1ce88c684532dd70ea40f17652ff58b3f845d50409cbeed83b5180ede4f2c442 | Triage

Sharing

General

Target

d63a08c68281de5e270b39e9c4c0a14e_JaffaCakes118
Size

1.7MB
Sample

240909-npbcsavhnq
MD5

d63a08c68281de5e270b39e9c4c0a14e
SHA1

b5e1dd6cd75714f92df21d6ca5ee029694fafc7f
SHA256

1ce88c684532dd70ea40f17652ff58b3f845d50409cbeed83b5180ede4f2c442
SHA512

7bd2f235efa11ebe745cfd2f22213478b2bd9a626f084a36f53e5c3f37f89bb19175eaa26df61ff506cd43051a86f40f252047eb846d6fb0ae2d32747cda9575
SSDEEP

49152:wKCq7TLpLPz42WS+7KrHijC6WyvzZBa2woZTRRlBd:wnuTlLPzzyvzK2xlRRF

Score

3^/10

discovery execution

Malware Config

Targets

- Target
  
  275620948/Example/Example-DirectDraw/Example.plg
- Size
  
  2KB
- MD5
  
  3ad2d7a8d46500a2b1f2f7cb0a40626f
- SHA1
  
  466ba5a1608d17a2e029f0f515135e31a70920cd
- SHA256
  
  801070092cc4c89b2c00a48c33c4717ac4e5dc2850b0642885d5522efedc5f43
- SHA512
  
  6a833ffb2f294ae5f097f8a5232d52edb871d58090bf247c08ecbdadf1f30e2e1d7cfd41859224d07e7b57387c59b11cc6b5443d80148983b751e324334ea66e
Score

3^/10

discovery
behavioral1 behavioral2
- Target
  
  275620948/Example/Example-DirectDraw/Run/Debug.htm
- Size
  
  1KB
- MD5
  
  70e176fb0b0628b08a7bb4f5a2e15444
- SHA1
  
  168a9321b799eeb5f13f551df800aa3a169ca449
- SHA256
  
  3b07961c038d9ea2a648e9fc646904e77284e5051ace032d3266c438e5606582
- SHA512
  
  d326a63921045bb657433d2f3f1b11e7a818c8a88b0036fd18d52f6f771819382a13ce00f7ae1a7f0cc0fde80c2f8ac3c186ffe6f1b39457fd45f5612949750e
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  275620948/Example/Example-DirectDraw/Run/Example_release.exe
- Size
  
  472KB
- MD5
  
  31aadde51a7f35fbb4c82121330c9994
- SHA1
  
  0664360cfd42e5ba324f9c865d0f734c4af4a51d
- SHA256
  
  8de7109835458fb8bbfa43fcdf3f06fbce861e468b306192cb62df8c27f9c09b
- SHA512
  
  1a706f676d36271d2314187ff1e7b9074900c069e87d4f438d3f67e93c50332c05b392d55900fbd8a2b36c2b3d2e5ba18cad3478e8497b4a36061cde5d335282
- SSDEEP
  
  12288:N8GPm8hz1yzjHz22qw2E2af3hFyEAxK8:Nzphz1yzjHzr5
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  275620948/Example/Example-DirectDraw/Run/ijl15.dll
- Size
  
  344KB
- MD5
  
  4fc074c3c6cf290bb2c11e5c31c97b27
- SHA1
  
  95a0ea2ecb46ff8424d76d2f3bb9878794f57ae9
- SHA256
  
  41d37bfb0a39017497e0aa373dc01f71ac9c5046c75f7cd269bee52112a5f3a1
- SHA512
  
  7b83e498db19b63b4942e916b4b1f5fa0e27ef67f2ae5740ea84b2b96c5274a060f432ee7fd6567e7ecce038131fdb66be60f8e75c0711d505faee1189eb4bed
- SSDEEP
  
  6144:zh0coAvGoHWX3ANhkWKOh/FwM02EasEJP4+2mfIqYYFYto2Dz+bxiFtDDdoInMDQ:GcoPoHWX3ANhkWKOh/FwM02Ea0+2mQqG
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  275620948/Example/Example-Graphics/Run/Example_Release.exe
- Size
  
  496KB
- MD5
  
  c16260faf43ecde0b1ed338cf81bd010
- SHA1
  
  30296f60e7c379d279942edf8e7fa2982a30a08a
- SHA256
  
  1dbcf90d71abac87e49ec1ab559fe0fc75fb217ccb9e7d4e1fe69b335652b24e
- SHA512
  
  c7987aee356a4581e7f50026b37702589e8323903e169bc1967cf0de6eaa3e61ae03a1719af3dc6ed44d75ed96d1b6035f560b30eabbb4ddacbd29905602ef70
- SSDEEP
  
