e42821888f83e8e692739632c86323a7be1f0eecd36c34d8db26b6fc50ed052a | Triage

Sharing

General

Target

c911a61f4d4dae1bc085e15a2230c249_JaffaCakes118
Size

2.5MB
Sample

240829-sh512azejn
MD5

c911a61f4d4dae1bc085e15a2230c249
SHA1

b0839e65dcd496e761b94055f75e2c5a7f9f585a
SHA256

e42821888f83e8e692739632c86323a7be1f0eecd36c34d8db26b6fc50ed052a
SHA512

d46a4b8edc38b759ef9d643ea9b3ac761964d4702daf6f4f26cb2dafa9f308f5ab01c6651bd42a52fa0ceeb371f4d289cf8b944928f4653429f4eb6ef22df213
SSDEEP

49152:iTdNptbJiyicR2p049AloVsvDHj23jk2UkXnu0h1EwPOvb2sTBOQR42f34jwpFdB:cd/tbJiy32CkAHLHyzkkXuEE/v0QN346

Score

6^/10

discovery

Malware Config

Targets

- Target
  
  英宇职业介绍管理系统/人才库汇总表标题.rtf
- Size
  
  1KB
- MD5
  
  42323d9533bfa4d562c2b760b3183197
- SHA1
  
  22ac2f956dd27a7f10185cf85c30d974e4fbb9f1
- SHA256
  
  000303c83a247ad45f62e3a431d5ca90da4e686447d89b38b805eec95ca825a7
- SHA512
  
  43bba596af872177f6f0f8970d43ed396d2fdd470c91fa744598d6c348eb02e03f11e273fdbf7dfbea9ab3e87056cf33fecfb3bf2a04f8e0bb0a4bcb424a6488
Score

4^/10

discovery
behavioral1 behavioral2
- Target
  
  英宇职业介绍管理系统/人才库汇总表页脚.rtf
- Size
  
  901B
- MD5
  
  a3d49dcb56d70a66322823059d573910
- SHA1
  
  9b1e4ab021b43b00b044dd2d45fbe4b7ec3b8143
- SHA256
  
  0ba861fe127dcbfcf1cdfaf84a0b45c9785f1d49cfb09e8c6c97eb08182bf12a
- SHA512
  
  48d0f1dd4f3d9a6e9fa834c623b5a111bd206e2d4d2b0ce63af2a22e548874af3fe64ec3a87f6724bc7cf503dab7fc9147a499cfd045bde6b33b6ae12d8cacdf
Score

4^/10

discovery
behavioral3 behavioral4
- Target
  
  英宇职业介绍管理系统/介绍信查询汇总表标题.rtf
- Size
  
  3KB
- MD5
  
  246847fb074ef5e3334cc12a7de59aa0
- SHA1
  
  ec2482e51347bc0b6d2dc6b447d6fed7a1c60d86
- SHA256
  
  3175769c8f5a3092d91561c068852b156c5ae976f50bfffdb76dcdbba1a3d3e3
- SHA512
  
  c95562a8900ed2951b1284119621e57531ea159e590fc794994359408191cee5f85bb4e24f119f99e0809f15c6b12a175f6cc0bb88dca09490d212ffd32ee3b1
Score

4^/10

discovery
behavioral5 behavioral6
- Target
  
  英宇职业介绍管理系统/介绍信查询汇总表页脚.rtf
- Size
  
  931B
- MD5
  
  74047e9134a5f1e5aaae523aa0741911
- SHA1
  
  c4ab294489f19e9fe6d9537ef137089aee17c093
- SHA256
  
  801a90438f4358b1caa458dae349c69abe90a269779d21d2b150141874bf8016
- SHA512
  
  9c8b8e4f25cdb5e6af91f296216c309eb073012816e600b20657b167a56cdb9e9a3f0af544398419176b6a89075278a64c4a1006a58d66603f1fe119c827d09a
Score

4^/10

discovery
behavioral7 behavioral8
- Target
  
  英宇职业介绍管理系统/介绍信模板1.doc
- Size
  
  20KB
- MD5
  
  9fd968220b7dee78e526f3d6499819a2
- SHA1
  
  9aa171556631a3c349b7cec0c4d41f281d57da2a
- SHA256
  
  ae62d6cfce8284694966abb081dbad4c79d12f5f15b8cccbea4523efaa251da1
- SHA512
  
  b5bb0e5cfcdf865b20407f4c7d8cf559c4a93e9f826c37349fdb1b5e2abcfd2798d32dd3dc75a25ff5037b3455a25e2983ac0bcdc2598090119c1f5c4406ccb1
- SSDEEP
  
  96:OyMGgpuqcmsIQe/4uCYe/2QE0GbTP6TXvH7hj5qmHfLrsUYDq2VXDQzc:ODxcmUe/45Ye/2+GbMdjwUT2m
Score

6^/10

discovery
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral10 behavioral9
- Target
  
  英宇职业介绍管理系统/介绍信模板2.doc
- Size
  
  25KB
- MD5
  
  be8122628bf2ff233586b548440a5796
- SHA1
  
  136629c271d4bd47b8f842a92caf09ec8eda13df
- SHA256
  
  28a420c775c70071e9836f766769d732b328c16a4a5100c567ce4b6f87fdd4ea
- SHA512
  
  d3c5fb435d88e210e820cd1ace767c1666bd5f4c2e4d19cfec21f0a798245f795fbd50cd1cd84cd7a281a9963d2cbafa8673ec8c8044279526e8ed075dab1c97
- SSDEEP
  
