Overview
overview
8Static
static
8PKBFM.xls
windows7-x64
1PKBFM.xls
windows10-2004-x64
1Pkb625.xls
windows7-x64
1Pkb625.xls
windows10-2004-x64
1Zcinfo.exe
windows7-x64
Zcinfo.exe
windows10-2004-x64
jsrkb1.xls
windows7-x64
1jsrkb1.xls
windows10-2004-x64
1pkb625.xls
windows7-x64
1pkb625.xls
windows10-2004-x64
1明达课表.lnk
windows7-x64
3明达课表.lnk
windows10-2004-x64
7说明.doc
windows7-x64
4说明.doc
windows10-2004-x64
1General
-
Target
1fce18e483653ef2425e5ced112c21e7_JaffaCakes118
-
Size
376KB
-
Sample
240702-ssab4ssgnr
-
MD5
1fce18e483653ef2425e5ced112c21e7
-
SHA1
5a957865009c3fad4e957c9677e3b85da0731e76
-
SHA256
5e27d2880f342047db0339b1e4f39247251bdbc04319a0d16518ebbfbed2683a
-
SHA512
3f7793ae61b4e47efe9fb6dec8e7b1f84dd8cdd1dc6db7df191700c178cb0ab811a80f8e60e921cf4fa2a880e8eb3b7f8e37c186a49d4eff83cb7927ee697a78
-
SSDEEP
6144:IwztA8nGBxeLzpxbwwCYTVcc7B7wndrcSpq9x27T8o/xbwRkuFu9Bu3hnKvp7X:IwhGBges7B7wNpk87T8o/xbwRXqE2R
Behavioral task
behavioral1
Sample
PKBFM.xls
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
PKBFM.xls
Resource
win10v2004-20240508-en
Behavioral task
behavioral3
Sample
Pkb625.xls
Resource
win7-20240220-en
Behavioral task
behavioral4
Sample
Pkb625.xls
Resource
win10v2004-20240611-en
Behavioral task
behavioral5
Sample
Zcinfo.exe
Resource
win7-20240508-en
Behavioral task
behavioral6
Sample
Zcinfo.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral7
Sample
jsrkb1.xls
Resource
win7-20240611-en
Behavioral task
behavioral8
Sample
jsrkb1.xls
Resource
win10v2004-20240508-en
Behavioral task
behavioral9
Sample
pkb625.xls
Resource
win7-20240611-en
Behavioral task
behavioral10
Sample
pkb625.xls
Resource
win10v2004-20240508-en
Behavioral task
behavioral11
Sample
明达课表.lnk
Resource
win7-20240611-en
Behavioral task
behavioral12
Sample
明达课表.lnk
Resource
win10v2004-20240508-en
Behavioral task
behavioral13
Sample
说明.doc
Resource
win7-20240221-en
Behavioral task
behavioral14
Sample
说明.doc
Resource
win10v2004-20240611-en
Malware Config
Targets
-
-
Target
PKBFM.xls
-
Size
92KB
-
MD5
532f44062b29d79e076424115784e3b0
-
SHA1
728568cc7f50731459505306ae547cdd928ef867
-
SHA256
38a25202f93b3efa2a09b028af88f101da1eda35f2d17809ece2c622f3a85d28
-
SHA512
65ea7a50e9a1293e8ce7f91ec64d39d3efc64a89d6b94eabc1fc4bfb920a934e623292b8d5279fbc645dafc3cad682ec822be61970c0dfd1e3787b7f2fd919cb
-
SSDEEP
1536:5eeeeqEPCmSTTnf8FOiW5eta2q1I+AlQkZYMTP3p3QjR4H:XUbApW5+a2V+A+kR3yd4H
Score1/10 -
-
-
Target
Pkb625.xla
-
Size
175KB
-
MD5
d4ce61b6af570a8667839a4c3f5a4dec
