a0b02ae9bdc6808aa06ae218f8c74fa9bcbdcc4e651d9cd24570bd6c05d71bcd

Sharing

Copy URL

Twitter E-mail

General

Target

244fa76b31e12e89faabce3c93f2b634_JaffaCakes118
Size

504KB
Sample

240704-ct3r2s1fqf
MD5

244fa76b31e12e89faabce3c93f2b634
SHA1

b73ff291872a64f67723ad47dc90a977ae3495d9
SHA256

a0b02ae9bdc6808aa06ae218f8c74fa9bcbdcc4e651d9cd24570bd6c05d71bcd
SHA512

742954de9ee7f82ee1fb7df9911ace39ee933520dddad4cf4353d6058064f91077b775d96e82aebaf148a501a56b4d1b9d917670a67b1802fd1aad0187da9299
SSDEEP

12288:qVG1MMz4z21Vcgj0k7s5cOwOzEYr3y08kmnUstZmD+7U:qVGjzV110GOw87ynnZfU

Score

7^/10

Malware Config

Targets

- Target
  
  AsLocal_Inst_1.00.1022.exe
- Size
  
  527KB
- MD5
  
  c08d573fa70a95ac29d4fa707ba08756
- SHA1
  
  e391b490699d9f27d7200c688cb31d0b85742262
- SHA256
  
  8ab4c803d4a9476a06583df86a34e887eb69a1e828c1e33e0ba5ff899b21dce9
- SHA512
  
  f5124847a87d25e7ab2316c0f21e4453d2b528b90c8183360233411d5209f99395b632b5e53ae957ffe596fb197494f3b12da2553903be76d3ff1f959382bae6
- SSDEEP
  
  12288:ERWCRuaZQzKR7/IXqnElQ5rZqGpBb2RDmmaqo6:EgCRKy7BnEe5MGsqmb3
Score

7^/10
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/AlInst.dll
- Size
  
  38KB
- MD5
  
  1765624eb7554857f03706c4e46f874d
- SHA1
  
  800063960ced61c1a61ec0f1aaa5e3ed47dd98e5
- SHA256
  
  911fe5e87465dcfd461306dca31f8b60bf8d3be94d9fd2da2c91efc1bbc143a7
- SHA512
  
  7de4ae16776f9e63a29de1427a6a8779ab6e32a2bc9254aae93da27164c698bc314cb7fcce8b6966a5145ea4404fbcea33f2671dc862c46260fe9f6fd24d366c
- SSDEEP
  
  768:RKx16KKMgaAHxVMdykDSfcu17DpNbmLJKRDrF4yilpoA:RW16KKMgaAH3aO/pZmLJkUlp
Score

3^/10
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  14KB
- MD5
  
  0dc0cc7a6d9db685bf05a7e5f3ea4781
- SHA1
  
  5d8b6268eeec9d8d904bc9d988a4b588b392213f
- SHA256
  
  8e287326f1cdd5ef2dcd7a72537c68cbe4299ceb1f820707c5820f3aa6d8206c
- SHA512
  
  814dd17ebb434f4a3356f716c783ab7f569f9ee34ce5274fa50392526925f044798f8006198ac7afe3d1c2ca83a2ca8c472ca53fec5f12bbfbbe0707abacd6b0
- SSDEEP
  
  192:n6d+dHXLHQOPiY53uiUdigyU+WsPdc/A1A+2jPK72dwF7dBEnbok:n6UdHXcIiY535zBt2jP+BEnbo
Score

3^/10
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/StartMenu.dll
- Size
  
  7KB
- MD5
  
  4e96f412a8cc653053d5d918df6b0836
- SHA1
  
  a3c7d59043feecb1603874b27c23d4166b341f2d
- SHA256
  
  e4a54bfc327986a89165bdef361069810aaa985c3abecd442c786725fabaf977
- SHA512
  
  2fec61b4ad31250bdbdbbfd551d831801790b96902c67200661e8f4f2753378bbf6c0c88b12e1be9173a29597827c1c4809511b6d52666dc3324bd7031c8229d
- SSDEEP
  
