9434f124a97bdaa8a58eae8d419580d741887387c87ff9c8f77ddf545cebadd2

Sharing

Copy URL Twitter E-mail

General

Target

8541bd67ea9537fa4c22f5805f347045_JaffaCakes118
Size

8.3MB
Sample

240810-h8cgaszhrq
MD5

8541bd67ea9537fa4c22f5805f347045
SHA1

76c31cc489f2fcf1d0c404d1868310821282e3f6
SHA256

9434f124a97bdaa8a58eae8d419580d741887387c87ff9c8f77ddf545cebadd2
SHA512

eaa04805afc6afe973d01a52ec8a158dd26e0f0a4766d6cbc5bac207e8848525add232a97a35c53d0ae7a196e7a038cdfe27f35e1c147cf738ddd8107f5a0f32
SSDEEP

196608:MAjFFW1SUYgmJSTyL+WA0zefZJopn6orLpWA0zefZJou2kD:MAjFFW1DYgmsTepzKZkBQzKZt2kD

Score

6^/10

discovery persistence

Malware Config

Targets

- Target
  
  新建文件夹/Intel_inf_6.0.1.1008/Setup.exe
- Size
  
  53KB
- MD5
  
  56fc94234252b533bbf91412e671f172
- SHA1
  
  5b3c1229018742ecf022a7a8f18cb879fb8efd54
- SHA256
  
  c8c7a1a9ad9abb16299dd6fdf1b53bdcf91427df6adfa738e0ab90a53ce51abc
- SHA512
  
  c70fe3aa1bf428d28d8071b63950ae7ad0712bd369f697888598d005a1aa43837adbc8fb147a04ebb834a9725bd4adb64c8d559a65ac825489e012ab7be459a0
- SSDEEP
  
  1536:jqIOe/QbIdD7UgitDrJV3H8BT2vdBGleQE:0e9Dvi5JVpvdBGQQE
Score

3^/10

discovery
behavioral1 behavioral2
- Target
  
  新建文件夹/Sis_agp117e/AGP/AGPUtil/AGPutil.exe
- Size
  
  108KB
- MD5
  
  cad26d22b5111330462bb2f743bd04d4
- SHA1
  
  aca9a49bd298d1d1f3d4523d6cec2e49db3b119f
- SHA256
  
  3077daa7e1956b1841597b47dc38e5505227933b3a36e873dda6db28fd1fd016
- SHA512
  
  158f0abf7dbad66cd4933bee452e2fcc5862e7d3796760c9255c6edfed2d4c5485eb518c82ced51650296bdb8d75aa8ded665ccf92eab31e61e495d3a546705e
- SSDEEP
  
  1536:iRLwtCngJBNT1+I//88mQw3LoxQzUkf8ovicz5NsLsUs:iRL9Ml+I//SQgzU7oviensLsb
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  新建文件夹/Sis_agp117e/AGP/AGPUtil/WinIo.dll
- Size
  
  44KB
- MD5
  
  3b36fe05bbae3104eb1f8cf0544b20a6
- SHA1
  
  a4c6de4df7f4872f2ce852f7c48f018857096262
- SHA256
  
  2c4e27bb86d3facd3760d0c1881a297d2f194ac77a8b319f210e46c4de99c4fc
- SHA512
  
  0098ebaddaa0444c4022cbfd601cb7e6c80ea3299ccce9a73cd12029eb3d0497db66cf11745b1067458e305dfaf667b7dd00cee1867bf5a8239fc0f0d31d036e
- SSDEEP
  
  768:bur4vdBmeQpmuRtQOVI8+LRHGssD7MIY0D/O6M:qrAdBWtRtQOVI8+L1F370bO6M
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  新建文件夹/Sis_agp117e/AGP/AGPUtil/WinIo.sys
- Size
  
  3KB
- MD5
  
  8a9835acb8ad3e9804f16b3c51ded28e
- SHA1
  
  37b030f63291b90480a3175067f6f2ab78f2c50a
- SHA256
  
  ffb39a20b20051c8a94ac638b30459a1ba104d4e8b700f36d2a123076709bbc3
- SHA512
  
  5496746d96a4d0b539a1f4e833cf3135703135e1ec1f3fd4323f3c5c5b8cc2aa1823aaf9968c0bc947dc2318890ad5a60540552bb081c365e7caccfbad0a8c1a
Score

1^/10
behavioral7 behavioral8
- Target
  
  新建文件夹/Sis_agp117e/AGP/current/WIN2000/sisagpx.sys
- Size
  
  25KB
- MD5
  
  86caf8328b23250ce0bfbe3c050b3ba8
- SHA1
  
  bd1ec980ca6fce63f320d8e35ff5a9989ff1a14d
- SHA256
  
  2bb54414322b2cc28189ab5398d0bb96a73359cf046d7bf767ee4a6f8b1fcc74
- SHA512
  
  7d4cfe3285d84165a51ca4226ed8bc096cbd8a7493e17fa14e473b8ab289ad77b8e5117ee667ec5bf4270437ca40bb38a1db41cf220b104c953d5160bbf52a02
- SSDEEP
  
