f60f7a0595adeacc01980687c485004d9d4a5dbd8c7e15253a5144fce3743437 | Triage

Sharing

General

Target

bfc996a51380b265b920371361834b6d_JaffaCakes118
Size

1.2MB
Sample

240825-a5d7qaygnh
MD5

bfc996a51380b265b920371361834b6d
SHA1

9d5029317a7dc2008aad067aed1a38db4a330e4d
SHA256

f60f7a0595adeacc01980687c485004d9d4a5dbd8c7e15253a5144fce3743437
SHA512

d4969ac0f6dd67232e136d5d14c332806f709ddeb54d21065ee1ee9eef54a69f568f19f6f2a4e350d0fb24f9aa609277ac3ed944a3c6b71b23bb538d73203d99
SSDEEP

24576:U2XbsVhWbltOaw2m2ggQ4HiC2ovSl0Pk8g2F28Psi/8b3stg2wmjMAH:1shwQF2mVgjhvqqPB2ni/wswiH

Score

5^/10

discovery

Malware Config

Targets

- Target
  
  ssQQkjxcplxzq/苏苏QQ空间相册批量下载器.exe
- Size
  
  1.8MB
- MD5
  
  1db3ba7e9a23f5b1b3ab0c91aabbeddb
- SHA1
  
  6935ea87153c246f8379693138ef0e6463497b6e
- SHA256
  
  8620f081ff26a2720dc5da15fa06d36aefc1a30e393f05c225b1da264228bdf8
- SHA512
  
  a08875265c3ef3d5fc2b5ee5eb0185c53c0432bb1d8111b8fc3e9d5f9d5951cd0c6a7023234555080c0de51d48dc1ddd487ce1575aba9f0b799fcd7ef396477a
- SSDEEP
  
  49152:toAVjN6wOmCGP3439NNTc+vX6LDfmEq2dSYZjw8uHxuBqfvtDTo+0:j3nvscL7v9w8UF0
Score

5^/10

discovery
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2
- Target
  
  ssQQkjxcplxzq/飘荡软件.url
- Size
  
  328B
- MD5
  
  e97aad722245bfc4a60be0e6f453be6f
- SHA1
  
  c7b7c9585109f71526ed65616668ef7573841d9a
- SHA256
  
  3f6b8de5ca595a2e7371396fcb22b303e0f664733aabc940657c33324d5f269a
- SHA512
  
  f151b723079fc09ac4b44c540b278b8c273f3958d5b661a6b30e31b119dca6d017ab0f987c52c60cc46e917ef9626e943971017d8e1dfe11c4cf27b93a2c772a
Score

1^/10
behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4