ff003cb5a617d4cc23f360e39300d7d6bee3715f2adb8f98c065d92b32fce14e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a3a9110458ee5d6b07a001c1bcbb5b9b_JaffaCakes118
Size

3.1MB
Sample

240817-w6l5lstaml
MD5

a3a9110458ee5d6b07a001c1bcbb5b9b
SHA1

08b5dc79e4c7b6c2d4265ff5836efcf69b6a8279
SHA256

ff003cb5a617d4cc23f360e39300d7d6bee3715f2adb8f98c065d92b32fce14e
SHA512

8a9e0103e07905dbca698c5e8c9802957b7cde7844ed1389edb51c1a073c79306bdb80364f7a98ccbb00588e91f37092f721f20d6665f05afc03a2eb121ae597
SSDEEP

98304:YI2d8XO3sRmnhWA+LwISBIEIcao/wua9VowSFIp:3k8e3EY+LwrBIEIZo/wPsw

Score

8^/10

discovery macro xlm

Malware Config

Targets

- Target
  
  81411125/250 建立临时表并将其内容保存到永久表中/Project2.exe
- Size
  
  638KB
- MD5
  
  4721b988a4676c45af59f075d65e0af7
- SHA1
  
  7b7a8a438de1796b0c58dcbd65cef9cafdde2481
- SHA256
  
  81189aec3762410de0b688df4a3224d52cc60a14e46e738e2e644b960db23903
- SHA512
  
  d1e739ce6133d57dc1acdb2382ab1f8c514b77fcf817bc24044673e65a333db701eb0d8fb837d00b01fef13f719e95eb4918a2155e5dc9a8023441ceea637881
- SSDEEP
  
  12288:oj8acmPEzhw/hjQNn2WUle+OiFEX4THuRJpyvrhudTO5zQ7xYrd+:grlP/ON2Ze+vEIri2yTOmYp
Score

3^/10

discovery
behavioral1 behavioral2
- Target
  
  81411125/251 创建一个和原始表结构相同的新表/Project1.exe
- Size
  
  635KB
- MD5
  
  55b475fbf75a9eede483b133ab2ab86b
- SHA1
  
  26dd9bcaa42c7663198776a8bb08f9aa4effc50f
- SHA256
  
  781fd526af3e2dbeb7dda2d2e581f66bc4e1bc2ea66fdf74847524bf252ccf40
- SHA512
  
  e1024ec4a69a2f30293912ce5378c64cc7835e04c9577e3a042c7cc98420e3d37a1b495aa283d24b72eca0701725421875dba794139bf1b19e9967f5d66a5d59
- SSDEEP
  
  12288:5JDIjQWsppt61mLoTRfHNj+NPIxOO98xQl5cTSCeYM4yK:5FVRN6HRv8NwHl5cTF7
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  81411125/252 将一个字段中的内容导入到ListBox控件中/Project1.exe
- Size
  
  646KB
- MD5
  
  ebe8e62c0455ed996b3db3cb269cb23d
- SHA1
  
  2c2c2a3ad30c2de5c8170bc89791c2e39e8c1135
- SHA256
  
  60bc20327ce20799571eb203a154f81e6eb31164e63f0de542a04e866a2868f1
- SHA512
  
  34b1abad85dc4b5a7e725d2370cfe6418f962620f2b223b6106ef13c0ebdd10b991698fed16db22afb9ebe6f4b2e6d9e25fbc5c44a861bf6d15ace6061bd7060
- SSDEEP
  
  12288:nYpjqIZBhHuKOzjkmlE/zSv+toSy9UxR23iELpRwovl:YFvbhOMmlEWmY3i4px
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  81411125/253 将数据库中的内容添加到OutLine控件中/Project2.exe
- Size
  
  822KB
- MD5
  
  129620bb318a2692e4826807aa52608b
- SHA1
  
  03cdc87c6cc232091d62ff8830f58c40475d9753
- SHA256
  
  f8d784381836028c608ff4265f7cd8c9c0882678c928550ae119e012d59f5112
- SHA512
  
  e4f5cb9ee313b2f5918649833c88c408eb7d4acda32b5428f1ec3b92759bd34be9ec516f21691f8d962d3df30225649d7f4fdfc4ca8396b98f0e1c05db1e4898
- SSDEEP
  
  12288:X3MirNxNByo1iz2mpqiSVsMuzTR+IP3Pg7/Z3WkOR+xm7+LSG12gA0H9tDItk8:siNxKzz29VsPFCEf++tk
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  81411125/255 向图表中插入背景图片/Project2.exe
- Size
  
  1.1MB
- MD5
  
  0b74ad4f8073a0b2f1ed2f6dcbdc4f5b
- SHA1
  
  bc8f741e77f3e93ba138fdad51221c63e9d72b9a
- SHA256
  
  3ce428d9ab6e2e6292260f579f8967e17ea336281c9ba2dec8f114f6e546eb00
- SHA512
  
  c926bf9958a5b07d4383c2d8772aba73caee548862e6b47018798f441718205c9ebe8e29e0f466bee3abc46594bf84d7546189305b1eb4a5631332481d0f8c8f
- SSDEEP
  
