067f11eba4f0095ea056ac158a73f006873f9f8b908984f60c18036d3bae2e67 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a60fe33aa7174402b4b167b96151e37a_JaffaCakes118
Size

1.3MB
Sample

240818-kajttsvbra
MD5

a60fe33aa7174402b4b167b96151e37a
SHA1

3167792cd3144fe97709e6c3bff0f09a4639fce0
SHA256

067f11eba4f0095ea056ac158a73f006873f9f8b908984f60c18036d3bae2e67
SHA512

897c272964d024d83ee5b8dc861283e8f8bf949e3371987819829c7920b450328a740d4b578abe4867e1e633c1aa1fd2810dc04902afdf30cdfb7823bb379657
SSDEEP

24576:qc7YIHpGw8HTPtrAW2P7p+Xdvdc6urtljajL+ezC/6cFriPZGv2:H7mFrA/P7p+tdcTrtBeLnC/KZ/

Score

3^/10

discovery execution

Malware Config

Targets

- Target
  
  2005121611581996/2005121611581996/HgzVip1.2/Client/DelphiVid.pas
- Size
  
  120KB
- MD5
  
  759a6bb29bce62067254c2b53cbad875
- SHA1
  
  83a6a3fd79519da5198e426f630308b2fc036409
- SHA256
  
  d8c2180f6f319a0407eb811d6f457bace4d80afa356a24448fbc47e270ac5c66
- SHA512
  
  f83464fe9afd0fd000dbddd5cd67b834115ec53844b39690185f7c272bd5fb80bc4a838347d27845d43830c12455e1dc367a261e621f00163a2f24cf1669c8cc
- SSDEEP
  
  768:X3HLxFLkthvJNIl7HSULPvibLBrndeGzi5gG0GLZ1L7XbLGfG3Bwo/oamBy3zZxo:nL/kt47yuP6bLBrs5j1030eOpgrF
Score

3^/10

execution
behavioral1 behavioral2
- Target
  
  2005121611581996/2005121611581996/HgzVip1.2/Client/DlgshowUnit.pas
- Size
  
  1KB
- MD5
  
  08b8fac889d1c588d531c85deef96bd7
- SHA1
  
  215053d244abbef4692fef655e25c0be0f7cbdaf
- SHA256
  
  ab2dd705b3c1d84cb4707cf14717f057d141b6334b02e454b4c6f866b18abeba
- SHA512
  
  1c3cb16c5cfcdf2e58fc4d7d83796a0c5dafeb9cfb09c87a439e19659ed8b1aa66e58e5201a1f4bd7b547cee57d6efcc45aec8f71b5ae512636a8549cf16f92e
Score

3^/10

execution
behavioral3 behavioral4
- Target
  
  2005121611581996/2005121611581996/HgzVip1.2/Client/FTPServerUnit.pas
- Size
  
  5KB
- MD5
  
  d524255875d2be4b26847955d515278d
- SHA1
  
  c04c438a2e954affd3041b5d1c8b8e654a37137f
- SHA256
  
  f23f6a2b1982cf5a39c2819b987c93aa6a92889d1b2d7fca7eaade7483e8b473
- SHA512
  
  68fdc370c8b8691867e6c39dd460dd637c5cf49f6143eef0d3450cf678899e7aad29bd99f5d942f6ab41b145d55a8837d64f6a3026f372027434d052b1ae7772
- SSDEEP
  
  96:ugzwBi5QI+dNq3NHpBiEUM6/wh/wHA7Qz+ddC7j2p9TvjvSlMmJLujHkOSG83QFz:x1iNq3NHpBirMMwtwHiWcwMmBujEOSGT
Score

