996cd49012b3c6646b0cbedfb4f42086ca6acaa4c4b2544d4170dd0560f92ba7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c7cd96501f1fc06ff0130796b1e31bd1_JaffaCakes118
Size

2.2MB
Sample

240828-2yfkrasgjr
MD5

c7cd96501f1fc06ff0130796b1e31bd1
SHA1

59f3acae609666761d8b6b9d6bd3f6d3594acfb1
SHA256

996cd49012b3c6646b0cbedfb4f42086ca6acaa4c4b2544d4170dd0560f92ba7
SHA512

092686fbecffeb961c017041a3878136038b4563ee4180bc9b052887995a7f86198e8ea51928fc40d1fdb1a3dac32b68a0547d902a2e8c6911c23b7053b460d3
SSDEEP

49152:NriAKKznUhtsa7QZLfV2JE+Q6BuzDl9QRvGjsIi3Wn2:5iATOtbUZjoJE+Q6BuzDlmRejw3A2

Score

7^/10

discovery upx

Malware Config

Targets

- Target
  
  Files/COMCTL32.OCX
- Size
  
  595KB
- MD5
  
  e2bed335446b7321ff38a138b3962e8a
- SHA1
  
  f183eaeb7e4af955aad1d894dc46801b715f3ad9
- SHA256
  
  a071a89ca5f35ff51a5631b7ea7aa882eee1e8787640ab2e0c1f192f677ec443
- SHA512
  
  61bc1923e03daa74c0061e6534e5014375eff3728ab16dca68830bcd687991c640db4a6c76836cb0b92179e90159bd1f202fdb71b57de7ad760cc677fa3636b2
- SSDEEP
  
  12288:Wkec4KwGf99MSOeMkeXrnhIcVthDGn2mwCyP9tDCcrcJIVulr:Wk6nTSXJI4lr
Score

3^/10

discovery
behavioral1 behavioral2
- Target
  
  Files/CoreAudio.dll
- Size
  
  16KB
- MD5
  
  4f930155061640c3e074a76637547345
- SHA1
  
  232e6bc8b26a60548507c8bc28f2e86d28b2feac
- SHA256
  
  99a44082e1f5ec112e2df1f0cf14284ee8e164b38af68295523f205cbc7a3589
- SHA512
  
  155fe3538b38e616aae3e741618719b337e47ecd23b4761a86a1a2c16404ac2e96a4f5e446308a3f9d62b60341050e9538ceb7b2d75338c85cb41cd19ed8f781
- SSDEEP
  
  48:6pM7POSdIpCLeGkh5q6msMLduJQk+gdqF+bT9G9JqsqQOllamLBF:4SdIkeGO+s+gdqFyRes7RIm
Score

1^/10
behavioral3 behavioral4
- Target
  
  Files/CoreAudioApi.dll
- Size
  
  32KB
- MD5
  
  9f72f05da52a3527e42d082221226689
- SHA1
  
  01f229f7fadcb7d5c87a2fa3c6b657c94767a42d
- SHA256
  
  7aa7683aac8c2950f60c06b454b67ca1318a849ac24feb6bca0196d1e7eedf09
- SHA512
  
  0ae2eb2edfcdf653379ac8917761900985156ffff2a7a42511e5e82552174b58f5d392706fd6e1399883aba4e3ac82a0582c0e4b96e7f58cf4dda2a99799d50b
- SSDEEP
  
  384:glh+nRz+G1po2b1xJBCO3Du8XxkOqKlNku+I5+GHaGl:gkd+G1pp/OOTXnNkuK9Gl
Score

1^/10
behavioral5 behavioral6
- Target
  
  Files/Icons.dll
- Size
  
  46KB
- MD5
  
  dd33e9a473e55e718e653e517359fcc4
- SHA1
  
  a365c9ba8beefbe22f30aa7bfc8b7a18a0f536f5
- SHA256
  
  dc32fb6275499eaf066ca883c7f158f9d1c72b690ff94d72adfabc4646d94b18
- SHA512
  
  c42b349123a1b4ce1ef8d35504f08a5c8a384613a476953c3347c94223b1695afb39ac841dc698017a9b2059c06137c53266a9fdbb853380692ea491cb95dbfb
- SSDEEP
  
  768:GvHDnDDDDDDDDDDDCl3DDDDDDDDDDDDb3qHRbtw6vJ7k+4IJ2xNDDDDDDDDDDDAf:gLDDDDDDDDDDDwDDDDDDDDDDDGRbbSNI
Score

7^/10

discovery upx
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral7 behavioral8
- Target
  
