854a7aead968734846ea63b9423c28f3b0a1080321ef24e7349d497085b233c3 | Triage

Sharing

General

Target

f0304255c6807d92be724b1f82ee35ea_JaffaCakes118
Size

3.8MB
Sample

240921-tycvvssclm
MD5

f0304255c6807d92be724b1f82ee35ea
SHA1

6798404c7f5a16241cdc24f36cceba9def408de8
SHA256

854a7aead968734846ea63b9423c28f3b0a1080321ef24e7349d497085b233c3
SHA512

835294a9ba11aae8bf26cadaa9e1b893dee897ad0cc84d0e311ade688018e5ac55e28e22305c14025efbaf3354c49001f65723a74c1089fe003747674e9c0dc6
SSDEEP

98304:BP+ofFqFa+4/r8CNkS7zl8wlqLiOFEAKTDr6vggW:BPdFYsjzKLB9KTivg1

Score

7^/10

discovery upx

Malware Config

Targets

- Target
  
  77169.org/ɱ͡AVG-Spyware/77169.org˵.htm
- Size
  
  5KB
- MD5
  
  d122408c88ea147d35137fa775d78d32
- SHA1
  
  818dfc81160c9e783e195d914d4b2ad81417a2d2
- SHA256
  
  1a246e720e02d8b2f9c59eebb673e48885d6d7a8fb194b5f4f0de57df28c4812
- SHA512
  
  4c1963e822bd52ced208c5906de4901349717b5fed2367b028a4dc8923d8c04f0fa25b8b9c5cf32391acc750a594de4107af71118416cfbe04a53b326634b917
- SSDEEP
  
  96:m1OQF/fRA2RWhwM6w6mheySgh/SnqjQhhwQ0660X8bJhnYOPMj1zNMXlGvak:mXF/JA0VdIYehN2hwQpZ+JhnYOPMjxNJ
Score

3^/10

discovery
behavioral1 behavioral2
- Target
  
  77169.org/ɱ͡AVG-Spyware/S-Player.exe
- Size
  
  152KB
- MD5
  
  529dcf72ea9d5b4923ad6d91ef259d9c
- SHA1
  
  49c2443ef837d9043cd8141b03ebe979fdb6526d
- SHA256
  
  d9cbc849ce8ad308df67c1e4f04b31b3e987d68fb2dd6ae135b487935b8ab533
- SHA512
  
  3a927131f9270953acef1f1f35bc627343dd27794283ed2a90a89c1c98be87e5531646d3df7da17f9d4da9a5d865344c4ecac3a19b50cbe96e9c7019feadf210
- SSDEEP
  
  3072:xixEujYX3Jsce07PTMHEOB25YD5SUK+MEICIrjcYmg5:wxExnJscrMkO45GMEHIrjcYm
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  77169.org/ɱ͡AVG-Spyware/ĺڿͬ.url
- Size
  
  76B
- MD5
  
  05ed0537b8052c33a9096c68b4d1d905
- SHA1
  
  19fccec1f302e67908f386ac239d31e2edd7b820
- SHA256
  
  0aeee0ba3eac8e4787109250c895aa0cfbce84416acdec154c33129cb65a56e9
- SHA512
  
  d633e68263362b027c53df7a3d463ab6db8361702f718670f1717cea6785f4d7a3abcae77d8bb27b40221ef47c54b4ddead00c690468b9339235848948071127
Score

1^/10
behavioral5 behavioral6
- Target
  
  77169.org/ɱ͡AVG-Spyware/̳̹/MaskPE.exe
- Size
  
  300KB
- MD5
  
  3c24e3012a9a9634b80654eb4cba67da
- SHA1
  
  472996afb54a6cab0f6c5408675cc6e9eae43ec2
- SHA256
  
  8f3783c5d0acb5433e9be681d7da859a160ae3129133766b4f799123d236e757
- SHA512
  
  30ac6e8bbc9ee6d2933e17168c24a651777ddd4b4b1b4cd8b8ad2a0268f52183c09caae532bc94451420c2f026b38de31d66c36a501896ff38562f4935b0946c
- SSDEEP
  
