General
-
Target
0a76ba005de0ed8293e2291e239c0197_JaffaCakes118
-
Size
722KB
-
Sample
241002-nrvjfatfjr
-
MD5
0a76ba005de0ed8293e2291e239c0197
-
SHA1
de6b96aaeeeae953d4ea540311f2218418513a55
-
SHA256
05b83fe3c961a52758f8feba4639689fa10dff21ef0a70d8f642e915f484376a
-
SHA512
24b340b9b954cfc7e3c5d71b7339d2ddbda40f7e7a28c8f058db47e3f7f9bea1b56e22fd30e4b0b6e7001288e913ab9a92a0504b6ed201e2cc7305975c254989
-
SSDEEP
12288:VuVM4SZsZna2o2Yub4SVtyAIdiGY6NUIzffLTqVdxIEdiGY6NUIzffLTqVdxIA:gVM4SZLEb4SVBT6F7zTExI1T6F7zTExL
Malware Config
Targets
-
-
Target
OFW1_SDK/Demo_VB_CN/Form1.frm
-
Size
45KB
-
MD5
6f6fc4f1d00dd72f0ded2aa0a10ebe78
-
SHA1
1853163145a4dbdfedaae9a6114e85cedcb146d5
-
SHA256
e93f667116eb4097f43857fc4954c9cc1279685b191ccf7baf0e35f430bb5b7b
-
SHA512
ee443739ff1e15bbf2b031ac63f5f0aaac97243bbb10c62e33045942b4f040356c478fdb5ca7b90c27f24f11e7b8658bb028c9c41e2473181127fa2a0a2a5616
-
SSDEEP
768:L68b5okGokKukDkkO+k6Nikqk8kukfkOk1k3Cksk0k/kVkQg4khk/38:m8b5ok7uIksnip57wtGTbJ+o5g4mO38
Score1/10 -
-
-
Target
OFW1_SDK/Demo_VB_CN/MSCOMM32.OCX
-
Size
101KB
-
MD5
2c6119da3993f410e74b15112f840cb0
-
SHA1
9d7aaffc0bcf955cc75d4ecc228b1ceda8a1856c
-
SHA256
51a1d6812e445c26c71465e2709e6d1ad587f8513002d662cd160f424f48b37c
-
SHA512
053ece4eb2ddba51c0d683a7afd439ed88605ab83619de738f7ad2495bfe9e9f16fc3b829c7fc9c779b50f039b9fad66d16aed520a5adfd1522a711073f78208
-
SSDEEP
3072:zsQgdI5Hh8p28XMehRYSdB/TYDY44UGyGfDnfra:zdgdI598jhRJpYDY4fefna
Score3/10 -
-
-
Target
OFW1_SDK/Demo_VB_CN/MSWINSCK.OCX
-
Size
121KB
-
MD5
e8a2190a9e8ee5e5d2e0b599bbf9dda6
-
SHA1
4e97bf9519c83835da9db309e61ec87ddf165167
-
SHA256
80ab0b86de58a657956b2a293bd9957f78e37e7383c86d6cd142208c153b6311
-
SHA512
57f8473eedaf7e8aad3b5bcbb16d373fd6aaec290c3230033fc50b5ec220e93520b8915c936e758bb19107429a49965516425350e012f8db0de6d4f6226b42ee
-
SSDEEP
3072:9PdIuG8UvahsdcYX3UI2EuJ3im/ZCdady+RlTp/VYq63+sB:9PBUyhsdEI2++M+RlTHYL
Score3/10 -
-
-
Target
OFW1_SDK/Demo_VB_CN/OFW1_Demo_VB.exe
-
Size
60KB
-
MD5
517d91bfc959612db12870d8f92881cc
-
SHA1
df8f4a4f6318778dc6524bfa847df12ba8af0d91
-
SHA256
77e746f9bd1c2f9dce1c91dc78a492c8ee8c3348ea4e4a053ef073bd124b5f06
-
SHA512
fc70906cd7393ef13408110697faba092d9284030b790b1b930fa4096f666dd86227bdcb7b5b8fe407fcde55399791bef3f0c413866144d1d0ac5db306ab12b9
-
SSDEEP
768:x6xFDZLkDZTmIdue8nkyG66hgKhghJTxisnzDbsPnB9:kpL+TprwBP6WKWTdZunb
Score3/10 -
-
-
Target
OFW1_SDK/Demo_VB_CN/OFW1_OCX.oca
-
Size
25KB
-
MD5
863a8524305d4c2b9e1ba23e78aed798
-
SHA1
def31e33d83baf2f7520dab95bb5446473f4fe07
-
SHA256
b9666574ee0218f2638cd9ba33710eecbcfa66093d4dfd4445e5521280bd2ea4
-
SHA512
