General
-
Target
ddc6e4250c9cbc18564cef870d5dd283_JaffaCakes118
-
Size
2.7MB
-
Sample
240913-gbvqyaxapm
-
MD5
ddc6e4250c9cbc18564cef870d5dd283
-
SHA1
9afa7ceb20c128749f4b16832f2a1fb227f16f2a
-
SHA256
3e9def9726b803580de8fdaa413437a8e07c530f437dad5f5844bb78998a3afe
-
SHA512
9f55a5abd1191ef6817dc20109017c5c4c981f2febd741989c0e494ce465a56a086d6bf4a08335d93c5bf0da1049ae11c1d011e192dee494ac3397ab810549f9
-
SSDEEP
49152:BZuZWwm6Mk6FqEwSwAkm9foeQdqyVvbbHHfYfFFVW6iCAHkNDDkYRwfw/5csyN8v:GZM1N3wlm5TyVvbbwta6dDT2Psyuv
Malware Config
Targets
-
-
Target
AutoIt.exe
-
Size
24KB
-
MD5
8c2027a295dc74a6e1f2856775fc4a03
-
SHA1
41ef40a70e8640da81a242b98c0fb9aa09381b7c
-
SHA256
8f4c4936e05418c2c13d54bc962c8087608b03d357ec268bb9c4acc863831a8c
-
SHA512
f0092d265a426c881bd6776f430cce550dd09bb94bebea3b5de3776ac64bee3c729d46536fbcdbf702f47ecc01443272944e3235e6984bd0c68a2436a87307b5
-
SSDEEP
384:QqlC/AA0TNKEtQ32bcvpSpkiQ9cXXso3jKEbkX1BvEMpQaKDVIiNW5Bz:Qiwp0xS3fBSp6fozKEOZEZ4f5B
Score3/10 -
-
-
Target
AutoUpdate.exe
-
Size
158KB
-
MD5
21b8dcd432c6ecc189cc9ee229e32909
-
SHA1
00e80fc4ff2d4c54639132b87c2906ec51240308
-
SHA256
162c4c51a5b55127cd5673b505a13acea09f77feffa8be288dfcb674216b2125
-
SHA512
4179b6db42d476cdb104d4f411e56b0f8893ea859bc2a2e19785b25a8d995a72820ff6845c41aea342d0e7358439d344733d9c31516490fbf610d66d3e4c8da2
-
SSDEEP
3072:xP+Gcop16CUAHLOzW3b5nchWvxHvcPms5F9ScChADkNY0xlICn:cGcop17pHr5nPRs957boADX0xlN
Score3/10 -
-
-
Target
Data/新云软件.url
-
Size
133B
-
MD5
4f0017b3b346bd0626f0c3b915e6e734
-
SHA1
823bf3ff9e16cd636c9dc0dc690d6a586fcbfe92
-
SHA256
df65af1fc1e09f6effbde7e0ef1cb64d6caeef1f62b0e6467821efa032533678
-
SHA512
0f5eb5024cf6a0323f7998d419995a707c48de917a5899a185369e6acfeb17c09ffa03f7d110adc87b8de20b7d4bf30d50c72479bfb18614d2e21cbe169dc5a6
Score1/10 -
-
-
Target
Dll/GSGFDISK.sys
-
Size
10KB
-
MD5
fd2bba97abf2d1c9d6bf7edcb21b4917
-
SHA1
0e058edb91e7909350936f3493d3eee806b9dbe2
-
SHA256
ce7788ff3bf3ae4c82f805e27792b33e2101031833ecb864e2b38f08ac674561
-
SHA512
9a2b57d2654977ad8adcd6ad857fc87e6c4a730980aedffff16fc1a7eef70ecaf4266348d4828c80af3aee280274899e617d12216c0c6cb6c739300b388d1360
-
SSDEEP
192:mNOSlG+Sv7h6Z25LSCngWQDl66lCA3oOJWcQi2qP:mM/609SCgWYseCA4Op+qP
Score1/10 -
-
-
Target
Dll/ImgDisk.exe
-
Size
424KB
-
MD5
b833f9c0b0166a19a599196bd61d8252
-
SHA1
57f28f26f3a589f347648048b6cf72ff8bca8def
-
SHA256
afdeddb8ed8dccd1214c98336f85dd6585f24630ebd0121af806e17679d3fc52
-
SHA512