3^/10

execution
behavioral5 behavioral6
- Target
  
  2005121611581996/2005121611581996/HgzVip1.2/Client/Help.chm
- Size
  
  132KB
- MD5
  
  60072afd2dff52ee3083c46a00568ebe
- SHA1
  
  a0041f20bf2d325e58ac4b719fb89f5697586037
- SHA256
  
  b6849f70ac08cc2e46eb7fec30a21d6f9b8f9f68d5da4c6bf6573ab39290a285
- SHA512
  
  5982bce2f347dee8c83562cf03c03cbcf7f7d7d1bb866b0c227bd9145dfcda7641da324df46111ba0c0bfed05809f2e3e364baf5a17dd70707aedbd5aced1e07
- SSDEEP
  
  3072:uIXWF09MR82NfXBQ/FuztLWzUtlGhrJ78tk5izi9uX9s3fH8fsF:uIk+W8Mf6FuhLgMlGxJYtacWN8i
Score

1^/10
behavioral7 behavioral8
- Target
  
  2005121611581996/2005121611581996/HgzVip1.2/Client/Languages/Big5GB.exe
- Size
  
  153KB
- MD5
  
  b8ee6f413d34ae75320fdb1e5d17235f
- SHA1
  
  ad6cd80ec41ca54ad71777657badba8939e0c533
- SHA256
  
  2685d0d32761b8d9da9f496b7279987b38bbab5e5213fcf633814d1ab4ac7a74
- SHA512
  
  74bd65d829c8dfec0399b7b05159bfe4d7d4da3c9774078e1b0ceb91b47fca4797fcf771bc9c991a4f13c4be19f5b74c78fef025f0e09293ca6149110ba98c8a
- SSDEEP
  
  3072:WzTGvkJgNCTwTO1w3UJ5A6cWuA/ErTXBAMrU8QmpYMiPQSBJfWv:YvaC19JIWuA/YXBtRuP7I
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  2005121611581996/2005121611581996/HgzVip1.2/Client/Main.pas
- Size
  
  256KB
- MD5
  
  2148a06c4cc70a68f16c99eb8cd43c35
- SHA1
  
  c97e74f70f4d2bb05b772e9bff8e92905a9517c9
- SHA256
  
  8a0b713260790ed75f068dab6b178f1bec8175120feb2d494a6ded69efb85e82
- SHA512
  
  8b292f0c5008c04c1fcbb5218b2152006a4a95971469b13077785cf9bfd6c95d5cbb125ffa58bc01114e3ee8747fd72f84663ee4a9025b0680c51c8a7858c820
- SSDEEP
  
  3072:hmkDMf2Q/BxZYVtW7Mgg6HoSGjBpSG98u2h0SlHYTtYy7:8kDMf2Q/BYVtoMbSGjBpSG98Bh0ukZ7
Score

3^/10

execution
behavioral11 behavioral12
- Target
  
  2005121611581996/2005121611581996/HgzVip1.2/Client/MsgSimulator.pas
- Size
  
  18KB
- MD5
  
  f48d9d7b8a4444b09e99bc9f2d4ad097
- SHA1
  
  5127523abc75d83873551b541689595b91b5db1d
- SHA256
  
  ad47be0b8e26a1436ec1471bfc78a8af6325f9a395fd3f6b99d30a43ca973604
- SHA512
  
  80688109fdcf99772eb434f07f280b4a4ab543a8d58c773316fdc86b8e8bf30c3b796574bbe9a53dd19c43584c352c190fda58dd531206e829030286e873a045
- SSDEEP
  
  384:VUILwUdZFgTH7Zh1OeZJ5RgsDSPD882pqSQb/STejKt:VUILwowFRgvrp2pqZb/4ejs
Score

3^/10

execution
behavioral13 behavioral14
- Target
  
  2005121611581996/2005121611581996/HgzVip1.2/Client/SkinData.pas
- Size
  
  142KB
- MD5
  
  79821a255f06d4cb0ff129afd60c935e
- SHA1
  
  d4052f27c741a5de97a44baf82950ce729108b07
- SHA256
  
  ced1ce5b5bd88939291b30ef8e8d1ca7a8c18914ab1647ebd3fbea752298db1e
- SHA512
  
  237e9f8e3d67d93f6b0d5fccd9d0608a8391c849e64e753bed5397a7706b257fd86779bf2cfd4194733a735587191c0e32201638e4006eb260e7cd2671077c8b
- SSDEEP
  
