General

  • Target

    5b7a7d1d11c31a3d7822da4f1fcb4021_JaffaCakes118

  • Size

    711KB

  • Sample

    240719-l43pgavgnr

  • MD5

    5b7a7d1d11c31a3d7822da4f1fcb4021

  • SHA1

    ec1e287ce38cd0bab4d5ec644dfdcbd6c9d432c3

  • SHA256

    71b96d709cb160b579ec5010ce38b00084a49c420cd5945b69714dfc9acb811e

  • SHA512

    b6ad739279f91dbb8bf79585ea4f04680f5c9ae7e7846790ec6b66461386be4a06c725057e15edeb92201a1a31c657beb09fee76b37b3d02dc7ed3d125576520

  • SSDEEP

    12288:GLANUqVeiVtOhZNQPV8kh70MxB3HV0xBE/OFCJVRQk+3TolJUQl4CPyGJz88b5U6:Tq/4tOhZN+V8kl0c3HV0DbFCJDQk+PJe

Score
7/10

Malware Config

Targets

    • Target

      QuakeRPG320.exe

    • Size

      729KB

    • MD5

      bd2835f62c2e03d10dcac0d6b4541b85

    • SHA1

      a3a315b6c7fd5c099ec6f184bc77d98bff1c0ac6

    • SHA256

      27a512cacdd75982afa4a3acf8e491e943015225c9fda4db79f563c22a2932c7

    • SHA512

      4b7cdac25a54be587ba927563592ebb83423b62aa70f095c47f32b2af700f33279562020561e59ca2c7abd7288a9107ea33e6db046554501fee99e96fc78442d

    • SSDEEP

      12288:Be792eBoxhjooulC0iSoum6eiQeFijc4yRgp3vCR1/sZnwQokbj:BeQQYN0iSooXM3vW+ZwQj

    Score
    7/10
    • Loads dropped DLL

    • Target

      $PLUGINSDIR/InstallOptions.dll

    • Size

      14KB

    • MD5

      296a5f3179fa8d7a7a855eaf696ede44

    • SHA1

      57aa5b71553ed282dd22c768e039a187f5c13f63

    • SHA256

      ee0ad77e681c4d0fdf1d67df5f4ca03e6bdd8e3b05dfb47a83ad5c733ed62960

    • SHA512

      bc527d1485f468e8d098057e0e38e8cb7aa6eb64d4ca30927b99b1552a3177b132b989015ff95bdf2ca046bf11a54b4b456f51e024fbc734fbb548c3499e53f6

    • SSDEEP

      192:r6JaVGQ+xI5EeuyvMmGpeWH2J5xprN+AxTyK72dwF7dBdcQOz:r6JaVh4I5rpPbTy+BdhO

    Score
    3/10
    • Target

      $PLUGINSDIR/StartMenu.dll

    • Size

      7KB

    • MD5

      4973362a84e11dd8541387ab1694afcc

    • SHA1

      b78a0fe67c07713c7abd9668b881c4bc808d9a7a

    • SHA256

      7757518466b21ce175607f10599f26fff127d59a16dc10bf4ba4b7d83d13d47d

    • SHA512

      65c305eced5cd81fe3a573827d62a33e400f03d5bfcb3b3a503927bc0decaedef5d74e6d1ba25a0601fe812f8d2424887d58211c3f3cea1442643f5d1c23c2fb

    • SSDEEP

      96:Z+nBC0x22epxPEvC4FkWE+in1/FMvsCGRfRFqCB5tLGhEl5VN:Z+BepxPE1r8/FtmCDtSg5v

    Score
    3/10
    • Target

      DdpRpg.exe

    • Size

      645KB

    • MD5

      1869031687c9c1dbbf52ad5277acba02

    • SHA1

      2e33a1e1c78d28ee348f76dc5f39e3bd01d39c2a

    • SHA256

      5afe93fd87c1b9f28ff95c344b1e9b1ac7993ccf74d7b02fd1df8312e205fa51

    • SHA512

      e851846361f28efd3709a09e14b0dea49543ad723d81c92196d386b1cc6c5da895b73da243f587fa15b7d7e109e7f0253e7bfbfde11f84ac58a70e9eb9fffb95

    • SSDEEP

      12288:nXPV4fRzfjxaLGKRWHSjGIK/dMfdSJ72poLA5fCO/OUKrBisRrl3hdo8thY:XcBx1KRJQdWpoE5fCOWxRJ3Ho8thY

    Score
    7/10
    • Themida packer

      Detects Themida, an advanced Windows software protection system.