aa93d9c81238858afe02e6de2436a3175702e40ca4357fb4c20b31e617179f3751f4933b0837ad3c60ed845ccabe449cfe60146ac2568bf4d518f5d31fa38e64
-
SSDEEP
12288:x2IgcgBKUxez0dJXbSA/shIVUj79Y3jnvNtTirdv:KBBKUxezktbSX2Ujm3bTEd
Score6/10-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
-
-
Target
Dll/MSCOMCTL.OCX
-
Size
1.0MB
-
MD5
f7bbb7d79adb9e3adc13f3b3c33d3d4d
-
SHA1
cacb4b31d22419e6a9ddbffcf61ae42da0d5fb8a
-
SHA256
18a83d7a420a17fcb6f56eb3ba5362c975d32e5ded7553c6fd407f07bdb7b006
-
SHA512
4870ddbdf283d7f7f64d3f4bf556600a78804f6a94fc2ca7eb778e85d70b6d2d017aa35cbddf773b6a1b6d9a2813cd67fe54ede7859050a254a3e3c05616ae0e
-
SSDEEP
24576:mnt4M/pL1wAEIqSBanK6CC33VTj+1R8xRFLqqmbD1kWIAqPA:mPL15EIqS1e6q3FmKbt4
Score3/10 -
-
-
Target
Dll/MSINET.OCX
-
Size
129KB
-
MD5
90a39346e9b67f132ef133725c487ff6
-
SHA1
9cd22933f628465c863bed7895d99395acaa5d2a
-
SHA256
e55627932120be87c7950383a75a5712b0ff2c00b8d18169195ad35bc2502fc2
-
SHA512
0337817b9194a10b946d7381a84a2aeefd21445986afef1b9ae5a52921e598cdb0d1a576bdf8391f1ebf8be74950883a6f50ad1f61ff08678782c6b05a18adbf
-
SSDEEP
3072:R5JTZQu4epojdkYv55RCezn/T81B+ySRdL:RLTbP85RCezbwm
Score3/10 -
-
-
Target
Dll/MSWINSCK.OCX
-
Size
121KB
-
MD5
e8a2190a9e8ee5e5d2e0b599bbf9dda6
-
SHA1
4e97bf9519c83835da9db309e61ec87ddf165167
-
SHA256
80ab0b86de58a657956b2a293bd9957f78e37e7383c86d6cd142208c153b6311
-
SHA512
57f8473eedaf7e8aad3b5bcbb16d373fd6aaec290c3230033fc50b5ec220e93520b8915c936e758bb19107429a49965516425350e012f8db0de6d4f6226b42ee
-
SSDEEP
3072:9PdIuG8UvahsdcYX3UI2EuJ3im/ZCdady+RlTp/VYq63+sB:9PBUyhsdEI2++M+RlTHYL
Score3/10 -
-
-
Target
Dll/MT32.dll
-
Size
60KB
-
MD5
2a9af14d776258cc2b8e62742c1f0847
-
SHA1
aef59bc71a451223e45ca80dee33e20fbc7166f2
-
SHA256
ec2fd4ac9943d8b85f35226c6a328c2456a7f85d09e2e07708208f412730a207
-
SHA512
d3a55115f256427ac4d569104e3e13f67626c126658cbe621a37f8e0c58e40653419d215354299ac46c2379e023285ec36a1340d314b36d3b9f47bb0338cfb2a
-
SSDEEP
1536:6qbOoAAyLlXNStzQaNP604dSSel3imbq1wB8mBJC:64ARl9SGUBJC
Score3/10 -
-
-
Target
Dll/NTS.dll
-
Size
33KB
-
MD5
fae8aafc5af74e012343ab1d6c5abef9
-
SHA1
fc2608d156fc738d4ef2aab92b6547416e08a8e6
-
SHA256
0fd183406280b99a292eb78f4a6cbc70f704dd7094ec2c32f30f1769781d6221
-
SHA512
775a2b3bd47e930bab5615d9633df5e81945405ae778b88da077c971928a568cd3269b9f00138f42be6e6b3a41f8dc34dd31f203924acee06085c10e64a0b6d6
-
SSDEEP
384:zDYEKIE5M7eSzzKC5JLELfD4bC03PlocplocJl2guK/AWje1CX7sOeBS3OklxRNr:fYta9zRlyM203yPGhV/NNsGllxc5ZH
Score3/10 -
-
-
Target
Dll/RICHTX32.OCX
-
Size
207KB
-
MD5
045a16822822426c305ea7280270a3d6