  192:QPqlBe/4776ulvLE4bNLMQZva9BBrwsg:QPkBb6uphN4QZyBBr
Score

6^/10

discovery
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral11 behavioral12
- Target
  
  英宇职业介绍管理系统/介绍信模板3.doc
- Size
  
  26KB
- MD5
  
  28913440361a6d43fb0a2b023dc82d2e
- SHA1
  
  1974b0c6bbb83cd5ee6945995a244eb74076995d
- SHA256
  
  8f020f18381bb842c7511ec5928c456efa6216e71bca09c2ae33632ec556a60f
- SHA512
  
  291dea152fde4c99930266fb0bfe3624527e5f7a7131f5c4ff4407352b424582273ffa6616df8d820893ac2a2d64e866024dde94eee46619d4655abf21a20671
- SSDEEP
  
  192:xqkrchCqlkkrIC4cKVDeSRlSIugBDpeFK92Mx2UX:xprGCkkkrICFKVDeSRcInBD4FK
Score

6^/10

discovery
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral13 behavioral14
- Target
  
  英宇职业介绍管理系统/招聘信息汇总表标题.rtf
- Size
  
  1KB
- MD5
  
  4a8ecfdf3b190bf9ea3bc41cd785443a
- SHA1
  
  ced36b297646b0183030f1a1caef61f6bce93a1a
- SHA256
  
  77d060568c0fd9086b2afd20765c49f355c25fbc616ca02541ecb3fea61d8712
- SHA512
  
  c9f37d7afc0a8268fa45a5536c48563f040f12a0cf47bbc544347a5c9fa50545ccc166e231ecfd460e864a3828ccb1ec40ef7b37555a26ae8c019af067206cbc
Score

4^/10

discovery
behavioral15 behavioral16
- Target
  
  英宇职业介绍管理系统/招聘信息汇总表页脚.rtf
- Size
  
  902B
- MD5
  
  4236ebae0221bac6dc3d6e5c8f30fa49
- SHA1
  
  e52da6d312a9c0752981b7825fea3188d51a3274
- SHA256
  
  8db9b25188c73b80388f2603adfe6c3f7e9143ed2092d2dee1674c9217a5b85b
- SHA512
  
  10541fb43cdecfb124de48c14fc678f81172bc57b966bbde962db10c43d27d1bbf2567a8c24d56a92cd028a7426f62b863b8a23c6c969fc3f4093c3422450a57
Score

4^/10

discovery
behavioral17 behavioral18
- Target
  
  英宇职业介绍管理系统/招聘单位汇总表标题.rtf
- Size
  
  4KB
- MD5
  
  c1e79449aff68f39d2e6355e27583fd7
- SHA1
  
  245c90679ca7c65ab260e34f579beb47d13029a3
- SHA256
  
  344e8071d18396956836d7c3fc4ad142ce36829b8af0ca7f5972d763f0a97413
- SHA512
  
  b358c143a0da0a70dfd525fe220a7d2df51e7846023d68b3468200d4f6e05e563428fea03c8b788393f37c120b907b35dbdd2a329f642e424f9fb1ac54e1f115
- SSDEEP
  
  48:kDGSeZvZQSIHi2KH23/6FluVl4gyFe0zb+0+tWHtWstWktWktmWbtmWrtmWOtmWv:lhkxQFZgyFzX+XN/qNiAiUpW
Score

4^/10

discovery
behavioral19 behavioral20
- Target
  
  英宇职业介绍管理系统/招聘单位汇总表页脚.rtf
- Size
  
  950B
- MD5
  
  5fc9387553f6ae8ca63299ef2fa0411c
- SHA1
  
  9f56430678ac50a0e41b283defdeb20f89cfda7b
- SHA256
  
  7e7d2bda787cf20501b336aea2c83ab3df451ff3a9258e1ca331d7336e97065b
- SHA512
  
  b9bf86e89e750f3612d06bf8c7320c982f27b34c24986e1d0324cc7d3504120adab5fcd1bc722f90f80a96388a71f52fa05b60aaeb63e618841fa68f0a03666c
Score

4^/10

discovery
behavioral21 behavioral22
- Target
  
  英宇职业介绍管理系统/英宇职介管理.exe
- Size
  
  1.4MB
- MD5
  
  f4fa9d65513dcc9543c745cb561f0d68
- SHA1
  
  87b7bcb5b90546dbdbc6fcf0d168943535187be2
- SHA256
  
  e187f523d00c0a48a72172e4b5ae5b4218313f94f2d63e7d4c859914a42c9933
- SHA512
  
  51533bb5ae91cebd82053906f35554c8803f63be5202dfe88a94e5e8f2aac48bf039ebc275c96ad8c7b568a7bd07f81893f83a5f6cb78ab134bbdd233a9e035a
- SSDEEP
  
  24576:rE+dIsVrVPtEo4FSLsSdxySnCIMAmWRNUpf7atSDdeihFfhB6Vam38TBvfIfUiG:rj1VlzxfTMXW9tShPfQPMTlfIMz
Score

3^/10

discovery
behavioral23 behavioral24

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24