b2bb142cf8f57ec0ed89ca8bfaf7d75046fa54c731b2959abb5d96e31a0984e5

Sharing

Copy URL Twitter E-mail

General

Target

6114ab62fbaf51aa0243f18fd2126e7c_JaffaCakes118
Size

13.5MB
Sample

240721-x4gmsa1blc
MD5

6114ab62fbaf51aa0243f18fd2126e7c
SHA1

b387faa6b8b0a9a7ef897858d1a4e4293d23af85
SHA256

b2bb142cf8f57ec0ed89ca8bfaf7d75046fa54c731b2959abb5d96e31a0984e5
SHA512

8c0f72ecd87acdd0dd2245c05231235bdfe66ea1b4cb8a609722a0921acc46aede4ee3d71286592ff92d7568d782d9a8462df3840b547b818d0d8c5b471f72f8
SSDEEP

393216:SPGP8c3fEdIFNukkAVYEquCEQDc9CkC9jpLg/3:tP8c8CFN511qrEMc9CkmjpLg/

Score

3^/10

execution

Malware Config

Targets

- Target
  
  BBS/AddPost.aspx
- Size
  
  7KB
- MD5
  
  6b43c50eb199b13ba0b0f1eac5b72c3b
- SHA1
  
  432b6ccecb156c48d42bf1b62bd48715b46031d2
- SHA256
  
  f1a48b0850434f9994e7a35d3b6de48fa83518469f85239f31b8ef3b3da078b5
- SHA512
  
  34aac6bb1ae2bcfe1760e28b25f43e1f737c13b6ef5f4f918b8c5ec9b6c7d3f790a734df960a52c851246789703b9f133d1d9b920c7973306671fbbc7f01827b
- SSDEEP
  
  96:jKy/UGjeW2TnqL42EG3wMIdyfey7Y5+qEeQ/fNM/eRfcOCP:j//VxmEEzMIdyfey1qEM/qfdCP
Score

3^/10

execution
behavioral1 behavioral2
- Target
  
  BBS/bbs.js
- Size
  
  23KB
- MD5
  
  274caa5e1788e7be8d195e645208afd2
- SHA1
  
  36ac7beb7261cf345966c6ec0fb63581e5f6fca4
- SHA256
  
  40c0910d72bfc50651dc01fd79bd48924698b1980efd85ca1f4c9021da0f8a66
- SHA512
  
  44de507d0e7ee0e01d8718c9d658b60729b89a57da4cfdd6b7180e14309e1159f92b10baa14d937109d89a4a83bcdc19c1e3093a70bfda68d0f9d361a25c91e8
- SSDEEP
  
  384:snQ2yTgy2FKUScWKOuFED3K52TAvjDqZz/HqC6RJZ1l5qYyvWX6Q6zZBCuyV4yo3:sneUxccWKOqED3qvjDqZz/H/6Rb12nuo
Score

3^/10

execution
behavioral3 behavioral4
- Target
  
  BBS/copyRight.htm
- Size
  
  313B
- MD5
  
  56cd36dd4e91b4a56bd4a20407a3f726
- SHA1
  
  8afa554050ab3c54e2d1b9000365d3726d27d2cb
- SHA256
  
  02a1790ca66fefa8b8b5dc18ec9713418fd07dc8fcbf45a1055ed4cfb21f3633
- SHA512
  
  4559129f5587f16c781408a38dbd0e4db4759bb54f595327b9d5a8cf5a7b607143ad5cc1d1ad0165dc485cecf05c84b25b7b6792fe4d6bd26ba9440d23386874
Score

1^/10
behavioral5 behavioral6
- Target
  
  BBS/default.aspx
- Size
  
  77B
- MD5
  
  ad04a29e652cd282e2e4b6626dd15e52
- SHA1
  
  6ae7149f8a5f80d75ddcb23f1e2ed8729df90762
- SHA256
  
  8bed9caf1f8cc47ea3afde4e7cb673e8932eeff558c9c10107f580638819657a
- SHA512
  
  f1e7b01ef78b7c8852e754110384ea1736650f94b4d8f3e7571f695f0e5d45a9cee7ac2cb43f0ef6e7ac67f52dc93a1f07f40bb8c450857f6769d3ccd9945d7c
Score

1^/10
behavioral7 behavioral8
- Target
  
  BBS/index.html
- Size
  
  77B
- MD5
  
  ad04a29e652cd282e2e4b6626dd15e52
- SHA1
  
  6ae7149f8a5f80d75ddcb23f1e2ed8729df90762
- SHA256
  
  8bed9caf1f8cc47ea3afde4e7cb673e8932eeff558c9c10107f580638819657a
- SHA512
  
  f1e7b01ef78b7c8852e754110384ea1736650f94b4d8f3e7571f695f0e5d45a9cee7ac2cb43f0ef6e7ac67f52dc93a1f07f40bb8c450857f6769d3ccd9945d7c
Score