  1536:K6qUjaXP7AdGtbMRLCr9EhVsj3T+XfDGpOo9ckRjl:K6qUjaXP7AdGtbMRLu94V5Gpwkb
Score

3^/10

execution
behavioral15 behavioral16
- Target
  
  2005121611581996/2005121611581996/HgzVip1.2/Client/headers.pas
- Size
  
  50KB
- MD5
  
  ba486b1ef17becac7ba933a19e7c5ea6
- SHA1
  
  71a14943edb49776a667e828453a08723f82771c
- SHA256
  
  030ce2a1b8ed4ab10e23b074bc8b36291bb11b7db7071d20c73d5521466cc3f2
- SHA512
  
  d3c270cbe061307874a9d3ab35fd2a990bf894f9a4f9679f0c0837cbd0a64a1cfbf07d0366a68e3101d499d22366e4403f0156cfce3bfc2bad75ee237f519200
- SSDEEP
  
  768:g8gV7f4AYcFoAhLhH4tK8x9fw4MmcRQkssh5H/V3DFAaHafagqJ66FAaXazaNnb+:dOLhH4g4MmcvP41
Score

3^/10

execution
behavioral17 behavioral18
- Target
  
  2005121611581996/2005121611581996/HgzVip1.2/Client/icotool/unitExIcon.pas
- Size
  
  72KB
- MD5
  
  fa7a3f7f2000b7b88eea6d93dace1142
- SHA1
  
  b370c7384e64522858f9c96cb9d3f087fdcae672
- SHA256
  
  6cab8f952a518a4ef7d591bb3aa539faf2e54a178d57621b3f3406e737930d94
- SHA512
  
  f4d06545c9c2d77091b3443dd58ba423963914493af3391121296324f6af0e3a60b48ec819f63eb9173b5d189ceab72ffa4c009ff22959f4fa2b266889fa26a4
- SSDEEP
  
  1536:6LwVFihAor0J5rDDGD+YfqpWvExix/JvfesUMCs5uX0LQ2Bfo:wwVFihfr0J5rfQ+YfEWvExQUMf5U0L6
Score

3^/10

execution
behavioral19 behavioral20
- Target
  
  2005121611581996/2005121611581996/HgzVip1.2/Client/mixing.pas
- Size
  
  59KB
- MD5
  
  b12f283608aa921007d8228e49fde716
- SHA1
  
  9bdc16f58565ee6d2d939df3993af31855d34768
- SHA256
  
  b1ae2f89f21b7937462b191a6934e41f6df6aa07be229e4b44da9421f0b25d90
- SHA512
  
  1f381dc78857b94683fb0cfaa11e03286cbf3aa512f64619c9c90320e8561836d1bfbab7c776b9d8e605398d16c52c4f2482e2a160fabb56b25c44d52a6d9a73
- SSDEEP
  
  1536:sI8RZNtFzZ6J1mCRdMOjhLTLZTg97LoSe1kgntEaFo5o:MFzZI1m23L5T870Se17dFo5o
Score

3^/10

execution
behavioral21 behavioral22
- Target
  
  2005121611581996/2005121611581996/HgzVip1.2/Server/Clearold.bat
- Size
  
  70B
- MD5
  
  7f056c82e0523fb22071904361f4e2cc
- SHA1
  
  2988a6e2c44017fbcbe41353e7702a4f86154ffc
- SHA256
  
  4b246c45e669947ef92357e4221e01d08bd9a132d83d186bc0fc0d95d381faa2
- SHA512
  
  2010f1269a914fb27d925be42500839323c1ad386c94646f2779ab6df1cd2acb45dfb7b53ddaa52e3e49f5a6baca4d44c3a65c1e4b6aa6b9f0d60f5730885bae
Score

