a3cf73d296d5910dd7da2ff4effc66f206bb08bafe8ce3d5f89c7ba67716fb88 | Triage

Sharing

General

Target

a6d887684a89e2d9465c3cf1e40e471b_JaffaCakes118
Size

4.3MB
Sample

240818-qry8qsybnp
MD5

a6d887684a89e2d9465c3cf1e40e471b
SHA1

63ab6408122198e6d0de1b54d2bf25da85e0f3b5
SHA256

a3cf73d296d5910dd7da2ff4effc66f206bb08bafe8ce3d5f89c7ba67716fb88
SHA512

c9c3a84e34253c580153d9fb1510ac89f9a2f3faebbfdbca1dd1a7a2edbda3bb645df389015cbc61023b752f9542b74fb64810cff5ee2b61ccd1d589bcaf7cc8
SSDEEP

98304:6jy3e5rXsUt5qUt7j4gbidIzZVmAL70GzEKIG3wgPLKH16zV:5Krc45vtgg+dI14AX0GzEOggTqUzV

Score

7^/10

aspackv2 bootkit discovery persistence

Malware Config

Targets

- Target
  
  Converter/!)卸载.bat
- Size
  
  206B
- MD5
  
  da40993071333c55c479798cf7e339da
- SHA1
  
  2e32e540e88b9eda6ad1eb0f486ea2c90e9ff21a
- SHA256
  
  906cd5276b165f97d5b93ea0d049ef9d28a7c9ea6c36c4aa66d228cc7536cf0c
- SHA512
  
  9fbb19e81c38d09364dcecf362b4bf15cb6f0526e9cac7a1c6edf08a7825a3a80631922892b5b95489a89f84eb02f22bf65476d0ef3b3524ab787dc1ba00aa23
Score

6^/10

bootkit discovery persistence
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2
- Target
  
  Converter/!)绿化.bat
- Size
  
  405B
- MD5
  
  b5cf7e4083f8aefc00423d424f7ed52b
- SHA1
  
  5b3a6e56ad0f6941fcbf05ad833a553d5dc5237a
- SHA256
  
  37c61a6d94e5b97dadbc8d372217274496d5a47bc2b5c41bbff9dc27eecb5332
- SHA512
  
  69a4ee492d66968c95e816c423ae2498b01829d14b41a955f143c3b212533020d3295e38ee7bd96e0d318a3d2da38ac195f3da9503362dddccb5ad8b921e5df7
Score

1^/10
behavioral3 behavioral4
- Target
  
  Converter/All Media To Mp3 Converter Pro.exe
- Size
  
  438KB
- MD5
  
  23978b0a11d16652dd38de8659460c8b
- SHA1
  
  c248ce8f7224daac3de36f74021a12b9c227c2cc
- SHA256
  
  dbc3716da0959319b28521b8dded5c7eb8343e0a8d731eda55f6d0676136ac18
- SHA512
  
  d538ffe6f3ca3d680f8386380bc66d2d4db89c0d9db499d7180303aded4c9f1fda668a7c6e6937bfa8cdd06f63abf4b42e78702252d057206ce67f0823899e62
- SSDEEP
  
  12288:QhlJmyshkFqsEIofqMmkv2HtG11oF1d+73e:QoysfjqxkvX1oGe
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  Converter/More/Audio.htm
- Size
  
  6KB
- MD5
  
  e75de80b65c73cd52eb788bdc40f6471
- SHA1
  
  e6ffea66729b36022e3b45f50731b681d7ce583d
- SHA256
  
  bd737e335756ba52b99bf68f98954c5ac9c80312057566d7e2e728f060ad10d3
- SHA512
  
  d0c8baa35399bf1ae3c7a6c42f4bc2061fbb1b1ed5c52fb309a82e1c335dc983a8a3abc1ee79b0b2c05e5a93b0db151568af09edac4e421556ac299fd040a3c7
- SSDEEP
  
  48:bpIE8S2+bSTah+8dH2MMiKAv9JZyYQLRMjoMihiXCYU783KjkEv/IPMiTeOri1/y:IShSfIJwNNMtXOgu1XbvgHNWYJhgbI
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  Converter/More/Business.htm
- Size
  
  6KB
- MD5
  
  e841d5f1a5e3fa959c9967c2362f25ab
- SHA1
  
  0785d61964d001dbe353205dfcf94480187bd443
- SHA256
  
  bad94de18f4bfd9b31a5adde74cb5ac03a81124ca004640d53d1b26a5f07e346
- SHA512
  
  baae2d33b40c7f8a78387b782cce0820221ba4667260f577b1ef14bdf92612dd237496f3577d336591fa390cac77ea3217f71cab9162e3f971cf166fe953b353
- SSDEEP
  