  384:bpuvBVGc1MHxOfGZDJD+kpuPHeB3EQCQ5Q015vvblRS1N0TXF1ak:g7GH5JD+kp4HK0Q95QEHbg+Xq
Score

1^/10
behavioral10 behavioral9
- Target
  
  新建文件夹/Sis_agp117e/AGP/current/WIN98/SISAGP.PCI
- Size
  
  12KB
- MD5
  
  354660c697acafa131d6ffe275682e22
- SHA1
  
  a3bf1fc4cb52fe259a5802cb5fc4574c0f4c9611
- SHA256
  
  d7f38e942de829f1263f4da555e3e2faca36f3366daa977e37db1a360f79a4e8
- SHA512
  
  0e083eed11f34de0287d68d8c615c98e74b47806911966c5aa97ad8a8503f38c6784876d7c67d20f7b67f8fdbfb752b974c0326a5a35ddc40b2d66c301f6bc46
- SSDEEP
  
  384:SWXesyqv0arYWsbx4deUt8/9VJ7ByLagCcsSQfO5:lebbarw5UAVJ7BitCcsSb
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  新建文件夹/Sis_agp117e/AGP/current/WINME/SISAGP.PCI
- Size
  
  12KB
- MD5
  
  354660c697acafa131d6ffe275682e22
- SHA1
  
  a3bf1fc4cb52fe259a5802cb5fc4574c0f4c9611
- SHA256
  
  d7f38e942de829f1263f4da555e3e2faca36f3366daa977e37db1a360f79a4e8
- SHA512
  
  0e083eed11f34de0287d68d8c615c98e74b47806911966c5aa97ad8a8503f38c6784876d7c67d20f7b67f8fdbfb752b974c0326a5a35ddc40b2d66c301f6bc46
- SSDEEP
  
  384:SWXesyqv0arYWsbx4deUt8/9VJ7ByLagCcsSQfO5:lebbarw5UAVJ7BitCcsSb
Score

3^/10

discovery
behavioral13 behavioral14
- Target
  
  新建文件夹/Sis_agp117e/AGP/current/WINXP/sisagpx.sys
- Size
  
  36KB
- MD5
  
  61ca562def09a782d26b3e7edec5369a
- SHA1
  
  73e0ee7a0a4f00ae3a8f3a5548957726e6c09cf8
- SHA256
  
  3d9be60239ed8fed64c92b013adb6b880aef353b2f8ea28f69c0e09482b5a722
- SHA512
  
  2aceb1c0c9a5eaa0fae8cac4b7f5208abb8f0e352c057d50d797857b29af2a4277b82f326bb18e514019226da75151fdb35d4c53cd2266fb27a69cf0de8eef36
- SSDEEP
  
  768:+5ltDx/pty1iXwyzvr3uH0hLpzBZ4UyfI:ejDty1avreHKL1cUyfI
Score

1^/10
behavioral15 behavioral16
- Target
  
  新建文件夹/Sis_agp117e/AGP/htpatch/HTinst.exe
- Size
  
  88KB
- MD5
  
  e09249b5b2beab68f1c80690bb924e4a
- SHA1
  
  c378240a55d6065e7bbf88464a7e8bcfff5ced03
- SHA256
  
  7303cf939fcb27744e80c69cd35841f9f412b3d57dce689d5a3c7d16b9db4add
- SHA512
  
  54d3714244d1f88801b7e8d9e9dd1727de5e49aa3e3ba5f045aad7d4364553511d6f5e49a8b874546829175ceb844fd4484a1ce6aa09ef940991d80e47d6b994
- SSDEEP
  
  1536:IZW8KEgzTgK9cWZunX765NH/QBrqoaiSqeXzbUs:deKqWZLDH/Roait+zbb
Score

6^/10

discovery persistence
- Adds Run key to start application
  persistence
behavioral17 behavioral18
- Target
  
  新建文件夹/Sis_agp117e/AGP/htpatch/HTpatch.exe
- Size
  
  28KB
- MD5
  
  5a1d47118db71bc016dc041c928c464c
- SHA1
  
  ff99aa62e0bca115fe8298aa26a126d4fc1aa065
- SHA256
  
  99f927bd1d32a2979558c7476aa62c4bcd8f34bf45f0f3d564d55ffe6019b00d
- SHA512
  
  64617045ecf5182f77a45e019e8c42d65347adebb9c18f36a0b82a3db9d8779af73ff12573aada4c16accbc741386e19fc7911f8fd488e3ececff57a7e6a53ff
- SSDEEP
  
  384:MTtiQsdzNycqmlzRc7pnayy4Gi50rh6ocp:Mxi5NyTnay1Gi56h6o
Score

3^/10

discovery
behavioral19 behavioral20
- Target
  
  新建文件夹/Sis_agp117e/AGP/htpatch/HTuninst.exe
- Size
  
  88KB
- MD5
  
  b058f2d731bc26f8de2d0f4b9edc0b86
- SHA1
  
  5ca91b8d8ca3d7a204a10d3ee56f90e18120cb41
- SHA256
  
  d198d62a3200962b8e90bba63bbe4fcc077d1a3dfa7dac38ea6f0717a3942a87
- SHA512
  
  07a8968e2702d5c1b4f9eaee3fa63676bdc4ad3f3b784022e644ff0be21d6cd447232d40eed39d6e479a9dce437d45b395e199aedbdfce11902f72c4f490992c
- SSDEEP
  
