f6001c8b8d9084654ef5f429e672257b690d651f96e3c493e2f65457b8eabea1

Sharing

Copy URL

Twitter E-mail

General

Target

269d6d6175ba001f7ff31863fa159055_JaffaCakes118
Size

3.2MB
Sample

240704-3dmc8sxfpf
MD5

269d6d6175ba001f7ff31863fa159055
SHA1

1a4a1bc94bf026dd6d2bc7a90dfaaf743d4319ff
SHA256

f6001c8b8d9084654ef5f429e672257b690d651f96e3c493e2f65457b8eabea1
SHA512

9d4fddc5bf9365b94ef9108e0b957dc7ba93a2fbca71d4287f554534e93388347d9b81fcac8c79f957a3da07e9e8295dcc0a3eeae5b44f8457d07c5b000c71ff
SSDEEP

98304:uQ2LOYMrtxGEqsfV/Eky2VZZ2JMF7GlDlf:7Qi+Ep/Eky2VbalDlf

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  GoKuaiSetup_5.1.0.38.exe
- Size
  
  3.2MB
- MD5
  
  77a69032dc9932c80e8a182d368f3cb7
- SHA1
  
  8dcbba89470a4b05a1a163abef0f98f608e4f5ed
- SHA256
  
  dfea3a9fb3e29464187b0b21ba5d0b48eae143c35b0a2bcf12419d944f0da3ae
- SHA512
  
  bacac8d9e61b92e5640d0fbef0d35ea7d0fa33aa8f652bd7c35e5fad340eaf4a91e86156a11ac0b0e8fac15a0cf52d86acb2758f28697c18c7c1dba9cd0216bc
- SSDEEP
  
  49152:vN7VbxftXurFogODit6HddEZSbARJ9hvTTPAvt6Ey2QyqRTrO8zXyLh4U0zg+1af:F7VzXurLAddyHHfTITVCAyzXy
Score

7^/10
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  14KB
- MD5
  
  325b008aec81e5aaa57096f05d4212b5
- SHA1
  
  27a2d89747a20305b6518438eff5b9f57f7df5c3
- SHA256
  
  c9cd5c9609e70005926ae5171726a4142ffbcccc771d307efcd195dafc1e6b4b
- SHA512
  
  18362b3aee529a27e85cc087627ecf6e2d21196d725f499c4a185cb3a380999f43ff1833a8ebec3f5ba1d3a113ef83185770e663854121f2d8b885790115afdf
- SSDEEP
  
  192:86d+dHXLHQOPiY53uiUdigyU+WsPdc/A1A+2jwK72dwF7dBEnbok:86UdHXcIiY535zBt2jw+BEnbo
Score

3^/10
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/KillProcDLL.dll
- Size
  
  4KB
- MD5
  
  99f345cf51b6c3c317d20a81acb11012
- SHA1
  
  b3d0355f527c536ea14a8ff51741c8739d66f727
- SHA256
  
  c2689ba1f66066afce85ca6457ecd36370be0fe351c58422e45efd0948655c93
- SHA512
  
  937aa75be84a74f2be3b54dc80fac02c17dad1915d924ef82ab354d2a49bc773ee6d801203c52686113783a7c7ea0e8ed8e673ba696d6d3212f7006e291ed2ef
Score

3^/10
behavioral5 behavioral6
- Target
  
  GoKuai.exe
- Size
  
  1.2MB
- MD5
  
  c88e55030beee0aab14a4ec73787ad21
- SHA1
  
  eb3c3650f241541552c0cc5eadf79cf2a30004b8
- SHA256
  
  b3e0ba133ed323debe860a1f9fb08ec2dd9828d37c797e93a8a72d21a94e8243
- SHA512
  
  1211ab51047de3add915557af3857385b4f77e4c397495a0b8d15ae7954841dc120660aa8b92a2a561c2ed88d6290560682f0f6852134b2831194cc10f1541a7
- SSDEEP
  
  24576:GSyZAjoz5Un81ECU7MtHIvTta5AZd9JIS9FSKV2P0qY18w6qcXPKXQTTG4dBWyq:pyZAkz5UneECUYtHIvTta5AwSKKV22So
Score