  24576:yiDZPn+3rRhUgvB7p6lE54NTxrGsrHrJ/elT3k0vvy8eTtFi:X8rJgvJuzJvpef
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  81411125/256 在DBGrid控件中显示图片/Project1.exe
- Size
  
  803KB
- MD5
  
  f7105d94a6d5273b7151efc999b3d834
- SHA1
  
  69c8584e89ac2951e9f5bbf47e4e7e79fe1b992b
- SHA256
  
  179dac8773755f27b3656f93aa823ef021884861343615333a8fd3a50735215f
- SHA512
  
  11f5d3c109193397956b6ab3ad1b9b68180bc640fc32409fcbf57c843bbbae6157f61719a9c5f20accc542922504e50677fdf6d9d9997ef4f95540710f28464d
- SSDEEP
  
  12288:AVJyC26fD5l1ug6PE7GfEH6umsNjqAqB2fV+OOtSYuJodPZttqS4E:+H26F2g6P3fC0C+/xtG
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  81411125/257 取消DBGrid控件添加新记录/Project1.exe
- Size
  
  801KB
- MD5
  
  b955121a68330c8d715125adc9cfa1cf
- SHA1
  
  77654e1d3645aada6ccf90f9979e2485813f0ee7
- SHA256
  
  d82a5b231e4144dc553f3406c076f5e072d914d1cebaf83a4ea2d9a5c448c13c
- SHA512
  
  e6c241dd030e79dea78a5d9af0f2bfda67194f261366f068f9738feda1a5ccb6775317c6ce7d124f62bf5bf11370520860f7cc67debcb8590fdd73eed46b4bae
- SSDEEP
  
  12288:cVJyC26fD5l1uguPE7GfEH6umsHd3cEyJHKmky7PaJbAGttqSOeY:yH26F2guP3fC2FK1K2tD
Score

3^/10

discovery
behavioral13 behavioral14
- Target
  
  81411125/259 单击DBGrid的标题进行排序/Project1.exe
- Size
  
  869KB
- MD5
  
  870e741c69123ae7cc37a23e1d86d99a
- SHA1
  
  9fb93010506392b6c89ff813ab35e13c24a84726
- SHA256
  
  95f2288a005eb65db5b929ce9e20b156295e589ee7cc8688e86b7b35af71050a
- SHA512
  
  4793aff50657e4b9d9788a3294e4ee91225ae3dec36fafaf6db07eae7ad898714e4799d9f765e9b53379eb2dc729fe7fcac375b5bf03ea8f23874eefcacf296e
- SSDEEP
  
  12288:HdXnGV1AqF89FzQfNZ05DZmwTT4Gmsf7oq8JK4lqflBroXWPC680kptMaQJ8Z:HdGvAa+FzQFZ05cwIi7onlqfjomBJ
Score

4^/10

discovery
behavioral15 behavioral16
- Target
  
  81411125/260 转换数据库/Project2.exe
- Size
  
  639KB
- MD5
  
  430b7e11d99a3ea2a19e647281c27b70
- SHA1
  
  9f1853001baa4a9e65872a84403253842a5fed1b
- SHA256
  
  e40ef5f3e82bd9d81d715b0ebcf612a42ed8cdac2c16f1e0f040d41cc7b166eb
- SHA512
  
  458a4a15717a41389a78ba022da8670e7cd65743df7e98104a65e9f589d8192f6f5074345afeb74b73fcd34a96965b03999f8bbde4568b6d6d41edaf8b84c630
- SSDEEP
  
  12288:npjQYacBsd8IyeL0P5ceZVjS9FYVKu7iyBY+L4xTj/:nFBNYFyf5cIw9CRY+LQ3
Score

3^/10

discovery
behavioral17 behavioral18
- Target
  
  81411125/261 提示数据库正在使用/Project1.exe
- Size
  
  651KB
- MD5
  
  1b053df7202c692106e7b4d6d179bc0b
- SHA1
  
  df635f8e432e9f25af6b282b90b902dbf5539bad
- SHA256
  
  765fcea913087b89240f8bd00545a52b059c518762d73275421673e6a8364c23
- SHA512
  
  3ce429434db82883f391daee9220117d3939dde8510af3fa93a68be4967b50e5a23775c0e4c72a5e367007b01f5f63476b9bac022494205fe4b78c61d4c27eff
- SSDEEP
  
  12288:p1ZmD5f1HkazHz9Ki1khRt/q91W9vefFvVk119HhLGQDJSSOB:Xu597v9KDFio9t11L7Du
Score

3^/10

discovery
behavioral19 behavioral20
- Target
  
  81411125/262 如何判断重复的值并进行提示/Project1.exe
- Size
  
  820KB
- MD5
  
  364dc094806dc6bb6dfa9a6b70bd4dce
- SHA1
  
  69099582c73498cd8fe63bf07afbac63611a7abf
- SHA256
  
  b4f335262ec7c96fc9a0ee03fee1a7efe8660c264f210fa51170a55516e7e71f
- SHA512
  
  af83590fdae728522f29e02bdda98267129eed656922b6e00be614e757119a9c0cc9feb470fd5a459aac1c9d09eb48b245ca76d32137f4c3ca47872b358001bd
- SSDEEP
  
