236aa3f0c90eabae780df59429fc87fbff76d9b18bbdf7e8298429d07a3f71ae | Triage

Sharing

General

Target

19d7ced60c10ce7f3396d28172641b89_JaffaCakes118
Size

11.0MB
Sample

240628-mw51asxhrm
MD5

19d7ced60c10ce7f3396d28172641b89
SHA1

5df236efd3fe8d223cd2aaf9d49daac9e6939196
SHA256

236aa3f0c90eabae780df59429fc87fbff76d9b18bbdf7e8298429d07a3f71ae
SHA512

8297550129f62f6ff559068964c655575c30bb51f92dc5b83c96c51738fb43254c0a8cb280a4bd315b26a11229064af3d14e63b19f200755611cce84450a6bba
SSDEEP

196608:WVE4hrUCjoAwOQ8Q5MQDteggio65EveXyh6oo3NOiZKjpXJslGsRg6+GpQT9:ELhr0AmZGyVgioUlboo3NM9J8GK+Qi9

Score

7^/10

persistence privilege_escalation

Malware Config

Targets

- Target
  
  setup.exe
- Size
  
  413KB
- MD5
  
  b5e4f7e914fc8ddcd8eb353fdd4cfdee
- SHA1
  
  5910518818d47d72f5727af5828738f46a7c706d
- SHA256
  
  372f176b1c9c5eae78fa6a2fb1117ec3b9a2ed9dd8e3ee6ebffbb2796980b8b5
- SHA512
  
  51d3522bc19b4972a7751b01603847207c9a5dc5137ac9628c7f994796fe48a668e84e982a31f82a0648b0434aafb2d230a32321fcb0c5f7596f42a055799f1e
- SSDEEP
  
  6144:LBcSdtUgfIk6GCBes2xMdLRmkw5HJZ5EAhsqFbzojDuUli4iJ66nF:LDGgfIkXCBepCdLsZ5EIeDuUlimCF
Score

7^/10
- Executes dropped EXE
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2
- Target
  
  wqEtripSetUp.msi
- Size
  
  11.5MB
- MD5
  
  60fff77b4d1a52465dcb9d92d747985d
- SHA1
  
  8e13b3d87d10eb624be801b2465d71471cb09150
- SHA256
  
  4ab4b66e69297c858b5075f4191b43e9d934733ac186384b59f42572cdd54195
- SHA512
  
  511d55ab09ce7da4a8d0a07e0c09615565f0b22486dacb219dcbae2ea5c502e87006397d1e058681760944631d05aeea686e9c7d00a23089b76692abffabbbcf
- SSDEEP
  
  196608:UAGoqBQK8QQKKyFbaF4jkm+gipgpeJY2n2SIpZo2o7XIJck+rHLGJH0fzSUxuawc:rGdQK8QDKiU4jKMpYVbX2CIJaIHozt7w
Score

6^/10

persistence privilege_escalation
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral3 behavioral4
- Target
  
  新云软件.url
- Size
  
  133B
- MD5
  
  4f0017b3b346bd0626f0c3b915e6e734
- SHA1
  
  823bf3ff9e16cd636c9dc0dc690d6a586fcbfe92
- SHA256
  
  df65af1fc1e09f6effbde7e0ef1cb64d6caeef1f62b0e6467821efa032533678
- SHA512
  
  0f5eb5024cf6a0323f7998d419995a707c48de917a5899a185369e6acfeb17c09ffa03f7d110adc87b8de20b7d4bf30d50c72479bfb18614d2e21cbe169dc5a6
Score

1^/10
behavioral5 behavioral6

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

Installer Packages

Privilege Escalation

Event Triggered Execution

Installer Packages

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

persistenceprivilege_escalation

behavioral4

persistenceprivilege_escalation

behavioral5

behavioral6