Overview

overview

10

Static

static

10

Awesom-O/A...er.exe

windows7-x64

7

Awesom-O/A...er.exe

windows10-2004-x64

7

Awesom-O/A...er.exe

windows7-x64

7

Awesom-O/A...er.exe

windows10-2004-x64

7

Awesom-O/A...or.exe

windows7-x64

7

Awesom-O/A...or.exe

windows10-2004-x64

7

Awesom-O/A...er.exe

windows7-x64

7

Awesom-O/A...er.exe

windows10-2004-x64

7

Awesom-O/A...om.exe

windows7-x64

7

Awesom-O/A...om.exe

windows10-2004-x64

7

Awesom-O/Awesom-O.dll

windows7-x64

3

Awesom-O/Awesom-O.dll

windows10-2004-x64

3

Awesom-O/Awesom-O.exe

windows7-x64

3

Awesom-O/Awesom-O.exe

windows10-2004-x64

3

Awesom-O/c...ll.vbs

windows7-x64

1

Awesom-O/c...ll.vbs

windows10-2004-x64

1

Awesom-O/c....1.pdf

windows7-x64

3

Awesom-O/c....1.pdf

windows10-2004-x64

3

Awesom-O/c...cs.pdf

windows7-x64

3

Awesom-O/c...cs.pdf

windows10-2004-x64

3

Awesom-O/c...ll.vbs

windows7-x64

1

Awesom-O/c...ll.vbs

windows10-2004-x64

1

Awesom-O/c...le.vbs

windows7-x64

1

Awesom-O/c...le.vbs

windows10-2004-x64

1

Awesom-O/c...ies.js

windows7-x64

3

Awesom-O/c...ies.js

windows10-2004-x64

3

Awesom-O/c...es.vbs

windows7-x64

1

Awesom-O/c...es.vbs

windows10-2004-x64

1

Awesom-O/c...ets.js

windows7-x64

3

Awesom-O/c...ets.js

windows10-2004-x64

3

Awesom-O/c...ons.js

windows7-x64

3

Awesom-O/c...ons.js

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6a96fc8ce45b90e6ea767a08a07fe1ad_JaffaCakes118

  • Size

    3.9MB

  • Sample

    240724-hb3bfswbjd

  • MD5

    6a96fc8ce45b90e6ea767a08a07fe1ad

  • SHA1

    0f711f524003494023fc39630af88b7b4280dd3c

  • SHA256

    99b14ade8ea9c02b24c71a5583d02322594460af4d2fe734ec2af3d6c805f027

  • SHA512

    e17f8a34e17d67894a017ada70a9752df0bcc50b9819dc50391eb9aec2ed67236a9e1c765f9f1f58e3a83165c949952b3de16cd17c6a5c89195f95d8f8d29b55

  • SSDEEP

    98304:Iu4quRo0PCRwCvPxVevPxVCpkVZ/6HswLmTOykIVk2BU4zDGWn:I6uy+CRvJEvJcYF84TIIVkLy

Score
10/10
streladiscoveryexecutionlinkpdfupx

Malware Config

Targets

    • Target

      Awesom-O/AOHelpers/Awesom-O Debugger.exe

    • Size

      262KB

    • MD5

      f389003bce40296597a843b2bb2c6d6c

    • SHA1

      9c745bf43b6a4fbfa603179be204ad72cd6df712

    • SHA256

      7a7addc57ac5c8ff2e781581f0be96d538f9db3dae9f9bf17c73cea9d2d794a3

    • SHA512

      dde086b8d57fadaba9a6e190926ea3a70a5a770134eca331c9a2de94e3a59e444b87d690addd39ec32d1bb61910b14d0823c7ba67e47cea3cca9728b79cc35a4

    • SSDEEP

      6144:DknN4CVUIm6uk06ZLYgvBA+8xmrxgmA+3cclptVopAWmjmZdy:wnNhuBoY8SorxgmA+nlvVlDmZdy

    Score
    7/10
    discoveryupx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • AutoIT Executable

      AutoIT scripts compiled to PE executables.

    behavioral1behavioral2

    • Target

      Awesom-O/AOHelpers/BotINIManager.exe

    • Size

      389KB

    • MD5

      c2034abf42938f5ba454b8a820291163

    • SHA1

      1baee50e23f6da7dacdd0db24b2848b5516eaf99

    • SHA256

      2cb8491b6a1776b97f53659b9ca9b5bcb896d944c12c74aa6969c1787390a596

    • SHA512

      66f0979b16250e412e25c4a39f18ca599be0840d2722d9affd48528f82d727d3e61dc4b5b24cb92da715706beff36d77eb4fd1cce87ec4fbbae14ea38bbc33a4

