d19c4b2d18d912195edf64e915c9bbb1d13ff71764ae96311e8b8070fd03db34b4c7f9bf9ec62b90110eb86377d58bbee98be56592cdb2e80f1fe459484

    • SSDEEP

      3072:2rLzXT04zVCm3vAr+ydxEwgQstp1r8n7QCk6pNaHoPNr30icdfSd:Hnm3vdy4y3D5

    Score
    1/10
    • Target

      ybtbsdzj/PBShell.fne

    • Size

      36KB

    • MD5

      ae663d23828e2c0873fb294a8a2a21d1

    • SHA1

      2edd95515215170f2e5dc2428ac631b5aa2ab681

    • SHA256

      21970bccf9c8dd23cbf36b5f5bca9e6bc32335bcfb5e19d2f97a1b2ee2eefa96

    • SHA512

      70225619899266d7a307f6eeab2f4c709f48b66c57a2266143c787b984209d454634daaaf9165025e850fc3de8e10a968b900c80d89389ef848551b0701ef311

    • SSDEEP

      768:KlJt5SGkTR/rBmjThmA7wHnuGQuPwzQEbP/J3ZcH7azT7:zgp9/GQ/zQEbJ3ZcAT7

    Score
    1/10
    • Target

      ybtbsdzj/SkinH_EL.dll

    • Size

      688KB

    • MD5

      bd42ef63fc0f79fdaaeca95d62a96bbb

    • SHA1

      97ca8ccb0e6f7ffeb05dc441b2427feb0b634033

    • SHA256

      573cf4e4dfa8fe51fc8b80b79cd626cb861260d26b6e4f627841e11b4dce2f48

    • SHA512

      431b5487003add16865538de428bf518046ee97ab6423d88f92cda4ff263f971c0cf3827049465b9288a219cc32698fd687939c7c648870dd7d8d6776735c93c

    • SSDEEP

      12288:AuOtG9rMIfLpoTp2/WFH8bW7INLtK4dRjKCHd:9z9OIu4d1KCHd

    Score
    1/10
    • Target

      ybtbsdzj/YunImage.fne

    • Size

      864KB

    • MD5

      e6ff88a5f9bca53c251f837079c694d7

    • SHA1

      68dd571801f5f8da904b7a747108c0c43382d636

    • SHA256

      b4c2d2614070d1955d7cba7eafa56939cbd56dbd989016ac58258a557f3a3adf

    • SHA512

      dba5cbef511dfa0d74dc3ae77b7ccd6e04967b2be7a15f3c6de48dcd462b0f125f5d1cc8778a179e4802305fa863dbd3d05e9d95e52a1c53a07894cb2dc201c7

    • SSDEEP

      24576:qzQmWyAkv51RfxOFptRtCFWHEtgro04YNhTuboz9+B:qzQLkv51RfjFWHeW/TMow

    Score
    3/10
    • Target

      ybtbsdzj/alidcp.dll

    • Size

      159KB

    • MD5

      5f47ebed49510f87297b620765f73fb3

    • SHA1

      aa0e134120d9f2c2deb216a1960bfc597feb525b

    • SHA256

      a36e166afe29e257e7698e8eb1825f483f60acfadbd0f62e766eccaaafe1e511

    • SHA512

      9c73f8d9154f622b40cb9eb5cd6a3db515771ced6c0e6607b122e06ea6ff49db1824ad894cd6b9fa4401811d71271d934e17a50d4bd5353690e53fb8cf38ef3d

    • SSDEEP

      3072:mQSG+nuXSbyr5mL6QVZfKUE1eAu3OwnG/mBmc8nuiWYleKHPAGwv1x/f:ZSAgbZWeAu+wG/KmpVPA7hf

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

    • Target

      ybtbsdzj/aliedit.dll

    • Size

      314KB

    • MD5

      295e5c0f4610f8a8c5115fe7946bfc98

    • SHA1

      52122faae07aab5f98e7c966b541631987789613

    • SHA256

      5eb8c479de7dc178b6b77500b6a76aedbf1409689723eee3f2d3f9c80e584be3

    • SHA512

      10585fac41ee87abb9bafe51249d38de8ed8b05a1f176b272b7e9ef0b9e43b50004ac098af63fca0eb041d21b3c9b0ba82b30165cfa0274eea99240f705337aa

    • SSDEEP

      6144:cKcUsRr/zL7RcSiJG1t5bdDVrHLWgsSl6mtc4Y8U8bGcjGcIq9B291RM:HRkTzJcSESjRrHLDsSvtOcjjIl3RM

