e1a525ca6c580cc66483273410ffe4cee6f226f6bb2034a667b1bbe6982eea74

Sharing

Copy URL Twitter E-mail

General

Target

352ed350ef2c15d0ffaf2fa0795389d1_JaffaCakes118
Size

2.0MB
Sample

240710-r733aswekc
MD5

352ed350ef2c15d0ffaf2fa0795389d1
SHA1

e1a23ed2ad6eb65139ebe06f2597756e477b0f68
SHA256

e1a525ca6c580cc66483273410ffe4cee6f226f6bb2034a667b1bbe6982eea74
SHA512

82b1c5b0d0294bc8b3c0009329577011928a38da3e1361dc0ec3cb712903a54f6b5fefdaae802cd34eb38d88f9ef5bd110f1fd836ef466d4ded0487db2346873
SSDEEP

49152:qDh0mZEvQNBI3ZZEo0Hfe32uCqR6/v1Gs:02QTI3DEo0JuXRe1Gs

Score

7^/10

execution upx

Malware Config

Targets

- Target
  
  I-TV/Crack/itvmain.exe
- Size
  
  362KB
- MD5
  
  5d46378b6ebcd8c393ca48a6adfbe9c5
- SHA1
  
  120785b5e20e088b4490d9f2e268331219b007ed
- SHA256
  
  9b4a3f06c91a717bff53736bb84c2e0d39153c6a701500160cbe16ccd5fe28c4
- SHA512
  
  58d9ab30fbc8f70c39aaaf9f9c8b5c71605942656d969b57852f25197d1de95244a672f352fcaf179fb48ba15f957f51ce269845f5bfe4d7a3736a7b776fc2f7
- SSDEEP
  
  6144:y6fOmpYdFXR7ewMKKPC9HQ2R9tZGyNCOXQJXDIkwcPQrlyQEiglBgy/bhAMlnP:y6fOsYdFhKGKPCw0GycOAJXDJwcPidvu
Score

7^/10

upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2
- Target
  
  I-TV/itvSetup.exe
- Size
  
  684KB
- MD5
  
  949eba6b9cfd571a2df70480781d2f6b
- SHA1
  
  b40c4f49c63eba3eba7c62add8222266970dc532
- SHA256
  
  294a16620ed062ce4d1fcfb10a53e9d11b778d67e8a1937d6546ea31c3d98251
- SHA512
  
  d1f09de1834c54b2a562fdf475c1eb5bf01b149f2a1000d9c91e2afc6a1ae1bf296b557cb9933454f344aa17811aa5696686b1867b3761ce04a730ca1fb1e29a
- SSDEEP
  
  12288:BDSHdbbNs5vnOyEP4kS8YH8NT8uycunrlxv9uLMu+hveshj/Z:BDGM/PkSF4SrXsLMhveaj/Z
Score

7^/10
- Loads dropped DLL
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  12KB
- MD5
  
  99bc22826a0568dce241be3a4ffd0c0d
- SHA1
  
  62e4662250abdf10d23a61076fd7cbd00a5c5b6f
- SHA256
  
  120e4fac0538b7e7b75934706668063a4e7785d0405dca43fde36d55f6d968de
- SHA512
  
  35b016b6e2dc850e5432becd57f35faf73b180c0a6f822a406cf9d5439a87126c41c49aac025cdeecd38bbd01705ddbd8c217cb33134e978ecc9624053b52be9
- SSDEEP
  
  384:sKlm7i+c3QW6ckPhyDEaLnr2bbBBIXwZ:5qi8BcyhEhLCbbTI
Score

3^/10
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/StartMenu.dll
- Size
  
  6KB
- MD5
  
  c6ca47bb4198f483c8b31fd90b779acb
- SHA1
  
  ea9024cb535fd5471f30d27b22318b59cb4d31f6
- SHA256
  
  f90ebff31051802116def3349310f9b0e3dbee0f0236d54f364149e1feb186bc
- SHA512
  
  b761b4ae89ecf15edadb3015fe0d3012048f1480b84ec8d30997c128e210818d0da9c7ec75de9efe8e1e08f84501c314a32c109f4ff1e8adca2cec5a73fab7db
- SSDEEP
  
  96:z1C0Qaep2wbE+WH1/FMXF6CGQhFzK1KQ5FnhElMmV4d:Vep2w5k/FyEttgN
Score

3^/10
behavioral7 behavioral8
- Target
  
  Itv++.exe
- Size
  
  301KB
- MD5
  
  d1f44a3ea7328f95354afa25c6eca3ca
- SHA1
  
  b90f34308ca688964e8f3a0f5de29d252d29b5a7
- SHA256
  
  f2a83143eb34419bf42d7b694262728ca304056bbed3ac5c7473e64d07496218
- SHA512
  
  e1999225fc4b92d38a09ae1d3be1ed531e00a8f7ba2f23c02024aa45abb37aeae6b8e322b7a0ec885bce87c2ed877361f6cd157c693d53277d1445dda5b291bd
- SSDEEP
  
