baae3127acf477fafa20bcbf3f3d6d63c73cb541236844841708136bea574d4e

Sharing

Copy URL

Twitter E-mail

General

Target

87b831401529f395a4f5117eb7f0c637_JaffaCakes118
Size

1.4MB
Sample

240810-z7b8kssgqa
MD5

87b831401529f395a4f5117eb7f0c637
SHA1

b7a6abf24a0c2292b76999a447253f0ef2e006b3
SHA256

baae3127acf477fafa20bcbf3f3d6d63c73cb541236844841708136bea574d4e
SHA512

929474648d05a2f93c14c8513cb1dacc2c2d55324e7103fdac858c29f2597ac99cbf0a5e66740e999908d7f848f9bdc0230d55a7b3cc3dd475a0ce7f70a525a7
SSDEEP

24576:EfX/EzLtwSE3SEZs+VuJFtBqmtGJrGyhxGnY33Lr6XnQqW7gV+gkiWx8V8NBWL8p:WiBEZJojtGMyhxn3/QV+gxWx8V8N4L8p

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  HWID Spoofer/Bunifu_UI_v1.5.3.dll
- Size
  
  236KB
- MD5
  
  2ecb51ab00c5f340380ecf849291dbcf
- SHA1
  
  1a4dffbce2a4ce65495ed79eab42a4da3b660931
- SHA256
  
  f1b3e0f2750a9103e46a6a4a34f1cf9d17779725f98042cc2475ec66484801cf
- SHA512
  
  e241a48eafcaf99187035f0870d24d74ae97fe84aaadd2591cceea9f64b8223d77cfb17a038a58eadd3b822c5201a6f7494f26eea6f77d95f77f6c668d088e6b
- SSDEEP
  
  6144:SIQpxILDXGGMO7Ice9C5kQw2hWHcHTykhb:SIQpxILDXGGlET9n/cHG
Score

1^/10
behavioral1 behavioral2
- Target
  
  HWID Spoofer/Cleaner.bat
- Size
  
  1KB
- MD5
  
  139c0fed46d0a8e9ea03bd45686f8e84
- SHA1
  
  4969ac8f2e002f7a2a15e1da60076bff5416d41f
- SHA256
  
  3ae29ef823ecfa08b99447b35bab89c1f2c7279cfbf557f9381720bb999d18e1
- SHA512
  
  cef0bba827b9e4b00dccd3b9eed8fa5ecca2b325c2a02add80337d564090ea54277f27ed6cd485f4c8c01e001c3bb945eafacac0f2e53116096805ee422b04d7
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  HWID Spoofer/DK1.exe
- Size
  
  335KB
- MD5
  
  934bbc5411c532964f3bbe42cb1c1785
- SHA1
  
  dcddde340e7f080716abaa456971b9aa85bd084b
- SHA256
  
  b3de6d10d9f94037b88f736609e50a8a4c4d516ca50107dedd575797a654c28e
- SHA512
  
  8db126cb8381fe84afe25b25e854eb8de25e43f2638e0d87740ce3fe33338b032b09d9551655afedecfe39cb7482f88e72ccdb28afb59684474084a28da71cb2
- SSDEEP
  
  6144:QlGlXIiIGWbsTXO/P/bbUmmUhquD2S6FEJQzZnCvTkJCps9Q18RQj7dVJTrQkEj2:QlGlXIiIGWbsTXO/P/3mUhquD2S6DzZl
Score

1^/10
behavioral5 behavioral6
- Target
  
  HWID Spoofer/DK2.exe
- Size
  
  341KB
- MD5
  
  bb36d4578ce201dc932ab6bbc079875c
- SHA1
  
  f614f8211bba9d578eb19e7d96a0314b5a51e662
- SHA256
  
  4c831252aa6f193c4474ba74f352bee7d00099dfaf5ac6e98ab1253e21999b4a
- SHA512
  
  ea66cffc96403f69f1b1a3e4f7b0c2fb5045655e2f10772f4d0e5dc9d0243e99c972ae9247c597de680ed7886896a335bc82dde8b162515f15ba368ff25fdebe
- SSDEEP
  
  6144:zlxFkdqBBydxtri9gvdRWKPmawYItN6atI/cFVygZnCv6hqGPs7fYv8dMQZgxiQT:zlxFkdqBBydxtri9gvdRWKPmawYItwax
Score