  1536:/CQCt2QMTLp5cqz4yaymz6y86rqoaiSxmXAdEPkZa:abep5Xzna6y8joaimWAdEPI
Score

4^/10

discovery
behavioral21 behavioral22
- Target
  
  新建文件夹/Sis_agp117e/AGP/htpatch/WinIo.dll
- Size
  
  44KB
- MD5
  
  3b36fe05bbae3104eb1f8cf0544b20a6
- SHA1
  
  a4c6de4df7f4872f2ce852f7c48f018857096262
- SHA256
  
  2c4e27bb86d3facd3760d0c1881a297d2f194ac77a8b319f210e46c4de99c4fc
- SHA512
  
  0098ebaddaa0444c4022cbfd601cb7e6c80ea3299ccce9a73cd12029eb3d0497db66cf11745b1067458e305dfaf667b7dd00cee1867bf5a8239fc0f0d31d036e
- SSDEEP
  
  768:bur4vdBmeQpmuRtQOVI8+LRHGssD7MIY0D/O6M:qrAdBWtRtQOVI8+L1F370bO6M
Score

3^/10

discovery
behavioral23 behavioral24
- Target
  
  新建文件夹/Sis_agp117e/AGP/htpatch/WinIo.sys
- Size
  
  3KB
- MD5
  
  8a9835acb8ad3e9804f16b3c51ded28e
- SHA1
  
  37b030f63291b90480a3175067f6f2ab78f2c50a
- SHA256
  
  ffb39a20b20051c8a94ac638b30459a1ba104d4e8b700f36d2a123076709bbc3
- SHA512
  
  5496746d96a4d0b539a1f4e833cf3135703135e1ec1f3fd4323f3c5c5b8cc2aa1823aaf9968c0bc947dc2318890ad5a60540552bb081c365e7caccfbad0a8c1a
Score

1^/10
behavioral25 behavioral26
- Target
  
  新建文件夹/Sis_agp117e/AGP/old/WIN2000/sisagpx.sys
- Size
  
  24KB
- MD5
  
  06f6fbf2976d2d12906ca790e8a56c8e
- SHA1
  
  183920cbf421d14e0bd48a166fe1795f67e37d8b
- SHA256
  
  cf881a2296ea7fd8a53e630f7151ae59511a2c929ec0c1f103e40f44c4057561
- SHA512
  
  b58d1b1338f64effd941c5c94dfc4767b55ced9525dfc8f14a8463776624aeb226362ab77ec46feabdf904ad9e171216158282154922c016abfc44fd8c9a68f3
- SSDEEP
  
  384:B66KvAifeZTrHbJsxdJsvIUnV5245m9kvPS/Xrm+M/5ewVR:i5foT7lqTWJnn245x+dM/kQ
Score

1^/10
behavioral27 behavioral28
- Target
  
  新建文件夹/Sis_agp117e/AGP/old/WIN98/SISAGP.pci
- Size
  
  12KB
- MD5
  
  33d142f35cf342a08e3327aac16825cb
- SHA1
  
  774d54fc6066bbb777caf8948ffebba46e1de748
- SHA256
  
  1ada143b085a9aa3683585c0455e3ba441f525251c37cd61e018b73a45b45c35
- SHA512
  
  ba6ef6d81f1977eef977e78829f171dc688a6a5308258d8e724cd39d149c89096546e5de574d6a14b3f00275d255a4c1d54af3023042c5c3dfc65782ccc380ec
- SSDEEP
  
  192:jW+uQhyqrnoon5fbEs7dbqSMUCaD5eiaRaBMeiWyoXSBUQ+uNgxIP:j9ugyqbX5zPe3MEiaRa2TPohQfNU0
Score

3^/10

discovery
behavioral29 behavioral30
- Target
  
  新建文件夹/Sis_agp117e/AGP/old/WINME/SISAGP.pci
- Size
  
  12KB
- MD5
  
  33d142f35cf342a08e3327aac16825cb
- SHA1
  
  774d54fc6066bbb777caf8948ffebba46e1de748
- SHA256
  
  1ada143b085a9aa3683585c0455e3ba441f525251c37cd61e018b73a45b45c35
- SHA512
  
  ba6ef6d81f1977eef977e78829f171dc688a6a5308258d8e724cd39d149c89096546e5de574d6a14b3f00275d255a4c1d54af3023042c5c3dfc65782ccc380ec
- SSDEEP
  
  192:jW+uQhyqrnoon5fbEs7dbqSMUCaD5eiaRaBMeiWyoXSBUQ+uNgxIP:j9ugyqbX5zPe3MEiaRa2TPohQfNU0
Score

3^/10

discovery
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32