Overview

overview

7

Static

static

7

天涯易�...TE.exe

windows7-x64

7

天涯易�...TE.exe

windows10-2004-x64

7

天涯易�...sg.dll

windows7-x64

3

天涯易�...sg.dll

windows10-2004-x64

3

天涯易�...��.exe

windows7-x64

7

天涯易�...��.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8b3837b448cf42f98b2300ae6d3b35c5_JaffaCakes118

  • Size

    1.3MB

  • Sample

    240811-vmcamaydnn

  • MD5

    8b3837b448cf42f98b2300ae6d3b35c5

  • SHA1

    5e958ca5b01e71e93f0641b15d89527ac0fa1614

  • SHA256

    135ed62f47576c389d01603e3cae39c7f6bd889e32afe1b909a662ee4a04a1e4

  • SHA512

    0cb8b9b2f9491009967c29e6df1b9301b6b6d1b27f46f1570a471adaec6aaaf64d65296337eb380abc12746101591b50cb4dcae26daadd9547cdaa1dc90ffe92

  • SSDEEP

    24576:4mQE+5fga+VjUHbIRxpp5KfXLNoDaZBG4wAHfVwieh0YIFM5J3Ehti+2yZYl83QZ:4mQ/5n+2bIRnKfLyU04jHfVArr3F+FZs

Score
7/10
discoveryupx

Malware Config

Targets

    • Target

      天涯易栈编程助手/UPDATE.exe

    • Size

      275KB

    • MD5

      dc498ca9faf9cb36589c24b94f994580

    • SHA1

      2bd98272555d5d401cf076c3f70cb54c6dfc3356

    • SHA256

      7a75ef7d95cc3b754d806ceb392b0140f604ac13bea1d7136335a0a8edafaa48

    • SHA512

      37804c1b5fef1d7b57e68af22280a059107c6dda40ccd0a319406acb5ba8e673073384b95b0e6df018a2f2a938506458e1c4644fa2895aa14da783f49256e99b

    • SSDEEP

      6144:kQDOqShNtdQEXfodFYI23rpZVVYkc4TWqfbgkLQNQuqQoSd:ZKqSrtSEXfkFR23jVVThbpqQuqQoS

    Score
    7/10
    discoveryupx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

    • Target

      天涯易栈编程助手/data/pslsg.dll

    • Size

      840KB

    • MD5

      b4f3df7bcb8b0031629911e5b4f89ee9

    • SHA1

      f80ffcbf144ab85901941f5fb66f1b22a346475f

    • SHA256

      ef2dc1bba4ed93e99d37afe3097e5be917fbb1bacac7df3c24c9146d097dd5d9

    • SHA512

      4f2d80ae45bee18b1f8dee35a6c21b1a5ac772c5d96b0cabb602603d06c387e59e6c5a11598b44a9d5090279ce1b11e44c362b88950e1139ee4c201e24107fce

    • SSDEEP

      24576:lIq3dC1dSPqYF/pLTsYcMBa78RU2miKu8:lA8RnmiKu8

    Score
    3/10
    discovery
    behavioral3behavioral4

    • Target

      天涯易栈编程助手/天涯易栈编程助手.exe

    • Size

      872KB

    • MD5

      d3e48f08bd4a53968ec2c998e34ac8da

    • SHA1

      b095f72584dfab10eaf1b53851390481c2667ac2

    • SHA256

      d5236a76e09268198b377c68da34cab3876299ca27cd9e25e317332a7723ea8a

    • SHA512

      17a2e7895047d08117ec2bffaba3156935fa99be42a5692338a1f7ec2aee96e09a02464226462b91675d59dea27a716eee76564eafdf381ee66b0616f13722df

    • SSDEEP

      24576:06CBmD2lYYO5aQSr3Sa+9OIGgCDfBvrp:06VSNr3Sa+EIGtfBz

    Score
    7/10
    discoveryupx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral5behavioral6

MITRE ATT&CK Enterprise v15

Tasks