    • SSDEEP

      12288:enNhuBoY8SorxgmA+nlvVlmmZH8Ygl4s2F:ePatCg7EPEmZHSll2F

    Score
    7/10
    discoveryupx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • AutoIT Executable

      AutoIT scripts compiled to PE executables.

    behavioral3behavioral4

    • Target

      Awesom-O/AOHelpers/PREditor.exe

    • Size

      340KB

    • MD5

      fadbff03027bd30db9c622cc8e648f1e

    • SHA1

      4753b0b6c1f68a99e4487a5911d8ef4e0f35a814

    • SHA256

      9e4446d7a331d0aaedc4967be5405c09a803f0252dd4837838f84968a848868a

    • SHA512

      5f57a8b144a4c8a62f3de33c4cbd1b3b4d717ca6d8b72f57273469e87567dbfd27a1ad1f538ac9485fd5499ad3d28942c20d406ef10066a1ad021ff5560470dc

    • SSDEEP

      6144:TknN4CVUIm6uk06ZLYgvBA+8xmrxgmA+3cclptVopAWmmmZFfoBXuMqv4E/1pcS9:AnNhuBoY8SorxgmA+nlvVlGmZFfihq4q

    Score
    7/10
    discoveryupx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • AutoIT Executable

      AutoIT scripts compiled to PE executables.

    behavioral5behavioral6

    • Target

      Awesom-O/AOHelpers/Realm Fixer.exe

    • Size

      277KB

    • MD5

      ce23c5a24ca8453aaecb38b575200b24

    • SHA1

      47426977ef58afe666788afbbc0ec99f3659153c

    • SHA256

      87ca553c999a045776986a9e3705606f1ce4d51bdea85228f43e0774c4eac958

    • SHA512

      005f21d9d0ad7ad84ce7096daaa013bb1a9201c7c6d7c8f748dfbdf26d4ae1b234a8f33c4b3d64f4baea5859b4a3530a7045fd6ce886dfaca734603f25bc4901

    • SSDEEP

      6144:FRT9A65pP1wlYgrN1y6V1X1RonMequ8+my5ET7aG93mMSnxfaZ:RA65XwlYgrHy6V17kr8+m73aG9Zm0Z

    Score
    7/10
    discoveryupx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • AutoIT Executable

      AutoIT scripts compiled to PE executables.

    behavioral7behavioral8

    • Target

      Awesom-O/Auto-Awesom/Auto-Awesom.exe

    • Size

      519KB

    • MD5

      ae895a8e1e3427949269dce56dc58a52

    • SHA1

      e98a3a01dd554a42e916671477e7378e4a8b9f23

    • SHA256

      36fefe304625873cb3452f30da3b7d452c5e44b8ff35a9b28f2ad0e3fdd1edaa

    • SHA512

      6cd20ce4037672793226954dedcf3c20e2ec991f754880806fbbd3e9ded8e5c6c50fbd7aecc57a6ce37b211e211ee70439f45b2a22c5b6f2c7e2b29dfc054a5e

    • SSDEEP

      12288:RA65XwlYgrHy6V17kr8+m73aTPF6aDO49Ij1tQyPd9L+:jwlBrygOW3aYaDO49a1Jdl+

    Score
    7/10
    discoveryupx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • AutoIT Executable

      AutoIT scripts compiled to PE executables.

    behavioral10behavioral9

    • Target

      Awesom-O/Awesom-O.dll

    • Size

      120KB

    • MD5

      07564fcaa07fa5e22e0219a4eb2bf18c

    • SHA1

      e4338a885a6c73597d430da5c7f423c809361db1

    • SHA256

      d94e4dbaaf1610b8200297676b560cbb66022dbfa76c31f2fb0698af285d4d60

    • SHA512

      51cb73e4af59d26ce4f50b12792b2e31f5d8690f4cdddd6b2de347fdd5a5aed349ea2cf225e180a4f48abbfec7c76514b6074aed7ec26ec8fc2cc2c5f1822cc5

    • SSDEEP

      1536:1IXtK2yqvRQQqD3o/wBTvTdeKkMkpY5uvofzA2rRJ8ZH8tyzc2/:1Is2y82Y4mpSF2x8tyz1

    Score
    3/10
    discovery
    behavioral11behavioral12

    • Target

      Awesom-O/Awesom-O.exe

    • Size

      1.1MB

    • MD5

      b468c75936d432052d29fa3dc4be0508

    • SHA1

      6008fe8d14622ec23785379023bbb6adee1c7759

    • SHA256

      1b5bffabf1a96cae65be96f7b430f619eff91cfdbab3bf736fb86ac9ec7b4b46

    • SHA512

      f12f5ab719d667bd98480ee4184bb41480e9dc9e7d3790e1d02b342da0fe12e6c39d47e18b090e63c7c070f3a9745a87cfb8299ca2c2f2fe1d231a8ddbaa3fca

