5ac4613596b9c3506f1219eabd386af4d8c217bda02ee17ef63c68e74493d78b | Triage

Sharing

General

Target

153b8f1df529149d08ea89ae3f6d4c3a_JaffaCakes118
Size

232KB
Sample

240627-jsp8wszcrf
MD5

153b8f1df529149d08ea89ae3f6d4c3a
SHA1

0f2a0e295bd5e0c2ddc029a6342ee0db4c46ec44
SHA256

5ac4613596b9c3506f1219eabd386af4d8c217bda02ee17ef63c68e74493d78b
SHA512

d16a8134747ce2893c4d5dbb845506be5bc36ba190713e97db975e321cd78cb1bb26dba07f959e37ba54db25d20e3b7d3bfcc5bdad60e9a1f3f718ed8ae492bf
SSDEEP

3072:zjTWyjrJx8c79efo/MYHDB10VyTGaMOffi99HYJsPkCdLntemBtasWXWzZdl/Pjz:KE1mmewHRTGky9HYJsPkCdJemBndbPH

Score

3^/10

execution

Malware Config

Targets

- Target
  
  热血江湖全功能小精灵 V18.4/新云软件.url
- Size
  
  133B
- MD5
  
  4f0017b3b346bd0626f0c3b915e6e734
- SHA1
  
  823bf3ff9e16cd636c9dc0dc690d6a586fcbfe92
- SHA256
  
  df65af1fc1e09f6effbde7e0ef1cb64d6caeef1f62b0e6467821efa032533678
- SHA512
  
  0f5eb5024cf6a0323f7998d419995a707c48de917a5899a185369e6acfeb17c09ffa03f7d110adc87b8de20b7d4bf30d50c72479bfb18614d2e21cbe169dc5a6
Score

1^/10
behavioral1 behavioral2
- Target
  
  热血江湖全功能小精灵 V18.4/热血江湖官方对按键精灵的看法/热血江湖-警惕外挂陷阱避免帐号被封，认识绿色工具.files/function.js
- Size
  
  20KB
- MD5
  
  52f757f0b18dbbe06357c0522394ed95
- SHA1
  
  0a68292368de34fcb4d68ade6eeba2e1e7a5640d
- SHA256
  
  96b1c0ea7d7e8ea76b761122ee5a68953d6163167c24c35e09d9055783b57777
- SHA512
  
  6b36ac1217c968a90de3cfcefde052b223673c7ba35eb568761d76963bd5a5c123be28e6ec7a9aa0a90b1ea4d341ecce4fc6d0b38d44486ad75d316c546cba9d
- SSDEEP
  
  192:54u0N0tpeVCfThM/9Wrw9VmECot8XAz3nF4B9DjDz/wFc:5r2CfThk/qAojDjwFc
Score

3^/10

execution
behavioral3 behavioral4
- Target
  
  热血江湖全功能小精灵 V18.4/热血江湖官方对按键精灵的看法/热血江湖-警惕外挂陷阱避免帐号被封，认识绿色工具.files/icount.files/reco.htm
- Size
  
  240B
- MD5
  
  659e1b773255ac59b7c772e95513646c
- SHA1
  
  78f6a84da6321d22f8b917a134d39656488416b6
- SHA256
  
  793017e9a81f1e5e051f58de3d0737a109071f095ff1c47019c42c5fb8424129
- SHA512
  
  fb2a77e65fd81cef7e277c06192710a6cb37038eb81b28c26e3dd5e3ddc0ba755562d6de14ed3a718bb96fa687e3b5f09f9dbd53295a208000282d6c18b8a14d
Score

1^/10
behavioral5 behavioral6
- Target
  
  热血江湖全功能小精灵 V18.4/热血江湖官方对按键精灵的看法/热血江湖-警惕外挂陷阱避免帐号被封，认识绿色工具.files/icount.htm
- Size
  
  1KB
- MD5
  
  01f3bec9218a41e75dbfb1d973eb7f56
- SHA1
  
  ca919312eee0f756e268db13c1760d81007f8436
- SHA256
  
  ea39bd46309afd2d5dd165f1e2636e4454a61dd8cf7cc21580de565a3b0c9da7
- SHA512
  
  d568079828d7754fceb6027855e01f7d4251698cab209661fa5966010ef347e35955dd34b903526dd49fd3141f2895daa2ba548ce074b546a99042066f90f9a7
Score

1^/10
behavioral7 behavioral8
- Target
  
  热血江湖全功能小精灵 V18.4/热血江湖官方对按键精灵的看法/热血江湖-警惕外挂陷阱避免帐号被封，认识绿色工具.htm
- Size
  
  11KB
- MD5
  
  036db95d534483625b56d885a3cba275
- SHA1
  
  490572f9231d4f91da224c7ac598260a970bd5fb
- SHA256
  
  942a2f3ebae10e345cce80425f50a3a9bf71ced020b7466853b4caac5be7f8bf
- SHA512
  
  9163cdd49982898a300c5fa25d8f8802fba396cf5612115d83bef57db6f7d6a4cafc2e4e180be46bd3c31efef529203a6660fe7bb64a4d416881b8ded9375ebb
- SSDEEP
  
  192:g621fs6ZIveGKKaqqBj0Hi3nW0w0PzB7l2I/PFlxfcJ10gA4SCy6Bh6oH6a26LV:o/1DKaqqBj0CG0w0rB5Xbxfy0g+u
Score

1^/10
behavioral10 behavioral9

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10