General

  • Target

    10dc41c5cd496a23aadf3f885c9eb69a_JaffaCakes118

  • Size

    916KB

  • Sample

    241003-26vpmssajq

  • MD5

    10dc41c5cd496a23aadf3f885c9eb69a

  • SHA1

    2ce133268176662c4a468af607107367359da2b6

  • SHA256

    8273b70d9704478e2d92698c870349a3b249fed668eec01932cc0ec0f20bb405

  • SHA512

    65d6232848e594ccc38a4087889e68cd8d30ae66c2badf0fa433ff8addef8bb981908d625b75fffd074dd3d317b9c190b995e0e0c0b76349ed02f6e5acaac7c6

  • SSDEEP

    12288:wY8BDuDvs3gI8U2Dx7meAcoG+OEUNxNIUliZ07Y9miws0D4krGNZ1T5Slwd1pOzc:suD7qF0NI2YYiGQ5SKd1pQO5USbMS

Malware Config

Targets

    • Target

      wl_gx-juyuwanghewuqi2011/HiCode.cn.url

    • Size

      167B

    • MD5

      6961bc95c093e364ee4efaeaf178a61f

    • SHA1

      b47f7bf892ed3396bf6c9d6b2011f18bbd1bc49f

    • SHA256

      30a2a9cf731b3bb8d8d4c236589693860fb950a8e00461e434a50276ab390ddc

    • SHA512

      554fd5534fd156c57322fb89d1048a13f0183c74693d4681d08a3742c8afefd344c61ce09145c7d4ad6d897a17a84a7daa00a4785848d33b692c58201a1b07a6

    • Target

      wl_gx-juyuwanghewuqi2011/局域亡核武器 v2011超级版/HiCode.cn.url

    • Size

      167B

    • MD5

      6961bc95c093e364ee4efaeaf178a61f

    • SHA1

      b47f7bf892ed3396bf6c9d6b2011f18bbd1bc49f

    • SHA256

      30a2a9cf731b3bb8d8d4c236589693860fb950a8e00461e434a50276ab390ddc

    • SHA512

      554fd5534fd156c57322fb89d1048a13f0183c74693d4681d08a3742c8afefd344c61ce09145c7d4ad6d897a17a84a7daa00a4785848d33b692c58201a1b07a6

    Score
    1/10
    • Target

      wl_gx-juyuwanghewuqi2011/局域亡核武器 v2011超级版/局域亡核武器 v2011超级版.exe

    • Size

      1.7MB

    • MD5

      6e26256749925faa15e430a680247e21

    • SHA1

      8d7a2c622cb99858d155b5223f6623f82207a8e0

    • SHA256

      a6ec610c8be2d2c568f7e59c239bdbcddb4848f890cdacf1e2feec518586fe40

    • SHA512

      5b620faeb096eeef21180765b9632777229cc57ee880ce4fa0b461ae127093fcd74ff777c82199b6662e41ae958ce678feb77211828de2792a2ddbc37f1add60

    • SSDEEP

      24576:sfnuo8sAjfXL7SjqDCaZv0c4VxIvT+r5F3cUMRr5yjkZNVbAA8VJnOrWJPvVPWq:wQfXvCA4xIvTq3VMRdygAtOSlVuq

    • Boot or Logon Autostart Execution: Active Setup

      Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.

    • Executes dropped EXE

    • Loads dropped DLL

    • Target

      wl_gx-juyuwanghewuqi2011/局域亡核武器 v2011超级版/请先读我.htm

    • Size

      2KB

    • MD5

      b554a60395f7711be59224c39467ab35

    • SHA1

      1c71e44b46cb347a9328e44e2e30fcc7ea5323a4

    • SHA256

      08c75878724ddcc1954412b251572446d5427ac48f91c3fc88c2284287c19001

    • SHA512

      021a4439e536f9e698529534689f7264e735c3719edd955f1b7b378a632052d650c654dca4e132ca8dc6f16966af77c149b2aa165a854ea43fc44b32f7178de2

    Score
    3/10
    • Target

      wl_gx-juyuwanghewuqi2011/请先读我.htm

    • Size

      2KB

    • MD5

      b554a60395f7711be59224c39467ab35

    • SHA1

      1c71e44b46cb347a9328e44e2e30fcc7ea5323a4

    • SHA256

      08c75878724ddcc1954412b251572446d5427ac48f91c3fc88c2284287c19001

    • SHA512

      021a4439e536f9e698529534689f7264e735c3719edd955f1b7b378a632052d650c654dca4e132ca8dc6f16966af77c149b2aa165a854ea43fc44b32f7178de2

    Score
    3/10

MITRE ATT&CK Enterprise v15

Tasks