1^/10
behavioral10 behavioral9
- Target
  
  BBS/viewBBS.aspx
- Size
  
  2KB
- MD5
  
  04d20eb22f1726d8c5160022820a78c5
- SHA1
  
  0d788c5a911b11226a6f2778cf06df27bd7ddd66
- SHA256
  
  fcce3234e88ddc4cfab5b05b82b65ca4648dd7699707b3958ee4f7eac59a8a71
- SHA512
  
  9f10e6e2610f0e04032b45fa5387c4e9d99ba9e5a72f6cf516022a93b4a4a1a08c0945b27192185ce10a92f4cbe7b92b442fe00ed6c8363ac4cecc6132fb613d
Score

3^/10

execution
behavioral11 behavioral12
- Target
  
  BBS/新云软件.url
- Size
  
  133B
- MD5
  
  4f0017b3b346bd0626f0c3b915e6e734
- SHA1
  
  823bf3ff9e16cd636c9dc0dc690d6a586fcbfe92
- SHA256
  
  df65af1fc1e09f6effbde7e0ef1cb64d6caeef1f62b0e6467821efa032533678
- SHA512
  
  0f5eb5024cf6a0323f7998d419995a707c48de917a5899a185369e6acfeb17c09ffa03f7d110adc87b8de20b7d4bf30d50c72479bfb18614d2e21cbe169dc5a6
Score

1^/10
behavioral13 behavioral14
- Target
  
  JS/PAGE.JS
- Size
  
  113KB
- MD5
  
  ed92dc281a06b037445f3ebaa74e6125
- SHA1
  
  bd69de46e5d7c7adf18ecd07f36b0727d1dfa0a6
- SHA256
  
  af70c6013051df62ba14c82d642c92a06937a8e9a48d1eba02f9601b327d1201
- SHA512
  
  24e430748a6337440055f021afada6c1c9d10daacf0e3a1d48922ed3eae4c9c16551ba148dcb2e060efeade6cc466212ab07f58e866cefb87cb4ca1c6abd3394
- SSDEEP
  
  3072:rfwetiL59P1QwlV1zKBWyltkn2hjaSqLaoDiwRInFYm2:rfzLK23qWoDiwp
Score

3^/10

execution
behavioral15 behavioral16
- Target
  
  bin/CBMD5.dll
- Size
  
  16KB
- MD5
  
  a15d4c357d91df4faddd52506fbda94a
- SHA1
  
  ec4cc5d2c9db7d7bd86ef947d81052f27062fab5
- SHA256
  
  07576b98faa01c8d4d2715f8a05b37aec4f379b456fd63719562fc0e9797a4f5
- SHA512
  
  5a1ae10380555092c1681e0eff0b18b3da78eee09b486b25406cebce7e9f761c3b11f5b5ba1f333c4f61b63a2647eefb63423fe19ef82075227c661b93ccfee1
- SSDEEP
  
  24:etGSJ080XOopp18Ioy0524jEXf3sqgbYOuSHMLtjqPApQATAmR8qy/ewWzBDBDE5:6J08+7pnC5rpLe0D0B1EOPta0MDLH
Score

1^/10
behavioral17 behavioral18
- Target
  
  bin/Interop.jmail.dll
- Size
  
  44KB
- MD5
  
  587afb2f995cc8e8d1ab46d870c6e264
- SHA1
  
  cf0f3030f96f5b0cee60d65f8ef54fc0c5cd3ae2
- SHA256
  
  bf9c5e20dc74bdb68cc05c4c967f9e1573aed2b6a92cd5fbb4e5445933537ec1
- SHA512
  
  848c5cad4314ccfffbd6e6f9d82436f42c71f6cb38f7278deb4c0e26e621c482d2eab6b1ae71ecf676217594048dc100d9b6abf2cc56d23aa29f9b9abc94c0df
- SSDEEP
  
  768:K4+QpYnSK0/Ggui1efOoBuriO0Ext5wnc8s2Cre3k6/H:K4+od/G01eWCuuO0bncWCT6/H
Score

1^/10
behavioral19 behavioral20
- Target
  
  bin/ZYDN.BBS.dll
- Size
  
  28KB
- MD5
  
  0a196107e0ec8d19661d2a2b05ed9c8c
- SHA1
  
  b249fb8d7f4991bad535235cfcd8ab16031766dd
- SHA256
  
  15e1eb81d8a47737c6c6f59349eb6758f904dd9d2fa25322132661ca1e2339f2
- SHA512
  
  3e7eb81817e7bf91753572a68483c9f511f1e202b966549f3361a24e626aa0bc451ac7a9e978121b94b376bf638ab6b63e4a443584a92c50a1e9578df005cd3c
- SSDEEP
  
