34c35e5e18354f9e459e792a3f8bb40af5b18787f0461078ba563b5d49aa6292

Sharing

Copy URL

Twitter E-mail

General

Target

61ad1d5453ecaa58f1a56eba86e466bd_JaffaCakes118
Size

6.1MB
Sample

240721-2gebcsxhpc
MD5

61ad1d5453ecaa58f1a56eba86e466bd
SHA1

e47d23eebe0dc9ad28b34e0579d11af213b179e5
SHA256

34c35e5e18354f9e459e792a3f8bb40af5b18787f0461078ba563b5d49aa6292
SHA512

b131983758f2387bb4b497f8401c98fcca7be70b716655f9ddcf5f36348b9fc907ee7e28e14643ac1afc9ac0b67a79604e1cb2c8ee9dda1e016b53547328c1db
SSDEEP

196608:Rp4FIkfkvTQFj5pZbYYCYPPr2xZQmhR+dHi:QFIkUTQFj57YrgPreQmh4dC

Score

5^/10

Malware Config

Targets

- Target
  
  Clanwar1.0/AgentBmp.dll
- Size
  
  228KB
- MD5
  
  e120e69dd324b899cab14dc7682a2542
- SHA1
  
  e679abfbd9baa35b066c279e80121d889f6f3aaa
- SHA256
  
  663f72cbd4bffdeff45b153cd1d520e639d0e1630d7c873f6967f8d5d0e9170e
- SHA512
  
  26f116b7e49f9fc8688303db540be2cc339a8015d8bac354acb87a30fb3a7baf640824e041622723c894a95ff56b2520aee1a5d0197d1a16e698bc1fda08f151
- SSDEEP
  
  3072:/oIgwh2iW7NPfr6SQF0bkFeq9FXRt+fWgbs1wvjFYdOAc5oY7VWRODtolFNS/gQ2:NF4NPDaRtsrSwLF8OAVO4S/g
Score

3^/10
behavioral1 behavioral2
- Target
  
  Clanwar1.0/CWBase.dll
- Size
  
  232KB
- MD5
  
  57c74a95f655d746b74b981736b072ca
- SHA1
  
  13e48f46e2665df7c1de71610f60889c4d563c66
- SHA256
  
  e7d01a944a03e21c344b0eb8ed660c968f652b684560dbb1dbf32935016c73de
- SHA512
  
  02efbd97092c50dbf634665940df2d02a6a77f409f0294b620b8d8f894d6f621d458e86ecac3f6062b8e3127ed243e6396c3fb15f9bf3df3f88daf428d4f718e
- SSDEEP
  
  6144:V4Y4gMFhpRdS6utRgQLgZ7YGGyo9Ej2SJfgJNmniwWBbLd0AK3LOKAoLfeR:V4Y4gMFhXdSVtStIl9Ej2SJfgJNmnil7
Score

1^/10
behavioral3 behavioral4
- Target
  
  Clanwar1.0/ComCtrlLib.dll
- Size
  
  440KB
- MD5
  
  28fbde9b6d6a23256df7469b358cccaa
- SHA1
  
  c81a2c93b5bae0d3da523a2f38f3d6600a5eb1ed
- SHA256
  
  d0d2037adabddbb76d82d3ce48b8fdcc3d412916831a030bdbd0008d995b08f9
- SHA512
  
  3d5afbb7ff95f506f40981159d56f439f3d08d2158dc92fdfa156ab0a93a55c1af5f1a09bec149c73fbd094f1ee5415c1712b8b39cbd7aed2025119c7318990a
- SSDEEP
  
  12288:BNKDx0NGUqN0e6q8jerkR5clOOVTEmBDKVDWPWYWOmk0HcSZixPQT9y3uO:JHcSZhT9TO
Score

3^/10
behavioral5 behavioral6
- Target
  
  Clanwar1.0/ConfigMgr.dll
- Size
  
  144KB
- MD5
  
  c5c49c0b7abb458338aa8a6e8a6ebe5d
- SHA1
  
  e35a2b917ed5438e02452a930602967e4b34dd91
- SHA256
  
  eaf9247849850020c265f5d32506f396596c3f3ed92a4e53537bcb19c9308bbb
- SHA512
  
  e12c856352ab6afaa8ef4d90a788acd70f256992663f94afc52dfed9f8377fb3518d305bc37ad0cde1422b69383d962b3b865bb275d5b98cafb5f286f5aae9e7
- SSDEEP
  
  3072:SIpX5wz3hm4OVFXd5P18Adieps+I/XpmRBOKcal17Kt:S6MC3NVZiepk5mRBOKcb
Score

1^/10
behavioral7 behavioral8
- Target
  
  Clanwar1.0/ErrHandle.dll
- Size
  
  18KB
- MD5
  
  d4f8f9c6a166d672f9f50721af0c3353
- SHA1
  
  995977b4b077ec4e9b79dad1cff1c51f462690c7
- SHA256
  
  924ed66022613617f6587ab9c3cfacfd79f25acf35c6331ef3370ed8d3ba4a67
- SHA512
  
  5d2fa5ca7bdb8eeddfb4fbf8328a5e7718a6ea56f21a6e649a01759750b7a4e027b99e8a1f843d140a6563ecc9ffd945e1e7d9c1b1a065783796a5b319dae56c
- SSDEEP
  