0b20516e2bcb906ed3e29796b4937d4020615bfac35f199ceec1f3a9e99cc450268c2fafff7c1535396b4011457660866c1edcf8daa7acf98a7458e2cbfc1c59
-
SSDEEP
384:04tjPHtqZEqFjtBhLga3ZLm3CTBW3DwS7cMGxOaF2tDkT+NgHS7cMGxOaF2tDkTc:0UjPHtQhBhLga3ZLm3CTXUgvUo4
Score3/10 -
-
-
Target
OFW1_SDK/Demo_VB_CN/OFW1_OCX.ocx
-
Size
68KB
-
MD5
67321bb6377d41085f8dee97597d63e1
-
SHA1
b51ebf6071921cb896b14dc75bdced709a88804e
-
SHA256
b79c9c24e80a5fce64d0e2a578397fe0f303991f113e77c2c8a1abed4c483d7d
-
SHA512
b2ae0f93297981eaba97d3ade12bbca2c53636e15c3307822d69e64eefed892d78d960ef8f24bf261abc6b7cb727afe2fadc1647821278ead70904304f55db78
-
SSDEEP
1536:oOmKGbn2/a81wZ1Ymo64mIihupKtR8Nhx29yfuYSAWYiwefntb5Lga3ZLUnO9:oOmKGD+a81NpKtR8Tx29yEMa9
Score3/10 -
-
-
Target
OFW1_SDK/Demo_VB_CN/lpk.dll
-
Size
219KB
-
MD5
f3998164a6f4278d01b3844cfd27244e
-
SHA1
29bc5a76f2bd7584369c495a1158fc7845d9ef69
-
SHA256
04d7ebc2f995235ec110323c79ce3385b04e345efc53d02a832ec4505d76fef8
-
SHA512
ecaf74d9b0c7c6f987565e2418feaee910eecddb5535d30b2000ad4fbb7abda5035f094a746d386f915cb22c51a0e4715bb6d689ba82d16c188f545d58099f83
-
SSDEEP
6144:oZBEUByHS5FgjVjiNacNU0jc+343MTTSUX:oZBEW5sdKNpc+34GT
Score7/10-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-
-
-
Target
OFW1_SDK/Demo_VB_CN/消费机操作说明书.doc
-
Size
49KB
-
MD5
318a8333cbf03dcd5054e51274ce0b0c
-
SHA1
427d3bfed04d48f62a2496bcdaf234700e707a55
-
SHA256
33b7de975b08a0244b4081a407dbd487d5be75a193f72875ad0b1f823badb101
-
SHA512
92212b7232fd17526f4c3260cf86f56464678d023c80db057ad89eaaacb38e18d750efb95792874aa38bbe9a1111c3a3fd7b0b81ad4891eb26d4a6523ae53356
-
SSDEEP
384:O1E6FwkqwJ6JL16akklbkAJoBL3TCbI3:Oi76ckSoBL3TB3
Score4/10 -
-
-
Target
OFW1_SDK/Demo_VB_CN/说明.doc
-
Size
182KB
-
MD5
0896932b65ef1b10169bc93d52b12807
-
SHA1
832da6f9326593bae730128f363541a06f04c59c
-
SHA256
67f7825eefbcb19c4c4cef0d3f2326a6ab7c0e9ec76dd7250cdf556845ef0c81
-
SHA512
c6210e3be45f40b1e69a6f39f3f6d64760fe2290751003bb14ed6d11a252e0e4430c34b44f0296cec62033381c4ea24a72cd17e033e0e9f5df3b4f0be0995bfe
-
SSDEEP
1536:SnCVcIcEoOnaoBY2W0lDXWBpP17vKoucRstuuoucRstuukNXXS:7VcIc8W0sBDzugsYugs
Score4/10 -
-
-
Target
OFW1_SDK/Demo_VB_TW/Form1.frm
-
Size
44KB
-
MD5
5c5a7063d724b58077fe6b590c78b323
-
SHA1
12e85668ce8db5e487c3cc262f5ae84a3507a38e
-
SHA256
05f7f291b3dce923e1bea602802ce00a9f72b4c473bd797b15a96a553e204692
-
SHA512
c182f454449eb6f66672badaf12247010371b1ef35dbcc2ef84d54558beb3e55fc4edda6743ecd2b27b044388c54672742aa3a5c751b8f155c859f737ae9c9c7
-
SSDEEP
768:Lfyupk4k2kB8ka22ktkJ/kikukrkRkEkAkIzkSiklkn1kk4kNifiB:zycxFg8r22uonRcC1vh64O1kHE4c
Score1/10 -
-
-
Target
OFW1_SDK/Demo_VB_TW/MSCOMM32.OCX
-
Size
101KB
-
MD5
2c6119da3993f410e74b15112f840cb0
-
SHA1