    Score
    7/10
    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Target

      ybtbsdzj/com.run

    • Size

      260KB

    • MD5

      ce2f773275d3fe8b78f4cf067d5e6a0f

    • SHA1

      b7135e34d46eb4303147492d5cee5e1ef7b392ab

    • SHA256

      eb8099c0ad2d82d9d80530443e2909f3b34be0844d445e844f1c994476c86d2d

    • SHA512

      d733dc01c047be56680629a385abdd2aa1598a2b5459269028446da9097b6f6c1e7ade5b74e3ac3809dd8a3f8d1cbbe7fd669f2762be61f9c38fd4a2cca9e063

    • SSDEEP

      3072:QE3SIWawqQX1yfkL7CfDyiOUAVvzUT3F4a3OMn08Mm/5zIuBEgWo0iM//Zfx6N:41nLO7PAhzUx4agasH//

    Score
    3/10
    • Target

      ybtbsdzj/commobj.fne

    • Size

      92KB

    • MD5

      91b7f537fab30ef802692d1327f81f60

    • SHA1

      9d787e48f3f4c359d5e00471952fe747bb731e3f

    • SHA256

      a8e32c386947039572a98f48b517d6067927384048a1d2ee4da99f4bce4c3346

    • SHA512

      56f0cd97555935cf898a08a8d8471dd242f3eb5cedfc8ba099aee95a7f221dbbeb1aac02c6faed6b78b25647cd5cccf047d9d7e8e58e0e5d6f703031a74aaf6b

    • SSDEEP

      1536:HVjfx7TTfUXgwLhTSmttTwb12Bkfono3Uot4v2j:1j57s+5NfnUomvg

    Score
    1/10
    • Target

      ybtbsdzj/dp1.fne

    • Size

      112KB

    • MD5

      6d4b2e73f6f8ecff02f19f7e8ef9a8c7

    • SHA1

      09c32ca167136a17fd69df8c525ea5ffeca6c534

    • SHA256

      fe5783e64aa70fac10c2e42d460732d9770534357329d8bc78576557c165f040

    • SHA512

      2fd7a95cb632e9c4ac6b34e5b6b875aae94e73cd4b1f213e78f46dadab4846227a030776461bca08f9d75a1d61a0d45427f7b0c8b71406b7debc14db04b2ce04

    • SSDEEP

      1536:IxM5MufmW0C3flmskqT0qYvwDr3cFoWPrE:IxMmomWP3fQEFrsFoWT

    Score
    3/10
    • Target

      ybtbsdzj/eAPI.fne

    • Size

      328KB

    • MD5

      cbd788f4c71b9776660d6e8473ae0e09

    • SHA1

      0189cd47bfa5d1cac0d7f1a33953d279f60b02bf

    • SHA256

      db0a6d7b75503daaf93c8e62ce67abd3afd57daaef4a448ec25a43d1de69e47e

    • SHA512

      84bc02c67e3a3a9f77418b25afe7ec55e5bb5ca5a6c05503d94dffa57a30c7608e79bb4f83fe91c39ccce16872df2b3f9e7e5a8eafb4f563b1f961b93e9b8c94

    • SSDEEP

      3072:RML/WXLcZnh1Sn8v2jNGQHTBJu0Lo2nVXQdtzb9trTSh05LNZPyJPo/AfVsIwQ+w:RZbcZh1Su2dHm0JnYpRuVBwQ+6etZZ

    Score
    1/10
    • Target

      ybtbsdzj/eOALib.fne

    • Size

      2.7MB

    • MD5

      f9ef1cb8ff573a79f8e00af1905b59cb

    • SHA1

      4595b4b331a2213791009680457fc080dda27a13

    • SHA256

      2678fcca9922364198dec49968d91da034bb77fd44d029de03f322e3428cfd7e

    • SHA512

      890113ec823bd29e7b9ab542f69c348ebb862232258d62a2ce670387d2bbd6f6a065bf81aeb900028dbde707fc40f1021d44b11f7a9c810dd386831e87e3336d

    • SSDEEP

      49152:n1nwn2x1i4fUp/aMHmjx1jKqMLlfMMMME3YLuUPw:uik4fU5aMHOnjKqMLNMMMMEb

    Score
    1/10
    • Target

      ybtbsdzj/gzip.dll

    • Size

      31KB

    • MD5

      5eb4e7c1a48e211c2645080d4fb9d7b4

    • SHA1

      f7eb42d6f26ea8b1a1421809aa6fc63ae4dd1dd0

    • SHA256

      7fdb90dba03598969995b7c50937ffb25e21a774bdc7990541658c7262310d5d

    • SHA512

      7a677104cf113ef91a4cb259f3c87f0e3ed0ca63f6bc5192157169814af47c930482cf940104c90570defedaf183676591298d6aeb6ec561ae3368d76741ad69

