Overview

overview

7

Static

static

3

AK-v1.3.4.exe

windows7-x64

7

AK-v1.3.4.exe

windows10-2004-x64

7

$FAVORITES...վ.url

windows7-x64

1

$FAVORITES...վ.url

windows10-2004-x64

1

$PLUGINSDI...se.dll

windows7-x64

3

$PLUGINSDI...se.dll

windows10-2004-x64

3

$PLUGINSDIR/Math.dll

windows7-x64

3

$PLUGINSDIR/Math.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

360Inst.exe

windows7-x64

7

360Inst.exe

windows10-2004-x64

7

AK.exe

windows7-x64

3

AK.exe

windows10-2004-x64

7

AKRunXDll.dll

windows7-x64

3

AKRunXDll.dll

windows10-2004-x64

3

AK_Run.exe

windows7-x64

3

AK_Run.exe

windows10-2004-x64

3

Json.dll

windows7-x64

3

Json.dll

windows10-2004-x64

3

Launcher.exe

windows7-x64

3

Launcher.exe

windows10-2004-x64

7

NetTrans.dll

windows7-x64

3

NetTrans.dll

windows10-2004-x64

3

akanimation.dll

windows7-x64

3

akanimation.dll

windows10-2004-x64

3

akui.dll

windows7-x64

3

akui.dll

windows10-2004-x64

3

akxml.dll

windows7-x64

3

akxml.dll

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    68db5bb6540f8aacd94663979529cce4_JaffaCakes118

  • Size

    6.4MB

  • Sample

    240723-zhkhna1amb

  • MD5

    68db5bb6540f8aacd94663979529cce4

  • SHA1

    3c2313826f16fef52cf79e088eb3ce1e5211385a

  • SHA256

    48940bef581af4e7852269ac67b6b05cef4ec2432c2bc9e77a6134a5901a40df

  • SHA512

    cc94642366cd17eb427ff6a818602cd20a084f6baa29728641c3cabb0c9e8d78df0eab6490916f8e80b5e6c9e83c1740ab06cbf9a287423eb0eddceddf138f5b

  • SSDEEP

    196608:8FmDeqYBbr6cBU86f6uuezyjm/70S/AiFXAvNRHt:J1Cbr3m867ym/Y4Evd

Score
7/10
discovery

Malware Config

Targets

    • Target

      AK-v1.3.4.exe

    • Size

      6.4MB

    • MD5

      bf87cfff31bdeba9fe2c8e2c97ab6a4d

    • SHA1

      18ae9f1fb495936357d6fdf045bc9c99e97e7668

    • SHA256

      df265dcbe92b79c1720d8dc7b4b3f8bd496c21968a9a26f9c7d375c8a28ce81b

    • SHA512

      c758fcc1d6995de39f787186347eb65046c11217a1ea39a9513b14e04804f5497ea9ec2ef3e7668da881c516f56eb6f56993186e690dada82a02c16f1521dfb4

    • SSDEEP

      196608:Ujp8wxvseq8vFTtMz+h9SjDHBdWoo88KfVowVJRftfc:0pLtZtb9SXhAoo4toKRFU

    Score
    7/10
    discovery

    • Loads dropped DLL

    behavioral1behavioral2

    • Target

      $FAVORITES/AKٷվ.url

    • Size

      112B

    • MD5

      75ccfeda00385480ad8e6be8dfb5642b

    • SHA1

      167f134cd4ff7f81da721d3d870bd77a9f970356

    • SHA256

      ed05efce3b3671be83725d70354c4efd9116ba641aeb0b0e119e765e1e272ebe

    • SHA512

      4ff6a7a476a4d382909247bb90327888e2a581d62dba63eabd5f6572cdef354e5b60480b6356530ee99f0625c0825b8fc3bef9828d13028124bd2536d68b3fe5

    Score
    1/10
    behavioral3behavioral4

    • Target

      $PLUGINSDIR/CustomLicense.dll

    • Size

      3KB

    • MD5

      3c4c9b038c7eb5223691586a42415fef

    • SHA1

      53eb3587f5313f9aae5aea8b92f7ceb45db19fc6

    • SHA256

      60f9263a1693ae5a18523ee5d0f37e512882edaea2b84a028279d7fe5bb305ae

    • SHA512

      a07843d793811ca6ea9be734c458209a1bb224297743e23304f48b65f38ea9ae5a570f99b5c23642431ecb5cb30bcb43848bb92e6529395c232c63f641143250