9d7aaffc0bcf955cc75d4ecc228b1ceda8a1856c
-
SHA256
51a1d6812e445c26c71465e2709e6d1ad587f8513002d662cd160f424f48b37c
-
SHA512
053ece4eb2ddba51c0d683a7afd439ed88605ab83619de738f7ad2495bfe9e9f16fc3b829c7fc9c779b50f039b9fad66d16aed520a5adfd1522a711073f78208
-
SSDEEP
3072:zsQgdI5Hh8p28XMehRYSdB/TYDY44UGyGfDnfra:zdgdI598jhRJpYDY4fefna
Score3/10 -
-
-
Target
OFW1_SDK/Demo_VB_TW/MSWINSCK.OCX
-
Size
121KB
-
MD5
e8a2190a9e8ee5e5d2e0b599bbf9dda6
-
SHA1
4e97bf9519c83835da9db309e61ec87ddf165167
-
SHA256
80ab0b86de58a657956b2a293bd9957f78e37e7383c86d6cd142208c153b6311
-
SHA512
57f8473eedaf7e8aad3b5bcbb16d373fd6aaec290c3230033fc50b5ec220e93520b8915c936e758bb19107429a49965516425350e012f8db0de6d4f6226b42ee
-
SSDEEP
3072:9PdIuG8UvahsdcYX3UI2EuJ3im/ZCdady+RlTp/VYq63+sB:9PBUyhsdEI2++M+RlTHYL
Score3/10 -
-
-
Target
OFW1_SDK/Demo_VB_TW/Mach_Explain.doc
-
Size
53KB
-
MD5
58165d3f6d81ac1518395c5fe85ce120
-
SHA1
4c80e3e45ef6fd1e4dd2fced2131c07fb29beafa
-
SHA256
62eacd2f812d5cef2afe6c4048b41e9882c5f94b92f1b791cd6884ccdcf4a07f
-
SHA512
07a29f3ef14d4aa0a4fe5e3633e21dd0a73db365eff8ff0f40e9bb7357c32734f24c366379b08b74c98434b17c680e4e63854820ea5cfc29d1e1e16d5b884fa2
-
SSDEEP
384:slhexjflAUntXi5O4IvIBOIu32kkd6Lj56+Tpds9YpTddC:mhexDnAMtdN6VupTH
Score4/10 -
-
-
Target
OFW1_SDK/Demo_VB_TW/OFW1.doc
-
Size
197KB
-
MD5
7db254e5d751b2bf42167b293bf35c6b
-
SHA1
ef865080b36548f596a4fa297ff1a228e87a7a20
-
SHA256
9543e1803e585cdae763311e5774cc70a4a769da7c2dfe22508cbc692d57f15d
-
SHA512
bea074927bc2eff53e472ec407733642bb73918c28ef79ab1977403627d4802f8b6d3d746ad11a14b22a826e0f9e3213bb8a72cbfa7989aa7c2cdcbead77f776
-
SSDEEP
1536:WnUJhoOnaoB+3BO9rVMCHzVf1opPAd5a7vKvucRstuuoucRstuumt9Q:vJu3BO9rFHzVt2Ad68ugsYugsWz
Score4/10 -
-
-
Target
OFW1_SDK/Demo_VB_TW/OFW1_Demo_VB.exe
-
Size
56KB
-
MD5
40e3a1ac00cae1c09831e6447e2ac9e9
-
SHA1
1eb26a3ddde64b8e54bef7ccace217ed872c7522
-
SHA256
716b0a1c093307fbd3a2b61515d876ec6653f66a3cb3a8c6e5fb585cb1c356f7
-
SHA512
3a3080576c6cbac175808d4173b53cd980f825c3b6eafa47865d9ded2a7798292877b340d17192e02d1c5f85b87f8b659d20ff5b9e8ebf38a2643c04dcea454f
-
SSDEEP
768:eCsGJbTczZw3uXsw7GgmHhukkkTnAgHJz61Cs:tlJvczZw3uXH7TMhZnOx
Score3/10 -
-
-
Target
OFW1_SDK/Demo_VB_TW/OFW1_OCX.oca
-
Size
25KB
-
MD5
863a8524305d4c2b9e1ba23e78aed798
-
SHA1
def31e33d83baf2f7520dab95bb5446473f4fe07
-
SHA256
b9666574ee0218f2638cd9ba33710eecbcfa66093d4dfd4445e5521280bd2ea4
-
SHA512
0b20516e2bcb906ed3e29796b4937d4020615bfac35f199ceec1f3a9e99cc450268c2fafff7c1535396b4011457660866c1edcf8daa7acf98a7458e2cbfc1c59
-
SSDEEP
384:04tjPHtqZEqFjtBhLga3ZLm3CTBW3DwS7cMGxOaF2tDkT+NgHS7cMGxOaF2tDkTc:0UjPHtQhBhLga3ZLm3CTXUgvUo4
Score3/10 -