ae126cf66d8018fae70d28b2aaeeb9110afc21dfa26b4f199a280bbf29900fc0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fd77081c653f97fbd530a72151397f70_JaffaCakes118
Size

1.1MB
Sample

240929-azzw8sshkk
MD5

fd77081c653f97fbd530a72151397f70
SHA1

abe7eba01774c396d3c50a7e10e5d83dbbf3ec56
SHA256

ae126cf66d8018fae70d28b2aaeeb9110afc21dfa26b4f199a280bbf29900fc0
SHA512

f509f18106e33a39b6d937d49f7d4f1082710b67f30348bb55434b55bc1bffb57bda50e386a1f7e17e488c55619f00bbff7da769b4463c063005814977a889d1
SSDEEP

24576:tilnPtOZT6Un7rx1l+UBuSpizSPIal2s5vE2vA0TUPHpiYmZkkQMKLNJOQxTX+W+:tUPtO5R7NoOiGPIal2s5/vxtoMKLDJlE

Score

7^/10

discovery upx

Malware Config

Targets

- Target
  
  使用说明.url
- Size
  
  155B
- MD5
  
  572730ee9e261904cdf0e17b6e0ea309
- SHA1
  
  20d050630daf3cad339e7e379e47a79e2feb7253
- SHA256
  
  b35e76792cd983a6f84d937409777d29121e9e335315430863cf4beaf6f8f4c6
- SHA512
  
  a555eb1ba6f5e57b3ff643ec4d05b2b54a22277f27e931e2d7e780d02c245e5e8d9487e3c89a57737cf118edb51aa93d42871734e87ead31618d45a2c65af3c9
Score

1^/10
behavioral1 behavioral2
- Target
  
  小飞QQ机器人(支持自动验证入群申请)_Jisuxz.com/XiaoF.exe
- Size
  
  2.2MB
- MD5
  
  29bb8e035171ee6377d52cd684b53739
- SHA1
  
  ce6f97ad493dab4e4e5eb2a253c9c6290e2e124e
- SHA256
  
  d7d1858f4a59c10b04c6c5a46c4ca78c8ed831a5d8b11c08489b329af83fd65c
- SHA512
  
  0428cc1ba978b75438fa5b25bed5d2c1ac811c83f9d42d3dcbaf93024b0e40df7585801f1c20a4c6e8adec13faa8ad1ee51e7859bb4ec39c25cb11339d97a029
- SSDEEP
  
  49152:8bIcJLhiPDsvR4E3lrxS4Wu9Eml262aspsw1RiPn4EKJkh9OeKkoqewR73GsgmHk:gvioBtxLGml262aspsw1RiPn4EKJkh9c
Score

7^/10

discovery upx
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- Loads dropped DLL
- Drops file in System32 directory
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral3 behavioral4
- Target
  
  极速软件下载.url
- Size
  
  299B
- MD5
  
  1362b6386a2252adc489fb757e56b1c9
- SHA1
  
  57e373818ab781c3e80c0fe87da73840315d0ffd
- SHA256
  
  49524d97ec5bb9bc481c692c1cdf3cd85a2f101186fa5495b5eb46e392d6b8c2
- SHA512
  
  1d4cc4e9137c37033ff54fa009d58493347874b55fd16955fe46df25e23a18efd52fa55c97ce46ddbfafc5b7d6546f9383690511b5c1e04bc717f2647dbb9cf6
Score

1^/10
behavioral5 behavioral6

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6