0d3c8b0530b71ba074035fc5e25c16b14c8a4df23b2aac3f448aa7ecba474421 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a1e4308b88b616887cce614eb302a70e_JaffaCakes118
Size

1.1MB
Sample

240817-knrftszfjl
MD5

a1e4308b88b616887cce614eb302a70e
SHA1

70120fac84f386450ea2e3a14db2e97c92defd42
SHA256

0d3c8b0530b71ba074035fc5e25c16b14c8a4df23b2aac3f448aa7ecba474421
SHA512

fa2610df18f4300cb18dc63341fef500565d65641c645d81a1f59924dc9be5f847c7a8a821b9c5ff29e03554281ee3fb337e19fec58af7ceb193fac6f5faf2c7
SSDEEP

24576:zTcikuYhdCFaaWOVxmaDK7hle9M3N5sWJwBwOgcdE09c3ivxtScOIh:/cThh3OV47hA9M3N2W3ncd59P5tScPh

Score

7^/10

aspackv2 discovery

Malware Config

Targets

- Target
  
  QQ游戏大厅多开补丁/MSVBVM60.DLL
- Size
  
  1.3MB
- MD5
  
  6f09a24d69b8cd7599a288bbd6d563d7
- SHA1
  
  0ee1ef45a5e9e045056422ace4db8a7d1b0a4e99
- SHA256
  
  e0c103a61a5db4e7c6833666a4d13771eea667a3237f497be23aaa3c981d192e
- SHA512
  
  7e297e52aaacce7ce6c45a670bd2e5f566696ce90bb3a9ead5ea7f07021cad3f29020bdd58371fe53fcce96d281334df43d6945283c98f72a2a3a9e595767fba
- SSDEEP
  
  24576:+HhgLdxazf/ZyJv/TyAPEFvAb7+XvBZGvAOH8lbnlZdJpITp1c0nK8Jb:+hgxxwfQJv/IXvBEvR8lbnlZ2Tplb
Score

3^/10

discovery
behavioral1 behavioral2
- Target
  
  QQ游戏大厅多开补丁/QQ游戏大厅多开补丁.exe
- Size
  
  77KB
- MD5
  
  806bca096fe985f4ed7cd88e404c24f2
- SHA1
  
  7fa26280747c91be685dceb69125c2d97ecdd488
- SHA256
  
  c0aee8be2307292b858d3a2c04d57f9749e978bf5e2825d01484a2a2ba6adc2a
- SHA512
  
  6be3f91f21ada131c0d241962043d2334abd4720e74dc89b10c349dae2172b8eec2d3144cd0a60a1550b9fabf76c8e9e30891b3a3ab04e957bac2769d397a9eb
- SSDEEP
  
  768:i2k8wMnjfgMw+3oTzxvha5Fjxd+Xr6rc:Zk8PjfgMwCYQxdqr6A
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  QQ游戏大厅多开补丁/Vb6chs.dll
- Size
  
  99KB
- MD5
  
  4eb560ad85cc7924f507fbe5a901577a
- SHA1
  
  574f6a47a809d91dd122f68bd5cc14d9d66aad37
- SHA256
  
  e6b4aec131b5dd42342d57f0fd9075873527569631e8ce5f411811202103aec3
- SHA512
  
  3a736fadf1b962b0c39e1215bf3279ef75cc14e37f9923e2380577b030dd45c150a684158dbc3e542bcabfaf9d4636f343dfe0bb9b6a10e6eb02cfaecfd24f54
- SSDEEP
  
  768:8+0pMmmRv2IKP857UdtzuJRkfYzvL3IW:8+MS2BP854d5TYz
Score

1^/10
behavioral5 behavioral6
- Target
  
  QQ游戏大厅多开补丁/shdocvw.dll
- Size
  
  1.3MB
- MD5
  
  475f15eb23633a60380c58f7d0aff3f0
- SHA1
  
  6724431ffb79e81dd19b91d22e95d020a69b0fbb
- SHA256
  
  3e34040eda5e7335e5fb8444ee6b8aff97119738520b1da88982431fb92d4d51
- SHA512
  
  42d6521cc97cb603835b3db8a182316cf0436ec1fbd98cc851edf0d7c719346c164a15639d37e3e74c4e5274e60ce893c0b681c584ec506941c61c57fcb3a45d
- SSDEEP
  
  24576:oX9Lp+gkwgcysV/oJan+NEzTukss6Gtk:oX9BtgJ6xn9uHGt
Score

3^/10

discovery
behavioral7 behavioral8

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8