1^/10
behavioral23 behavioral24
- Target
  
  2005121611581996/2005121611581996/HgzVip1.2/Server/DlgshowUnit.pas
- Size
  
  1KB
- MD5
  
  ae95a16d701ea63a9ceb530491d6795d
- SHA1
  
  ba8d4a912c66ebe13d5899a83c57f200d1457403
- SHA256
  
  5b079efe3175f8bccfaa503848ef6b8639194c1ff311512cc75599dc0b91dd4d
- SHA512
  
  4aff56f177f0ddaaa01c1b56be2c209bb41a49a454a3ceefa67acec2e237cd7d3fe022dedc06ca72c1a534c9b848f59421c130bd714c0b78d46922dac72f8d11
Score

3^/10

execution
behavioral25 behavioral26
- Target
  
  2005121611581996/2005121611581996/HgzVip1.2/Server/MainServer.pas
- Size
  
  110KB
- MD5
  
  987f0a18e62ee16001bce56d932f253c
- SHA1
  
  7f356eb1f64151d6ee294c630687d8d874d39279
- SHA256
  
  078f56d76f9dada1bba58f37765345fb756b757a649eb5c7f20e7b801d8e5a88
- SHA512
  
  c04de5604e431a54a0dfb9b590e1b28d1d9847ab5ff0d100f56b6b40cc1ce76eadc2d315bea9a6d0ac8588d4a0c56188d8bcba2ded734bfd1edd8d5a11fa8e0c
- SSDEEP
  
  768:Rs2RNuSn4ZpuSMN94TwzhQaSVwmq7ZEgCv+PIgvHJ8DdBgepxmWCGSP9Do+03+u9:7fuSiM0TwZZESvp+MPrPSxh
Score

3^/10

execution
behavioral27 behavioral28
- Target
  
  2005121611581996/2005121611581996/HgzVip1.2/Server/WinSvcEx.pas
- Size
  
  6KB
- MD5
  
  172621c59940a979a251a7e4fd75cdfb
- SHA1
  
  bc6d0cf561f6cc662b343b08076bb325c31657fa
- SHA256
  
  58cd099d405bfe27ed938eb90c36b50602d37cd9ddde5b8775a110eb8fa84dea
- SHA512
  
  5ce58e2529d6cfc1c9a4a8365843ba0eb614fe29af11b0144317f0a0967c4893b37f5377db45b6c4ab39ac9c3cd1933516c7a8ee1be7f95bf2b15568415ca37d
- SSDEEP
  
  96:QXKEgKbNfDfjAy56GAlsPjg0ap7r63Gd4UdpE2FaZD/CKqhD+/KqzHpJ73feieJc:Q3F4vkD6zDcjgLATdmS
Score

3^/10

execution
behavioral29 behavioral30
- Target
  
  2005121611581996/2005121611581996/HgzVip1.2/Server/headers.pas
- Size
  
  50KB
- MD5
  
  ba486b1ef17becac7ba933a19e7c5ea6
- SHA1
  
  71a14943edb49776a667e828453a08723f82771c
- SHA256
  
  030ce2a1b8ed4ab10e23b074bc8b36291bb11b7db7071d20c73d5521466cc3f2
- SHA512
  
  d3c270cbe061307874a9d3ab35fd2a990bf894f9a4f9679f0c0837cbd0a64a1cfbf07d0366a68e3101d499d22366e4403f0156cfce3bfc2bad75ee237f519200
- SSDEEP
  
  768:g8gV7f4AYcFoAhLhH4tK8x9fw4MmcRQkssh5H/V3DFAaHafagqJ66FAaXazaNnb+:dOLhH4g4MmcvP41
Score

3^/10

execution
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32