  384:6oaQGgneTSyAXAJWftJRaIn1QdyrSWzwNCs:vaDgneTSdXb8I1QdTNCs
Score

1^/10
behavioral21 behavioral22
- Target
  
  bin/ZYDN.Common.dll
- Size
  
  16KB
- MD5
  
  ab19833362f0afe1cb8a3c25ca3d0e0c
- SHA1
  
  10710ccf83048155d565a709dfe94ddefe62b997
- SHA256
  
  6f475d30938737786730f274f33e4cacd86ca2750346db16a02ee4ebe2016249
- SHA512
  
  5c66611ff9c79c7325dccd25bc7ba2b716ed869bdba4f7e74faff783b15a8caec76578ce18558a0b03840ddabc6278dafd5f6a05fb5d0538027186a736adb504
- SSDEEP
  
  48:6Ukywz0H89KU2lihcrkAnduJDfEJFEm85nSYTbU5+Y9Zwg/HIlJHK0hgHhAHpF:sAH89KBqebJFEmonSYTbivwl2u
Score

1^/10
behavioral23 behavioral24
- Target
  
  bin/ZYDN.Config.dll
- Size
  
  16KB
- MD5
  
  989204f1b6e4948ccfbf3dee8e1f78d5
- SHA1
  
  967f12ec293bf26082267dbfeb3528732b84c395
- SHA256
  
  01efe595558cd8e1d14e24d8496c7b27566ed77a3a89b8dcb3a3a29f538625c9
- SHA512
  
  4bd4f21fc6c6e055eb9307436c2c6836a8ad13e90d465bde828a0e3db85fcbdad4c66128abc2a628f821831a243e2034b43e4082b15c21eefdd86256765ff20c
- SSDEEP
  
  96:tEORCf4U5rfZUZbjL5TTQdxihSZ6wma4PqVEmfnrTbT0wYhu:895zqJdTwCS8wma4PqZ3bgU
Score

1^/10
behavioral25 behavioral26
- Target
  
  bin/ZYDN.Data.dll
- Size
  
  40KB
- MD5
  
  665a8b72379ec754f0c012205c41b9f4
- SHA1
  
  3f61788248314cc5ea8955de4e8787671b50aad4
- SHA256
  
  1838ebe46bb9c629f822fd59a17aced97c4f5cec965c54a408b382a022c6b54c
- SHA512
  
  94ba475a8afa61bffdb2bfdb207c23de7b938be979cfbd690fafe43f236a12da852acd356a69487e727c072724767c858b53f54aafa389b36c06f03981d8769a
- SSDEEP
  
  768:P18/7UFGD+IYyauoAqKvJBppQ5Vuu4uuwb1EInCsbuI:P18/oFSnR8Vuu4uuOEInfaI
Score

1^/10
behavioral27 behavioral28
- Target
  
  bin/ZYDN.Entities.dll
- Size
  
  28KB
- MD5
  
  606a52f6850a875ea9ac4e5fd139ecc2
- SHA1
  
  219e75864393e65f52097da11153679d5e2106a0
- SHA256
  
  1a4a440113f49aa9e89a06d149a556325a65fb099918fdb34df7366fc8f1019e
- SHA512
  
  84024b47b528bbf7426e06bc5937b61c7080148692dd1df49f428f6f766aa8867c541ca19a05e5eb0bf9168fd6999a4e6167b34e7c32883a28f47569659026c1
- SSDEEP
  
  384:tFlfra+xEv9NSn0g9W8Hq4NF6e1GbjxrJl9ZVfdfEFfbLiO:tFHoY0qZK4NF6e10jxrJl9ZVlfIbGO
Score

1^/10
behavioral29 behavioral30
- Target
  
  bin/ZYDN.Label.dll
- Size
  
  352KB
- MD5
  
  f540cb8650253bb1bb7284e3bad505d6
- SHA1
  
  80347dfeeabe59a5ca40e8cf8074a863a2c0f028
- SHA256
  
  d4b61b9dab4266fa87379e24e1a1975b29aa117596f4c0a6956d9483c2a88ac6
- SHA512
  
  b8eac8ad9371d212a7ab66f33d0e53c7fb06604a9cad0bb6cfefa0aad29fd5f7ae8197a8782ecf1e65fe8499bc0a52cf770e2929dac5056ffdd131f52cdfbd83
- SSDEEP
  
  6144:1Cl1jwG3GLQDfa6fGDmg/wwKbc+thYj+Btyo:UzmkGKg/c
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

T1059

JavaScript

T1059.007

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32