1^/10
behavioral7 behavioral8
- Target
  
  HWID Spoofer/EAC.exe
- Size
  
  369KB
- MD5
  
  0c3782a8b51ea97e045c0ed6a4039e68
- SHA1
  
  0ea4d987b61703a347971f8591c49677518b7cd9
- SHA256
  
  814a018f079e559b946da2d6ecf214cfc4c885ad3b91304bdd2afa80d311607f
- SHA512
  
  5b9e871ab22f8383c2181401a433335053c412aa1650f9d0e94ff5e3dc578f5d147e089baebc7af9ee28618d050af5021142da2a04decc6bbce8e3bbd9c3554d
- SSDEEP
  
  3072:T2sMWkzbJh1qZ9QW69hd1MMdxPe9N9uA0hu9TBfcXSS:6bJhs7QW69hd1MMdxPe9N9uA0hu9TBXS
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral10 behavioral9
- Target
  
  HWID Spoofer/IP.bat
- Size
  
  129B
- MD5
  
  e7e25c8f666a3d590438586ab3bd0c3a
- SHA1
  
  ef6c6fd6112c3461b648902c9dee6dd67d3f425c
- SHA256
  
  cea2a44d02afbcfa92de017256517ef18f5701c9fe527a6062e33a4b6638faa0
- SHA512
  
  5a05f1ebca69b591fc0d9804c0936e47bd312c46bb2fb99110364b93548451b1ffcbe837efc1f27a1b922e13fcf052cf2b7cc5e2a10b6b9e085c32c6da506215
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  HWID Spoofer/MAC Changer.exe
- Size
  
  204KB
- MD5
  
  53b7001fe1ef68c2ebf37e72c6c6e07f
- SHA1
  
  0f17fdf1875da8521994a1406fb5f2373da59ca8
- SHA256
  
  0f076a5b5447ba57579bf12ac59a707bd3228db1e5f48688b2af2c25d2e6f3e0
- SHA512
  
  fa78c2b0f8e0e87eb7cd1028c5cc94480deff4e3ac0b85b8e98bb76823a3a79505122de521bc98c1d9f70e2536682ce9ebfa8ed09ef1e1f7522ef6ccb0205b8a
- SSDEEP
  
  6144:r6uF1ysSxGHbrD6dtDEDKMf/x5m3fhIh9TtgscRG3zwbhl1bOnq1LCM:rhUgGDEDKMf/x5m3fhIh9TtgscRG3zwL
Score

3^/10

discovery
behavioral13 behavioral14
- Target
  
  HWID Spoofer/OOF.exe
- Size
  
  69KB
- MD5
  
  a778aeca86a72e0b933f7675cfd2ad0b
- SHA1
  
  c0942df9471e0f0294569f85a802f9fcd495f94d
- SHA256
  
  0f77eee560335a4e264b0bfb66bb7f9a27b2dbd774bd0b91fc25d37287a55592
- SHA512
  
  25d87cf951677a72cecf533c164491ccfaac1381ae4d869c9728c574ed844042db373278ac39ef9044e7d4e66ab5f293f417372139e4184cdd1fa75f67b2bbe1
- SSDEEP
  
  1536:K5j5vci6aZFIs1t4Otg1bhnroCFxJbGj:KTxltztSlr5E
Score

3^/10

discovery
behavioral15 behavioral16
- Target
  
  HWID Spoofer/Spoof2.exe
- Size
  
  161KB
- MD5
  
  02e46be7c4aa2a1d8e779a54daa0083e
- SHA1
  
  3f29b906e573f35d9398d8de2fd99487d0b7893e
- SHA256
  
  0530c4fe19d38e7317789eabeef658b83617ae2d87e52b9c45712fd339880e95
- SHA512
  
  18cba1df49517eae7e60f7f5ba8f8a6116b20fb58563ec6c9c0afa9953c6419c707d692c6e431f7e9cb47dd3f598dd5b9e2bb180d35595db8dbd53152682ae18
- SSDEEP
  