  6144:hERer2UjaK5PQoxiS/Awmp0KRlUi0iZYQMBhpnrng:uer2qaKCaiSYwmG4eJ
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  77169.org/ɱ͡AVG-Spyware/̳̹/hmimys-Packer.exe
- Size
  
  237KB
- MD5
  
  4378a9540e0c2e532ba7e4269a04b94a
- SHA1
  
  e13f1ff7ab4f1bfe6ed8cde0d681ddb5c4f047e1
- SHA256
  
  75bc213d17c3294f89d5a87467cf8aecf3c56bb1cba839a37b6dcc6f8b6947ac
- SHA512
  
  5e38aa9369246cebdd8d3867670885f7c17a438da2d86915d2117878857cdc05a7f1dda7f59be1240462c33b621088c39d2c5beb50a83a78e6d839402070745f
- SSDEEP
  
  6144:7h3+nnVpTfkHdH1fTDli+We5TRNRDgzFKvznpo:N3+nzTSpv75TbZ8FaDS
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  77169.org/ɱ͡AVG-Spyware/̳̹/vmprotect.exe
- Size
  
  1.2MB
- MD5
  
  30af37097ef1dc9c3ba7490b651e086e
- SHA1
  
  f067275926f557c6605b8b3e07b1bcbd596e503d
- SHA256
  
  ac519422786eabde8c0dffe71c21a29aa592e1ea1f22e9a0472d0cca671645d6
- SHA512
  
  6c8dee9dd957a9ff4b1c5e85616e1879e524ca751135d6392ee5677ce106da171b53508ea52ed87ec65294cfcc9f7eee0fe9c75fffa4f10b1fd9a0305963092c
- SSDEEP
  
  24576:qko+ikoPIW5ASChLStaMk+8TO0b4YovDDa/zedvVHoTt6y:qvLpPwLgh4P/wvVHo56
Score

7^/10

discovery upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral11 behavioral12
- Target
  
  77169.org/ɱ͡AVG-Spyware/̳̹/4.1ƽ.exe
- Size
  
  763KB
- MD5
  
  796b005c315ef1c476b30aa403c4e3d4
- SHA1
  
  4b0eae8e6ad0834c9ecbf00afc6539e9810094fc
- SHA256
  
  76444221653c00f313cd19146ad4dd4ea254fc1e7c795ae26796b51d67e0f05f
- SHA512
  
  b0229bd94da0d12df3d0bedc1d8f3308ad1d3f16cf21c22a6840ecf13a9c9bd8cb132bd6a031a908b311e91f9781564590c0d3b9236be0d52fa1fe495576000b
- SSDEEP
  
  12288:4cXBOWxqGRJ/V+Hy+XkWoBR5/o4iUjNk5XL5SWk9kSX84xlh3TlkZowWp:hROWwG39+S/WIR/iU5UbQX8QtT6ud
Score

5^/10

discovery
- Drops file in System32 directory
behavioral13 behavioral14
- Target
  
  77169.org/ɱ͡AVG-Spyware/̳̹/ڿԴרøڹ.exe
- Size
  
  2.5MB
- MD5
  
  6e789000bbbb9ceb6306a4d898991e82
- SHA1
  
  1c70bc87425d9f6ee9646e8bf34c16050a1a4c79
- SHA256
  
  ebd1d6254a9882b63d3cd3e3f044642a036a2f1d0f3e040b6bc4c1b22e870b35
- SHA512
  
  2e98ca63e8e9e066010f1b05221c2974b3198b78b1a44f0942f900e7b1370d188d72bb95642e4f3d19fc07a20653d3c169d3ea7559cfa11a07be2fd4e7f9047b
- SSDEEP
  
  12288:49WPgmXZptcABo99Ps+wQZseQq1WkRn0/ETDdA7kb5/sriZxvaAL5BlVrZB:XPgmXZfcAq1s+wQZJtjTRAa/QkV1B
Score

7^/10

discovery upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral15 behavioral16

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16