  Files/MSWINSCK.OCX
- Size
  
  121KB
- MD5
  
  e8a2190a9e8ee5e5d2e0b599bbf9dda6
- SHA1
  
  4e97bf9519c83835da9db309e61ec87ddf165167
- SHA256
  
  80ab0b86de58a657956b2a293bd9957f78e37e7383c86d6cd142208c153b6311
- SHA512
  
  57f8473eedaf7e8aad3b5bcbb16d373fd6aaec290c3230033fc50b5ec220e93520b8915c936e758bb19107429a49965516425350e012f8db0de6d4f6226b42ee
- SSDEEP
  
  3072:9PdIuG8UvahsdcYX3UI2EuJ3im/ZCdady+RlTp/VYq63+sB:9PBUyhsdEI2++M+RlTHYL
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  Files/RegAsm.exe
- Size
  
  52KB
- MD5
  
  e70f996e6dba04bdfde5af016a5ae478
- SHA1
  
  6679465a74585b2d36d104048e311bf154aa4862
- SHA256
  
  178ae207a39cdfad84c28a0e81e8e36e028914baa4772a08acd3bd45487c7e9a
- SHA512
  
  8b2a60a8bbd97a9b084a819855bb4feb4957429b3edfcdd182bf9aecf3692b6a7a2b760c2a39a9300904e6f4c7c5b731b9fc44bd1ab27d21fced2ffa0cd7c391
- SSDEEP
  
  768:jP2BrliBHLeJED2zFTll//1RM9GnLEu+2RCFRJS85:CplAyJED25TlNM9GLfmw85
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  Files/vb6chs.dll
- Size
  
  99KB
- MD5
  
  4eb560ad85cc7924f507fbe5a901577a
- SHA1
  
  574f6a47a809d91dd122f68bd5cc14d9d66aad37
- SHA256
  
  e6b4aec131b5dd42342d57f0fd9075873527569631e8ce5f411811202103aec3
- SHA512
  
  3a736fadf1b962b0c39e1215bf3279ef75cc14e37f9923e2380577b030dd45c150a684158dbc3e542bcabfaf9d4636f343dfe0bb9b6a10e6eb02cfaecfd24f54
- SSDEEP
  
  768:8+0pMmmRv2IKP857UdtzuJRkfYzvL3IW:8+MS2BP854d5TYz
Score

1^/10
behavioral13 behavioral14
- Target
  
  Files/新云软件.url
- Size
  
  133B
- MD5
  
  4f0017b3b346bd0626f0c3b915e6e734
- SHA1
  
  823bf3ff9e16cd636c9dc0dc690d6a586fcbfe92
- SHA256
  
  df65af1fc1e09f6effbde7e0ef1cb64d6caeef1f62b0e6467821efa032533678
- SHA512
  
  0f5eb5024cf6a0323f7998d419995a707c48de917a5899a185369e6acfeb17c09ffa03f7d110adc87b8de20b7d4bf30d50c72479bfb18614d2e21cbe169dc5a6
Score

1^/10
behavioral15 behavioral16
- Target
  
  Plugins/EasyPanel/EasyPanel.exe
- Size
  
  73KB
- MD5
  
  6440d8aec0d4b525604c092a75813389
- SHA1
  
  af1d096664cadadb5d2224aca2222fb753bbd340
- SHA256
  
  32b1feeeb3e2f968974458c3fa4529f1611eadf04958970f27f7c71c0ee701c2
- SHA512
  
  9b85c4b65250eca58d91080dd7523e81612705b97dda31b209ad681495dba670267baa147e27dcbf8f6a22d7adcfea99f3032502529e5183bf081b7995c8f53f
- SSDEEP
  
  1536:MRessj1PVBpXwkwPbQFjYkhH34sifJ4T9cN:zss7XwH8F8klD44T6N
Score

7^/10

discovery upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral17 behavioral18
- Target
  
  Plugins/EasyPanel/New.bak
- Size
  
  1KB
- MD5
  
  b4931903ef902c21da39d8d88a248382
- SHA1
  
  463296528279a8916b0351abe35ee1d6eeb643aa
- SHA256
  
  6899a1f8b3aa658c43764f58cbdfc49b436373bfcb17060a96f3c3a6e97e578b
- SHA512
  
  f690adcd74aa02f2a2759be1198c2e40c4a4cc5faf1b0178522b2809abad45b495cf4b1e49bbaeafb4fe32c6dbadfd3c476081c9bec3cabad749c294edff2d48
Score

3^/10

discovery
behavioral19 behavioral20
- Target
  
  Plugins/EasyPanel/RICHTX32.OCX
- Size
  
  207KB
- MD5
  
  045a16822822426c305ea7280270a3d6
- SHA1
  
  43075b6696bb2d2f298f263971d4d3e48aa4f561
- SHA256
  
  318cc48cbcfaba9592956e4298886823cc5f37626c770d6dadbcd224849680c5
- SHA512
  
  5a042ff0a05421fb01e0a95a8b62f3ce81f90330daed78f09c7d5d2abcb822a2fe99d00494c3ddd96226287fae51367e264b48b2831a8c080916ce18c0a675fa
- SSDEEP
  
