ac6d3f36922917f8ac7873fbc4a0a06334daf12c04bd6e4809ff56d7c2283a84

Sharing

Copy URL Twitter E-mail

General

Target

44eb81819bf3b389c9af1ca30d0a3ca8_JaffaCakes118
Size

1.5MB
Sample

240714-jlz5hssapj
MD5

44eb81819bf3b389c9af1ca30d0a3ca8
SHA1

248a965f6bf16a8fd81b8eb623919a0c8b8f3e4c
SHA256

ac6d3f36922917f8ac7873fbc4a0a06334daf12c04bd6e4809ff56d7c2283a84
SHA512

d211ec016acb0ae148a2aa6e5f57a075cc3d8ba44357851c515cca41f415c484a9319f7a64f161c2d42b9e627780f8e7c1cfe0e65f9fb0a4f841678c29f47646
SSDEEP

24576:74mHdyW4z98NkZS2qH/F4lOGR93JRC2uFjDDc6+6akG4vOwWCdAqHkqCuXwVXL/:chnxFSf+7/rC2sjDDMDnuxMz

Score

6^/10

Malware Config

Targets

- Target
  
  联通宽带拨号客户端/DefaultAD.html
- Size
  
  94B
- MD5
  
  4f16ec7eea9de819080f1f377c728b87
- SHA1
  
  6b303efeb998e4d700ab981256d093aa68eb1b45
- SHA256
  
  a94a2e88474a43b2812f017bf35b2c978e5203f225110e1fb52ee2557501b898
- SHA512
  
  bff4782d8c914477ac1e87127544a66e48adbeb32d8a4ba4f7cbc6c855dd28546315aba7e7468834d11b160aa516b1535a9bbf7c5e2db7af9ba9adf1abada55c
Score

1^/10
behavioral1 behavioral2
- Target
  
  联通宽带拨号客户端/DiaConnect.dll
- Size
  
  28KB
- MD5
  
  949b38d94666d727b4bb9f9c78f3daa9
- SHA1
  
  081b97974870269c563a2010ff4ab0e5fc8b7fff
- SHA256
  
  b99e392245c7f14289faa69df6ba05b1a0b71d06ec8553cd5cb54b59bcab96eb
- SHA512
  
  9d5756b0d32c6949f0ee9c33ab548d85f956f861f5901ae43c812dbe22b30dbb9a5efda202672b6fca3b60a3ed1462b6465e0b812b0fab9989cc0697ee5131ef
- SSDEEP
  
  192:5hvC9YbSj2axhK9hRzHMU9TFdALljkNaZsyV9plKfiBlgv/jwddOJFtEGJ0t:5hvC9HQDzHRTFikNaX7ls1vsSv
Score

3^/10
behavioral3 behavioral4
- Target
  
  联通宽带拨号客户端/LTDial.exe
- Size
  
  1.9MB
- MD5
  
  4320abc8c5df8011678a918753e00242
- SHA1
  
  0c511a44f5683a408970b95c353b30cb2e4bc086
- SHA256
  
  43e6a9f255625cadb87a445b81baf190a9914bb53c6e80b3d08609d9f383c4b6
- SHA512
  
  bb84e1fb5f37f740db22c324741510928985d4b9e9277a5e2b458eda156bff7d12669fa153e7de40837156202bd9a9d2297e9df59e267276c96af80b6532fd41
- SSDEEP
  
  24576:GhCgkyX1+E3TqMMMwkrMMMrBHPY3kYnX6Efcwsv:gT1+4TqMMMRrMMMtHiVqEfc7v
Score

6^/10
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral5 behavioral6
- Target
  