    • Target

      Uninstall.exe

    • Size

      58KB

    • MD5

      95d238fa10af0485c2d56f5fe7cc2dc8

    • SHA1

      7b1d1e5324315fa4baf11f2b1f5d5b60091a6ad5

    • SHA256

      a419aa52e8d356c64429fb89b941d7897ea868077cc7cf0a15ca364e035b36e0

    • SHA512

      d22a75b8368b6ff4895995292307e93fb23eba3eaf96a5109a4114899df3fa31851dcc9c10aead53dc99a5cf12c8bb5ff998871b4a239d2bd3fcb4c8bbc8b3b4

    • SSDEEP

      1536:yFGGrf+wMRVrkxmJoqAELVigRzKWbm1/sJ:yFG6UVYxmJXAI0GKWbCG

    Score
    7/10
    • Executes dropped EXE

    • Loads dropped DLL

    • Target

      $PLUGINSDIR/InstallOptions.dll

    • Size

      14KB

    • MD5

      296a5f3179fa8d7a7a855eaf696ede44

    • SHA1

      57aa5b71553ed282dd22c768e039a187f5c13f63

    • SHA256

      ee0ad77e681c4d0fdf1d67df5f4ca03e6bdd8e3b05dfb47a83ad5c733ed62960

    • SHA512

      bc527d1485f468e8d098057e0e38e8cb7aa6eb64d4ca30927b99b1552a3177b132b989015ff95bdf2ca046bf11a54b4b456f51e024fbc734fbb548c3499e53f6

    • SSDEEP

      192:r6JaVGQ+xI5EeuyvMmGpeWH2J5xprN+AxTyK72dwF7dBdcQOz:r6JaVh4I5rpPbTy+BdhO

    Score
    3/10
    • Target

      ddpintro.htm

    • Size

      2KB

    • MD5

      4c5e89b1e03b510b09c4b9ada630009c

    • SHA1

      be2926b06522d7355a73c9f42f9685f0dc7a0332

    • SHA256

      78d60078bf2632db0771754b6640e6f1849300185948a080c177d0a39f529c3a

    • SHA512

      bb75eefdb1d8704cacef9c68f784065b12bbd2f366cc514466aba252c907b1aa219b06d4bfea8d809730097b75a6bb666c04bdea35bc615bc3fc7e11b00b17c8

    Score
    1/10
    • Target

      popup.exe

    • Size

      13KB

    • MD5

      120b93308a31b5639b5658b04505815c

    • SHA1

      a72465ee651cdb4c0b52fe9c30df14732a7fdb2a

    • SHA256

      f052473ab8273d90d3c2e5dd2596bee8fe8091b8793f51d13e0e748871936941

    • SHA512

      08f393eab31813600bf3c24e78b2e9021a73b2136a986e763a14fb8e0786a6bbbab3ade0822475261f6e41e353721f1d8a0b3d1ea4b43e87d99c2bb44a6ce73d

    • SSDEEP

      384:GwuTDhcP7fK1lPIO4vHvfqItY1zpEX1oPN86YgSs:GwoDKW1lPInHvyIO1t2aNp

    Score
    7/10
    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Target

      新云软件.url

    • Size

      133B

    • MD5

      4f0017b3b346bd0626f0c3b915e6e734

    • SHA1

      823bf3ff9e16cd636c9dc0dc690d6a586fcbfe92

    • SHA256

      df65af1fc1e09f6effbde7e0ef1cb64d6caeef1f62b0e6467821efa032533678

    • SHA512

      0f5eb5024cf6a0323f7998d419995a707c48de917a5899a185369e6acfeb17c09ffa03f7d110adc87b8de20b7d4bf30d50c72479bfb18614d2e21cbe169dc5a6

    Score
    1/10

MITRE ATT&CK Enterprise v15

Tasks