f8c45c8f72332a30b31f4af73de30e86e46bb8fa743d7154de18a8a74345cfb1 | Triage

Sharing

General

Target

3f600f143f79749edca5fb9684ee65e5_JaffaCakes118
Size

1.2MB
Sample

240712-3xr3tswfjp
MD5

3f600f143f79749edca5fb9684ee65e5
SHA1

3df13c186515da66c04d228e3802cb1edcf2fcb9
SHA256

f8c45c8f72332a30b31f4af73de30e86e46bb8fa743d7154de18a8a74345cfb1
SHA512

7e339b63df010eebea9d19235647fd93c21fbb452585c6ca34c4881da499c4a3ff17d0171cefc69829134ac162ee0a81d3303b98d6bb199bc343a283357650b7
SSDEEP

24576:KYs1rSs4ln+xOKxgNyVIYcXmQ1OEpvNWNyhAzuC:poN4ln+xOKxgcCvLhNlC

Score

7^/10

Malware Config

Targets

- Target
  
  BandwidthMonitor.exe
- Size
  
  1.2MB
- MD5
  
  f6a8033666808f2a15c08ba2316ceaad
- SHA1
  
  d1054a93666b2c18806bfd2587ac5da649ef6b99
- SHA256
  
  8c50b9dab331e9f65a08c84d7e73ebf69fc6ae26a9d7dacc993d95c3aa4aed1a
- SHA512
  
  587b993573c34e4212f0468a44ff876e85ac83285d5e2dc2970609cda2b85d5db187dcb11d010b5ffb01e6dea6a256bfdddf9e373e3770718f5a0cd257d1aded
- SSDEEP
  
  24576:4StgepdPgdUb+qIZ85pcTKljy8vxOUuv0uo9rs89fjN2/XILrYLsV:4StgepdoCb06NfKcn/9rQAXKw
Score

7^/10
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  14KB
- MD5
  
  3809b1424d53ccb427c88cabab8b5f94
- SHA1
  
  bc74d911216f32a9ca05c0d9b61a2aecfc0d1c0e
- SHA256
  
  426efd56da4014f12ec8ee2e268f86b848bbca776333d55482cb3eb71c744088
- SHA512
  
  626a1c5edd86a71579e42bac8df479184515e6796fa21cb4fad6731bb775641d25f8eb8e86b939b9db9099453e85c572c9ea7897339a3879a1b672bc9226fcee
- SSDEEP
  
  192:i6JaVGQ+xI5EeuyvMmGpeWH2J5xprN+AxT7K72dwF7dBdcQOz:i6JaVh4I5rpPbT7+BdhO
Score

3^/10
behavioral3 behavioral4
- Target
  
  BWMonitor.chm
- Size
  
  586KB
- MD5
  
  528d211aeb54c3a2bb5919de1d00ea7d
- SHA1
  
  bcf349a953b204a34d139485965792fc385d5568
- SHA256
  
  038240c4ef8fd41d305d0d94ac6f775af5277137ddf1bb822056e54ec242cb4d
- SHA512
  
  b73cf2857ab6090a3e5ebe6a77b1c46c51778e7c2439fa7e2b21d7050d39a64f8a8c4c181b7e80d55b9db4afe04a547fada3319a966e8b54104b6e5e648acb9b
- SSDEEP
  
  12288:flYHprPgduE4bIrqIQ835escIsuAyeSSWBR28pIOUO:fyHprPgdWbAqIZ357cLclb28pIOUO
Score

1^/10
behavioral5 behavioral6
- Target
  
  BWMonitor.exe
- Size
  
  532KB
- MD5
  
  a1447b904e373061eaff53cf9f49e129
- SHA1
  
  d73901c8525080b6de773348eca159ba768fb12a
- SHA256
  
  224180105637b4151bf2832d046ce813850e94b13234cd7b591d1935c0566b57
- SHA512
  
  c591611603eb6ab351d8392d42f3dab0fd6071dcf1e0cb96ebc5627851520d8df23ef7a7ab41488917064e6facc49650ffbd5a6504d87be4407ed3d39bd309ef
- SSDEEP
  
  6144:53QpI+k+mlLRuSBNIDXfWy8V33MFmuriAHtA/R3iA2z7OIqniZ:53UxmptoDPr8V30XriAHtA/piA2z/Z
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral7 behavioral8
- Target
  
  新云软件.url
- Size
  
  133B
- MD5
  
  4f0017b3b346bd0626f0c3b915e6e734
- SHA1
  
  823bf3ff9e16cd636c9dc0dc690d6a586fcbfe92
- SHA256
  
  df65af1fc1e09f6effbde7e0ef1cb64d6caeef1f62b0e6467821efa032533678
- SHA512
  
  0f5eb5024cf6a0323f7998d419995a707c48de917a5899a185369e6acfeb17c09ffa03f7d110adc87b8de20b7d4bf30d50c72479bfb18614d2e21cbe169dc5a6
Score

1^/10
behavioral10 behavioral9

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10