24ec62ee5147fb7179a2639ae7990d69d843a6f31f6e0c800da841128cf9dfb9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

be8daf263ecc8b5bbb8d4e36797a28a5_JaffaCakes118
Size

1.8MB
Sample

240824-n8tnga1ckm
MD5

be8daf263ecc8b5bbb8d4e36797a28a5
SHA1

93420ba55ce1169cb4669a89516548dc4bb3ec5c
SHA256

24ec62ee5147fb7179a2639ae7990d69d843a6f31f6e0c800da841128cf9dfb9
SHA512

f58a0b5c614c35d784041cf1a374746af2d93d77677aba92c7106d4c7c4823a113210c18b7a9da99fa8b009fd9f1be9eb648b746faea85d21bd1b4e28edaccda
SSDEEP

49152:k+fVT+52BqVAOa6wVYFsMe1z/KdgNzGa9tI79OT:kCB+EBHRVYFuz/Gg1G8O9OT

Score

5^/10

discovery

Malware Config

Targets

- Target
  
  QQ空间访问量辅助管家V15.9/QQ空间访问量狂刷辅助管家v15.9.exe
- Size
  
  1.7MB
- MD5
  
  ff17b544044630f512015f438d49ef34
- SHA1
  
  675ac19a301048e1cc9fd4f710b44d5399ac7e8b
- SHA256
  
  931479cdb9274203924766e446ccfe032c7ecfd4d8eba6721467411b8091613d
- SHA512
  
  4dda2d5cd354c68cdbd2c014e80fee7aff47cf282c2f96904b7c0cd93799bc2fd813d6fb58fd3d1433e124ca6eb27cad809dcc5fa900378d94b7cee67d11a50e
- SSDEEP
  
  49152:/hW1D57oSaRfJ7JYKFnXbKAATJcUmwksDPVOZA:5W957oSwfJ7JYKFn2AWJxmZ6PaA
Score

5^/10

discovery
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2