  12288:FX8C3dGqyK81wahnsQPnWJ/4TzUKA9yA0V8SD4SYQW40Lqp2BttnGvD:midGmRahns2WhXKg0pDuLBtm
Score

3^/10

discovery
behavioral21 behavioral22
- Target
  
  81411125/263 图像数据的存取/Project1.exe
- Size
  
  762KB
- MD5
  
  a6854a7f4d58981e24ffd13bca77d673
- SHA1
  
  55f0382563a1e2e9fe845161ed759b58c19b3ff1
- SHA256
  
  6b2f00b3ca21efb156e8fbfc4dc1942f92d165f03bf4efc6da1b3c3bbf0bc4e5
- SHA512
  
  9b02deae4122f008e6a310a8c7afa5060a9ce7b83b24a6a3872fab03c36b7a368b5dc5bbe2a5cf7e0a25412a7f2bd3437d2e7728d7b08549bbf421250940b0c0
- SSDEEP
  
  12288:SgF62RF0UZhdCPjRqxZ7U9wEAOMK+DpnlkL4wN8gjJNVwCWC/i1f:SwnRflAjRZiEwK+VlDGdbV9/g
Score

3^/10

discovery
behavioral23 behavioral24
- Target
  
  81411125/265 数据库与多线程/BDEThrd.exe
- Size
  
  823KB
- MD5
  
  5dd5a808c8f071cffc9d1317875b2ba0
- SHA1
  
  643dc58640d9ea35ed4266e32ce110e4cd42cce4
- SHA256
  
  afc03a9e4be97e4c771a25ae386d968f4ad702daecdeee6b0950104a2d2ec56b
- SHA512
  
  b11a2f93f3e8836fe6e5b1ad14a5dcd4557f807a36cbb4ece3cbfa87cbef6d66ebc0309147f7bc27d52d5a2f673bb7c70465d015a251b30b7335c0ac326d4fab
- SSDEEP
  
  12288:qRjMubVKJ+je0R5s9gfU5/z0AThGsEdzYcDI+VsLtNfLgzsfrji1F:OZoSzR5Yt5RFeGL1
Score

3^/10

discovery
behavioral25 behavioral26
- Target
  
  81411125/266 登陆程序/Project1.exe
- Size
  
  697KB
- MD5
  
  9d5b65f05a04ebf2fc56b5eb410d5e85
- SHA1
  
  cd2d8485f5a5b1462da3fd82a635221e6544ea77
- SHA256
  
  a475250408eccbe0eacf1e1c79fee827e7e506ca3cf95a3d9fe0985df0a30890
- SHA512
  
  bcecd2183edbc22126df90dc990e1557cc7f7505f82ff40dc4939cdb67dd6b501055555ef0d732d7bd6493dc3871bc1346fa78620d13d082a23bd117f414a836
- SSDEEP
  
  12288:co29Wa3VvvrgfEENEmbY1OcPAhKY7Xa8HuejC6s9JQ6/n+l:O9zJztsr87oHrC2C6swy
Score

3^/10

discovery
behavioral27 behavioral28
- Target
  
  81411125/266 登陆程序/Project2.exe
- Size
  
  633KB
- MD5
  
  60aea2d6902c59623653004be9651b34
- SHA1
  
  0cf8c85d55d7c794b9d63ead4100886d71e69eca
- SHA256
  
  6f98d5bfbd6b5dfdbb0d48ed7d9006f359b8bfd9e89599be7fea7b1ce268d46c
- SHA512
  
  ce4ebc647e87045267d16b399cfd42d0aa919cd0906ca79651e4d5d393bad574daf01ca31ae8035163c9693cbecc346de16df1529bca159d980ed7d7b56885bd
- SSDEEP
  
  12288:VJDIj4eINYtU1KLUrdDfxjSN4oJi+mltihwVLSVvH2:VF1lgMndTMNlgAwVUH
Score

3^/10

discovery
behavioral29 behavioral30
- Target
  
  81411125/268 使用书签/Project1.exe
- Size
  
  801KB
- MD5
  
  a0d63377691080d1288585f5a4812046
- SHA1
  
  45f2da00604f1e09744f3d4072e068762dabbec1
- SHA256
  
  7171c1dcb60756ca0e43154867a45c3bf29b19eb36d405b9d2a557d29fb8b3a4
- SHA512
  
  6868a329b825f36212093ac0da16dedb9abce97e4de64abf25ec8077482ec39966d344828d78a6378318aacecdad831bd023632e5226c8c6d2a2dd266e72613b
- SSDEEP
  
  12288:+VJyC26fD5l1uguPE7GfEH6umsdjqsqp2ft6OOtWYuJ5pWhttqS4F:4H26F2guP3fCg66/HtG
Score

3^/10

discovery
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32