  12288:QFzH+RK5zjHzgxPaLriKL7jE/RX/uF1kg:Qle05zjHzgxPyM
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  275620948/Example/Example-Graphics/Run/ijl15.dll
- Size
  
  344KB
- MD5
  
  4fc074c3c6cf290bb2c11e5c31c97b27
- SHA1
  
  95a0ea2ecb46ff8424d76d2f3bb9878794f57ae9
- SHA256
  
  41d37bfb0a39017497e0aa373dc01f71ac9c5046c75f7cd269bee52112a5f3a1
- SHA512
  
  7b83e498db19b63b4942e916b4b1f5fa0e27ef67f2ae5740ea84b2b96c5274a060f432ee7fd6567e7ecce038131fdb66be60f8e75c0711d505faee1189eb4bed
- SSDEEP
  
  6144:zh0coAvGoHWX3ANhkWKOh/FwM02EasEJP4+2mfIqYYFYto2Dz+bxiFtDDdoInMDQ:GcoPoHWX3ANhkWKOh/FwM02Ea0+2mQqG
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  275620948/Example/Example-Media/Example.plg
- Size
  
  2KB
- MD5
  
  3ad2d7a8d46500a2b1f2f7cb0a40626f
- SHA1
  
  466ba5a1608d17a2e029f0f515135e31a70920cd
- SHA256
  
  801070092cc4c89b2c00a48c33c4717ac4e5dc2850b0642885d5522efedc5f43
- SHA512
  
  6a833ffb2f294ae5f097f8a5232d52edb871d58090bf247c08ecbdadf1f30e2e1d7cfd41859224d07e7b57387c59b11cc6b5443d80148983b751e324334ea66e
Score

3^/10

discovery
behavioral13 behavioral14
- Target
  
  275620948/Example/Example-Media/Run/Example_release.exe
- Size
  
  472KB
- MD5
  
  a320567900c50cab2dbf694e32e500c5
- SHA1
  
  60c2ed2945b28303096a7258e3450a610fe5fbe4
- SHA256
  
  6dc653594bc5ffe2c1e29f9833f3e8d0f103fbf3f8a07812df0acc366806a7cd
- SHA512
  
  f7b5e20261255501b991e5dc893955dd7ccc3746bdb9fef1abaeb9a33d4716622e979ca3a46d4ad6202784a8158a3b97ef77216224acd91c9812b00c0696b304
- SSDEEP
  
  6144:s9IalzjHzCYidDyf48A8ImnKX8lcKtQeewQeewQeesQeeyiQeefQeehbYhZRaAOx:AIalzjHzCYiv8AX0KX8lgYtaVOh
Score

3^/10

discovery
behavioral15 behavioral16
- Target
  
  275620948/Example/Example-Media/Run/ijl15.dll
- Size
  
  344KB
- MD5
  
  4fc074c3c6cf290bb2c11e5c31c97b27
- SHA1
  
  95a0ea2ecb46ff8424d76d2f3bb9878794f57ae9
- SHA256
  
  41d37bfb0a39017497e0aa373dc01f71ac9c5046c75f7cd269bee52112a5f3a1
- SHA512
  
  7b83e498db19b63b4942e916b4b1f5fa0e27ef67f2ae5740ea84b2b96c5274a060f432ee7fd6567e7ecce038131fdb66be60f8e75c0711d505faee1189eb4bed
- SSDEEP
  
  6144:zh0coAvGoHWX3ANhkWKOh/FwM02EasEJP4+2mfIqYYFYto2Dz+bxiFtDDdoInMDQ:GcoPoHWX3ANhkWKOh/FwM02Ea0+2mQqG
Score

3^/10

discovery
behavioral17 behavioral18
- Target
  
  275620948/HoHo/Document/HoHoQA/常见问题-问与答.HTM
- Size
  
  1KB
- MD5
  
  66e8b36518ea64842603945943bbfb1b
- SHA1
  
  b3eb04b932a3fff79d2a60e738f937bbc527e1d5
- SHA256
  
  ee304ef766cd7454b96a6426e69c1cae36d8fd6dad33dbeb3b16c5826235ddb5
- SHA512
  
  8926e51682f875030514376aa7ee24335bf91c44a371b48ce97baa83c40c5c088fd5774bd254e4cffa97db38e70d8c7bcc16261db25c9bf62db14350cb5a679f
Score

3^/10

discovery
behavioral19 behavioral20
- Target
  
  275620948/HoHo/Document/HoHoSys/2D图像绘制操作指南.HTM
- Size
  
  12KB
- MD5
  
  8e83658da5822aa41dbd0c49574acd99
- SHA1
  
  0aa95220a0e4687659831a36cd130b1142d3ac10
- SHA256
  
  126e0f928db6e75fddb444d21d166342a92ebf81c9dee2e9597cdde28621e8ca
- SHA512
  
  d6be193097de7a3a1ecff0f0d093737e409dbce6ded4906aba52e52c633919eeb6346b7fb35ed9ec344d3c63f18c7cda02488497e3743dbf27738f7efe3e8df8
- SSDEEP
  