    Score
    3/10
    discovery
    behavioral5behavioral6

    • Target

      $PLUGINSDIR/Math.dll

    • Size

      66KB

    • MD5

      9eb6cecdd0df9fe32027fcdb51c625af

    • SHA1

      52b5b054ff6e7325c3087822901ea2f2c4f9572a

    • SHA256

      54cf1572ed47f614b0ffb886c99fc5725f454ef7ff919fbb2fd13d1cbe270560

    • SHA512

      864742ec6f74f94057b54cd9b09707c0125ac8db4844fa80af201e8b72a811bb68276c993e75bce67e5ece4f83644572edbdee5e963634c5a37839615faea97a

    • SSDEEP

      1536:LP43WZ4Ql60gam+2MwRmPeqFVHbQH0ZZ1Iet:LwU609VMH0T/t

    Score
    3/10
    discovery
    behavioral7behavioral8

    • Target

      $PLUGINSDIR/System.dll

    • Size

      11KB

    • MD5

      00a0194c20ee912257df53bfe258ee4a

    • SHA1

      d7b4e319bc5119024690dc8230b9cc919b1b86b2

    • SHA256

      dc4da2ccadb11099076926b02764b2b44ad8f97cd32337421a4cc21a3f5448f3

    • SHA512

      3b38a2c17996c3b77ebf7b858a6c37415615e756792132878d8eddbd13cb06710b7da0e8b58104768f8e475fc93e8b44b3b1ab6f70ddf52edee111aaf5ef5667

    • SSDEEP

      192:7DKnJZCv6VmbJQC+tFiUdK7ckD4gRXKQx+LQ2CSF:7ViJrtFRdbmXK8+PCw

    Score
    3/10
    discovery
    behavioral10behavioral9

    • Target

      $PLUGINSDIR/nsDialogs.dll

    • Size

      9KB

    • MD5

      ab73c0c2a23f913eabdc4cb24b75cbad

    • SHA1

      6569d2863d54c88dcf57c843fc310f6d9571a41e

    • SHA256

      3d0060c5c9400a487dbefe4ac132dd96b07d3a4ba3badab46a7410a667c93457

    • SHA512

      99d287b5152944f64edc7ce8f3ebcd294699e54a5b42ac7a88e27dff8a68278a5429f4d299802ee7ddbe290f1e3b6a372a5f3bb4ecb1a3c32e384bca3ccdb2b8

    • SSDEEP

      96:EBABCcnl5TKhkfLxSslykcxM2DjDf3GE+Xv8Xav+Yx4MndY7ndS27gA:E6n+0SAfRE+/8ZYxldqn420

    Score
    3/10
    discovery
    behavioral11behavioral12

    • Target

      360Inst.exe

    • Size

      649KB

    • MD5

      bf2d1ee2887832005ddec337fbbccbe9

    • SHA1

      896329d3bc972bbecdce93b364f7679998331ec1

    • SHA256

      47d440f986278d6f26db79a17720db8684dc939fc3417dde3fbfb87a1ece0925

    • SHA512

      40520d6ee15c6c7cef7e26f6de490629104a2b5fb1a3e4096e0ba6e2ff6b025f9403de48b52e636c05fc9f753447ae0ba2b274a829f2c718cfd34cb4bf8767b1

    • SSDEEP

      12288:U6ETd/o2EDrAnpxfgr3tgRKc6svHfP/K0/e86tdyD9A+RtOkyiAsPBgQgP:UFThp6sv/PC02te9XO55sPBAP

    Score
    7/10
    discovery

    • Loads dropped DLL

    behavioral13behavioral14

    • Target

      AK.exe

    • Size

      2.1MB

    • MD5

      915f0d7b2164fbc5a18141058852c4e6

    • SHA1

      91e72ac62c137e902c2a7a045a082de622eb06a6

    • SHA256

      90b720b928f402b786c87d89e25498973051a28d51eb25667fb654e913e6741e

    • SHA512

      2ccb197454522de5ef62577f5126d4cef625cbee174d1ad8ad4433bf88823a75b2a46a6b69363b93d12b2a9a2ddafcb3f440a39a70eee672fcba21fe3b8839ab