-
SHA1
43075b6696bb2d2f298f263971d4d3e48aa4f561
-
SHA256
318cc48cbcfaba9592956e4298886823cc5f37626c770d6dadbcd224849680c5
-
SHA512
5a042ff0a05421fb01e0a95a8b62f3ce81f90330daed78f09c7d5d2abcb822a2fe99d00494c3ddd96226287fae51367e264b48b2831a8c080916ce18c0a675fa
-
SSDEEP
6144:hTr80hTueZXFOTSqP0xqRBTdtmFdCJErRj6/uE:NhzZVOTSqcxqRBKFdF6/uE
Score3/10 -
-
-
Target
Dll/RNDINTER.dll
-
Size
29KB
-
MD5
c3b9b1507475583638535274892bd933
-
SHA1
23df4f40cd0565733752194eee8acee09881b20e
-
SHA256
5c672ac2aff31b95619f857e40e16c7ee03721cb375b10e61c93379f7e15e964
-
SHA512
4aac8cd1373fdb7847c7bbe0dad9077f78f3cfc4b1d7cc8bbd2865b65dc79041bee7695c423274d058a679a135c9a729a5b355de8d1de6a0ac467aeb6b6caaaf
-
SSDEEP
768:SZfT9PsBAzwe5LbEV7hGV6ULdGalATGa1l2xUha5:YpzzLbg7hc6Y1l2l
Score3/10 -
-
-
Target
Dll/Rich.exe
-
Size
151KB
-
MD5
a4d9d5051fc4f618a1bfb37656e06d81
-
SHA1
e8c128876bafa276d4bb834e69c526a4819e629f
-
SHA256
417d1d194544b83398e874c35a5521f214f9844dcd80f8880732cc296df0e367
-
SHA512
566ad325e1cdd831fc0027bd999dacc1477e981396ef0f6fec5faa48eb31935b1f737897aa9218dececa3cc673d8f55289c50d15eac528877e6fcbbad0c1059c
-
SSDEEP
3072:roTOsafbHbMavJ3VRJG4FeUf6ymhIepycDkQzWRnL0n:8TZafbbMav9VbG4ldmAIwtAn
Score3/10 -
-
-
Target
Dll/Unlocker.exe
-
Size
85KB
-
MD5
469fc5baa433c0adf68769967beb80fd
-
SHA1
45325df532db45dadb2ba1925e8e1aeae955df4b
-
SHA256
94b858ae186f022d9df471ca7fe112ba940d762134468c51e7b279c3be4653f4
-
SHA512
e5c61fed70572c97a775666b104eb911b2195ca2fa21d166ff40dc4fff25d424e6f23a1046c0724e9ad13299641e55cd0f9b470d91fd7fb9b6a70e9c058d30a8
-
SSDEEP
1536:1juMk1QewWFHiUzyJBGMXW6hlFTaBpTwUFbFkKABTP4ZhOQS62Sl3niH/A:0dwWJiUzTMXW6MkDKABTP4ZM1o3+/A
Score3/10 -
-
-
Target
Dll/UnlockerDriver5.sys
-
Size
4KB
-
MD5
4847639d852763ee39415c929470f672
-
SHA1
ba5bf16f30378754dd06f0610a8e833421cf43ea
-
SHA256
75cf9471ba3ea54e5be66cd7612da134b3370d7c3fba8b2682093c03a0ad87b5
-
SHA512
21d02f833ac1ff3df4a0fff8452c7020dac0c892432fc4e06ba622aeca990954c445a57e399055c5c0dcc56552c33cae98d549efa45f7e0c0105fe8adc5da0b6
Score1/10 -
-
-
Target
Dll/msado15.dll
-
Size
524KB
-
MD5
ae3ebde07521a13d0a305634c5c7eb90
-
SHA1
8d24779466c612e2cde1ec7e0a2b73060b2458d4
-
SHA256
58e61a1bb16bcd2d5b8e0f71ef41fbafebf46029b723193bf60efbbd76f3a7ee
-
SHA512
1a85fc943110c1006001b0639c912cd5d9fa58f46ecf7178198d6204bff649c2b5464b19ff699665a8baca91c538fb365b1d80c6165362333504a43c34afcb1a
-
SSDEEP
12288:3rahBqIpDXGQZMDNXr3LkadjB/G9Q6AUUcZTmu4:3GhBqiDXLZMVbkaVB/UtHdm
Score3/10 -