  6144:UU/z7GNRfpKqmpoSrmsuTlsMrPnN1I2NjEjj3kNQ8lMmzevh1XrRHwQ:tz7GUzZrAldP82NhMZldHV
Score

7^/10

upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral10 behavioral9
- Target
  
  Uninstall.exe
- Size
  
  56KB
- MD5
  
  9014f6d059e1b256df5acd7ad349df40
- SHA1
  
  24579081ab3622d58682dbb2dcfeb98ec1cfee9d
- SHA256
  
  052c5da4d718f1452188e7a4d54e00614d184cda37138f3fb74ad4f6d96f0b1b
- SHA512
  
  c53d43049b18e0874d496e35a15a5d2b24877d6a3ba31c0a517bed3b7d60ea0488178c8a8bbc2283391b3ef19d5eef5e5b2205a98d85c90dcde67326e07d5246
- SSDEEP
  
  1536:vFXPgRBJgXzlS2o3YLHWkJ8qAELVigL/dusCHCjMP:v1EBJgXzxo38HWkJbAI0MYpP
Score

7^/10
- Executes dropped EXE
- Loads dropped DLL
behavioral11 behavioral12
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  12KB
- MD5
  
  99bc22826a0568dce241be3a4ffd0c0d
- SHA1
  
  62e4662250abdf10d23a61076fd7cbd00a5c5b6f
- SHA256
  
  120e4fac0538b7e7b75934706668063a4e7785d0405dca43fde36d55f6d968de
- SHA512
  
  35b016b6e2dc850e5432becd57f35faf73b180c0a6f822a406cf9d5439a87126c41c49aac025cdeecd38bbd01705ddbd8c217cb33134e978ecc9624053b52be9
- SSDEEP
  
  384:sKlm7i+c3QW6ckPhyDEaLnr2bbBBIXwZ:5qi8BcyhEhLCbbTI
Score

3^/10
behavioral13 behavioral14
- Target
  
  itvmain.exe
- Size
  
  366KB
- MD5
  
  d37732e9768cc2deaccf85009d936ef0
- SHA1
  
  45a653b1bc776b030996fdb73f00c3ac976370c0
- SHA256
  
  ffb2757442f147636a735056f9e3828c110b8a4394e872505083b7a15bee51c1
- SHA512
  
  f7d4c06b480cb6c155332e4b3882c3a9cf94f5424a1e18c87917cedf038f3f64b8651932f8a411deeb9eeb241d02085c0eb3ea90917f7b0a5210547e20f9755c
- SSDEEP
  
  6144:svj+UM/njmvEBbJ5aOndJoZngQucsoJy8WdSd6fsXofztwPbkLncbYVe:pUgGEBt5ZdMgVgy34WWTgncbCe
Score

7^/10

upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral15 behavioral16
- Target
  
  I-TV/非常世纪资源网.url
- Size
  
  261B
- MD5
  
  7224ffb934111a8809741992c978930c
- SHA1
  
  b5f6b76e4e4ffdd4949a882bba0ccfccc2cc6281
- SHA256
  
  9f9d03e353424674de5a5bbbdbcdc2d02554eb6f50fa204de5ee4d5d6ec6b772
- SHA512
  
  5a4bcd91cc685ebeeb40964a5db0b95b0bab0de37cc2367ee5862bc4908a9be5144d82e39c8a4f539ac9ab6f6ffeae039ffa6bf65ba15105d390c81d999672cd
Score

1^/10
behavioral17 behavioral18
- Target
  
  终点小说连载系统圈圈美化版/HTML/8/8/8/8/TXT/468.TXT
- Size
  
  34KB
- MD5
  
  bdcb4feee91364207651f666f888fc36
- SHA1
  
  026f8a57aec2ef6d28e295c75414810471274e0c
- SHA256
  
  7d4ffda1e47fa1e3afef4cb2826f6d72cd5420d46ad7d0f5bb2fcda16fa3044c
- SHA512
  
  82f6abfad007672397ba270361d2741da73d5a0ce37517d93ce725147fa3da9ecbcd1fe425095f82458d3bd199ef61bcf06e4d685467688908d6fa300304588f
- SSDEEP
  
  768:gv7qoomcE0cKPRhFDTFYJidpHmZ08VU3ha7h6wfGgp0y2:MCEVK9Vdt3haHeN
Score

3^/10

execution
behavioral19 behavioral20
- Target
  
  终点小说连载系统圈圈美化版/Quanben.asp
- Size
  
  4KB
- MD5
  
  1b58f54d5e80e2867432f133b567b178
- SHA1
  
  5d47a13b891bd2b9bc8146529cf35e9738d5de4a
- SHA256
  
  d6eb7eb04062245916dad3feec1f335971ab721dfb0173d9ccad33e01a1f33cc
- SHA512
  
  135c17cba0d813c5116d48356c1069d0bad20aad7c0c31460099711fd844d895e3c7fa80aa236c42948e7e93057974681015f070c9425403954692e15a1ec724
- SSDEEP
  