    • SSDEEP

      49152:5fLaFcRA+kuQQ0aHqBmqG2pZIa0NXoq/ebHLA5n6AwFO8V2DU:53kUH6Ia0wB

    Score
    7/10
    discovery

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral15behavioral16

    • Target

      AKRunXDll.dll

    • Size

      35KB

    • MD5

      955616cb1bab109d860cddbc28e9d731

    • SHA1

      2add46878f5e672ce6b0ca017dc3e68b338c4777

    • SHA256

      26a824fbcba1116e55d2382c31e75a15851baecab34de49074587d74c4e841a7

    • SHA512

      58f078e86d38eb63e4ced892f1d79a0b74b84abbec18aae3feaf6238e0b20602ee1a2b1249e56a11f0a58fe255ff1182fadbe3ca1f4377620a130ff721617bca

    • SSDEEP

      384:BoKsQVqaDkVDZWNtpotaIs2gLLyUZBzNBTQFC7Bi1q6FbCTZ:qKsQYayZWNYsigLLjZ3CFCU7FbCF

    Score
    3/10
    discovery
    behavioral17behavioral18

    • Target

      AK_Run.exe

    • Size

      355KB

    • MD5

      3058051e29172bc89fe9e1532f651ee7

    • SHA1

      8d29397155411d38f8fa248ba0e3c6291eb48d2e

    • SHA256

      ad560968cc77f881920ebf401e556287ffb08ed295a1a8eaefbc9163e4e1d000

    • SHA512

      d9dcd20a7244ec68eb1ce1331df8917480ec53dbb263e97b553e37fcd2af220f71e4de16c486a1ec9fe8bdc36d8c1efb098451324ed04f321ad82cfc7626f37b

    • SSDEEP

      3072:r7JgiS5LF+TO6ujJu9xxe91m6WWJ8811K811zb6WWW1VJu9xxe91m6WWJ8811K8Y:rVgbLgO6ujJuGJue6Rt

    Score
    3/10
    discovery
    behavioral19behavioral20

    • Target

      Json.dll

    • Size

      29KB

    • MD5

      74396cbb8bdb04bf64452ea97cbe6b7d

    • SHA1

      cc56da9c07b14f8630729e2cfabeafe5a081eb16

    • SHA256

      45de114a5c1f26a37ba8bf8048506a61bba23bc3a58370c0ed9d149334fc8c83

    • SHA512

      c9451a331f937d4cd33ec7875ee2ac856fea03f1f5130dd40a2d8627722fe16c390ef21e8ac738fbc09f48396ce77c0b244bfde7d1cf49727fe604f4e0c39132

    • SSDEEP

      384:vcugG3gaSF/X9zGTAHqH9KSIGrNEABeSbgQ8AnT1ocA5wlVXgIbuW8c1jq1q6Fbn:vhmte4mrPmADhr4AC7FbCY

    Score
    3/10
    discovery
    behavioral21behavioral22

    • Target

      Launcher.exe

    • Size

      62KB

    • MD5

      c1e47eaa612074784e611a6d6071e41f

    • SHA1

      d4bc79c7f2f50f7cfe301c9da699395789a4f25f

    • SHA256

      c7e90a9fe50ecbeeba096af1dd8ed121357341e939ffb3df75e65ea196ad653b

    • SHA512

      8ec3381c62c300c29b5e4e2779fbfa0867d0d6c8db442fd463cfacd8cfb7749f3174619306a9913e86ed9af470da9438e5057d7b5046fef6390ab9de800b9121

    • SSDEEP

      768:k2UorZ0d7jAp2oBLZm7hcTLZm7hc6j7FbCz:kQrZMQXZ6mZ6Lj7NCz

    Score
    7/10
    discovery

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral23behavioral24

    • Target

      NetTrans.dll

    • Size

      237KB

    • MD5

      93aeac3f184d0e567dadb710c4b3eb13

    • SHA1

      b0362b210e8e275d2ec822ae2ba728e7ae8e92d0

    • SHA256

      a063de6d6ede83ebd35c2f44412c803383171d9912afda5e504bdb6ff6a87da6

    • SHA512

      8377bfaaa6caca4fcb3a99f9524a60894a5e47a2c06ff676bb564654db98a43041998f65c3e42cf4f3251346e736c8e4d33d993b02b4fc52271441673e720e0f