  6144:hTr80hTueZXFOTSqP0xqRBTdtmFdCJErRj6/uE:NhzZVOTSqcxqRBKFdF6/uE
Score

3^/10

discovery
behavioral21 behavioral22
- Target
  
  Plugins/LCDClock/LCDClock.exe
- Size
  
  37KB
- MD5
  
  35590967b63fa2be076a8a0dadb28a89
- SHA1
  
  5fbfa88451376a6d4f2fce0e7bb66f906d255c3f
- SHA256
  
  c9add118fb4aa6b9a822e2176dc14c03c6622147a0567d21dd7387e5098fc22f
- SHA512
  
  ce01b13e4078b7132531787c819012e8f093e78f8c684b5703fb50f69ecf2b724bdc49d9f6090b6a4ff224e905a443ffb94adaad281955e58f6dc411c5dcc30a
- SSDEEP
  
  768:Z8oyaUfqr7JQ436veEpUxDCL3wmQ9Ab/GfreTVPJr2ZEX9d:LyaxfJIeMnLzQSGfwB
Score

7^/10

discovery upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral23 behavioral24
- Target
  
  Plugins/MyWeather/MyWeather.exe
- Size
  
  156KB
- MD5
  
  ac2e8c8a3d1142784d8a3f3cd2644d55
- SHA1
  
  64be1f247514bd6e4deea771b9ee45fc2c0906a8
- SHA256
  
  530b5c41064716590b5394a18a7fcb627d9d322f65fe96ed1438fcdf322bbf2d
- SHA512
  
  89b94c8f78a8bb48e01d33769c37f7b535f57a78abf75723c8cee104987b0a9f15ef9e4a7ff9ceba8bf9fdb4c091e0b15688eefdc44da0ab1fb7fc180777956c
- SSDEEP
  
  1536:54L3IXNjSpGjqySr5zFzAdVrWMkf0fvltMlKvYg6+77nsj+DsxzBCKDta:G28poqySr5FAdVZkf0fNrD6Mcg
Score

3^/10

discovery
behavioral25 behavioral26
- Target
  
  Plugins/SlideShow/SlideShow.exe
- Size
  
  40KB
- MD5
  
  b462e0ecdfe5de8746ded9890ffb0237
- SHA1
  
  ee1fefc7d165fd99e6e4207ec833e2e92096a543
- SHA256
  
  6adba8f4cdaa2e174da8af33e4773dffb1a4383cf4c9744944cd3c3aa2d27358
- SHA512
  
  47caf7e64a96845652c236e03befcea4030101217c1bf9d0affa4008e0a9e7408915298aaab61d1f20f0ea1a51cb4fed6ab981d7d672fbf1594d2b0c69d08e07
- SSDEEP
  
  768:mcfHJ8FV7Vuh6BX7wi9XpS5wd8aCYAIwndft16UC69uD23F:ffHJIV4MvXS2d8uh/TDY
Score

7^/10

discovery upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral27 behavioral28
- Target
  
  Plugins/万年历/万年历.exe
- Size
  
  77KB
- MD5
  
  96fa743eab2c2d4ff7f1b0d746b6e59c
- SHA1
  
  45984c9b68b61c489785aa6dd1a2001956ce3b61
- SHA256
  
  e3b897f38362a23cb47157d54822d2085f9b3fc90d1b12134f0deef216a86d44
- SHA512
  
  fe1a344d96802a426c438efe4f027a6ef219015119f7cf08cd41d1ece9ad94815f3517f4aa537efb5a8d8c597fc18a9b8e2732796513d357c7a5b6c96351bb4f
- SSDEEP
  
  1536:kNdfhIGlCqB2ggI1CRodk1w63cxpMrJ8QfvXD8j5V8oAyUgWjCNf34Dt1:4dVTJSqIw632pMd80Yj5VOyUPGv4z
Score

7^/10

discovery upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral29 behavioral30
- Target
  
  UpDate.exe
- Size
  
  12KB
- MD5
  
  ae1594154718f43df4711fda7e33c2a8
- SHA1
  
  083e59c66ada61828eab6347d74a1ac9bb06e3bf
- SHA256
  
  b2967d840f532a2d4a2afbfec2afc2d95bd460e5339948ba2126fb9a3d0fa6e9
- SHA512
  
  48e21894ae320f3b4b7bbc6600bf7dd27cbee21bfe240b017cecd0fb98bad1a066ec7b5444c733b99e55c518d8f3057f37441217d4751e60a346d6041eeaae86
- SSDEEP
  
  192:8+Wr+POuFOJTiwmb1NXmK9V+dT6PAuY4XKWjNDYJ:hUPuFOl+N2K9V+loAbtGDYJ
Score

7^/10

discovery upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32