2b0d99c503d41a1c72546f79611a0f22a8898a6887b98c0650aaae4eab9f55e0 | Triage

Sharing

General

Target

2adea3a2e5cc828579b12ff826464ea6_JaffaCakes118
Size

443KB
Sample

240708-ebch9a1ckr
MD5

2adea3a2e5cc828579b12ff826464ea6
SHA1

5640ae3e53456e4d64aabcbd12a705c8dd731034
SHA256

2b0d99c503d41a1c72546f79611a0f22a8898a6887b98c0650aaae4eab9f55e0
SHA512

794a3df4ab963627ff5a4113d06ddb9d5759cde58d351f6c36b6ffd1405ea1410e3c17fa198335423c48d4357117ff263381e26e3245804ee96d7227fdda0612
SSDEEP

6144:4Svw86bAdaLONt1XikhSfEt8HTYMEnJ8pFMsz6Wm8CdY6Et04PynYLgHTiCXkO:4J86bAdairR3SfThEy21vYdynuYT1X5

Score

7^/10

upx

Malware Config

Targets

- Target
  
  fineplus.dll
- Size
  
  109KB
- MD5
  
  ca1349c4009c3d09230bb7396b7559fc
- SHA1
  
  7eb4a415e1b6724bb1884efb75042076a6bdcd56
- SHA256
  
  bc81faa2bd3ac292ebc979fc407e59f341211b9942b56d2f4ada0e5a410e388f
- SHA512
  
  afbe93ce5ee7479c28b113062d105dc15662f028546def479233e07f49657a8ef05de141db05c26e37cc76775e2d67dd3b5ab54f4caf04e6230c3e8ab185b8b7
- SSDEEP
  
  3072:xfmwtucDmSbc0IJvl107kLu6cEeTH2SkEuHHT:HmakJd1vcE4H2EuH
Score

7^/10

upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2
- Target
  
  fineplus.exe
- Size
  
  54KB
- MD5
  
  9591ac6662b69e817b7808b1b2e325db
- SHA1
  
  aa0c214d5d89768946a6d4a85cf2c1c4059c62ba
- SHA256
  
  1f79007ec615b21ec551f58b7edbe52b34efa913c7069d97161c4a76af66b2e2
- SHA512
  
  a861fdbb538f9c5494f00a813a4f44a2dab253d5670512b2fb833323df07be5b76a748307c772557fba0646d3893a2c0a382b6f0547e53acb0228a5401452009
- SSDEEP
  
  1536:B3pZ/L+NrxM8GaAmL1cYNX785SN7sfOBgX2:flqBlL1cYx8ITK2
Score

7^/10

upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral3 behavioral4
- Target
  
  fphelper.dll
- Size
  
  5KB
- MD5
  
  ac7b45725ec84a786bf8b547b8910399
- SHA1
  
  e13a4c052c6aab495bb81d5f8883140c1b68de17
- SHA256
  
  813b81fa72f6c9f72d74ad6bf0c423eee39bd3637c51a87d4f32253a71641029
- SHA512
  
  ed27fc24568f76e1cd4f03adca55374640a6b860ff503c9d3e09e624e7fbd7af3f7a24598130fd3d1dc2a8d0623bdbe8151c4411099defdfa9b814a7d59325b3
- SSDEEP
  
  96:VwTk6f+Fg8pC0gBRSWsChGwJC74WIW9F3Gi2D8Le7h7OsY:VskK+Fgt0g36ChG979n2foLe7h7hY
Score

7^/10

upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral5 behavioral6
- Target
  
  fpshell.exe
- Size
  
  45KB
- MD5
  
  d23c5ecf989ac7a79336e770b317e595
- SHA1
  
  e0aad256219dc2251432b603b5273983242e83c6
- SHA256
  
  2a70a2ee67f4029f15a8848228ac779c1c21d33f90a08b9575fc6355b3bbfc27
- SHA512
  
  74eb5770f616733fbbc33972403e75e906821035e2b9cc4f0e58be2406d209e0b8364c2277d8c2ab9581122f586ddd56614e9581cdc0a900af4dd0403e7f5f97
- SSDEEP
  
  768:9DSqDSKpYnF+60FHj8mmnHZFka4C/+CYBPON2cnQ9Saa5L/UO2:0qDv1VmxZCaGxoN2WQ9San
Score

7^/10

upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral7 behavioral8
- Target
  
  msimg32.dll
- Size
  
  7KB
- MD5
  
  3a3abcac16c35a6d43fdacd6b1f9c8ac
- SHA1
  
  f96f92e989c87b986d27cf6c3c77efef1cbcff76
- SHA256
  
  975ef135666f8ee2d13851fc97cec835dd4b308dce415e05c9d7c3edd899d208
- SHA512
  
  eabd27ec51237b168f86fdfbf38c73955e5cf7c782cc582fa5058e71b11be8818586f2b79328561111e6e6b46c0a8d930dd9c4e2890887ea680129522462c1e1
- SSDEEP
  
  96:7ThCW5zw/DMlwMQFN49PZ/N3o2cxhwQDkr3T4RZIRo6qQRXxX4iyl:3Fr8F8Z/N3rcxhwPzsnJ6qEB4
Score

7^/10

upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral10 behavioral9
- Target
  
  新云软件.url
- Size
  
  133B
- MD5
  
  4f0017b3b346bd0626f0c3b915e6e734
- SHA1
  
  823bf3ff9e16cd636c9dc0dc690d6a586fcbfe92
- SHA256
  
  df65af1fc1e09f6effbde7e0ef1cb64d6caeef1f62b0e6467821efa032533678
- SHA512
  
  0f5eb5024cf6a0323f7998d419995a707c48de917a5899a185369e6acfeb17c09ffa03f7d110adc87b8de20b7d4bf30d50c72479bfb18614d2e21cbe169dc5a6
Score

1^/10
behavioral11 behavioral12

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12