e08c3626a1c31d7d41230206b82c57827140827dc766dfbeb5f14722bfe2c7c3 | Triage

Sharing

General

Target

fd79836c324c6054236dc019289d9fab_JaffaCakes118
Size

3.4MB
Sample

240929-a5e41swdje
MD5

fd79836c324c6054236dc019289d9fab
SHA1

d5f050d83e409d3c5de85d9e4dd516c87f43e2ea
SHA256

e08c3626a1c31d7d41230206b82c57827140827dc766dfbeb5f14722bfe2c7c3
SHA512

6ec61f773f140382250c8bf5cc71d9efd5834ad80a1c4b57c84b574e4d3cc10257c18eb568ffb837be68b7ce1d0fd1b7c6a44ec7ab5b660e5318f5923b67006b
SSDEEP

98304:Kxs/uhewPaq/qYHSIU9dpN9idqGBeaRwOWu/+4H:Us/8spdpNS93wO1/vH

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  Hjqq_V3.6.1_crsky.exe
- Size
  
  3.4MB
- MD5
  
  84b2fc1a9b64cbf797dd779b2e623f52
- SHA1
  
  7745fbef89fd0a3c03479f4640a0ad658da24188
- SHA256
  
  df9fb4c8efa15ad3cbb11163451c8a13a14cb87d1912baeb64c84c205f524d21
- SHA512
  
  edd263821e3ffee9fc1d8d2c948fd42c53639a117825ea5d7c226cddf9f45828239f59830c18af4ef226cd5cfc7c3b2472b80bcf67927feff1261df7c72f5970
- SSDEEP
  
  49152:fcGtLN+9lrGyzMuViLDrDbLoIdzTJ+p8sqjdCP3qMowzhtkzemReRx1nJKTwtJW:fcGX+l1RVErDbLoK/JjTjd63U6oD+TrW
Score

7^/10

discovery
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  14KB
- MD5
  
  32aa6334fc543e70ef0f792bb9a0c45a
- SHA1
  
  54be1f5004f7e5afe7c9ba160495076ea2a4d60c
- SHA256
  
  610e54bcfc2831d4f9d7030ceb16d35ee33006403d842f01b6e75bebea0083e2
- SHA512
  
  ac92116821a032de8df64bf9aea9c6ba4040467eebaa4e028c2bf031f1c81bb69531288b9d89d951b952fe0b4ecccade874a5ae76d04db8b4dee2d13c486f9ae
- SSDEEP
  
  192:V6JaVGQ+xI5EeuyvMmGpeWH2J5xprN+AxTwK72dwF7dBdcQOz:V6JaVh4I5rpPbTw+BdhO
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  10KB
- MD5
  
  7d85b1f619a3023cc693a88f040826d2
- SHA1
  
  09f5d32f8143e7e0d9270430708db1b9fc8871a8
- SHA256
  
  dc198967b0fb2bc7aaab0886a700c7f4d8cb346c4f9d48b9b220487b0dfe8a18
- SHA512
  
  5465804c56d6251bf369609e1b44207b717228a8ac36c7992470b9daf4a231256c0ce95e0b027c4164e62d9656742a56e2b51e9347c8b17ab51ff40f32928c85
- SSDEEP
  
  192:IDO6dJA/ruAFEiUdWWE6hE5RYUdJfbub1afgMO:TKAFERdlxhGRYUzqZaf
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  Config.exe
- Size
  
  56KB
- MD5
  
  871cf3d10b5bb16b10cef7c276b9837e
- SHA1
  
  9b725b42c75fac7f744f918db6ad5b5e8311360a
- SHA256
  
  60cfa0b77ee65e6c03e9915afabd1706eaeeb6db875442aaf19a600361bf8dfc
- SHA512
  
  8fb1f03cccb90f8a83af851bb6aba28a3c38aa2ed61a120c62d426e269b2ee77698758a67f147b7b0033f84cbfd1e69165da134a83c60c6ac4e2b0171b616265
- SSDEEP
  
  768:yH4oY3SnYMGYWLohtYTHRfNtpiKYzSiYMDxX0DsAk:44lCYMGYlhtYTxfzp+OUDxN
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  Hujiao.dll
- Size
  
  816KB
- MD5
  
  7e1e0028686d4c2f4429de84359db38e
- SHA1
  
  b464e7f9a4169fd94469731637f4e2858cb3c1a3
- SHA256
  
  7ad4040a27aec301998184c6eee701799faf377d19a4af494fc9f40cd37f867a
- SHA512
  
  021a7f018a8a7b3b1f7caaea5e3a010ad315da22c95389e45c95527d8c523e62986999c7f649c09b83d4c25e3d1132e8949baf5e4fb3731e510fb70b8b283c78
- SSDEEP
  
  12288:rCaMpFSy9lWzBz96W52cTULMMLQqvMPAsyfNofmeuPReMjBCl+TnOjdtbmuC:Y4zBYo2049LfjBVTnCjC
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  SonicUI.dll
- Size
  