  384:8e0Uren7UlyRyxgg28YK9TTywubSdvZGRC4JeHO2qmsdgb0OKVBX/Wib:80r6xpAwwPFsRC4sO6rb0OKPu
Score

5^/10
- Drops file in System32 directory
behavioral10 behavioral9
- Target
  
  Clanwar1.0/ErrorReport.exe
- Size
  
  460KB
- MD5
  
  7882d48f56bf85b6a8bbabda0a29f2ed
- SHA1
  
  322e8beaacb67acbf5554574fe3ec91717044ae6
- SHA256
  
  ff7e87ffc36465640e17bffbb51c3ea29db922f610525a49919d66282470c253
- SHA512
  
  08468b049c36053c8c825b944e23b35069da7a133cc74edc7c01066f5cbdffc46146e6cc5e40277acfdd7a0307bbd66fa2459c1a10735e0684e5b816fa3fc958
- SSDEEP
  
  6144:T4RiV0PpqkPth6LVl8TJZLJVGDK3rqa14WoqE/0PbigG1Al7yCECqGV/Ghc2JxCl:ERixl8TzLJ5V14WG0PbQk7jqGV/GhKp
Score

1^/10
behavioral11 behavioral12
- Target
  
  Clanwar1.0/EzIMClientModule.dll
- Size
  
  424KB
- MD5
  
  bc292a40ceaed5b8b8a61fa472b69b2a
- SHA1
  
  1e6d81a43c030ce5d4cc5267ce1adaf298fedb1d
- SHA256
  
  7b518889eb63355ddc5d334c45e081866e4ef41c9f8a7a911e345a5535906ca1
- SHA512
  
  596640a33c0ed5b0cb191597927126dd25d1f3c551a26e6204f3a8bdd9ce10e9757d55449b32668971f51a8b8b2aa36439c8645d09abe80e1d1839fe0d7a8c86
- SSDEEP
  
  6144:ttFyfQZMatkZOCvH92CVd6IB06a0Tx0vv/DNp/xPXSPKeQpUhV6YAOe0etmxj:RyfQZM+GOo9LTta0Ty/DRPX9eVgYD
Score

5^/10
- Drops file in System32 directory
behavioral13 behavioral14
- Target
  
  Clanwar1.0/FNWar3.dll
- Size
  
  321KB
- MD5
  
  7f12e9c5db37d31f44efcbd9631654a3
- SHA1
  
  102f0d6f9062848577f05ace1660572b6b04eedb
- SHA256
  
  b753aa0f36c3f14a09a29b0b4ccbac1534c921be2143834267c690a0a93cedc5
- SHA512
  
  f487e14b4a4adca16edeb60063fcaac074e0a4a443abd65e642aa8a581ea8d190f73793267960d73e3dfe02975a41d8944f3674d6086bee99b77a066be71ad81
- SSDEEP
  
  6144:h9PhMkq9ViFsO8sNDAwv8/NlTGrjBJ/BOXHtwBM:hxhMh9Vicc8/NlkBOXMM
Score

3^/10
behavioral15 behavioral16
- Target
  
  Clanwar1.0/GGWAR3.dll
- Size
  
  816KB
- MD5
  
  736564556ffa9aadc262bb1e5d748e8d
- SHA1
  
  8c0fabfcc5b3bd909b086d17733496dc8cced0fc
- SHA256
  
  5e594ef05776aeb1b12f82e3fc92081333277c223fd82b4e2441ec4e133733e5
- SHA512
  
  4bd52c24e77ccc43cd252b6589082e5d742653da7f54244ba779c9ed249015571ff643db7d494820058874ec8a15c55f06a5eba7e7be117ea07b6af66d19b1a1
- SSDEEP
  
  3072:ETCAbieSRLanQd+sf5JF2N7JNLFI1xf5UnCLO8a:6CgSRCQcM5JMtNhVn4OZ
Score

3^/10
behavioral17 behavioral18
- Target
  
  Clanwar1.0/GHDx8.dll
- Size
  
  873KB
- MD5
  
  179abcdb4ecf266406ed5ec801bc9b47
- SHA1
  
  05dd59bb8203229a6189641c3cba43afad6c8eb4
- SHA256
  
  0e59fb701b031696496cfd2082f5f5453017d3bf7bbe8b2df36159df027fe1dc
- SHA512
  
  4b63273f8302b2b34e799a70b38b46f1cf1759fd3163ee5388945288c937ba288205eb57b0be0a46551d12c48d1586327943e588bfc837cdd31a0a01014c6566
- SSDEEP
  
  12288:YlOMDTVEFeV2S+90l9UoVtVVSoLY5LDWAihtUZKohNmqi2LgAN4kL1XSty:C5TV+eRjjnLSoLY5LaLUZKydcjwCty
Score

