a4f7496d8fd21533829214390b580acbd74031cd33136c40df9a64cc8714c6ad | Triage

Sharing

General

Target

4b3d863d809f8b2e63ed3e0da5350b10_JaffaCakes118
Size

11.3MB
Sample

240715-y3mm3sxdql
MD5

4b3d863d809f8b2e63ed3e0da5350b10
SHA1

c22301243fd4524c59500bd2097b5d992eca1d8c
SHA256

a4f7496d8fd21533829214390b580acbd74031cd33136c40df9a64cc8714c6ad
SHA512

a769f52daef7a61fed918073ebd0bec7a428f4710fdc71a6ff050d5dd5d5f308fc6901a842f73ed1f611671ff8152dff929ca07d148fbc2cc1260f791b628f3d
SSDEEP

196608:9ixZSd4ZSSdK19HFcVvyxiheyVl/3xCpYhV2gBJPHhA1O5EjWQ/KsVKfQM4WAQ84:kx84t2cV4yTfxCwwuPHhOO5AWQ/Ks+b3

Score

7^/10

Malware Config

Targets

- Target
  
  images/新云软件.url
- Size
  
  133B
- MD5
  
  4f0017b3b346bd0626f0c3b915e6e734
- SHA1
  
  823bf3ff9e16cd636c9dc0dc690d6a586fcbfe92
- SHA256
  
  df65af1fc1e09f6effbde7e0ef1cb64d6caeef1f62b0e6467821efa032533678
- SHA512
  
  0f5eb5024cf6a0323f7998d419995a707c48de917a5899a185369e6acfeb17c09ffa03f7d110adc87b8de20b7d4bf30d50c72479bfb18614d2e21cbe169dc5a6
Score

1^/10
behavioral1 behavioral2
- Target
  
  setup.exe
- Size
  
  10.9MB
- MD5
  
  00bac975e69efdbf633cd695e0a6fbad
- SHA1
  
  205dee4a96e634e2bfe366202f9e4cdec4fea3ce
- SHA256
  
  1881cb7555c814f83e50d4b2fdb3fb66a0cc3e0776aa67a01b8ff7f6544625ea
- SHA512
  
  d829d87917185d2f276aa32f05d561d61907a716bd1d330b967b78f8aa3adeb8ca6e9fdab5eed5cd13e8ebcdfc9e314084fff9db779638d3567aa17bdb9b14ee
- SSDEEP
  
  196608:HM4aNk4LDK+g25YC+QmnkleS9rJB4IQn9ZlVen0BL5GuDlR/GLpyEDp:74q+7Y3uRJBnQn9A0lR/6y8
Score

7^/10
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral3 behavioral4
- Target
  
  安装与配置说明.htm
- Size
  
  7KB
- MD5
  
  d6bd1ac97ed7a264ee2f3e280925c85d
- SHA1
  
  bb2c217de3e132e66643cfb03517522fdd8c04d7
- SHA256
  
  463d264595cb88fbf4c79b2a29f47803464fd74ac4db8812b62cd7c93215ce6e
- SHA512
  
  551c01603b8f58687a1f3e6625799750e8633590fbe95357433c26bee82fd3f4c51c5b3492646e229190f07f3a9ed37804d6696368dd895a6a2fe40434f82ae8
- SSDEEP
  
  96:c2F18SWQEVfTvIiHm7sMR0MoeIiHm7s8a5nPxJoXj3LyWTU1QJIS8yrvmgltMJWa:LFS+IsboX7mgPMJ4Id8Z8CxId8Z8Ub2
Score

1^/10
behavioral5 behavioral6
- Target
  
  软件最终用户许可协议.rtf
- Size
  
  45KB
- MD5
  
  512e9294770aa35fe9521002cb806d66
- SHA1
  
  43b83c1746deed8f66a3eb1e8f5c816031a63440
- SHA256
  
  422017b74b784353f40d4058ef38eea605abd1f7e409fe8b652c57360071d1e9
- SHA512
  
  480ca110415c22bf037363b9c4117855915a3f8e91ffdff13192fbe38171c21caf85fcee33c96490702d4bb5b24056edec4766b4e7c2d2f28c740a248ee68c4b
- SSDEEP
  
  192:cONPQflhdIe3rLt0N0yPfyXb57/evDvtdsts5bJ64UMwrzl7nxtIrgH070wNJEyQ:c6QhjLmLjrdxjVDZxG56oOGxGoxLB
Score

4^/10
behavioral7 behavioral8

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8