  48:bpIE8S2+bS9/L+ZotqjldAzhQabMgokeXCAmu3xTcx9MoGH+RYxIVW9MkBNiDryE:IShShIkeXCupC1q+XHIEd8ul/8uqAhv
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  Converter/More/Desktop.htm
- Size
  
  3KB
- MD5
  
  e7af3ed160537cf9b2490c6205975a7e
- SHA1
  
  8104010b070b42d265b270bd47e1cec67d6aa38a
- SHA256
  
  9d80857ca2e7a66d93fca96a33d1e30c8eb947aa76d5665bad75ee4755f27c55
- SHA512
  
  9f227c30deb1f4cf08f21e1806057ffc8e0600b6a188ae0eb52e8a5988d944046b0e942a56ed6ae8d452354f466d8fbd5e1547a4db09b60d904b09bbea0b5d79
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  Converter/More/Excellence.htm
- Size
  
  5KB
- MD5
  
  a429d8a83dd0201a205a82acfce3a9d9
- SHA1
  
  f4bc4bfa4a670b20b5309a35ab99ce661173eb4f
- SHA256
  
  ec0912d2e1e6baff1d430d29ffb276e68c98598639c4b0317d38fa5c03519fe9
- SHA512
  
  07f4d8defd94d1ea687c2a91e3893ce73b9f50496e0a9c93a4ed8d148a30ffe5b0c17ededc612e89983ef0e4c1ea06ddd102ab839ba9290c59ac2fcb731ace1e
- SSDEEP
  
  48:bpIE8S2+bS9/++5otqjldAWhiabMgokeX7AtYxTcx9MoGK+VYxIVW9MkBBFDry++:IShSoIveXMkL11+E8WIEwpKshgqI
Score

3^/10

discovery
behavioral13 behavioral14
- Target
  
  Converter/More/Game.htm
- Size
  
  6KB
- MD5
  
  441094f1319e40e4a4b97c022fed6068
- SHA1
  
  cbc9b77a340e6623edc2bef2b6fc495dad80d3b9
- SHA256
  
  bd2faa86010a4596cdb6d6a5f9fdf5fbe58211ad81e560005eeb3d8e598312b7
- SHA512
  
  aa26e5a02a6064781564ce98bd931c54f3546124f8ec6422233ac63c1a0f0133f86c3443cd4c6ea0a426134ea9aafea0481ad016a83e260ba321308328e963a5
- SSDEEP
  
  96:IShS3WIEOteX+kfw7WMT39MKc/pzt21b1pUoYhgbI:1IEOMOk+mKcRp2Vn8L
Score

3^/10

discovery
behavioral15 behavioral16
- Target
  
  Converter/More/Internet.htm
- Size
  
  6KB
- MD5
  
  5b3e0de3510a95816e6ea8b1b5d486d6
- SHA1
  
  64b642ed612819c67d6b962d2d7cf28fe11bccd6
- SHA256
  
  915577dce00782295f5a489f0003a685b9f2b6f8c2f562b2f6a39c9774239efc
- SHA512
  
  cd493ed985f2e7c61fb04fc114daaa7173ce122d3649d8a72e895d55e758a9fec723da61e1a7d76ae76f9ebc127cb8e483c76c72f5d9deb22ebd3d07498292bc
- SSDEEP
  
  96:IShSh1YXXaj+Rqgyh2HAQ+MBmpzEsqnrA1pza2XAhhgbI:m1YWcjyhMutwsIInXAhL
Score

3^/10

discovery
behavioral17 behavioral18
- Target
  
  Converter/More/Multimedia.htm
- Size
  
  6KB
- MD5
  
  ef35e2d5af7c4db14eddace8710befc7
- SHA1
  
  046073898e02adc5a7adde2de0969078ec917842
- SHA256
  
  e56ead00f16bbe620a3f5bab2b0742c23e921767abc4c1ec71bcbe5f30ef33cc
- SHA512
  
  2d172849d283a9c544df18df49432e2e398d02a436c88b53c0d6f2a8e48b9e30c34c433aa2c1b00f4f5494be75f9f8dde5cbaee88256fba686452eae4701c024
- SSDEEP
  
  48:bpIE8S2+bS9fLQ29GGYhoUKQMdAzhQabMgokeXCAmu3xTcx9Mo2ADry+AMkREE+Z:IShS8peXCupt+CmBHIEd8ul/8uqAhv
Score

3^/10

discovery
behavioral19 behavioral20
- Target
  
  Converter/More/NewLive.htm
- Size
  
  6KB
- MD5
  
  efdcdd21e94a89185fbfc0f3e8b0caf1
- SHA1
  
  4baf3bf1231c0cb285e2197444c0fc611675af20
- SHA256
  
  a619109c10c400ea322360797511fa141bdc5c1d84ee27286f1f4f7732e0c9ab
- SHA512
  
  860c5539a104527ce00c2c9a145b1198f19c4258a5130b60675d268cb8dd1d5da6b8beda07987daa1d51c3f6ff14f16184df2cd60a410543c458dae0723726cc
- SSDEEP
  
