a0457d69830ac38f45f672e712b46a3ee2d57c504e251eca446c3f7b68cb8b8e

Sharing

Copy URL

Twitter E-mail

General

Target

4b9118a6e71c2dd67f5c5777248f9871_JaffaCakes118
Size

1.6MB
Sample

240715-1r6ypatdpe
MD5

4b9118a6e71c2dd67f5c5777248f9871
SHA1

70e37e49811a71f53e75fcb848f0a8f4bc8e6a03
SHA256

a0457d69830ac38f45f672e712b46a3ee2d57c504e251eca446c3f7b68cb8b8e
SHA512

955b8bbf806ea3856272932a3da24b8aa1ad9f5f6c8a65ff2ccd8af9cf335c1e11636891187f1d0201688f6c8a7e4732c33a21cb2c4225f90c3c35449faab65b
SSDEEP

24576:E9nvsXkv9dxQSZ75IbNmPxZ9/HVaRIXOSFNtYwmGBXCxot5YZdMg5:E9vukf5cNMxn/1MGOSZYwXBXCfdH5

Score

7^/10

Malware Config

Targets

- Target
  
  VisualBat/3SOFT/IcoSprite.exe
- Size
  
  209KB
- MD5
  
  be55f51bbf6795f53d36cee91c74d79c
- SHA1
  
  d60b796b5e6617f8b133139cb805d25b5fd0760f
- SHA256
  
  6b4963be79175a15e0e7848f0c1fba85ea40e9aca14fb4c916dda27e7b1888c3
- SHA512
  
  2d2bc8f5362f6f09437438fe9ea8c46554b548434422beae2a059dd01f4878c3038be1ac8bd5bb4cf468999b13c0607b5ceb2048f835d17d8c2cfe7ae3440091
- SSDEEP
  
  6144:KZYQ2NoiVNMGqyC8XLCu5fQlpFVGA7YKP7XyU2x:KZaNoiHMGqyCWOu5UpFVGA7S
Score

1^/10
behavioral1 behavioral2
- Target
  
  VisualBat/3SOFT/RegToBat.exe
- Size
  
  32KB
- MD5
  
  8e74e9e6410c8e8d25557a0811f2b25c
- SHA1
  
  b7f84c5b24250fe212c0f17798a71c3722f27217
- SHA256
  
  4144833994dae4a0f5739c9cd39d724fdff8b705272d763ef4c4fbfe7a25999e
- SHA512
  
  a7292e86af299ce15d83e4bd0f629946873a25b822722dc819eb88598945159d5e0c5cc52825e42e8cc9a0e6f4e07b9ad64d8309309a3ce1734daf9520f88465
- SSDEEP
  
  384:DAFqztopv0XSzQL+DLyLDPbwc8+Kp/J9Y5Y9vP96u7IZZRKg/:UFqztS0OSg/Jq5OIZZr
Score

1^/10
behavioral3 behavioral4
- Target
  
  VisualBat/Dos_help.chm
- Size
  
  749KB
- MD5
  
  92c5db9919cb797fa61848d14b8b9f07
- SHA1
  
  c463afca9709524848213d39dae78939b92aac25
- SHA256
  
  6abbc73d8a7deea099a7380320e2be2296f3e750014206615c43ccdda46d0f3f
- SHA512
  
  2889788aba65fed07318b89b99be7341e129593645d63b39a5cb1bed8a4ae65a5ba7f7f1e6ef8d7f2786aea03f7f527107f3aaaa08ead0d6096173da5098dc9a
- SSDEEP
  
  12288:hjDSPVunK18wDOAxo/M0slWHBDnkedV/xdTPc7TR6iaVLlG2FdA1pPzFc9:hjePozhUo/isHBDkE6PR6iaO2F6zPe9
Score

1^/10
behavioral5 behavioral6
- Target
  
  VisualBat/Dos命令/Cmd.txt
- Size
  
  5KB
- MD5
  
  b7098353bc2cf6d6d9febfe8f9f62ad4
- SHA1
  
  c41291ecea44a3db29698666b25e0f2e3403ccda
- SHA256
  
  584365ed212a1343bc82758d800a90c358d2fdee679cdc90cf56aecfb01dcf85
- SHA512
  
  f37c714911b96900cef71fd84251ae4c6965cca1c9d0e70a3040132f39250235ffae6f7ba60792f08f823e671a2e5a926d4ba48d3c72c3a9aa98db86710e101b
- SSDEEP
  
  96:MzXFNlcVX/lfXMrsp6eDzc3ReP4P5xm3o4Ee8yseP4PdQd77sdsVmD0h9Eflez:4Jk/KrAc3zC4yousqBggz
Score

