44e29e9b3ec21fb1741e95bc6f74ba15f469c2252deaa419c43d63ca69c96f03 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bf256f2186833487de6de91e36c1f245_JaffaCakes118
Size

156KB
Sample

240824-wf16vatfqk
MD5

bf256f2186833487de6de91e36c1f245
SHA1

13bf31a14ba20359d73c80d924a14d2ced640a21
SHA256

44e29e9b3ec21fb1741e95bc6f74ba15f469c2252deaa419c43d63ca69c96f03
SHA512

7bfd9f69fdfcf9427aaa9fcfbec2d45a09cdb7dfa8c8d5f0b8cc479ba4e4f62648ae2297c975f503b29838d3a82f9469e3f1025e09747d5ad082f05ec483d5ea
SSDEEP

3072:h/S+u0WkggSZOFjhl4uedqYNnHACuSY+RBHppYb95ZcrCLl81:h/S+uTgoOJ4uehRuCppmjNLl81

Score

7^/10

discovery upx

Malware Config

Targets

- Target
  
  IndoskyRegMod.dll
- Size
  
  7KB
- MD5
  
  fab8e592fc098dd458d15a726d386926
- SHA1
  
  83561c4fc0774c79b062baee92eaff8911e80ed6
- SHA256
  
  caddda9593fc1b05978c534f0ab0e9c39aa29e18bb756251556739abc313ce75
- SHA512
  
  a5b78800b72f8a2f70fa06716ff0a0155fee39ad2c80f8d3ff5b9699f4b3901e36f0e5a38d50bb06cb13494da11acd46a675da404a4cc4fb19d8d8a149d685e0
- SSDEEP
  
  96:x8k31agn3LIm4OzeQnOHs+NEVAdONQIyS/28aVFcA:vFag4O6QnOliA4z/w3cA
Score

7^/10

discovery upx
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2
- Target
  
  Launch.exe
- Size
  
  79KB
- MD5
  
  f58f640252567b53e403cddf304e777a
- SHA1
  
  07b76e08f2538cb0bb4c8298b6365ac7354c89db
- SHA256
  
  cd68952f545611a0431e06450b56f018d9862152529082ef76a22cc9135df88e
- SHA512
  
  828042e344394b8485002d2d6e8b9d290556330d42c66e5c93881021f205853e1c98e89287d45ecabf772da86a95ae33e95d3cfec01e250ae008bfcec0f3f7c5
- SSDEEP
  
  1536:0LnXC1QHMbWkRVFIlVlmYTJtskFkD5B3ggDRuUSk8Liid9:iSmafqhNTbJSNFgg+jd9
Score

7^/10

discovery upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral3 behavioral4
- Target
  
  Mswinsck.ocx
- Size
  
  121KB
- MD5
  
  e8a2190a9e8ee5e5d2e0b599bbf9dda6
- SHA1
  
  4e97bf9519c83835da9db309e61ec87ddf165167
- SHA256
  
  80ab0b86de58a657956b2a293bd9957f78e37e7383c86d6cd142208c153b6311
- SHA512
  
  57f8473eedaf7e8aad3b5bcbb16d373fd6aaec290c3230033fc50b5ec220e93520b8915c936e758bb19107429a49965516425350e012f8db0de6d4f6226b42ee
- SSDEEP
  
  3072:9PdIuG8UvahsdcYX3UI2EuJ3im/ZCdady+RlTp/VYq63+sB:9PBUyhsdEI2++M+RlTHYL
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  Proxy-Connect.exe
- Size
  
  35KB
- MD5
  
  9f41c43a985a8e560510d6c4a5a42290
- SHA1
  
  55f37127e6ac166826064b6a02c61884eb8a94f5
- SHA256
  
  f9d84683dbef6521a3c1877d314c9e6cbbd4021dd2b393a5391bc65365553aaf
- SHA512
  
  6bbd61d07e41f8f8059aa2b8130805b9aa654237528e16a5f36bbf23c179a02ef124629fc234a7ea04d18903ec07a506ddcb4b87b02e92fd18e265f36e6a9241
- SSDEEP
  
  768:/bD2ACBTFxW6QScXdDb7oesUirSOE63aJm:/P295F+zXSxUIEusm
Score

7^/10

discovery upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral7 behavioral8
- Target
  
  Reg.exe
- Size
  
  52KB
- MD5
  
  d2b93e850760a79744a66c8d7d6013e9
- SHA1
  
  96bdad1b453ffae5e649eecdedbbce9365fbcf1b
- SHA256
  
  d652ed1d63bd8cfb7fc69f3a86b70a606d11dbe6e573e02f5aff86899ae28c7a
- SHA512
  
  9349f972c17be9531dbbf01c2199205edda8d861f02bf9aaeea824165d42ac3034bf044eb3340ec8e9c7e7ca1da24c5eb426fbe87f4c6f7564ae9544a968262c
- SSDEEP
  
  192:/T40/DhYnrtDINynT+v0AVXrtqp9TYL4sXphYnrtDINynT+v:/TtuVQbuTYL4sXbu
Score

3^/10

discovery
behavioral10 behavioral9

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10