8273b70d9704478e2d92698c870349a3b249fed668eec01932cc0ec0f20bb405

Sharing

Copy URL

Twitter E-mail

General

Target

10dc41c5cd496a23aadf3f885c9eb69a_JaffaCakes118
Size

916KB
Sample

241003-26vpmssajq
MD5

10dc41c5cd496a23aadf3f885c9eb69a
SHA1

2ce133268176662c4a468af607107367359da2b6
SHA256

8273b70d9704478e2d92698c870349a3b249fed668eec01932cc0ec0f20bb405
SHA512

65d6232848e594ccc38a4087889e68cd8d30ae66c2badf0fa433ff8addef8bb981908d625b75fffd074dd3d317b9c190b995e0e0c0b76349ed02f6e5acaac7c6
SSDEEP

12288:wY8BDuDvs3gI8U2Dx7meAcoG+OEUNxNIUliZ07Y9miws0D4krGNZ1T5Slwd1pOzc:suD7qF0NI2YYiGQ5SKd1pQO5USbMS

Score

8^/10

Malware Config

Targets

- Target
  
  wl_gx-juyuwanghewuqi2011/HiCode.cn.url
- Size
  
  167B
- MD5
  
  6961bc95c093e364ee4efaeaf178a61f
- SHA1
  
  b47f7bf892ed3396bf6c9d6b2011f18bbd1bc49f
- SHA256
  
  30a2a9cf731b3bb8d8d4c236589693860fb950a8e00461e434a50276ab390ddc
- SHA512
  
  554fd5534fd156c57322fb89d1048a13f0183c74693d4681d08a3742c8afefd344c61ce09145c7d4ad6d897a17a84a7daa00a4785848d33b692c58201a1b07a6
Score

6^/10

discovery evasion trojan
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2
- Target
  
  wl_gx-juyuwanghewuqi2011/局域亡核武器 v2011超级版/HiCode.cn.url
- Size
  
  167B
- MD5
  
  6961bc95c093e364ee4efaeaf178a61f
- SHA1
  
  b47f7bf892ed3396bf6c9d6b2011f18bbd1bc49f
- SHA256
  
  30a2a9cf731b3bb8d8d4c236589693860fb950a8e00461e434a50276ab390ddc
- SHA512
  
  554fd5534fd156c57322fb89d1048a13f0183c74693d4681d08a3742c8afefd344c61ce09145c7d4ad6d897a17a84a7daa00a4785848d33b692c58201a1b07a6
Score

1^/10
behavioral3 behavioral4
- Target
  
  wl_gx-juyuwanghewuqi2011/局域亡核武器 v2011超级版/局域亡核武器 v2011超级版.exe
- Size
  
  1.7MB
- MD5
  
  6e26256749925faa15e430a680247e21
- SHA1
  
  8d7a2c622cb99858d155b5223f6623f82207a8e0
- SHA256
  
  a6ec610c8be2d2c568f7e59c239bdbcddb4848f890cdacf1e2feec518586fe40
- SHA512
  
  5b620faeb096eeef21180765b9632777229cc57ee880ce4fa0b461ae127093fcd74ff777c82199b6662e41ae958ce678feb77211828de2792a2ddbc37f1add60
- SSDEEP
  
  24576:sfnuo8sAjfXL7SjqDCaZv0c4VxIvT+r5F3cUMRr5yjkZNVbAA8VJnOrWJPvVPWq:wQfXvCA4xIvTq3VMRdygAtOSlVuq
Score

8^/10

discovery persistence
- Boot or Logon Autostart Execution: Active Setup
  Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
  persistence
- Executes dropped EXE
- Loads dropped DLL
behavioral5 behavioral6
- Target
  
  wl_gx-juyuwanghewuqi2011/局域亡核武器 v2011超级版/请先读我.htm
- Size
  
  2KB
- MD5
  
  b554a60395f7711be59224c39467ab35
- SHA1
  
  1c71e44b46cb347a9328e44e2e30fcc7ea5323a4
- SHA256
  
  08c75878724ddcc1954412b251572446d5427ac48f91c3fc88c2284287c19001
- SHA512
  
  021a4439e536f9e698529534689f7264e735c3719edd955f1b7b378a632052d650c654dca4e132ca8dc6f16966af77c149b2aa165a854ea43fc44b32f7178de2
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  wl_gx-juyuwanghewuqi2011/请先读我.htm
- Size
  
  2KB
- MD5
  
  b554a60395f7711be59224c39467ab35
- SHA1
  
  1c71e44b46cb347a9328e44e2e30fcc7ea5323a4
- SHA256
  
  08c75878724ddcc1954412b251572446d5427ac48f91c3fc88c2284287c19001
- SHA512
  
  021a4439e536f9e698529534689f7264e735c3719edd955f1b7b378a632052d650c654dca4e132ca8dc6f16966af77c149b2aa165a854ea43fc44b32f7178de2
Score

3^/10

discovery
behavioral10 behavioral9

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

T1547

Active Setup

T1547.014

Privilege Escalation

Boot or Logon Autostart Execution

T1547

Active Setup

T1547.014

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Checks whether UAC is enabled

Boot or Logon Autostart Execution: Active Setup

Executes dropped EXE

Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10