3^/10
behavioral19 behavioral20
- Target
  
  Clanwar1.0/GameStatDota.dll
- Size
  
  206KB
- MD5
  
  210df8ea08e0c6a919257f536fd9e08e
- SHA1
  
  f2198581bac169cce0510a1986c93d1b55ce0977
- SHA256
  
  b8bb590544b854d371aa5e7137aebde184e7d706861090cc391f774268e8806e
- SHA512
  
  f4bc057f1efe337a310b077a8712918ccad19f74d3452431467bc7e00583b1f5d46187975bb251a8260fc696e8e115b0425636e238e22edbb156fc6603515595
- SSDEEP
  
  3072:taPuC/zl1+p/4XG3KeKgXmxKZGaJiiXyxAScUxgaWXxz7Sp5AFwYU:tap+p/eI/XmxK0JAScUxgHu
Score

1^/10
behavioral21 behavioral22
- Target
  
  Clanwar1.0/GetIPLoc.dll
- Size
  
  205KB
- MD5
  
  5e84a30cd3566fee7a86d30088c6c516
- SHA1
  
  9ce63603cad67c9719a2c4af5b5468d9e652208a
- SHA256
  
  f3f69b5eae4d6d7035de8037fb5d26e9f8988146284ad0fc9fec258cf0480632
- SHA512
  
  45b8c0f75002226741cdfc3f4ed5b4b9d5e2a0fce7dcc3c511807e7ae706562923effa042a65f8e7c566a367f004d1049bef9b0895e900e62505603b8c0d89f2
- SSDEEP
  
  3072:EvKzxGq1l8ZRln0ymW8KJIJPLYSMXP6syO:uqf1yd0ymW52JPLYzXP6sy
Score

1^/10
behavioral23 behavioral24
- Target
  
  Clanwar1.0/HFAuthShell.dll
- Size
  
  661KB
- MD5
  
  cdec7fc66182fd8d10694927df8d0e0b
- SHA1
  
  54b68476879ed6423b13f8e6f2e70e1af8b830c3
- SHA256
  
  09ae623fdaec6766dd68ac5550e768684eb2fb62a531720d5803a3b9a7dad5bf
- SHA512
  
  c736305be00d5aaef8c7d18b7e19fb0ac0a3930d17041add37526232a9380209e3c46d0893385c1b46268d074f3548210128e49a85586d07a4212885d9aebb48
- SSDEEP
  
  12288:7Fy/DhjgyxWP3VLDzEcjWuMk/CdIW8mjF06fdcok:Jy/DhVxy3RNW8mjF0Ecj
Score

1^/10
behavioral25 behavioral26
- Target
  
  Clanwar1.0/HFClanWar.exe
- Size
  
  673KB
- MD5
  
  8d69cc085812dba14ff0f7772fad45ae
- SHA1
  
  c97d1dcf4791363e576b52b2a512fd30e403fb4d
- SHA256
  
  997e2370b31427e7a6ee9af8a6034b504338bc2a00215388c5404a843671375f
- SHA512
  
  bdb2fca58f00b40ee7dee24215967eebf7d6a5f08aa6d5a410b8dbe094fbca5566120892b06cc29680aa15d98a448ba22e99ab726a6794412b960b40abc2197d
- SSDEEP
  
  12288:7g4b/gQmWnIzHqIWiv2lUmaurOMk/CdIW8mjF06Xdj:7IQtXICKmaurQW8mjF0OJ
Score

1^/10
behavioral27 behavioral28
- Target
  
  Clanwar1.0/HFDLMgr.dll
- Size
  
  64KB
- MD5
  
  8c95976cdeed8790227b2b8a40de9dde
- SHA1
  
  63a82fa76488e2d4c36e3dad63bdd1d2f7758c70
- SHA256
  
  b417df351ad5d04d5f0841326cd8e873875a1e3d2cf2fa715e0f598f43329510
- SHA512
  
  597e9da41aa631bd9ba86276b73334354cfef0da1d47db1e1c7a77f6b917280ad331e429879d79891beb7723af9101acf160cb559272d18b0bfbdcb4503e9fc0
- SSDEEP
  
  1536:Iv9drRButv1Ry7U+72tqbznhhKbiUOKHMQf:IVlutv1c7U+72tqbrhhKbpOKHM
Score

1^/10
behavioral29 behavioral30
- Target
  
  Clanwar1.0/HFEncrypt.dll
- Size
  
  664KB
- MD5
  
  f1d5dec833c461738b3a11faa990ed31
- SHA1
  
  888980049f77cc0bc1e966c86f077b75f238d11b
- SHA256
  
  f0b3026779da7195a44ed1d3594a69c2438881dc763506f93185feec86a95206
- SHA512
  
  866030f5a510a9c80f65811c668fdb4a68540ae1647f7da6793fd35ad96a848d48ec72dbd549392d542c739ff155975e5a377dc5d89f0766f9af4c0eb1937907
- SSDEEP
  
  12288:+6vyYt2uoUp3x2rmtbvlq7ijOOragBUKQtN5zgVmrI:+6vjhxZjOOmmUKQ3RgOI
Score

3^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Drops file in System32 directory

Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32