6^/10

persistence
- Adds Run key to start application
  persistence
behavioral7 behavioral8
- Target
  
  GoKuaiUpdate.exe
- Size
  
  210KB
- MD5
  
  1ef0e1153bcd55b6f56891f94066d225
- SHA1
  
  cd863f87a7a87a162087bc26f481d66122394a24
- SHA256
  
  a79104c556c0fbe425bae24c3bd8bb56c25a902a219e79fea9e28f4e695e6688
- SHA512
  
  2847869d1186da05eef1f9b498478d1ee70cfcf2e1f215f123b12a76bd9d70f065cadf562d6ce9f90099cdfe8360591c4130f8885bbf00ab7a742980a1c16a78
- SSDEEP
  
  6144:dYGVOqttWxh2duVoaPZCPZztWx1/KuaVoL:dY49diGzsD
Score

3^/10
behavioral10 behavioral9
- Target
  
  Repair.exe
- Size
  
  46KB
- MD5
  
  fab3670d83ca9a389eed0742c10bc497
- SHA1
  
  4c8c3a5bbf232ed39c274c463e539e545df03131
- SHA256
  
  e48adfb8a113f3eef6b0556297a9496470a4fed1b3faa30dac6961e9a040d2a2
- SHA512
  
  af350b6a625037b97cdc7930c6b1bda6404d0e71f12b481648e401b5026371dc1ef22d1a69cbb0c6f36b71d0dbf0daf4458226a9103274d54d108d8dd208426e
- SSDEEP
  
  768:zlENqy80anHUtH7HfWyOBTB1dXsGi+AXNtKHxZfAXwYLl8ie:zuF80aHUtjOHvsL5NtKffkhp8d
Score

7^/10

persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Adds Run key to start application
  persistence
behavioral11 behavioral12
- Target
  
  RunLaunch.exe
- Size
  
  47KB
- MD5
  
  dfe1b3c6b0a7feb2de881377d297ba1d
- SHA1
  
  0786d3c66fcfb3e1369ed66a985c0994dd9b264d
- SHA256
  
  861bb49fe669ae2c27352f7f755b942e03e9d7524d828638d35c1320a738a2f5
- SHA512
  
  b5654f70b8d8b6f4cb66b16243b1c2bfcc4004c216ff4a4a310e9597bffc70180b364b1b6949b3ca0436b93d5d87c8b48c5c2af1c1058e97b183bc4a64ac8fdf
- SSDEEP
  
  384:Qxskd/8wjRzXkF4hYHSOKljPV7obiv1xq3UZU9BpwVnYJLlFEMeMk6:Qx5F5XkyYyO8jdWijZU9BpVLl86
Score

1^/10
behavioral13 behavioral14
- Target
  
  bugreport.exe
- Size
  
  37KB
- MD5
  
  e16863d6a0611bbade53d6df3bcb0d21
- SHA1
  
  a765ea1c59da6342183e23cb3c15283ff31bc519
- SHA256
  
  88cc088d9d3463df253d7abeb08459c5dfc8e688c26bc250a33699cc80a00a37
- SHA512
  
  bc013f728771a8d1bbe4de147041d308664635b42077fd193e702ba89010a03456d27741f751ccd877bfe44368dfb939a513da921787561daebc6d1e5fdc458f
- SSDEEP
  
  768:bcAwjWdGzylLnkayBGoO6Jjdi3IH5IippDrTPCZxqNmFLl8y:YAwj+GovUOaH5IcvcxqNIp8y
Score

1^/10
behavioral15 behavioral16
- Target
  
  mfc100.dll
- Size
  
  4.1MB
- MD5
  
  07bccdcc337d393d7db0b2f8fe200b3f
- SHA1
  
  5a02b227cb0a22a8e7884cd138c3e8568d083d94
- SHA256
  
  bf38dda13b938b49a4df72b6477342373ee6e151be12c25cb0c17662fcb4bcd4
- SHA512
  
  e5637727a549cf7b88f13474097a71200f0dfa511ecd55c5a42e5f53e9f86ce8b7ce763448830fd073e232876f7537bad96f2ced8d3159558778460264d07639
- SSDEEP
  