    • SSDEEP

      24576:RESSBWJQOadR0BUrGgjq1+1N4RvzvAq6E68LwolBKCqJRZm:REcuTja+1N4FLAq6EDLwoP

    Score
    3/10
    discovery
    behavioral13behavioral14

    • Target

      Awesom-O/config/PR_Docs/ao2luafull.txt

    • Size

      68KB

    • MD5

      d9ffdf1de0f837ce6b9647465a3f51c0

    • SHA1

      272f307f83d75c44443ff0c541d848d71eda26fd

    • SHA256

      0e67d03b6e30125662c7335547ba9fc40eb484483a99a01f9482efbdaeda5e70

    • SHA512

      08b64b5f70508434363f09de21af10a066d43dd67ba57df5b966d3fb29582d83e8f264caee6605decf7e2f3f0acab1c7479de735be75b1cf7b4303f64900f020

    • SSDEEP

      1536:PL/ntfSEdAcYOjTOo69rPlPv1zY0UwK6pkZ6jHa21uEsAvEn:e/kcbNdzI36jbw

    Score
    1/10
    behavioral15behavioral16

    • Target

      Awesom-O/config/lua/Docs/PR2.1.pdf

    • Size

      114KB

    • MD5

      b2345d0f4b93b568cd1236ed626e6263

    • SHA1

      bc413ae7708caa417c9989358faeff03f0667ab5

    • SHA256

      921eb0e9160f9647ac343f7aebea60aacc567eb33bfaacb08ea5142287fa4656

    • SHA512

      858425b8eb2360448a003c394d7f579da39dacc25dea6bfd11005548699227a0ff5a8d9f1ada124f15c62b45817b62b874266d9c5e03022ddcac543cbf514069

    • SSDEEP

      3072:jEX+jLAM8KFfRzWq+PGhONk8djU9g8TenO/mHj1:jEujEfKFVWq+PUOfm4OA1

    Score
    3/10
    discovery
    behavioral17behavioral18

    • Target

      Awesom-O/config/lua/Docs/PR_Docs.pdf

    • Size

      42KB

    • MD5

      9c293cf85625aff048a3e106e78b31a5

    • SHA1

      4b82df68721ef627d395c1153f4ee734575e0f2e

    • SHA256

      118e58e1f0e147c536836007d56d7b2d6cde179f81df55183546b8c9672512c0

    • SHA512

      065a5e5bcee66e07d21fcbfbea90179959f828b65904f6bddea007e928954b9077e08427285f0ce6a06aee3cae47efcc5627fbc3bbb2e1b347249322f1548e12

    • SSDEEP

      768:WcXVnNq0tVAHCXD0n4ScDpMwhxy3CYuHVLNJOv+:N/KiQNcdF/UJuHVLNJOv+

    Score
    3/10
    discovery
    behavioral19behavioral20

    • Target

      Awesom-O/config/lua/Docs/Reference/AO2Lua_Full.txt

    • Size

      68KB

    • MD5

      d9ffdf1de0f837ce6b9647465a3f51c0

    • SHA1

      272f307f83d75c44443ff0c541d848d71eda26fd

    • SHA256

      0e67d03b6e30125662c7335547ba9fc40eb484483a99a01f9482efbdaeda5e70

    • SHA512

      08b64b5f70508434363f09de21af10a066d43dd67ba57df5b966d3fb29582d83e8f264caee6605decf7e2f3f0acab1c7479de735be75b1cf7b4303f64900f020

    • SSDEEP

      1536:PL/ntfSEdAcYOjTOo69rPlPv1zY0UwK6pkZ6jHa21uEsAvEn:e/kcbNdzI36jbw

    Score
    1/10
    behavioral21behavioral22

    • Target

      Awesom-O/config/lua/Docs/Reference/UltraEdit/LuaPR_Wordfile.txt

    • Size

      17KB

    • MD5

      0bfd962addb0357f6b80c58ee071f9c6

    • SHA1

      d1153acd9fa00137ba7fe295f7cb06d61ff83041

    • SHA256

      126d3a62365ef7c25f06424e0ba517adea6a509d9455c8bfb0ab46b7404c4e01

    • SHA512

      afc19f3e4c3d3224a7296fafcde90b11cf45f10277f022f5300aff36c65e1163da53be46cb3f71beba8070cdf3ee7a6909ff391aead5a8c94d8dbcce6891203c

    • SSDEEP

      384:PRGSdk+rUc29rQ8m0j/RR8cknoS+a+46h3mycRYvBVLTKsM/uTHbSRlIoPCT:5GSdkpHvja+464ytnLHM/o1

