f6c2957d77ad6f55819552c12fbc339c73ad97f1a5a0f6c4853d3bfcf44f1db9 | Triage

Sharing

General

Target

eaab1ac0b21e47dd39686d56983e212c_JaffaCakes118
Size

3.5MB
Sample

240919-f49j5atanm
MD5

eaab1ac0b21e47dd39686d56983e212c
SHA1

41f0631bd783dbdb4aed062deb5a01a5649de502
SHA256

f6c2957d77ad6f55819552c12fbc339c73ad97f1a5a0f6c4853d3bfcf44f1db9
SHA512

ec80a0f9b37ee31b9516b794bdf1b1f272fedecefcc602edae09ffa90d44b2a5a90136c37fe547b609fcbc7209d7242d23b3768b2093da32ce38e1857e6eba1a
SSDEEP

49152:ZwKfFQyUsl7GyAU0G5yjGrH2SaSq+mUqxHsPVR/baQm3bWWKynEgYbvAXdEgyD/c:ZQVU0JjGrHJnq+g9kujWWlnEgOoxWcI8

Score

7^/10

discovery upx

Malware Config

Targets

- Target
  
  155绿色软件站.url
- Size
  
  219B
- MD5
  
  3a1f2a8a3ef08ae269517a69ea918b2c
- SHA1
  
  7d2e6719702bc8472e045e010efa6ed3f7df4b5b
- SHA256
  
  66eafefa8bb0155e60828476bde6068573fe64a4fd0aa052eba074dbe85d46cd
- SHA512
  
  22203a78192cadc02d0f887247675925273a69e3be82ec1a331197f892216a282cc8f37c3ffbfb578a708244181037277b8cc6a40d8ec70cdf0feac5d80f8576
Score

1^/10
behavioral1 behavioral2
- Target
  
  PXEGHOA_x64.exe
- Size
  
  3.2MB
- MD5
  
  7aecabcee3b94d09df0d29c8cb677a0c
- SHA1
  
  41e84bff56b3057e5ab8c8604eb43f3a57ed2912
- SHA256
  
  f640f9045477b6a96f9b28abf4b981e66039713c535b5296d8ce14def0a68375
- SHA512
  
  76d5c3b48b6a295d5878a7818b38e34521612756f3a12c6992d27a28367590f8b1cc30592fdf89a0073c0f510ec9050a3238873eb5736d04d3510a9ec1793804
- SSDEEP
  
  98304:b0smtzGcaA61E/TVrW8kjFLzd1HrwCxJB9uOPyedn5:b0sYGD1ELVrWj1HjB9uyy85
Score

5^/10
- AutoIT Executable
  AutoIT scripts compiled to PE executables.
behavioral3 behavioral4
- Target
  
  PXEGHOA_x86.exe
- Size
  
  3.2MB
- MD5
  
  799fb855547c3dea5c76464b3c3b8773
- SHA1
  
  f46da2c8c109454ccd8fab71878b8345ce549b4d
- SHA256
  
  3390c9eaf8a80bbfa3cfc868eeb1a8f9f63c5d89056c9c0965a54f87ec9e24a4
- SHA512
  
  c654ec793b0527446aac430952a88e54cbd56a26986e1973ea2fee926a4f2bd5ef269048e75e0828220f3e6e48eb35e44dafdb017be9e3684d913dcd8fb84bd8
- SSDEEP
  
  98304:4SFzGcaA61E/TVrW8kjFLzd1HrwCxJB9uOPyedn5:BJGD1ELVrWj1HjB9uyy85
Score

7^/10

discovery upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- AutoIT Executable
  AutoIT scripts compiled to PE executables.
behavioral5 behavioral6

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6