1^/10
behavioral7 behavioral8
- Target
  
  VisualBat/Dos命令/DiskPart.txt
- Size
  
  19KB
- MD5
  
  9a92fd15c514b5c24bf58071b4f793cb
- SHA1
  
  da372687f23e32ddd200345e1d7ee633d7d7b772
- SHA256
  
  652abdaca460badb293d464fed460508127f11c5d2e5d0b5b3b904f94539e5e4
- SHA512
  
  4c5127e668abdbb63aef69a2253efb23da0f0e22a3e70d4c643a1333f20d2d55730f3694fffbbc89bddd655e223c3a59fe5183f836ee7ff857222d73e1729e87
- SSDEEP
  
  384:WfOU0nsZvgq6SM1+sRXJG4UdWpGwatygOJIHH:WfOUHZvgwMEsRXJGvWpGLzNn
Score

1^/10
behavioral10 behavioral9
- Target
  
  VisualBat/Dos命令/append.txt
- Size
  
  2KB
- MD5
  
  af5de13ef7e1b126fed4e0bbd679a95b
- SHA1
  
  8a5fafdf718979d0d36d0d829f1383c08d7d97a8
- SHA256
  
  e821da6c1dc5907007b8021f571536c99448185602276d70af61eafe1aaf4155
- SHA512
  
  cb54def0dd38f8d2fd88c3e54711a4175febf24c3a242399ad84f03ede92f037b8cbdd65cb44aea2804f7d1ea36de6068dab2ec103dac91e682b7cd682ffea6c
Score

1^/10
behavioral11 behavioral12
- Target
  
  VisualBat/Dos命令/for.txt
- Size
  
  7KB
- MD5
  
  d4b50c6c4b2b10b9076e8597897972bf
- SHA1
  
  a8da7dcc74b28f02ab3f03b3c3ea4fbd369f98a6
- SHA256
  
  f013046fe2d7571c9ac5d8680ff7955bd1672eeffca11eff75b72c358300fc9d
- SHA512
  
  4b0f0c46c4c213684bc7df9b934afa3ba4ced68d6ebe615b1f7617cd818327d5bbefbd7babb804531c7b3f9e089e3f4815074306209fa8224b811342fe48a909
- SSDEEP
  
  192:LqgdEplCXQQ9FfNgdsSitInx4CIRSHjG+wlR:K+QQnfSd7itq4ssT
Score

1^/10
behavioral13 behavioral14
- Target
  
  VisualBat/Dos命令/ftype.txt
- Size
  
  1KB
- MD5
  
  32925af3c991bc4018e7e44fc9f11600
- SHA1
  
  f7ae48ba07ad8d70c21a2e933bbf38e3c991c345
- SHA256
  
  ad1e9bac7dd82ccbe902c476fa7fbd955d4b862553069223429eff1c4e157515
- SHA512
  
  f499d2819a228a507f32bc3343eb8a2dba591795941563549460542cf1d2e076c45bc0184a1693806280a93837206dc34c7489bda99939de52d4c59e7ce271d4
Score

1^/10
behavioral15 behavioral16
- Target
  
  VisualBat/Dos命令/netsh.txt
- Size
  
  9KB
- MD5
  
  5877a73f6cbf818c3f3637d16eef9ef1
- SHA1
  
  05286c30a5d02f833f59baa0b613a61c58bad68d
- SHA256
  
  d241d689126430d867f9ef68c108bb60f13c1c348b8001c0b9da619031429af6
- SHA512
  
  7e11e56b30fd38f2aab91cd1160ec5d328e4673b473a191e5bb4e02412b092b7be3c21e23a1bd22303ef6c6c8141d4410b807913d1f3875685a9c7de88cb6eee
- SSDEEP
  
  192:zLT+nwPSP539NU96RWoUT9X1A14Gz23pbo03:zS5bUyUT9FA1a5
Score

1^/10
behavioral17 behavioral18
- Target
  
  VisualBat/Dos命令/set.txt
- Size
  
  4KB
- MD5
  
  e407a224b7c9b9b4d4687046037be1b6
- SHA1
  
  1b020fa24a44e4019a166f644f19a5c4cdd81bcf
- SHA256
  
  58aba9ce28c6498aada621a3a163a795e9da26a0cc341705e60823ec3c7979e1
- SHA512
  
  623d0c99e3b3454284be050f2b42065610d86eb8c2299a959f49e79a2ad2a26240d5edd4e4aa056844c1610945dfe04e4d62f7befe4bc9dae4f979419d09c996
- SSDEEP
  
