f7fc2be384ede73d09a6eee2efddf235540700b7e7ba5b22aedb6215f3bcbad7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

76cb4cea57f060d292c44dcad5d3400f_JaffaCakes118
Size

5.0MB
Sample

240727-ddrkhssgjj
MD5

76cb4cea57f060d292c44dcad5d3400f
SHA1

91b0d0b9cad2dbd33b3a1b667289d053a092362d
SHA256

f7fc2be384ede73d09a6eee2efddf235540700b7e7ba5b22aedb6215f3bcbad7
SHA512

527101eddcdb3b91d2a8521d379ac11872e9ebf1c759b894c9a025ee13a352b0ca48333912fb99bb805691b62de567768f6957e553dfdde87b8876f0c1d35d06
SSDEEP

98304:YoTXCosj49iY/koippEeDKlOvAgYLzHlAyO0kn3rttmUbsdhfgkOiXo7ufIlo2yP:xrCosj49Z6AemeYn+IkbttmUbq4kNY74

Score

7^/10

discovery upx

Malware Config

Targets

- Target
  
  客户端/gg.htm
- Size
  
  979B
- MD5
  
  7cbf27e4b95553cfb9457141db6cf58e
- SHA1
  
  a3d8f4b45c73f79e5caede4ddc9d99145257113d
- SHA256
  
  b3a770c92ea3d2bda27a25eacff274b14159ab7dc5918b426f88cd873d67d24b
- SHA512
  
  a9c240e81d1f0f48e1f914bd378053b6dc0becf07b4084bbfcf5ec92ec4c3946d989126cf8b3d56627d57a09ec60edefdca93b689bf861032a9c4936c807dfa2
Score

3^/10

discovery
behavioral1 behavioral2
- Target
  
  客户端/set.exe
- Size
  
  1.6MB
- MD5
  
  ce7eb344e170d1aeca86ac54229d61a6
- SHA1
  
  638698d50659ff7ca64da9b09c256c76b58e2d99
- SHA256
  
  29c15299b86f6dd3d8d234e1c511318d43540b56a5c3c5c809ddec8bd03564b5
- SHA512
  
  e8ec7d7a8ae6a3a4ad62a47b7a2dc8cde384ff7c1cc83c7d075ab45c5e3372aaf6e72d007e78b388f188c7dcbe5a12cbe043d343603fa253b42f5629d7f38bf0
- SSDEEP
  
  49152:RE/7vwGFuCDP66DJT/Nawfait4scOH/wNMaH5097:RO7vwGICG6DFQwiit4stHcZ0V
Score

7^/10

discovery upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral3 behavioral4
- Target
  
  客户端/初始设置.exe
- Size
  
  675KB
- MD5
  
  6304c5c3767df099219f7bf6d7fa0d80
- SHA1
  
  f7962bcf88975d1e439b142d5ab340895cfe36ea
- SHA256
  
  f487d7ea97c08e737ac4c4889010846fb43324c522ebb81037084eb843a78ad9
- SHA512
  
  d254ca2eb5a057a6cc2d4a33189ba397e6f2dec2ef005b41970107f2dd0cb5564ce172d317439b0f2999c91d654e0c5bd144079442353a4bd32523002e60f41b
- SSDEEP
  
  12288:gV2xt00s67k1A2PMnmMxmoslrxTRcuPoryeqvxWwqGaH8Kc4V6zRsZYdVmx:bQ6kUmHoexTToryecKc4szRsZYje
Score

7^/10

discovery upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral5 behavioral6
- Target
  
  客户端/网吧游戏管理专家2005.exe
- Size
  
  2.1MB
- MD5
  
  53d4bdcad7db6330b6661703cf64810c
- SHA1
  
  b7d366f01762a02a065fb9e6d7494d98d423194f
- SHA256
  
  ae6f43e22942c633a1bc407e46ac5403c8d54e8c8d878f8e40f3c4aeb8cee2ad
- SHA512
  
  89860861c248889aa91843d00ff83bcf521f2da75ad80d1885b5f2d300ff08580c64955378bc6dc08ea0632dcd5fb0377c10fa81718d62ebd4dd6bd47dd8787a
- SSDEEP
  
  49152:yyKz2Ag5HPYGkOvSXfc3crw8mVz2Okb8HSFuZBJIaQMlnpNszUGGGsNG9PQZR:5Ag9YVOaPcr8mVz2O5SFtjMRpNg2G9P0
Score

7^/10

discovery upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral7 behavioral8
- Target
  
  设置端/game.dll
- Size
  
  808KB
- MD5
  
  553a8494024aea4d0c2852d21fd9ea76
- SHA1
  
  9654a932048c44d536426bcabaf3006f951a0a1b
- SHA256
  
  c09dc06ea4a86304b262fb5f25df6a0d87cef8d5a6c877f1edce01c52fbad1a6
- SHA512
  
  135afdfd233f7f5b7083fd9be1d7c3fa9a6aa0785ca20a21ca44956c473a34e44d185f171845abbcbcc5ea171c80b23a5a84fd19fdd51da6c0f21f641ffbdb4c
- SSDEEP
  
  6144:5oBD/edzVpmLOdzsD8ISn23Oox28H/qDTlupaGhwY83ffxNo2XXGobzu:5oBD/edzVpLdzXjIaK
Score

1^/10
behavioral10 behavioral9
- Target
  
  设置端/wgzg.dll
- Size
  
  473KB
- MD5
  
  a4d30ee608f3397341149d90ff9ade7e
- SHA1
  
  0fea7475db150952b82a7983c3bc4aed03e630d3
- SHA256
  
  6dced00b5a5a08cd089e764ecff4bc4851398c2ec63cf8b809d7dc14f63c726b
- SHA512
  
  39376d01d7b5ab496ee1330a37f92ccbcee2fc409fb9b102a6054f2a2506177b8fef10cadd2cad813975c1837982db7b7869f2d3c8d87d8a4eda0ce9355d5f02
- SSDEEP
  
  3072:cIhtGY88KIdWR/G8XtUoJ+GUHQOvSjAG0GgRPzo20Syv46Ro:5htFKIEhWG0GK7qv7K
Score

1^/10
behavioral11 behavioral12
- Target
  
  设置端/网吧游戏管理专家设置端.exe
- Size
  
  930KB
- MD5
  
  559e4eb5a5b35622b04b62ad1519451c
- SHA1
  
  cdccf16f2f6bcacb6b1ae18c1dcb7c4551435b0b
- SHA256
  
  7316877cbb149e37b5b19cbcbbd37148217a67fbef100797dbd3399d33da5b09
- SHA512
  
  9db926946987185fa87d66eea74d16f041c6ae3834904b40b79785be728db230db364a4d8a36ce3e510027f33399784fb5fef72832884d0506ddfaaa007fca93
- SSDEEP
  
  24576:Rr6oGBsB/HSFsBZR/JIaQBhAlj18yuCSNUS6enbVlasOAOPdP:ReoGYHSFuZBJIaQMlSyDS96ebVlasHA
Score

7^/10

discovery upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral13 behavioral14

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14