  96:IiqA7bDe2xHkR1C41EhvSE+6nNtMn0iGd8CqRLqtJ1trRhElfL:IiqA7/ZH0uQMtcfCqo/tdgf
Score

3^/10
behavioral7 behavioral8
- Target
  
  NDSvr.exe
- Size
  
  269KB
- MD5
  
  1234be6150d9acaa6d25b6bbd97e9d52
- SHA1
  
  2f95bafd64b347a95eff9d7e81fea874fb182785
- SHA256
  
  49bab5fd421494d58a75876ccfd3e13598c19c9d522eb136d0ff7b88b8d7304b
- SHA512
  
  c0c35b214c5bf1b5332c444222254167086b023354621c2931fbf7df96aad144ec48a0f71930c246fcde74dbe6424a8dcf5327ec0aff51d3ee35ede9ebd68416
- SSDEEP
  
  6144:5yB6PIP/fQ6chH68TfZQF9+269A04FSTBK9/d:5yB6PIPuhH689Qy269A04FSTs
Score

1^/10
behavioral10 behavioral9
- Target
  
  NetDisk.dll
- Size
  
  383KB
- MD5
  
  d331e9f033ff1e662034baa6221e20f2
- SHA1
  
  d9794b5555465ce111c9fa6794e454defd112b72
- SHA256
  
  a672d0ef4be581959c2ddfeba856fb666471c64860452edafcb90321a899a22d
- SHA512
  
  804f9c76d12b240d228d9cc9c060f516db70f5b872ee26050a6e55725a2ccfbdf4f94440048d9dc7c8725c60b2c64595a7e2fa187dceddeeaa7a4ff87981f25a
- SSDEEP
  
  6144:zbIS5z4VvahcaITezd5ZnCWQLNpkLqbA047RwKsTl+b6wVXrx3LdFU:zcS5JhcacezTQWQLNpcqbA049wKstOFR
Score

1^/10
behavioral11 behavioral12
- Target
  
  ndmod/ndmod_115.dll
- Size
  
  191KB
- MD5
  
  7ce780518358bd34fb8ddd65744ddfc5
- SHA1
  
  9350136880d20ed58ea14e8c4fd37ce0b0328034
- SHA256
  
  87e9f6802eb9885e5548b60b820b9a11780c014f1e049f9c6df18fb6f773d773
- SHA512
  
  105b3c893a6844d9da0e6d5eb156e6eb3205fc0c630a13c07faf1bca8e3c99fe899fb5518d1428f6e8d37b31fef0bb861cdcd4d67076075152f2b3f2e9e62310
- SSDEEP
  
  3072:aNraxlJOygps0wgmyuGEhPsSC1bP0J0FdwP5w7jRK675U2WGwDO/UIHlHsPQ:8wOyms0wgmyuGgsS+PE0FWP5w7jRbNpP
Score

1^/10
behavioral13 behavioral14
- Target
  
  ndmod/ndmod_163.dll
- Size
  
  149KB
- MD5
  
  48adb04b43b71fb96b5412c176667954
- SHA1
  
  cc99eaf08937e5cbc0a96801dfadfcbc4bd63ae6
- SHA256
  
  ba50adc4345d944ce67ffd477e42082195edfc8c3c1b05f097064bfeff1dd0dc
- SHA512
  
  40cef4c9f83b33fa68df378a043d05f580fe900192fc667fee06e6ff62a6ebdbd59756d176a29567964c0f406232f4df3827519453411ceb0db4e74137a7812f
- SSDEEP
  
