0bdc115aef8d58d2268275c231838e9cbd0c0b2a341fce80472f6ec83cf3e3fb | Triage

Sharing

Copy URL Twitter E-mail

General

Target

15156fc599cd62f48312a100d40e731e_JaffaCakes118
Size

7.7MB
Sample

240627-hvt47azhmr
MD5

15156fc599cd62f48312a100d40e731e
SHA1

a7c6cf4096a28dcd736ead29f1a5788b8b17cfb8
SHA256

0bdc115aef8d58d2268275c231838e9cbd0c0b2a341fce80472f6ec83cf3e3fb
SHA512

78683fd7e27f7b84f1a025a806100a27a82cae6e11a6f391f32c4b6c61ec95ca4c977356a3a79503ed6c03320faa1d4998c91aec2a336c7b1e78921699577140
SSDEEP

98304:cZbMPoVVpnoXrbO9gkLWJCzfE9MZn0rwN4lOr9KjaVgbhhCQkBNW4CVHTyiUzFQi:cCPo7+XCTLkk9ZnykmAseVEd3MzB

Score

6^/10

Malware Config

Targets

- Target
  
  Recover My Files v4/PascalStreams.dll
- Size
  
  86KB
- MD5
  
  f66737c4cc655fbcf28b2b73e4f4645c
- SHA1
  
  804ae5192ba20de23a4650ba336cb1f7e11a4926
- SHA256
  
  6d9ae4bf7fc2b01666e2d2ad3d0e4ea84ac4a260e7465062c024ef5b2574c566
- SHA512
  
  2e24a0ba43b1e4fc4d1599554e112afa8ef336c2e108f6cbefc76e8366f6801cd92d704e0a6bc0033ab2be50705db7b333e0bb9df6dcf201a72119c91491ffc8
- SSDEEP
  
  1536:pjqjoQTOKuovbvTspOaQcNFeSe4Edi3sXxC7gCKKmvXlu3mvj7dHUA9:8obtgvssanNFeS9EM3IxC7gCKdvVHvfH
Score

3^/10
behavioral1 behavioral2
- Target
  
  Recover My Files v4/RecoverMyFiles-Help.chm
- Size
  
  2.2MB
- MD5
  
  6cc302fe2b9747daf77453fdd936cef9
- SHA1
  
  25ec4e019d3d6a979838cf6e06d1eae64c2dfc5a
- SHA256
  
  4af221ba171d50d2df714fe8c36da8d44e138e7fd25b4929a9d095eff9aca6db
- SHA512
  
  4cb492daadb32cf76040fa1e8c8c75afe1dd62390143f9e10b051b16fdd417eeffc353523c1124f6616ee19ee2bb47e7427a3a714fdbf848670d94388b0fec06
- SSDEEP
  
  49152:01PvNCm188Vqc3bxo/NwjpfzbzFmP1YJO9OKj5XLo7ITEFTVfonYZTgtGir+:01PF38yHqVOhqDOMXLk2EFRZTAS
Score

1^/10
behavioral3 behavioral4
- Target
  
  Recover My Files v4/RecoverMyFiles.exe
- Size
  
  15.9MB
- MD5
  
  6df7093ad64d9db8dab06c2020a79f5f
- SHA1
  
  22d83a0580997d139f96744e492dba0ac2b668a5
- SHA256
  
  231d2ab72285f3aa15fac2165d851111603dcfdd68542f46a94a2ad92e37c178
- SHA512
  
  a9e5b01b50d949e18b516f4b39fb87ee041db38394e1a0cd03bcc6cae383223dfd1a44f5c36ae068d8ff3eca2c3f3333e23c10e15d5beb3f5c2e53af90048a4e
- SSDEEP
  
  393216:aJlxohMZZ/1g5j60PBvB2Mcg3YTqG8qXCeSjxyv:qdxPpYwCeSjxu
Score

3^/10
behavioral5 behavioral6
- Target
  
  Recover My Files v4/StarBurn.dll
- Size
  
  555KB
- MD5
  
  19f5a638948eb5d413c89ae62d1320ad
- SHA1
  
  431a8bb70a8754dbb8e2e2e26def6e1b1f30f477
- SHA256
  
  372a719d73ecb4d48c8b7d1654f167d5de0f73b4772b757cd60cf80f19d859a7
- SHA512
  
  5fa90c430b186e5d764cf75a12a3e9fe7447ba21d1a42231ec7b6f5f32c12dc46890af6919c9e723b3f85f3c5a83bd8b184a5020e3c72df39b2c2279c9375a25
- SSDEEP
  
  12288:k/gzbnMa1JPxCv4g14xdrt8kQaYfAc+IM6TG7H8:8x6g4gexdr+paYfAc+4G7c
Score

3^/10
behavioral7 behavioral8
- Target
  
  Recover My Files v4/WnASPI32.dll
- Size
  
  32KB
- MD5
  
  90a485a101559b55605671cca2ae0f28
- SHA1
  
  26aebab2ce66c084d1b6b85ca6f10b32b76c8573
- SHA256
  
  db3c799c22e57e05f8da6ce8e4ffbb409261f46f703646e06e566d0f8c9bf12f
- SHA512
  
  87bc41c3c610660a0110ec77a5d3368f1d09d8c83e14a8f6daec75d2b7a265e82e51fb1776ce8401ada98ad68e972b7c551b0792d0ebab8beaac623fed5562f1
- SSDEEP
  
  768:sQZ67ZnUnKrAFqCkTEelleIMW1FTJ27y7:sQJKFCkTzfeEFTJ27y7
Score

6^/10
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral10 behavioral9
- Target
  
  Recover My Files v4/rockey2.dll
- Size
  
  48KB
- MD5
  
  a2eab2f6c266b2aaa1a712a6d070ca60
- SHA1
  
  fb56dc353fc87da9a9f89a8c3f961eb15e8e442b
- SHA256
  
  c0cb0328c216cbcd0e9edd2cd2d55cebc08b38281a796c9e8b0e69a481b0f0e0
- SHA512
  
  4ddb99464c5a8f54ddf0b733d2912e7ae9be295f4d8a3ed6c64685bdd36ec09254f2c682ea3025a4f2db68f2893d7abe5137aa58d213598b4d1c27164825271e
- SSDEEP
  
  768:4FCqnuAJxTeAReE+WM7egfwc9JZYr3OoTs6qu:guuTe3wM7y+vYaoT5q
Score

3^/10
behavioral11 behavioral12

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12