  3072:TCdIFwtjvkg8iJXeAQMw5PknyLIh2PGM:3yLkqJtSPy6OM
Score

1^/10
behavioral17 behavioral18
- Target
  
  HWID Spoofer/Volumeid64.exe
- Size
  
  165KB
- MD5
  
  81a45f1a91448313b76d2e6d5308aa7a
- SHA1
  
  0d615343d5de03da03bce52e11b233093b404083
- SHA256
  
  fb0d02ea26bb1e5df5a07147931caf1ae3d7d1d9b4d83f168b678e7f3a1c0ecd
- SHA512
  
  675662f84dfcbf33311f5830db70bff50b6e8a34a4a926de6369c446ea2b1cf8a63e9c94e5a5c2e1d226248f0361a1698448f82118ac4de5a92b64d8fdf8815d
- SSDEEP
  
  3072:PngbfXWm18pX82lOl7NuT7DLM5Weo5UFs5QM8JwDmtFk1glurXEa:/gbfXWVoRNuT7DkbFsKM1glI
Score

1^/10
behavioral19 behavioral20
- Target
  
  HWID Spoofer/drvmap.exe
- Size
  
  69KB
- MD5
  
  572c3d3fe48243edfec08c56aa18da66
- SHA1
  
  644576537d8698bf60302d6772c3f21e5de79811
- SHA256
  
  f78e8422cacd361be07d420fdfc9c608a1fd7cbf0ea3c93750758896de49231f
- SHA512
  
  a4d89fead749912d4d761220f0f9026c3f33f923fa8048a403f037ea1e53778f5701f9f2d5f97864e19afd364beef04397135daa89efc3bb7143c3b1a35a745d
- SSDEEP
  
  768:zrxDzM4PVcTw7yejsP21i8KSoPx3Mr2e6vm4SLrx/aV3CqjSBugroxeCehVcr33b:z1DzMEKuhoXcx4+ugb8XGxkT
Score

1^/10
behavioral21 behavioral22
- Target
  
  HWID Spoofer/loop.bat
- Size
  
  513B
- MD5
  
  eb1647503073effdb6a52efc86be80eb
- SHA1
  
  712118f8666d4a3514b0de1307df12137323212e
- SHA256
  
  4c40f7751be5a6a4f705b4fd52b50c893348a967e4eb72a4bbd0b72af49962e8
- SHA512
  
  0d130dd2aa77be3486b1a7f756b7d9afdcf24aca56c2c58017e4057c9e48fa0f020ec8a56bf9b92d69d21695d820537efb67f1b92cdd55b5474140cbdf6428b9
Score

1^/10
behavioral23 behavioral24
- Target
  
  HWID Spoofer/mapper.exe
- Size
  
  161KB
- MD5
  
  02e46be7c4aa2a1d8e779a54daa0083e
- SHA1
  
  3f29b906e573f35d9398d8de2fd99487d0b7893e
- SHA256
  
  0530c4fe19d38e7317789eabeef658b83617ae2d87e52b9c45712fd339880e95
- SHA512
  
  18cba1df49517eae7e60f7f5ba8f8a6116b20fb58563ec6c9c0afa9953c6419c707d692c6e431f7e9cb47dd3f598dd5b9e2bb180d35595db8dbd53152682ae18
- SSDEEP
  
  3072:TCdIFwtjvkg8iJXeAQMw5PknyLIh2PGM:3yLkqJtSPy6OM
Score

1^/10
behavioral25 behavioral26
- Target
  
  HWID Spoofer/spoofer.sys
- Size
  
  6KB
- MD5
  
  96756deaff1b2667883d4a21e43f4f65
- SHA1
  
  bce3d6fb9eec3f2d2695d96e61442a58039d594a
- SHA256
  
  1992c044963f5c77aa7b5462e2bb69a37c66bc0e13032524fb1663c0314fd420
- SHA512
  
  b6f472c8296bbef5da4baf638e98c2e0c42ba3fa783c69a6c0cc1e2f92f4c365d6d1c0bcf26e1644bacd4a001fd97c19b5fe2b616ba3c0982fc7edefcb59ef7f
- SSDEEP
  
  96:eA/w8VE6wC4NrkXyhWZ2JMQ4LI5aUZ1ZM2a3:v/f/skjZAMTOA2a3
Score

1^/10
behavioral27

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

T1059

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

Remote System Discovery

T1018

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

System Network Configuration Discovery

T1016

Internet Connection Discovery

T1016.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Checks computer location settings

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27