-
SHA1
ab2395fa6cc3e5bebc5ff226c620717c2c49bbb7
-
SHA256
1d4469b745cb07c32d3cc2f34316fcbe1c9e90827ed1daed05e2a1fd4bef017c
-
SHA512
e0508941ab0b3a4400a9f156c36ea188f2b06a7b866c7fc8b04005f60384dae68ffe0baf0d1a80eb9e6a2c8e74ab2f4b40d59bfd237aade7882e40beb6c7d891
-
SSDEEP
3072:fgj5lpCeFdSrxIAnqjhY5GeU1NiTAtUVzpAx:fte/6VzpA
Score1/10 -
-
-
Target
Zcinfo.exe
-
Size
33KB
-
MD5
a3bd1b8caa50b304a44d5b2cdfc05d58
-
SHA1
c8a14969db1017a05c03b6faddc60a4035f2d78e
-
SHA256
a16179782d64e7f7f3b072c9d0d06f3b5d6b68c9b74ceb0df4325dd9e2673e2d
-
SHA512
b5d030e3536fa6f316fa17ecc863854d9ff3c14a950cc0e4c8cfccda65633c536b81ab9b35636fe39fb1c2f30bb7748a9acc18c267746702581239670d323544
-
SSDEEP
768:vrvedql90XYUN5gG3SPma1uHHsaHvGkq8lh9/WUqq1YE:v19c30d14Hsmvu8R/U
Score1/10 -
-
-
Target
jsrkb1.XLS
-
Size
78KB
-
MD5
7f954c5cbca210632199ec03e04608c7
-
SHA1
570ea6f60b31f1843f5dd288676b3c19fec8be39
-
SHA256
d2f005c6660af6f0b9cd368ffaaea041bdc6cc4e73042eff5ffe5acc69357571
-
SHA512
55db75064658667324dbf17cfcd09e3d52f44746a8890283bbc055a4d056df4df9e6a902dfc729f5dc22ab3d4ca05d80dc7667a1254883ed28c4a04bebfb5fb8
-
SSDEEP
1536:UPWsgeqoX/LJAmasaslXKekXADNe5YXgE0JnBx1F8SfcA7/qvdPyKZWLzQHVi62S:S7kRjfzZ1Igj8STxCi+HNmytetmdNC3W
Score1/10 -
-
-
Target
pkb625.xls
-
Size
911KB
-
MD5
23cec47febb1180b23134fe28dccf442
-
SHA1
6a7853498bdb9dccf4b825202b2afc505984b9d3
-
SHA256
beffcbb9859c172ebdda46ed00e92e8f50c251c00a7f433740553b6e68723932
-
SHA512
877b50308e5a9d902416d73eeca5a13a076e840caf520093e753235f9f839549afdcf6922bb267f551accd14f328d2191989e2bed40db87aba3820215fb0d9d7
-
SSDEEP
12288:oxIyRQ8TDLPWU/+5sn1I1HBZdwut/iH1IyazNGNq:o48TDrWU/pcBMQ1zNGNq
Score1/10 -
-
-
Target
明达课表.LNK
-
Size
318B
-
MD5
fb1cda71fa5111d2f9be898c472f90e5
-
SHA1
d618c10ae20312aec4d07c468ac714d227b0b664
-
SHA256
30e8669b52ca54e9a306457078f1355f042a7a8fcb515d19febd277dcdae3ace
-
SHA512
496fb18b90ee9c67ecc316f571e5b646773f1a7582f5d258a490de2c6d857819792bb57dfacd84f56a25164cb236c90f71c8ab2b13b578892aec4a58a06c6846
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
-
-
Target
说明.doc
-
Size
58KB
-
MD5
f0bc2cc272a15953778384e2ce88e6c9
-
SHA1
a31d1f0306d9f111fa99b34ac1b4617fdccfb8f2
-
SHA256
2fc226be73a8b134e13737e34572809b308fd534d1bba58e0a576fde21c52e12
-
SHA512
2f1dc19cb153aa32897029726980de6058bb518da912dc7f56b969fd7d2ddc45a005fe2c20d92b9ca54e67418cabec8ce4acb02e8dd688199c7ea5547c8d40de
-
SSDEEP
384:g3jSQp5VUhd3n+kc2DQp50kY/GPGqLUMkK7KqxiBXfnhiPyyBzsKZ4N:gTSi5VUn7i50kfGqAqqPnp4sK+
Score4/10 -