  3072:SWEg/Jx8GulNDX9HJfQAYyjh3Ka/+8BFycnlWeJRGD:SWEg/38GENDhuARV392+I
Score

1^/10
behavioral15 behavioral16
- Target
  
  ndmod/ndmod_qq.dll
- Size
  
  151KB
- MD5
  
  4315fa01e6b413a6781fe6668728077d
- SHA1
  
  59b86d6eebc57b102f225a13f5e23ffbd07e2227
- SHA256
  
  d1638248ba86528faf082674023d50932a2d10ab4922b53b0a7403a3def9d648
- SHA512
  
  c0ec6622d3386386c39b691c708992213598bfd566c802af47b667101d8e9e296854fd4b3165818958d5e67bbac3a6d91c2321e833324c76142dca67a9cddb9d
- SSDEEP
  
  3072:o+zMm2cPUoEyHdwDIIH3zdIelBui4Z9rKbPUAt3KG4lN+J5:ouMm2cPMEuDIw35IAMtXQ0
Score

1^/10
behavioral17 behavioral18
- Target
  
  ndmod/ndmod_skydrive.dll
- Size
  
  137KB
- MD5
  
  aabefd14b4d2039c6646b684b26ea40b
- SHA1
  
  b8bdc45e4dd5164402edec26f29f1d8220ed8f84
- SHA256
  
  081216e3deea869f575c8fc9859b8b4c0958069800220f4c66046ac2f0db13f5
- SHA512
  
  2a11737b09d404c89ff07d3c725457ae7cb67a617f39176567a00c27c02d20616e0ffcf16da2924dd37920f3b9fd5d5d96bcd03b962c83c62fdc9105a24ca280
- SSDEEP
  
  3072:JzgMXUpFkXZsYc4tFlrLcv3ZD14cYA0D6lX4mJvm:JzlbX9tFlrgvJJovY/
Score

1^/10
behavioral19 behavioral20
- Target
  
  uninst.exe
- Size
  
  70KB
- MD5
  
  2a470f1554fd09f0b7c1328d697e35b1
- SHA1
  
  3763d3b329e4d56f235341f4557aa422fa9fa18c
- SHA256
  
  ffd39d206d7ce811a430178038fa84c141ddc56ff4f5560d7444f4487a72253c
- SHA512
  
  ba1cd75d13e24ed553539a56d5d937426816ed69b34bad31d488893e6e84c5cbdc853679867815710880bf9cf45b0b9fba28e90b8a3ed06333a18cf6274762e7
- SSDEEP
  
  1536:z3cpyORJLuB4P4AJJ+gdLeAyN1VKkvjfUUF7SWMttOTYZU4TT:z3c1fP4AJJ+ceAydvjfUK7hMtCF4TT
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral21 behavioral22
- Target
  
  $PLUGINSDIR/AlInst.dll
- Size
  
  38KB
- MD5
  
  1765624eb7554857f03706c4e46f874d
- SHA1
  
  800063960ced61c1a61ec0f1aaa5e3ed47dd98e5
- SHA256
  
  911fe5e87465dcfd461306dca31f8b60bf8d3be94d9fd2da2c91efc1bbc143a7
- SHA512
  
  7de4ae16776f9e63a29de1427a6a8779ab6e32a2bc9254aae93da27164c698bc314cb7fcce8b6966a5145ea4404fbcea33f2671dc862c46260fe9f6fd24d366c
- SSDEEP
  
  768:RKx16KKMgaAHxVMdykDSfcu17DpNbmLJKRDrF4yilpoA:RW16KKMgaAH3aO/pZmLJkUlp
Score

3^/10
behavioral23 behavioral24
- Target
  
  新云软件.url
- Size
  
  133B
- MD5
  
  4f0017b3b346bd0626f0c3b915e6e734
- SHA1
  
  823bf3ff9e16cd636c9dc0dc690d6a586fcbfe92
- SHA256
  
  df65af1fc1e09f6effbde7e0ef1cb64d6caeef1f62b0e6467821efa032533678
- SHA512
  
  0f5eb5024cf6a0323f7998d419995a707c48de917a5899a185369e6acfeb17c09ffa03f7d110adc87b8de20b7d4bf30d50c72479bfb18614d2e21cbe169dc5a6
Score

1^/10
behavioral25 behavioral26

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Loads dropped DLL

Deletes itself

Executes dropped EXE

Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26