f0312bb0e825e5786d08e93f63c1880fbae8f8cbc45f0955e2ea74becc3ef27e | Triage

Sharing

General

Target

38f021637c553e7b422c2d509461a72c_JaffaCakes118
Size

386KB
Sample

240711-nmpsdsvarp
MD5

38f021637c553e7b422c2d509461a72c
SHA1

e4b5ba9d43746bcdff36de1a5ec25ce43b676c70
SHA256

f0312bb0e825e5786d08e93f63c1880fbae8f8cbc45f0955e2ea74becc3ef27e
SHA512

247ab2c97b35ea99c97e1bf72955c2793c93d42b28230dca8454bac19ee3ffc66a598957ab73db5fb4fae9967d5709bd657da4a3fdc20238a058532b86cb1780
SSDEEP

12288:2D/Pe/vTlYQMKRQlFM9aKH/HTGeubZCp5qwf4f9c:2DXejlYQMKRQ0zrGeu1WMf+

Score

7^/10

upx

Malware Config

Targets

- Target
  
  PEiD.exe
- Size
  
  214KB
- MD5
  
  4b5289d1dbd727c5dd0e247a7d7db03e
- SHA1
  
  bff141822aefd08fa9b7e17684934ed8ca1a3417
- SHA256
  
  e13171d50f45a79bc09b9e4b9ffa38eb02301aca94a1867a9bf8acccc3759030
- SHA512
  
  d9418516a2c2caaba96799c1f0368a41eb347e8a27843629e14fb33ce1a3d47b35ceea8d3d9d25588dc2353894845d4b7d6fcb42f1c2e744d5a8aa784b581225
- SSDEEP
  
  6144:teB/6F8/8+KGf+oUVBDyM3cLpXVYYCimgpPmfgN+:teB/WK+bBmJpXqX+BN+
Score

7^/10

upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2
- Target
  
  plugins/GenOEP.dll
- Size
  
  5KB
- MD5
  
  5f70e720b000b649fc3adb34304424a6
- SHA1
  
  9a5ed7250f03dcd86d568b2ed098da0d787a393e
- SHA256
  
  6625f4d4d93d5fb3c6c91152e3b9e4f4fecd824dab6dbfcabca22b97b98072a1
- SHA512
  
  c38d204afd1db72cc72afbcb2c492fbba5b2b833e3ad621412dc10ebd4e3ebd6ff940adcfcd0c47bf388414ae168b4c7b682949c78a8deaac4530f2048eb1a1f
- SSDEEP
  
  96:fozl7CLEiudJnh77yw1mghgCgUgkKgARLO/EIkfGVmB:2hCLEiuTnh7pHVz4RCcBfG
Score

1^/10
behavioral3 behavioral4
- Target
  
  plugins/ImpREC.dll
- Size
  
  50KB
- MD5
  
  8b623ade9d85e81f754ba49c72cf6789
- SHA1
  
  d19279e325bc8970055602a06a469f18f394347c
- SHA256
  
  1455c5790afdfd9b1afdc84f2d1f2a0cc3e7162bd2127033e22df9a123066ef4
- SHA512
  
  e381761987aaa516225c753fd57853123ed3bbfc94052915892bf4b764b7a9689de058b927b5c347189732299cb6cbfbf709885dcf9f808f6251b57cadeee806
- SSDEEP
  
  768:zHMJYKW0fUK+92mkk4w7A5v1a8V/3Zwrd6+QVbzFFwXjjVUHNaDQ+gjbUWRB2bPq:6ZEXt4wA58Q/pwrWVd+j7X9PGr
Score

3^/10
behavioral5 behavioral6
- Target
  
  plugins/ZDRx.dll
- Size
  
  4KB
- MD5
  
  e0b6cd76991f335af003d22ca5f44fb2
- SHA1
  
  06ad8dc67b421006aa6076af01f3e6c6bb6d851d
- SHA256
  
  d89fa0e7dfaa5937abe1fd112902eb5eac52dc97e974da37ba5610a75b1f4519
- SHA512
  
  c5f14f5f1d9e94a595a306e0047d42770e832a9fd42ac2a0edc7ca6796207858642965ef5d330ce9501624d688673df354e6a2a47f5afc6acec4dbd27134d6fc
- SSDEEP
  
