1d0525b90c2d83c4713d91285efc31f3a25900e8d8431218ec85e9c0aa860809 | Triage

Sharing

General

Target

eabcebc40af86a9b6614bb9e0d25e795_JaffaCakes118
Size

1.5MB
Sample

240919-gyrb2avaqg
MD5

eabcebc40af86a9b6614bb9e0d25e795
SHA1

610a2e3fecafd96913bbbdc0d2912688886bba5f
SHA256

1d0525b90c2d83c4713d91285efc31f3a25900e8d8431218ec85e9c0aa860809
SHA512

38b0f735f7c0a8732e0c7a77d3857a0305a26b3ec8e79ad0fe2496d1d998071d80cd7286f4aa1004c9be953544c6f959a6b8003d8f1f186a753f79a8a39504ab
SSDEEP

24576:uE78Mb2xagoj0oQqq2RTQGybPx5k2murnkpth78owI64j8lfF+aNfGk/h28aKBcG:uTjQd4oQH2RTQGybPxiqkptxDd+fnNf3

Score

3^/10

discovery

Malware Config

Targets

- Target
  
  艾兰主机端口扫描器V1.1/EThread.fne
- Size
  
  56KB
- MD5
  
  391a5e311cebf461334acb330a0faaf8
- SHA1
  
  8e46d3ac91ba123803d69a665c80b30f5a8ad339
- SHA256
  
  8f462850ca8f46dd4095097aac4fcfb04cfd7fb0020f410dd3612960a16cd054
- SHA512
  
  8e7bc8c3677c6afcedb6fe7c6f4aa7ab9097ecb015012e734c58d59d6b77a04ef12a32dc653e6e06c332c4bdb50cc5c986eb07b44a4203f9512dd168a289ecc8
- SSDEEP
  
  768:13gWNW3gyVNWTmOPMJcyS6K7viaViB9V5yHQ6Fq4oCaJaUOJK:5XkSTmOP0Cbu2BboCakJK
Score

3^/10

discovery
behavioral1 behavioral2
- Target
  
  艾兰主机端口扫描器V1.1/RegEx.fnr
- Size
  
  208KB
- MD5
  
  137e8e2668269fc9bcda36196ee4c30e
- SHA1
  
  3c8a10b5c48fa1c04a06a36825555e87db76a6f5
- SHA256
  
  2a92ac329edfa6e9064abb0de2e2d1d534966d8831036fd508adcab3b6812578
- SHA512
  
  44baa96cdf503e1df4b14575ecfacfed4786dfa224de458ebcf4d45eef2fa60661af30fdf5a00c27e62575bbac099be450c207f2b2ada281b676786a085f4b70
- SSDEEP
  
  3072:QDb7wL+rIdliCIjG8yUn4ZFI5aheI239qjG54fJo0H8R5qBx:5Lwp9G803SUW4tJB
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  艾兰主机端口扫描器V1.1/eAPI.fne
- Size
  
  320KB
- MD5
  
  f3bdb078e722c34956b370a74b518e8c
- SHA1
  
  5217eac6dbba8ed1819acf90596684f15e87b00d
- SHA256
  
  f3db44f1d7c4aaf281b9d8c1e9e542660e975e2abcc4d4927e78488303ca7ecb
- SHA512
  
  7878e0261561aa854489215fe725d1da63727805780a74658e2618011eca51999c925b63a6c962849376da2739db06b2abb7197acd64dc72ff50542d172244dd
- SSDEEP
  
  3072:0U0swaxu1SrlTvpSuKsZZA+CaHgepAPAdh+SmTsc05nJhonAfVMQDjwQ+9JQmRyd:0UHwakEr9p+AbCQpAIdh6mVMewQ+Lca
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  艾兰主机端口扫描器V1.1/eSkin.fne
- Size
  
  514KB
- MD5
  
  b86f61a424bd07b097a3921907acb229
- SHA1
  
  3270c851bee7f70e85421784979e3c2b7811c10c
- SHA256
  
  e067da819c50095332e4bbb4fc6d63fb6ad6ee801d0a92d751c38044c4387530
- SHA512
  
  9b7355e2c711a14aa92fb5bff0ef528ce933a74bcf9a5d3ca37fd3350c2010b2548e1b48eb7648efeb00db3deb4e5e2f36745c2d690853eb1a6234f530cd216a
- SSDEEP
  
  12288:UN2j8zRBj3+0/6PZ72YGFKrASwNTljWHuq:Emq7+0/WCLThqH
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  艾兰主机端口扫描器V1.1/iconv.fne
- Size
  
  924KB
- MD5
  
  4b2482f5e0d1a487950c30590f2fd839
- SHA1
  
  406d255b6b8748a19b94874fd10650b8b4e45ca3
- SHA256
  
  5728a470749f7fb802e9a8d4dcd17865679af174eab0bb50649f58c5713efcbe
- SHA512
  
  20e505750f62ec169f688bc903071f38e9b0fb1656e28302e5473f2dc0415cc8bfcd798ea0b09d9b3252273c565cd21c167da26c96d232367d65e18a6a6acf96
- SSDEEP
  