  192:oGaekq4fkOgrvnqfikKTLLh7i9zN4tQAZQ:g/8OEv3rQAZQ
Score

3^/10

discovery
behavioral21 behavioral22
- Target
  
  275620948/HoHo/Document/Install/VC.Net下的安装.HTM
- Size
  
  1KB
- MD5
  
  5d5bfdb4c8b52b98432953db3591c4d9
- SHA1
  
  73962fab5af87154916bc319fc757771ca871a93
- SHA256
  
  b51ec195118e5d0695f21d0ff144d8196ca4b41011426f83b980d7043e9b8e20
- SHA512
  
  820b0876e1bd2e3fff0365d168534685ad7106aa2771639f2e3eaaa040cffb92b851697433b1ba2017879ee2ca61ffe080931929e797757133791a07eb501f7d
Score

3^/10

discovery
behavioral23 behavioral24
- Target
  
  275620948/HoHo/Document/vt.js
- Size
  
  5KB
- MD5
  
  fe9fe0c5adc87cc0a96ab0c0096b45aa
- SHA1
  
  d3395d0c142f128e2757385d336d06bae262f99e
- SHA256
  
  59f51bc0bb06784793590f07dbddf2fae89bce97a56533aa0f322129881ffc6c
- SHA512
  
  6c71a66e88fe60913f7d1e1b79c8be3c14bb12957fc12185ff6f14827a6770f9b5ba0428623bb223e14ec28f31ecfe0acceda1d659f4bc5b2d1883764e2f1a33
- SSDEEP
  
  96:ebqHPI7ixiA3tnirwiX3NniTwixgDO7iW9ibozfnPrb4huLvTuhuiRSxU9muzp3r:ebqHPI7ixiA3diMiX3NniTwixgDO7iWU
Score

3^/10

execution
behavioral25 behavioral26
- Target
  
  275620948/HoHo/Graphics/Blt.cpp
- Size
  
  12KB
- MD5
  
  1f2e29c017089b33e11620b9899b9393
- SHA1
  
  454ac8809c20b21b7ce3ba311e52de7c76928598
- SHA256
  
  0ff6ced1c38b53fd5ab944288c408d8ec242c37b9a81565fc091c7471cfad1f4
- SHA512
  
  31172858a1dda16e5ef2ac4ba479e37aa409cd0e557b8c872b6adae8b354a45c8abdc4589725748d09dabef8b2ec52536b8486f6830a25f2b4d344c4cd49ec97
- SSDEEP
  
  192:2KXbd1bVQiwEWIYNxgrwH/jTrLPPOb8ZhZsZEZsZsZfTrP:NBzQiwEWIYNxVvDumuul
Score

1^/10
behavioral27 behavioral28
- Target
  
  275620948/HoHo/Graphics/DirectDraw.cpp
- Size
  
  44KB
- MD5
  
  ccc698e6e52b7481203f9745f97998b5
- SHA1
  
  708641a155c35366d2185e784b04e27cdcf2d88d
- SHA256
  
  5942da6e1a8ca0417734e0e6f6688a5a894f32d99a198fa8a6eb6cd8b9c58714
- SHA512
  
  f2d9a6fd685264e7d306875b33a01c365355d4192f7558c898fe1856a18bc99924bd6a241ae70ed3c104056e2e53893f7db19bfacbfe4da6055f6c0d5a92691c
- SSDEEP
  
  768:qI0iq7HHtT+tNpniTRNiTRcdpdtmLtjoQtrSuZjm2LYOWyRBSFs:qI0iq7HHeNpniT7iTudpdtmLtjoQtrSQ
Score

1^/10
behavioral29 behavioral30
- Target
  
  275620948/HoHo/Graphics/Display.cpp
- Size
  
  28KB
- MD5
  
  d124ea3a4f5e041b31787b2f78ae5f9c
- SHA1
  
  c3d6b68df833600bdf3a5cca90fc2282d799fb0b
- SHA256
  
  7847c12842e969e7e2b244505fe75e9d7df4278322576a9599a8202481a7e73c
- SHA512
  
  199e845490de5ea8e2638d2376b0921b8b1e494d4fd18aee51f1999594c0995970ad1446b1a54484fb501b493fd7f9db7cac06923f33172e84210ee74ae29ab2
- SSDEEP
  
  384:jCjZyRPFo7GCp+tW79cTO16NPHaWcFZbu/65+TdtGrf:qZyR9o7GQwFuf
Score

3^/10

execution
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32