4660eb6a95d1b1fe9261a240b97113ae7b3902a788efbe51afdcc8bdbb71ed7f | Triage

Sharing

General

Target

b871ca091c44857ac0c9b625c5cae5a8_JaffaCakes118
Size

3.0MB
Sample

240822-vrf5da1bqp
MD5

b871ca091c44857ac0c9b625c5cae5a8
SHA1

ea4614af37baf11a70df15659210d33dc69d443e
SHA256

4660eb6a95d1b1fe9261a240b97113ae7b3902a788efbe51afdcc8bdbb71ed7f
SHA512

43bce083dcf5514507c37878b7cfe1e4ec6f0b87fec14c7f13e43124d2c9f7e4a751d0a82011ae3085484222af0402c10c803f581a003318032e4aac5a8902cb
SSDEEP

49152:QhNokLnjGSMSZ1pBHBr3j80by2oDHdc22HnNKkI1Bqr6Uxv1XZf0AKurReSi2R:MbnjrZ1jVjYT96HNtIvoJv1pf2KR

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  Crysis 2 - Hidden Items Walkthrough.URL
- Size
  
  87B
- MD5
  
  27d6db969038ae43ec729edb5fb63b87
- SHA1
  
  843023ea0c0acd8f502ff57c4c6d6b80556fca97
- SHA256
  
  9b66cb26d38131a7b83932b94b576f550f0ee0123fe39bd85fc2b7b8d58350e1
- SHA512
  
  65fde507005aac442209dcc72faa9b9e57aa606d47ac2ff213a8e0ea45b9b6c7ddd057adb13cf2d5894df1d1ecf1f26d2f1339d636545529e1b851a0e4e6a4d4
Score

1^/10
behavioral1 behavioral2
- Target
  
  SWEmpireAtWarV1.0.5.EXE
- Size
  
  8.6MB
- MD5
  
  f172d92ec71af2337c928589c0028a5b
- SHA1
  
  aafcb154282f6464a7e119e78049ad9b2303b00c
- SHA256
  
  92310204ca49756faadce0507aa6bc0b8b0121f543b2599f7e0207f082640063
- SHA512
  
  632095f29ee2209acd63a22559b72180e7f61c8ef620df70f3af5e79f070a227baa97ab71b34eff1bc490beb818f39f6662cf591208db54cf198d277ad02fda3
- SSDEEP
  
  196608:FVzOpq4jTb8oYPxQWiuQGb2eupYmGXtOVnCKvuuSTgdMvau3iMrBM:FhqhjTb8oYMeupYrtgCquuSTgd4fiMru
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral3 behavioral4
- Target
  
  Star Wars Empire at War V1.0.5 +5 Trainer.exe
- Size
  
  716KB
- MD5
  
  c63de7dae9c3d663711b60171e9b7f43
- SHA1
  
  d865fc3c7a1a2b79935be810f533b3d549dcdfda
- SHA256
  
  7ff8b7cba46b04a04aa8a44a9a52c23c488500874688a13c017383e5be4fcdd8
- SHA512
  
  b2249b264b775958a686380bd632c1996ef3545383c40a01d35ff9830477fa3e53c01724397081372bfd2babd96c418c5af5949a64741c8c99dea13227ea00f3
- SSDEEP
  
  12288:KEDCJJDXb8qWvvMyesvleMkWzChpBT2Zh46b2SBOfV612Si4+NVT6qb7KtR3cLR:KmQGbvNvjkJPOh46b2SBOfV612Si4+3d
Score

3^/10

discovery
behavioral5 behavioral6

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6