    Score
    1/10
    behavioral23behavioral24

    • Target

      Awesom-O/config/lua/Docs/itemEntries.txt

    • Size

      7KB

    • MD5

      109ab8a12237860f649c638972b02ff3

    • SHA1

      002ec3ad7bdb47ebe8a7da311815f70e124228cd

    • SHA256

      ce3a17d757120a867215d8ee5596b9232a5fad02099ca2f93bc0416de84802d8

    • SHA512

      1f614ecebec5b415161b39f165f2072a1ecef2bb6ae7a12046a792a72a299e53f33b2331ac053d971542aa156604d57caedc6a00e2689b2ff76c52390023203c

    • SSDEEP

      192:f8FEFAK67FNiLzlBnNYNoNSpWctU+o0w1:f8mFHgpWkL+

    Score
    3/10
    execution
    behavioral25behavioral26

    • Target

      Awesom-O/config/lua/Docs/itemTables.txt

    • Size

      1KB

    • MD5

      0c8ce50b58c12fff7e0278c50675f095

    • SHA1

      5879018794ffd8d2ef7a4eefd29cfba0ef13a454

    • SHA256

      40fdebd28c0a7a59cb86bf31e826e5e73faa46727580d755e266410097070de1

    • SHA512

      b90bfc65dc6b36b15cd4f789d39eb5636cac1a25aab84fde1c1bbf804326013fc161f42aeb4fa69960f29e296836f96fcb14bbbd97356cb2e945877fa8c09a60

    Score
    1/10
    behavioral27behavioral28

    • Target

      Awesom-O/config/lua/Greedy/PickitRevolution/classic/magic/amulets.lua

    • Size

      700B

    • MD5

      4d05a5f4076b13d3d15fb1901fe75e1d

    • SHA1

      2adfaffd244f3f01d24fcddde1488df7042d23de

    • SHA256

      0af0148b48a759d88d31c00247cd6d9c897d997fad877e0b6b617f1ac38f70f2

    • SHA512

      8d2696527453631ee195d8ba21ad660c0531db695385aa5bac5c4d6ab636a67de3f2ce2bf4036a01d2e9940290f3ee36c30f2dd83d3be70a05068f2b6ba7f9b0

    Score
    3/10
    execution
    behavioral29behavioral30

    • Target

      Awesom-O/config/lua/Greedy/PickitRevolution/classic/magic/weapons.lua

    • Size

      15KB

    • MD5

      290ece477895d7d0748d89ad3874e033

    • SHA1

      e1ead3780b16d7a48fb026e8a97f8792c76774a9

    • SHA256

      d5fc9cf99d8bbfd5fe291fcc82ed969505a7d3cfa2fc12e56d1eeb284ad14742

    • SHA512

      c0953e9d8d92fce0819b141df14658c8df8a1618500ded4362449df952e0dd65b7f9c8d9077dfad250022f53d58f4c43a5a58e3b3c5cfa9f7414f9a33d99e985

    • SSDEEP

      192:G8ToQKSjJ3BmrvbyY7Pa5Jd50ZseMnLPs2xTthi5JjhzneeikH/7y2gbaRJ/xsFP:G8ToQKSjJ3ETbWTs3DNSAf8

    Score
    3/10
    execution
    behavioral31behavioral32

MITRE ATT&CK Enterprise v15

Tasks

static1

pdflinkupxstrela
Score
10/10

behavioral1

discoveryupx
Score
7/10

behavioral2

discoveryupx
Score
7/10

behavioral3

discoveryupx
Score
7/10

behavioral4

discoveryupx
Score
7/10

behavioral5

discoveryupx
Score
7/10

behavioral6

discoveryupx
Score
7/10

behavioral7

discoveryupx
Score
7/10

behavioral8

discoveryupx
Score
7/10

behavioral9

discoveryupx
Score
7/10

behavioral10

discoveryupx
Score
7/10

behavioral11

discovery
Score
3/10

behavioral12

discovery
Score
3/10

behavioral13

discovery
Score
3/10

behavioral14

discovery
Score
3/10

behavioral15

Score
1/10

behavioral16

Score
1/10

behavioral17

discovery
Score
3/10

behavioral18

discovery
Score
3/10

behavioral19

discovery
Score
3/10

behavioral20

discovery
Score
3/10

behavioral21

Score
1/10

behavioral22

Score
1/10

behavioral23

Score
1/10

behavioral24

Score
1/10

behavioral25

execution
Score
3/10

behavioral26

execution
Score
3/10

behavioral27

Score
1/10

behavioral28

Score
1/10

behavioral29

execution
Score
3/10

behavioral30

execution
Score
3/10

behavioral31

execution
Score
3/10

behavioral32

execution
Score
3/10