    • SSDEEP

      3072:A36MU0ChLpBlKvddijCCelOEgPKapgV98HALw+wJ9qsjTCJaWPqYler6QtdFOKN9:tlKvPJTYOGIwVb8acenOKNeiEQ

    Score
    3/10
    discovery
    behavioral25behavioral26

    • Target

      akanimation.dll

    • Size

      110KB

    • MD5

      d2c544394ee1794b9f779a6c6482835d

    • SHA1

      e13dd01fa6f0fd4e3b0b957981771597a5f1f0d6

    • SHA256

      97baa31b09ad55c442f63a4911c34d0a11db146db96025eaf0c0d643ea79b4c9

    • SHA512

      26c17ac5df9693b516ec37184064b20a0fb13e64e675b9385255527b2f01c01366896b463d1808e391c9745e184de6df9f2d9d2127aeb9da830d07a765933a7d

    • SSDEEP

      3072:yJQBbUgeZ96CojPPwd2w8O1JjXV/rjAIUh:ygbUT9SK8O1JjXV/qh

    Score
    3/10
    discovery
    behavioral27behavioral28

    • Target

      akui.dll

    • Size

      149KB

    • MD5

      5b64367e081045f29bd5ad06729d963e

    • SHA1

      b149b8704e0773cf19795de4f500709b3336ec8f

    • SHA256

      f62eadd9f70cc81867f2a762765bb446c47a64f8a7cfa527f4d28beda0d52984

    • SHA512

      8f00828ac86dca64d2c44364f3f7e26eb3c09ee90b3b189acfeae80b9087803b0eb1158ce06d4b19ff302bfd9b541d84bf4e88abd1d1bc95aaf8b38660f7daf9

    • SSDEEP

      3072:Lwd3bATOS59Jk26vYyC0hNZHgMn7wjvU/j6EM5Ot7JJJ1c:UbAzO26JhMHOjWOt7Tc

    Score
    3/10
    discovery
    behavioral29behavioral30

    • Target

      akxml.dll

    • Size

      57KB

    • MD5

      ec24f461a82fe097a7bc45ae4408d2b6

    • SHA1

      c92ebd419aab49c2b8f7c0412ada34602121049d

    • SHA256

      d33ac5756fac34eb257d975591eb8c1f4120719284401f9158c40f53ce16f337

    • SHA512

      f112311a5516691ff3a9d4df0eccf321334bf63ca942e28250b6fb71c94beb06215a70fb0e25d00b795a3746557819d4b9fbc97430715f87526bb5dcecb7a237

    • SSDEEP

      1536:/pXsCQfLae53aEZjY8IwbdodPZyqliel+ZHOy0CekwG7NCU:hCzzRLFIwRWmel+BOy0CekJF

    Score
    3/10
    discovery
    behavioral31behavioral32

MITRE ATT&CK Enterprise v15

Tasks

static1

Score
3/10

behavioral1

discovery
Score
7/10

behavioral2

discovery
Score
7/10

behavioral3

Score
1/10

behavioral4

Score
1/10

behavioral5

discovery
Score
3/10

behavioral6

discovery
Score
3/10

behavioral7

discovery
Score
3/10

behavioral8

discovery
Score
3/10

behavioral9

discovery
Score
3/10

behavioral10

discovery
Score
3/10

behavioral11

discovery
Score
3/10

behavioral12

discovery
Score
3/10

behavioral13

discovery
Score
7/10

behavioral14

discovery
Score
7/10

behavioral15

discovery
Score
3/10

behavioral16

discovery
Score
7/10

behavioral17

discovery
Score
3/10

behavioral18

discovery
Score
3/10

behavioral19

discovery
Score
3/10

behavioral20

discovery
Score
3/10

behavioral21

discovery
Score
3/10

behavioral22

discovery
Score
3/10

behavioral23

discovery
Score
3/10

behavioral24

discovery
Score
7/10

behavioral25

discovery
Score
3/10

behavioral26

discovery
Score
3/10

behavioral27

discovery
Score
3/10

behavioral28

discovery
Score
3/10

behavioral29

discovery
Score
3/10

behavioral30

discovery
Score
3/10

behavioral31

discovery
Score
3/10

behavioral32

discovery
Score
3/10