  600KB
- MD5
  
  243d4277b84b71ba1ae7302a3f78c87b
- SHA1
  
  85b32177418bc6715087feb3229316061c899cff
- SHA256
  
  91c82e4a1042700b4aac4aa0b8e29a468798b16e49890c32203b35c4faa42e92
- SHA512
  
  42d1d478b816a77e57a2b239d9008ced38c6d0921139d90de783303cab1015baa67e50170247c8f337ea517c7c808ff621c57e2fa9ee743ab9ad15e4b4e85e00
- SSDEEP
  
  12288:gVX6xzGXeGKzEV2fYZHW+pnRuKCFqvN/cJ8jJYeFY9AZflAGjzUCoTx+c:gsy4gV2QZfn1CFqvNE814C2nTxf
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  msimg32.dll
- Size
  
  40KB
- MD5
  
  ace9700bf293af4f8cd7bf85573f3374
- SHA1
  
  13a0640cb6ebdafe4b3967a092eece0e7b27c21a
- SHA256
  
  fab80ebf54478f7880a64e69a9b86d487228aaca66d4ad4ad4fafbad1235989a
- SHA512
  
  53041784e6100ef08407bbc0e86dbf4edf7b489998b67aeb99fbd5b32197de96ab57d7a0065cf66999849caf86bfa92ae817321b5908ea524f317b798eeaa338
- SSDEEP
  
  768:SRelK1E2JUlQdiBh+ZuLFO2ecdvN6HED/7H:S4UJTdiBh+ZuLM2/N1DT
Score

3^/10

discovery
behavioral13 behavioral14
- Target
  
  patcher
- Size
  
  48KB
- MD5
  
  df3df47c8e26f2fc06b86bcdfbbe3381
- SHA1
  
  802eb16af3ea50d7bd54182be8defe1a94eda81d
- SHA256
  
  be8f65ad8f1ed39be914d644af6ea3fa18d3293f8f2c2868e1023eb4f8365417
- SHA512
  
  b84490ed7ca3b2fe05f3536713328184454ebeeebfb505c774e4f0f127748b14149cb9c67325bdcd45d5ea4e63cfab3c94a785951b6ecc22f89f61d193ead67e
- SSDEEP
  
  768:QLt0OaCngc3O9jzmR9bjLJ7FDpdTSlTXKlcKt/+Z1L:QLxaCnF3O9jzOZjLJ7RSklX
Score

3^/10

discovery
behavioral15 behavioral16
- Target
  
  uninst.exe
- Size
  
  41KB
- MD5
  
  4b0c4f006f8f87ce71a3a02e5b586646
- SHA1
  
  768c4e19c171b2518003ffb8c6370fa52d7c5312
- SHA256
  
  c4354078a30e58af059ae6d0c7d37dee4b0483e6889c4d3b78200c0a550095dc
- SHA512
  
  702e4308feb8c3661060fb32060b2ba1afa5fb4d1d977d1d9d2cd047efb172037a07cd587cd06bb9ae19c7690828d630d13bd1fce89a2b0283efd429652086ed
- SSDEEP
  
  768:11DVgVapclBrPlbLQPCGB4/deAC6Jn7z8Ld8tx8wxp4wFBOV1mJAzt+hMqZIXRkv:jDV6awBrdbLkrude7mnflp4tmJMcMpR0
Score

7^/10

discovery
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral17 behavioral18
- Target
  
  QQ.exe
- Size
  
  503KB
- MD5
  
  2ce903fb8b40e009b22d76292bf0eab5
- SHA1
  
  b5ddeb3ce63daa50cb053c50beb349cd8ba6b214
- SHA256
  
  652d6e1188c104576f18385ec4cff760472ac3baf0a987ff6a12737db2a49b50
- SHA512
  
  cbf16f569f5cc34c52e1e0293f2a29ae3b31f906e315857311d0cf3f7633588723ff6d95d331bd887071be96ec0d74317890e88a892ef9cc8c5e722ac515aa78
- SSDEEP
  
  6144:uNqqtdbrmy4eNjD+9gDnnRFvEZPAdrFDj8kPsh9JmV8WkpMElaLKDAhm20PmlW:gqqv/mXeMqvIcrFyh9SDQLaLSAB0PM
Score

3^/10

discovery
behavioral19 behavioral20
- Target
  
  新云软件.url
- Size
  
  133B
- MD5
  
  4f0017b3b346bd0626f0c3b915e6e734
- SHA1
  
  823bf3ff9e16cd636c9dc0dc690d6a586fcbfe92
- SHA256
  
  df65af1fc1e09f6effbde7e0ef1cb64d6caeef1f62b0e6467821efa032533678
- SHA512
  
  0f5eb5024cf6a0323f7998d419995a707c48de917a5899a185369e6acfeb17c09ffa03f7d110adc87b8de20b7d4bf30d50c72479bfb18614d2e21cbe169dc5a6
Score

1^/10
behavioral21 behavioral22

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22