  联通宽带拨号客户端/MFC42D.DLL
- Size
  
  940KB
- MD5
  
  71846abc9fa408fc283d174194caf29d
- SHA1
  
  34d5f0a5e5b7f14de788ff3a56a7e0664ed2b60c
- SHA256
  
  2c26c4862f0508b67d98cfc453c347fe1544c00e2af1cc6574da240a5cbea63a
- SHA512
  
  6f2ca5b406e8a2781e254fb2e66b5b5b266094cce8c3d5f68cdb21ce916614d2f57dacd2192b1eb7037141d5960edf114aab216c0f13a820e5189c1f2fd371ff
- SSDEEP
  
  12288:4Whs6xRTgvcR3z4i2TvNFrD4N5I3ppqVOfSajVnOG87s/UP2z2LP1h274xafGPRa:H3gXi2/4NUMYcGG2zgNU7qafyRvhU
Score

1^/10
behavioral7 behavioral8
- Target
  
  联通宽带拨号客户端/MFCN42D.DLL
- Size
  
  60KB
- MD5
  
  980113a791c3030d564d8fa04c78a192
- SHA1
  
  73b0d066d322ef0eb9a6d6900c74bc36d4d83af6
- SHA256
  
  43ddf2529d4e7859f1ff868a4987e0ea4e9841b5037d63b421239095eb50924e
- SHA512
  
  b88ac1b9082f0a1279de59008c9a8673b4059629da4392dcd23bf30d0fc5fb47f7f42033c2eecdec25f62458178fa50886b3b629748c7baec3ac581d42c44658
- SSDEEP
  
  1536:kYov5N+D2TlEThLqI7YOdN9J3/wEZwm5LqHaa:kTLe2TlEThmI7YOdbJPwEZwm5LIaa
Score

1^/10
behavioral10 behavioral9
- Target
  
  联通宽带拨号客户端/MFCO42D.DLL
- Size
  
  808KB
- MD5
  
  0030b7bb099895fe5b877c4f9b4fc847
- SHA1
  
  25130beda6cafa5e00f3658680dbf1eccb90515f
- SHA256
  
  e0bb5dd77686ade7d7355827a8b3e22aa58383dce3fd4d798e494064b9231cd7
- SHA512
  
  f9db08fb93f43eb194c7b6b4ed93e8d48729cdc3ed21aa2a8f11715f5015dffc57a4a25575a9ad2344c3c0d101e853cf4659ac54386edcd77650ffd946390cb6
- SSDEEP
  
  12288:kMhmNtBgHZ1jpljcbzaUOevT8ZzmcYYWZFfKFfYPJYpdQEs7Mv:kZ61jpA73TYapFeGJYLTv
Score

1^/10
behavioral11 behavioral12
- Target
  
  联通宽带拨号客户端/MSVCP60D.DLL
- Size
  
  504KB
- MD5
  
  7df2f6b39b55c3f09be45229abba18c0
- SHA1
  
  55ffefb0a33bce9f81a229fa34a4ba7f6bca9aef
- SHA256
  
  509df87c41b21e251ba692776013fd3745a51cc147a776910675bfb46ddc98dd
- SHA512
  
  2e7ddd6666d06e7af285d0453e4deee6360b0ae51004915c6e2fd22c200d9d04990e82df04cddf28a88a278e1cb2ceff0df8384483839cca9cf00596dc2e6b4a
- SSDEEP
  
  12288:/ygHEPY6hY5jIXVc22+kqEzcM+X90ktKuq3OoxHkC9a:aVc22/1+X90ktPq3OoxHkC9a
Score

3^/10
behavioral13 behavioral14
- Target
  
  联通宽带拨号客户端/MSVCRTD.DLL
- Size
  
  424KB
- MD5
  
  65f232ae50755a6fbf72dac2977a118f
- SHA1
  
  71764c042437c690da80fe9e7bdad852118d25ce
- SHA256
  
  673a9ebe874f015c3d8b8e73d05c4b03f85c42cd8fc031f6edae235ef9671d66
- SHA512
  
  66cd36d5a9c47a36171930c62e94a680cd6b81a9f0749ac80b1c4d123e1b8ee0f503816a6a4c3d201111dd86d01d54a465f8912e9550325a77009cd2ba4ff909
- SSDEEP
  