    • SSDEEP

      768:r15aMkmBMbo09BXnNcOeJ1Hd01i9elesVJkER7g:rXrBE/nneZJnR2eIxR7g

    Score
    3/10
    • Target

      ybtbsdzj/huhui.fne

    • Size

      90KB

    • MD5

      1e88bb75c6db3a77f8e494c696db405c

    • SHA1

      6bb51162863a663b085645d4fe3c4962949e4e96

    • SHA256

      1e1180e47f086ea9e09b9952819916eaaa2e54631992926cbbcf55816fca0dc3

    • SHA512

      4e01849ec2588699743103bb0afda5302dc7f365d79dfe33736defa9fe5fd5a8d12372620a8435c61c43aa715a339f3c72d12904409a15afb5669384d2451b8d

    • SSDEEP

      1536:3G8iO9TSZasqWiv8ydPUMbqfJ9FXy/ry+occgCdPj5/ZgglhRijsggTVNV:3x1gZapjvdPUM+fPNyT5oLHggbnX

    Score
    7/10
    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Target

      ybtbsdzj/iconv.fne

    • Size

      912KB

    • MD5

      fd91dbcca49f02a8324e0fefd651ac57

    • SHA1

      209a45f9966da85bc93dfa613d80e00071223784

    • SHA256

      5921b2d83133f048bd34dd30bfcb2986bc8f08675a02defe8e43c3f978e76bd9

    • SHA512

      b3b8bdd71f384956d3523a313f2658c9a2e9e979133bc2a027323791c3d97f39d63a37308fa63503584304d4078dea442012285b1ae37df45276cb20f1a2b8ff

    • SSDEEP

      24576:lDBf2FfWl8KuqGavkg3NyNIbbbIoIBAUZLY:lB+s8KuqGaX0ToIBAUZLY

    Score
    1/10
    • Target

      ybtbsdzj/iext.fnr

    • Size

      216KB

    • MD5

      cba933625bfa502fc4a1d9f34e1e4473

    • SHA1

      5319194388c0e53321f99f1541b97af191999a09

    • SHA256

      25549c7781b3f1b92e73b0ea721d177207cce914a66f3229a71291f2eb160013

    • SHA512

      f5fb4b97c4f68a20e0847e6528740ce659c4501726f3b2dff1ac83e88a3b7198099da03edb0f069cd4af7ed568a2373597b235cd239895addfa5226d3a444142

    • SSDEEP

      3072:1dh+NmslaQ7iAvBvXo8M360VVQrtPdDMDyowHhRJl5pnR:iiGK8M36zVdRL

    Score
    1/10
    • Target

      ybtbsdzj/internet.fne

    • Size

      192KB

    • MD5

      0503d44bada9a0c7138b3f7d3ab90693

    • SHA1

      c4ea03151eeedd1c84beaa06e73faa9c1e9574fc

    • SHA256

      7c077b6806738e62a9c2e38cc2ffefefd362049e3780b06a862210f1350d003e

    • SHA512

      f14dfa273b514753312e1dfc873ac501d6aa7bbd17cd63d16f3bcb9caddcb5ea349c072e73448a2beb3b1010c674be9c8ad22257d8c7b65a3a05e77e69d3b7a8

    • SSDEEP

      3072:tkaaguNk1Th6jTFWBBMzlRjEg07N6QlMCyjrWzokcTaY9+S3UHQ:tOJOSIBBPg0xJMCyeYaLSi

    Score
    1/10

MITRE ATT&CK Matrix ATT&CK v13

Persistence

Pre-OS Boot

1
T1542

Bootkit

1
T1542.003

Defense Evasion

Pre-OS Boot

1
T1542

Bootkit

1
T1542.003

Tasks

static1

upx
Score
7/10

behavioral1

Score
1/10

behavioral2

Score
1/10

behavioral3

Score
1/10

behavioral4

Score
1/10

behavioral5

Score
1/10

behavioral6

Score
1/10

behavioral7

Score
3/10

behavioral8

Score
3/10

behavioral9

bootkitpersistenceupx
Score
7/10

behavioral10

bootkitpersistenceupx
Score
7/10

behavioral11

upx
Score
7/10

behavioral12

upx
Score
7/10

behavioral13

Score
3/10

behavioral14

Score
3/10

behavioral15

Score
1/10

behavioral16

Score
1/10

behavioral17

Score
3/10

behavioral18

Score
3/10

behavioral19

Score
1/10

behavioral20

Score
1/10

behavioral21

Score
1/10

behavioral22

Score
1/10

behavioral23

Score
3/10

behavioral24

Score
3/10

behavioral25

Score
1/10

behavioral26

upx
Score
7/10

behavioral27

Score
1/10

behavioral28

Score
1/10

behavioral29

Score
1/10

behavioral30

Score
1/10

behavioral31

Score
1/10

behavioral32

Score
1/10