  48:1kb2e/VzdysdTtYoMK30AhLnsuYitskfysdTtYj1MvT/rLGblLnsuYQgts0JLxyp:ibffKoMahbsJ+sMfKj1MzPGZbsJbs+xW
Score

3^/10
behavioral21 behavioral22
- Target
  
  终点小说连载系统圈圈美化版/Search.asp
- Size
  
  4KB
- MD5
  
  ab056b5ad0a50ac3fd573650ebf8af80
- SHA1
  
  e9e21bb8151c0ebd4845d10d01996e7a32bd02d9
- SHA256
  
  34dc02cab29ac10365f1929db4d4d38aee692e487fba41fe3f539695040b0727
- SHA512
  
  7fe03f28edc61a13beaf35d23838a72c4b77f61e8540d8fdd515ed82fe396795ebaa8f08d64e2663d0282a9aafce6f7c2a5895267c4e7835caf93a322c7bc4fc
- SSDEEP
  
  48:+Jkb2ezXVzdysdTtYoMK30AhLnsuYitskfysdTtYj1MvT/rLGblLnsuYQgts0JLc:TbTfKoMahbsJ+sMfKj1MzPGZbsJbs+xW
Score

3^/10
behavioral23 behavioral24
- Target
  
  终点小说连载系统圈圈美化版/UserInc/User_modPost.asp
- Size
  
  4KB
- MD5
  
  5064523730f638523de9bf9cb51ca372
- SHA1
  
  11f9c83552497169d465e8c103ec11e1e5b44cba
- SHA256
  
  e117496d843fba52a7cee1f409205b0eed8200bf847d6b8e7ca6aa80d39e21b3
- SHA512
  
  8d2b0e2c89b364321f380eb94b561f670917e8c89876d1cfb026ebc172ebc96e6b3801e546ccf756f88aadb9782f48c54338988e722cad9d7c31822911428515
- SSDEEP
  
  96:3Fm5zHmPtka/HqcvCJHDOCBnePV/HIvdOOhddddpEwnkWG8BMLbxz:45KJWBne9/IvKwn2X9
Score

1^/10
behavioral25 behavioral26
- Target
  
  终点小说连载系统圈圈美化版/UserInc/UsergoAuthorstart.Asp
- Size
  
  11KB
- MD5
  
  15b0f0b0bc3f4e7858d9781808c1e5db
- SHA1
  
  fabc68df6d23be0e630ccd923180b1a934eeee23
- SHA256
  
  c770665f1c9f0ec76a3140ca01dd8539dcb0db0fddb00abfefccf0b39de4e1d1
- SHA512
  
  25098b8246de9c4868b219d800d1ae42d47e5bd5cb519e3e2bb567dc4d1cba86086174a742a8ed5c02e9eff3c1855da4e07725ab3bf6f76b37f91e405a5a0e94
- SSDEEP
  
  192:Lt75KkFv2gWXRY6WB6WEX9CT6W1RfWuK6qr4qH/y8TUsfi5EgAWZI98z0tN8mmmI:HLZnWXR9WgWEX9CmW1lWuK6qsmjAsfi/
Score

3^/10

execution
behavioral27 behavioral28
- Target
  
  终点小说连载系统圈圈美化版/UserInc/UserregPost.asp
- Size
  
  6KB
- MD5
  
  84d9a9e2c0ca946528d1d1838b98a423
- SHA1
  
  2c81e48fd3c23394b9804c588f266bc5255808bd
- SHA256
  
  94cc05996b323ad509e8546f03eafe2c66eb6f724249dd1487a5e3e7f3f19416
- SHA512
  
  77ecc99b1d554792709790bf8a5034836b7bcd08503db932d8dfaeba1ee6d7317def83aa96df2989e3c7bce04af433b91b0784c18caf228304d2ae7555cf47d9
- SSDEEP
  
  192:ewXCNsTVp4tyxghdqjWBneP/9LkmAB1hYo16skq4:LXCNsTVp4tyxghdcWBni1Lk0Mkz
Score

1^/10
behavioral29 behavioral30
- Target
  
  终点小说连载系统圈圈美化版/UserInc/user_bookbox.asp
- Size
  
  3KB
- MD5
  
  c50e842a246fe91e422e430953296c9f
- SHA1
  
  cbf4edf24aec959354851f8349ecc8b31aca005b
- SHA256
  
  a4b60b9eb43a0e821ecf95a4aaf19c4f4ae53636990370e7609efb7c5da3baec
- SHA512
  
  88e60435b2e35d2659f6572975d30f00382dc8f200f9d5be37328ac69215410bb3785eab34f0e439c11413ed622bc5ee0a967a216d0e237de4c0045b10469b4c
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

T1059

JavaScript

T1059.007

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

UPX packed file

Loads dropped DLL

UPX packed file

Executes dropped EXE

Loads dropped DLL

UPX packed file

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32