  96:727Uei+pJuoVpesGvM5YhiQqiFKnPVe7zCyIYD7X:q7UeisVpCU5rNEKnPo7znIu
Score

3^/10
behavioral7 behavioral8
- Target
  
  plugins/kanal.dll
- Size
  
  116KB
- MD5
  
  30c1b6d7ed23997e380be509e5849cf5
- SHA1
  
  552ec2619a3cad49721a197ebe029a931934fce3
- SHA256
  
  37765a23911158be8351781771758d0b7af3e8b6943ea97e32612ddb5e4e0272
- SHA512
  
  14ae99195a65bd85f6471c3cf5b86db4dff150c1c2f2007a285396c020397f953ca3de0c082e3d0b223c8bdb4f9dc4999a7276665855611d0e60892ba1dfe864
- SSDEEP
  
  3072:0YvfngSVA11RmbcOLCQkLuI0Gmb5bNkpeVp+rkO9c7vTVVrfjOkboutg:3gfHR5LuIeJqp7I775VbjvboSg
Score

7^/10

upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral10 behavioral9
- Target
  
  plugins/kanal.htm
- Size
  
  4KB
- MD5
  
  19aabc88706c8234397936204669c79b
- SHA1
  
  7e6ad805cf0f3beb93749cf092494a44119e5b46
- SHA256
  
  948f110943513e7229290f8406ca72aa39175eb5dbef5c3cf383a467072c041d
- SHA512
  
  17eecb6c4773e80b34bbc49cdaf48bf5bfe1682cb2e40fcc69796a36a50103cce3bd90b6f952f8de8ed31642370d7a578ff0f67ea98ea3923869d4430bdb6dfd
- SSDEEP
  
  96:QcKfXA3RFJkBH40mf8hHXNFX5HMEFSLlgL+0C5auRv0h:afwTJkBH4mFdFZMEsLZ4uM
Score

1^/10
behavioral11 behavioral12
- Target
  
  plugins/新云软件.url
- Size
  
  133B
- MD5
  
  4f0017b3b346bd0626f0c3b915e6e734
- SHA1
  
  823bf3ff9e16cd636c9dc0dc690d6a586fcbfe92
- SHA256
  
  df65af1fc1e09f6effbde7e0ef1cb64d6caeef1f62b0e6467821efa032533678
- SHA512
  
  0f5eb5024cf6a0323f7998d419995a707c48de917a5899a185369e6acfeb17c09ffa03f7d110adc87b8de20b7d4bf30d50c72479bfb18614d2e21cbe169dc5a6
Score

1^/10
behavioral13 behavioral14
- Target
  
  pluginsdk/MASM/compile.bat
- Size
  
  152B
- MD5
  
  c08fe1558e092e9d6a601e8f455454ca
- SHA1
  
  c200afafe6b91f2e9356cc72c3b093465c13dd7d
- SHA256
  
  31d198367b1cf69adaad5ae06ce436ae00782982db97aa2098c375fb565623fa
- SHA512
  
  92ae3c0b4b3041f9e7a055b05c3bf84587ae7b3999940d69aa4dcfa9fc6b7c552ad21bb4f7fcd138707f5c529d29167b2df24c5254f969056b19e26ce7b09b5a
Score

1^/10
behavioral15 behavioral16
- Target
  
  pluginsdk/PowerBASIC/PEiD_Plugin.bas
- Size
  
  2KB
- MD5
  
  aa7188ca1ce0f984c1372e105e4473c6
- SHA1
  
  81a81930f914b8fae0d8333b7e6a56444af7dacd
- SHA256
  
  488b9f368fc688f05abb80a1bd6251cb203ddcddf3ab7479e420d5baab7801d4
- SHA512
  
  0aaeb5ba404e911460c48536fa155d448ceda4847d00393da7091748ec419fba7431b9ed39824c60f6a902d0c299d92e6268f88e9e8bd0befdedda57d032e3a0
Score

1^/10
behavioral17 behavioral18

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18