Overview

overview

8

Static

static

3

『炫舞�...� .exe

windows7-x64

8

『炫舞�...� .exe

windows10-2004-x64

8

艾艾游戏网.url

windows7-x64

1

艾艾游戏网.url

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    120d70240bafd003ee695ede6c25ee85_JaffaCakes118

  • Size

    1.9MB

  • Sample

    241004-gbwm8s1ekf

  • MD5

    120d70240bafd003ee695ede6c25ee85

  • SHA1

    32497b4c38b9dc197ba10bb23f96002d5980d90c

  • SHA256

    9c68b4d21ade05995b06c19bcba8fd38a77696e4195718dceeb0de3398496717

  • SHA512

    c27309763c4424ac08d69fb7c93b239196cb41f8e7b9caa4aed1e33344c424a34ceae99714735a086e72ba58786567ea07ae63aba0113e00e3326ced20230346

  • SSDEEP

    49152:l/i0+wGlctfDcyS24frSJgelDsO92iXzTrddJNYSlWi:lP+wGqtLcn2W4LNpXzXdjNYwWi

Score
8/10
discoveryevasionupx

Malware Config

Targets

    • Target

      『炫舞木头人 支持3.0.6版本 .exe

    • Size

      3.9MB

    • MD5

      f65cd415b568f03d160f7262878f5a6c

    • SHA1

      a2b9d9b4b81711d6871b57df9cd3b03eec713e41

    • SHA256

      41ae3e43a698fae119faf52b27773a6ac473beadbd74865e3433569a512077a7

    • SHA512

      9823cd785da59f6d4cacdb0c7fae3ab9f7069a40aa26d75edac190eba7f62050d186cef8f3013d22f293b377dc481d794c0ebc731c40b0eb255fba143d14765e

    • SSDEEP

      49152:9OEuikQNI/QTZaqdwk0c05HGiEsKGUlN9tV4EK4mWfN:ruibNI/QYqdwkLcHHHRONpr1H1

    Score
    8/10
    discoveryevasionupx

    • Blocks application from running via registry modification

      Adds application to list of disallowed applications.

      evasion

    • Drops file in Drivers directory

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

    • Target

      艾艾游戏网.url

    • Size

      205B

    • MD5

      75cdf710a1e5a1622a18202480f58cdb

    • SHA1

      6c6ba6622aa65f9c9f04e8779efcb627465eb6d2

    • SHA256

      8cab5f470f701142fd3d2df08ae4f25b6e790c7ad3271cdda4b4d3ecfcae058b

    • SHA512

      4f0d9ad7b6aa30e736008bb71486a65b8b497c363735573fad6886115e7754f28e0a002449c113f5d32d5fae723b150c50433ae84082bda633f3459f07e4457d

    Score
    1/10
    behavioral3behavioral4

MITRE ATT&CK Enterprise v15

Tasks