  96:htEIVzeYJjpYlF82NSJEjf8DjDQhH55Rh0ZpImCpOI2atI4fG4lKDRLdOIFK7s:LfzeYJhnTQhVQnvDRwY
Score

1^/10
behavioral19 behavioral20
- Target
  
  VisualBat/VisualBat.exe
- Size
  
  1.4MB
- MD5
  
  24409c661ddec78c3ccf64c0f7b2dc5a
- SHA1
  
  2e537fb85875dd81688bb0cbe9c2bbb9994e7787
- SHA256
  
  591c7d9c57166d2ea5b24a08e60163a18f2ea974dfd3ddf5d9bef364333060c6
- SHA512
  
  02fcb2235db611b71dd7f33af9fc5f9bb03037d5ca640dd50a71b16e0ace6ea40e05c26c5d54e2f2d5460cf45ba372dd0492db49739011e86e769f733fa2b2ce
- SSDEEP
  
  24576:7vvxCBJACRWYHivaiGb3gHBLx4AsCxaRDYyZqIDH7zW/F4TU:7nxaRWyIrNFxa1ZbStH
Score

1^/10
behavioral21 behavioral22
- Target
  
  VisualBat/常用实例/1.DLL组件注册.bat
- Size
  
  92B
- MD5
  
  a35e1fb3c9c8df5dedaa3921f3a13f19
- SHA1
  
  06b55b39f65a8ea5bd67cf9254d4332ca5dfe86e
- SHA256
  
  a91c8035c2f3e45600e2a86069822f37ca57524402ed7bdef7d863f40fee4a93
- SHA512
  
  59bebfa2df5210ebe25447273589abc0636799db7ea6954661dabdcbbaad583accddb83864b4a401246aa85f0ddae22cdbfb8e3da59f9c3591b10ea5dc12885e
Score

1^/10
behavioral23 behavioral24
- Target
  
  VisualBat/常用实例/2.查看电脑硬件信息.bat
- Size
  
  69B
- MD5
  
  8eee7b427dc7413d59b66722e889e2d0
- SHA1
  
  bd6d149d9c4b5c2f6116a2fc8369b1923a3a7250
- SHA256
  
  21fac1ba1bdc31ad508b61893dc0a6f081b6a25e96b958abe374c82ae55efb5f
- SHA512
  
  6962146ba9c7a93e1e16f28afb91f32309917b26153f8dd24fc168ecf2becfcbbfc5bf892b9e0a251ab678587565b69514eb0f46dd62a79685d2a73c7fb14c67
Score

3^/10
behavioral25 behavioral26
- Target
  
  VisualBat/常用实例/3.列举进程.bat
- Size
  
  240B
- MD5
  
  a6d4b74e7d95d768bd5d75c55eabd6df
- SHA1
  
  1e27c2097e7cb233ce6071d976f693408ef6e148
- SHA256
  
  d8492cdb7e71ec876c9dd805653dc3ab364d0de4605db7040de21ba6b66d377a
- SHA512
  
  6b66b7c5be586afd54afcbcf0e474e2877b2fe8fced4e72340ef3b1837702640f4b32b75862e9b5a495770f54187f7efbc25e08e1b191100c570fae7a31b7526
Score

1^/10
behavioral27 behavioral28
- Target
  
  VisualBat/常用实例/4.dos下重启.bat
- Size
  
  41B
- MD5
  
  0d6a5909b14bd18a28c0a9c05faaece0
- SHA1
  
  c63b904cca84b868e4e565c201acb7ae686afde6
- SHA256
  
  adff434d139154e955720594c557927f6f3aa5b8e7698259af5eabf0faf5941c
- SHA512
  
  5c6082b4a6e795f2759f975767d2910f7a095a4c7e28f97867cb5d7f8adc87530f3fc1668a8f5c0e76a994929c18b849a7e36ee58155286aefd90763321b8998
Score

1^/10
behavioral29 behavioral30
- Target
  
  VisualBat/常用实例/5.删除自身.bat
- Size
  
  16B
- MD5
  
  582af292f10f78157d856599d299bbc9
- SHA1
  
  f7d92446dbfb7a5f84310931c67d610215a1c4a7
- SHA256
  
  adfdac86afddf10e4511ffdf57be142fd2cf4951a259aaf85abfc2b165ad4dce
- SHA512
  
  d65051bf22e539ef06807fa4c38cb9b5400f0cdbf1da6166fc22f9cf0e31f7875575a55cc7e7c7e19a608f6b14fd5b5b48c091e132ea70c84b614960fae339cf
Score

7^/10
- Deletes itself
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Deletes itself

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32