  24576:buqf2FfWl8KuqGavkg3NyNIbbbIoIBAUZLY:bV+s8KuqGaX0ToIBAUZLY
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  艾兰主机端口扫描器V1.1/iext2.fne
- Size
  
  488KB
- MD5
  
  a26c8b99e1519f4367893b3d3cd8e089
- SHA1
  
  397ed55f03acb6fe65d9d7c0bdc418da34eac8d8
- SHA256
  
  ef50e3e48358902f33639ec25cf58ef1ee3e3138f431291e41d4c193dfec2524
- SHA512
  
  fa43f76a23e87721f631f19646ddb297e7435012d06af25f4e18f02fe48f1533617b0dc8b3f3de886078d988c22853ec347e14fa59d7f33cb5a731696063fc26
- SSDEEP
  
  6144:Yujp9xZF+ES6jisyHOzC8QxEksWINE1DfYmgykSjsUgZ43KyEPhuTwKF:BZFX5zC8XkBIm1DfYml7otm3YJu
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  艾兰主机端口扫描器V1.1/internet.fne
- Size
  
  188KB
- MD5
  
  b925098c6a6330410cffb3994ef36211
- SHA1
  
  7467bb63d47ea2fa6dbf3984ede8d9e04b8ce37a
- SHA256
  
  f25727ce196ac0ab4119ab7968cdfe18425170b55012fc7fb26a3f824514d82f
- SHA512
  
  955ab8e3eb661cf575db0db77ca81fca16cdb3e29ce49237b1df1377d6f2aaff3c6a12bbc98a720f0a67292b39451474b97de31f696688a93547181991fffe0e
- SSDEEP
  
  3072:tpTEys+TR7yRoHzXjlhvtcxVIThpEbbAKNXoqlSY9M02MHUP:tpTEt+ycLHlCIThpEX9+XM
Score

3^/10

discovery
behavioral13 behavioral14
- Target
  
  艾兰主机端口扫描器V1.1/krnln.fnr
- Size
  
  1.0MB
- MD5
  
  dde0681ba7a02bbb1c9b756af7e53fd2
- SHA1
  
  eb1310a5848614d89e71e76bf6beee497a068017
- SHA256
  
  f1efcaa3a7b5bf98819ec0076984f4af595d595c2553f4eec454e6d96f2bf080
- SHA512
  
  1f9892ea5727159e7f0ec836dac78bd6923f7b803e5f39113a14c27b4bea5353503a7b998088cdf8ad0f0920e66a241c588bec0b2cab6b02157b54ab4ce30ff1
- SSDEEP
  
  12288:d9uwvXUjUEQRTykNsRo5uloubqAxxKYlNKVe0QhBOSIwflL0lA/2b:wjUB+ho5jAxUYshqBOSIw96A/
Score

3^/10

discovery
behavioral15 behavioral16
- Target
  
  艾兰主机端口扫描器V1.1/shell.fne
- Size
  
  56KB
- MD5
  
  b824c21472c72b34fa9e103a71b210bf
- SHA1
  
  8611a68c40c3c66c81795df814165b1338b2dca6
- SHA256
  
  544985bffdd00a24def65288354dd4b4b3b29c99d9e4965dba7463ab229c61bf
- SHA512
  
  d2167cb90019ed4353bca853ff8c2d1ea1923d0b7a19c253aa2680549e30c82557ddf76dd4d3dd2fa18d03e6802466999ded35b417cb80b8ec51569dee530d9f
- SSDEEP
  
  768:PeZWaAKT41c1IYc8HBbrYNYVw2Fj9oNIqF42eo6U:PBKT4fkrymV7oNIqC8D
Score

3^/10

discovery
behavioral17 behavioral18
- Target
  
  艾兰主机端口扫描器V1.1/艾兰端口扫描器v1.1.exe
- Size
  
  124KB
- MD5
  
  6f0ed14328b7947520087a8c8d8ab016
- SHA1
  
  836edf83d26c85a02bca4619d9346807f628fa70
- SHA256
  
  88e97be7ed782c0988ed64b261a469f7d31674e6b6466c29089b5d364486dfe3
- SHA512
  
  0759ca8ca45f3f3deb6c57bed16ebf3b1dbe23280ec23fc54e619ebf1a95ffdf21e4c29fc8781dfd3798ba7fdfab3c65b607cfb5e46535b06adf748979fe6f8a
- SSDEEP
  
  1536:ssTz6rcjPoBThJc8uqn72WQUAbKOofKPYbn/JXJAmzcLqUYabOueuKYIUaY10:Jz0mPo1hGHtihY10
Score

3^/10

discovery
behavioral19 behavioral20

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20