86b97e7df133d9c1850d89df132291f4c1ba1ea1c1c6d2dfa8ac7ce705d4bdd0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b3f7a97eaa470ffd7d020f0b80da630e_JaffaCakes118
Size

43KB
Sample

240821-sl2ssaygjn
MD5

b3f7a97eaa470ffd7d020f0b80da630e
SHA1

f73bd45f0e55ad5c0aca386e8b59c297dbd196cd
SHA256

86b97e7df133d9c1850d89df132291f4c1ba1ea1c1c6d2dfa8ac7ce705d4bdd0
SHA512

02a0a5fdbdbfdd87fae02cf4fe80e6790046d2af8db9bc4e756d8b3827cfc7b359f2441c6284e21cbc9ac08806f46cd5e2965658af4f03dd0ec0b518f3134938
SSDEEP

768:8/oF9qv5Vn2ZV1LHrrKBRetz4KLR/+4E2i3rVRkfe:8S9u5R2j1Dfmet0mi/qfe

Score

9^/10

discovery upx

Malware Config

Targets

- Target
  
  nk2view.chm
- Size
  
  14KB
- MD5
  
  2ce7fc93ceec113a437d7e4cc2e7bf34
- SHA1
  
  cf5be4ffd194834c93f52dd6b33813d8f63d9d9a
- SHA256
  
  ead503787c37ed8b33a4946d8ab4428ffc450b3982d99dd0e51016f12743fb2a
- SHA512
  
  ef8ca9ff3f13874208581f49da4b88b4dbf9bde0328f92cb036da9c51f3faf521096918a9cf35d8f94f2afefc02425db516b2b4c4b0d4f57f970cab795759cf8
- SSDEEP
  
  192:ygPHd1mi9hXpqc1sQ4/uQQFZLGXFPvAHR:ygPdplp7sRufrKXx8
Score

1^/10
behavioral1 behavioral2
- Target
  
  nk2view.exe
- Size
  
  37KB
- MD5
  
  08e66bc96e551c254735a68c4ca58698
- SHA1
  
  9ff5a56187b159a85376f49df42ac414573f9247
- SHA256
  
  86170f492be774043fe060f45bdf62c301b389c84e91c6dc0b24b63340673588
- SHA512
  
  1d162196cae20a28cfa9c23309d63e802c2fc0308be1463c3601e5ac3c9ca5160e519c29d8fb8518803f7e0a47209f3d349119eb62ddcca1e1e97ddef294ee00
- SSDEEP
  
  768:nl1fw9leGxbyjd/JNH/hcOXcpiMTqaJiUwXbqtMN9/61NN7vuZSp:kx+ZJFiOcLqaoX+tw9S1jjukp
Score

9^/10

discovery upx
- Detected Nirsoft tools
  Free utilities often used by attackers which can steal passwords, product keys, etc.
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral3 behavioral4
- Target
  
  新云软件.url
- Size
  
  133B
- MD5
  
  4f0017b3b346bd0626f0c3b915e6e734
- SHA1
  
  823bf3ff9e16cd636c9dc0dc690d6a586fcbfe92
- SHA256
  
  df65af1fc1e09f6effbde7e0ef1cb64d6caeef1f62b0e6467821efa032533678
- SHA512
  
  0f5eb5024cf6a0323f7998d419995a707c48de917a5899a185369e6acfeb17c09ffa03f7d110adc87b8de20b7d4bf30d50c72479bfb18614d2e21cbe169dc5a6
Score

1^/10
behavioral5 behavioral6

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6