  98304:BZP0PvxMJfTcXPSo0akd+BPSLC4IEy+XNy136jCfsqLhDIJJGN8mFLOAkGkzdnEe:BZP2iIE80qLrHFLOyomFHKnPAG
Score

1^/10
behavioral17 behavioral18
- Target
  
  msvcp100.dll
- Size
  
  411KB
- MD5
  
  03e9314004f504a14a61c3d364b62f66
- SHA1
  
  0aa3caac24fdf9d9d4c618e2bbf0a063036cd55d
- SHA256
  
  a3ba6421991241bea9c8334b62c3088f8f131ab906c3cc52113945d05016a35f
- SHA512
  
  2fcff4439d2759d93c57d49b24f28ae89b7698e284e76ac65fe2b50bdefc23a8cc3c83891d671de4e4c0f036cef810856de79ac2b028aa89a895bf35abff8c8d
- SSDEEP
  
  12288:iHEqYsrMWIqz473PTiPoH/aGhUgiW6QR7t5qv3Ooc8UHkC2eKq87:iH9YsIWIW4rPTiPofaDv3Ooc8UHkC2e8
Score

3^/10
behavioral19 behavioral20
- Target
  
  msvcr100.dll
- Size
  
  752KB
- MD5
  
  67ec459e42d3081dd8fd34356f7cafc1
- SHA1
  
  1738050616169d5b17b5adac3ff0370b8c642734
- SHA256
  
  1221a09484964a6f38af5e34ee292b9afefccb3dc6e55435fd3aaf7c235d9067
- SHA512
  
  9ed1c106df217e0b4e4fbd1f4275486ceba1d8a225d6c7e47b854b0b5e6158135b81be926f51db0ad5c624f9bd1d09282332cf064680dc9f7d287073b9686d33
- SSDEEP
  
  12288:fQmCy3NeRjkpQmj3oaMtQqjoygfXq3kon9IlbgaOxQdVJJ6j5EBKX8hR5:ImCy3VQs9MtLjTgfa3kon9FaOdEz5
Score

3^/10
behavioral21 behavioral22
- Target
  
  msvcr71.dll
- Size
  
  340KB
- MD5
  
  86f1895ae8c5e8b17d99ece768a70732
- SHA1
  
  d5502a1d00787d68f548ddeebbde1eca5e2b38ca
- SHA256
  
  8094af5ee310714caebccaeee7769ffb08048503ba478b879edfef5f1a24fefe
- SHA512
  
  3b7ce2b67056b6e005472b73447d2226677a8cadae70428873f7efa5ed11a3b3dbf6b1a42c5b05b1f2b1d8e06ff50dfc6532f043af8452ed87687eefbf1791da
- SSDEEP
  
  6144:OcV9z83OtqxnEYmt3NEnvfF+Tbmbw6An8FMciFMNrb3YgxxpbCAOxO2ElvlE:Ooz83OtIEzW+/m/AyF7bCrO/E
Score

3^/10
behavioral23 behavioral24
- Target
  
  新云软件.url
- Size
  
  133B
- MD5
  
  4f0017b3b346bd0626f0c3b915e6e734
- SHA1
  
  823bf3ff9e16cd636c9dc0dc690d6a586fcbfe92
- SHA256
  
  df65af1fc1e09f6effbde7e0ef1cb64d6caeef1f62b0e6467821efa032533678
- SHA512
  
  0f5eb5024cf6a0323f7998d419995a707c48de917a5899a185369e6acfeb17c09ffa03f7d110adc87b8de20b7d4bf30d50c72479bfb18614d2e21cbe169dc5a6
Score

1^/10
behavioral25 behavioral26

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Defense Evasion

Modify Registry

T1112

Subvert Trust Controls

T1553

Install Root Certificate

T1553.004

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Loads dropped DLL

Adds Run key to start application

Checks computer location settings

Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26