  96:ISqSZvNXX6E7pyd4feTWrRrNT0anurIwGhgL83zu:P1H6Upyd4fmWNpT0XrIwGNzu
Score

3^/10

discovery
behavioral21 behavioral22
- Target
  
  Converter/More/Utilities.htm
- Size
  
  7KB
- MD5
  
  d5df3ad04f808c8b16aca80393d99845
- SHA1
  
  e77dac88cdbfe90f0eeef497b5305ec27c7de921
- SHA256
  
  b93019083b733e094d7c6c51cfbb26614a3b03e43f380ac0b8367d1ce27b2ac9
- SHA512
  
  cd6258c88b97039b4ca78d5d2f799e4bfc5bbe3fbba854cf6165e275e1c8fa764f07bcc58c291b52a62a71c42586c76c45275dffc84c225b6877107a69ecf7da
- SSDEEP
  
  96:IShSyP+yeXzJIMMJ8D/rAfICnpKhpwbKhgbI:LP+1IMI8D/MfICpIwbKL
Score

3^/10

discovery
behavioral23 behavioral24
- Target
  
  Converter/More/WebDeveloper.htm
- Size
  
  6KB
- MD5
  
  c3559e2df8186eb4da5ee04d73c688bf
- SHA1
  
  09e164078769306749ffc8987971b486854b22d8
- SHA256
  
  4de2696ed42e08a6e86138c63351fb6b9707be03bc2b66ce581ae764f7b0a394
- SHA512
  
  a66cb81fa11b3af0ed9b4a89b960a8f41e1ee8d19e9bc3f49a6769e80d2631e7d509eeea952a0a5283a18686f6a3b17ef0613fda4e2f6fdb71ae507ce1f024e7
- SSDEEP
  
  48:bpIE8S2+bS9/L+ZotqjldAzhQabMgokeXCAmu3xTcx9MoGH+RYxIVW9MkBLsDryq:IShShIkeXCupC1C+RHIEd8ul/8uqAhv
Score

3^/10

discovery
behavioral25 behavioral26
- Target
  
  Converter/More/images/style1.css
- Size
  
  333B
- MD5
  
  2ba4d52b98ddad005672018b6e82bbaa
- SHA1
  
  76a0548d275d03dbfb173de8d208ce4850bdf818
- SHA256
  
  8867f8c2d45c95f7d324b4d6b538f73cf9f28e07ae1f6e0942f6c3e30579047c
- SHA512
  
  f8bf97e1e9ad7d3a9c051c90b16e8f37a29923cd45778a359c6125eeb81e1caa10f69b04b83126139928c6f48a1ca123f52101debcfe900cab4226bb12b80a67
Score

3^/10

discovery
behavioral27 behavioral28
- Target
  
  Converter/More/more.htm
- Size
  
  6KB
- MD5
  
  c4eccc522b8a82d3b58301e9326fb62c
- SHA1
  
  ee8e6d2d3793673d344d8e88189e1553ed78a6d4
- SHA256
  
  a8d6d45fb11ec7185ad17813bf1a7190164455fdd9f27805b1a393089a39bf2c
- SHA512
  
  ef06f99617c2f66249b42ef67dce6cbdff77f4bd3d3ee934aa83e36a69305bc4557bcb4cbf628616cc4233907ac043484811d7b711b6136d364f59f7877c7a85
- SSDEEP
  
  48:bpIE8S2+bS9/L+ZotqjldAzhQabMgokeXCAmu3xTcx9MoGH+RYxIVW9MkBAlDryZ:IShShIkeXCupC1W+yHIEd8ul/8uqAhv
Score

3^/10

discovery
behavioral29 behavioral30
- Target
  
  Converter/NCTAudioEditor2.dll
- Size
  
  620KB
- MD5
  
  2b5a9e21a48f1ede693e76c181df663f
- SHA1
  
  4109d51982cd4071f6330768dba99332937cc231
- SHA256
  
  b80f395373de9551af1ec3d145364aaca2101ce627978d452e6e721cf61b7f2a
- SHA512
  
  6e31dea74dcc651eb7dd298684478159499527e0c0b2a442e24f2652bf9c70a5ecfbd4a777c93561734fbb4d74ed874a1ef59c06242042debe0eb9411cc99130
- SSDEEP
  
  12288:NC88CW/+6DbaGWBsvPPaSJEwMMYdEY40Xydo:N18/W6+BsvPPnpMMYSY4T
Score

6^/10

bootkit discovery persistence
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Modify Registry

Pre-OS Boot

Bootkit

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitdiscoverypersistence

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

bootkitdiscoverypersistence

behavioral32