  12288:27v02rMpdgcChMqgFtOzZMScoAwFM+HGJ26DrEXRjkGOtBx4:2v02rMpdgCrKzySBO+RctBu
Score

3^/10
behavioral15 behavioral16
- Target
  
  联通宽带拨号客户端/Updata.exe
- Size
  
  44KB
- MD5
  
  faf2988f792981b49a9eb3307e368465
- SHA1
  
  dd9917453482b94b3ba7fc9887a5f1a39fac3688
- SHA256
  
  07043950bf56e564784b9570da709f3b6480fdf01a9f491be4f3197c3066f22a
- SHA512
  
  34e9d2614f6ccbbff79afbc06767ed1de2ba438964b3eb2ba34dae7c4757ef84405248083122ba0c7e395f64aa34b2a9040a264f2d2eeb56d941f26c4e7341b1
- SSDEEP
  
  384:8DO30OsuHSwi6dlGJx0/gVoMGOsnHuR5BaCwCC4615DT4SJuo08+4mH7tGL:8DOk41vJIR5U485DTZtmH7tGL
Score

1^/10
behavioral17 behavioral18
- Target
  
  联通宽带拨号客户端/WINHTTP5.DLL
- Size
  
  284KB
- MD5
  
  1d030bf7c36f7998d3783af54eb0cf92
- SHA1
  
  b27c12c5cd60f25c33049a7a46db10e6640165e6
- SHA256
  
  a648e8e8b73a750007e73db5a6a0e39852498fcfb4ca587dbe16d19630ee54de
- SHA512
  
  bdd370b1a4b6db07fabbb688115d7d7c882662b892b8f88fad2600eead642ac899f3d9a9f637355b889e5d1dbe7409ccdc6ace5fd3d62e37fbec59e872b500da
- SSDEEP
  
  6144:HHMjSWGK4dwIHLsjwUlIf9myzLnUW2Npzwtkp5LHb3X8fcA9eLYleY5THa:aSJzH7fRc5/n8kA9e8LE
Score

4^/10
behavioral19 behavioral20
- Target
  
  联通宽带拨号客户端/help.chm
- Size
  
  287KB
- MD5
  
  2b137218641073b53b6f41ddb25fe0a6
- SHA1
  
  106c16e16349e76892c81ada1eddb3bf02bb64c2
- SHA256
  
  1831478e3dc7661707a503333b748a6f35a37b3200e601d4ccd4ae9869473a47
- SHA512
  
  57fea3a047e23b2a0012d864bd7bec23638bfb9a4d3e21abdf6f4f74b915fd99b4105b5cb298f49184dc60dae8d9561ce44558d587bae360c157f206adf2951e
- SSDEEP
  
  6144:/C7ZWrL1k+m+GVubBKq1Mp9hYvkTFiJSY1H7C5uU1h3mxmtTaeENg:aErC+iCK8M9B74H7Cn1h2xmpaJg
Score

1^/10
behavioral21 behavioral22
- Target
  
  联通宽带拨号客户端/新云软件.url
- Size
  
  133B
- MD5
  
  4f0017b3b346bd0626f0c3b915e6e734
- SHA1
  
  823bf3ff9e16cd636c9dc0dc690d6a586fcbfe92
- SHA256
  
  df65af1fc1e09f6effbde7e0ef1cb64d6caeef1f62b0e6467821efa032533678
- SHA512
  
  0f5eb5024cf6a0323f7998d419995a707c48de917a5899a185369e6acfeb17c09ffa03f7d110adc87b8de20b7d4bf30d50c72479bfb18614d2e21cbe169dc5a6
Score

1^/10
behavioral23 behavioral24

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Peripheral Device Discovery

T1120

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Enumerates connected drives

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24