37e1d41e8a7c463e721cc294f2c5413ad750a81be4aa4fa982673c596c91f567 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

36b9b8b3108eaf42061e802091e492fa_JaffaCakes118
Size

167KB
Sample

241011-zklhqsshlb
MD5

36b9b8b3108eaf42061e802091e492fa
SHA1

a8e9e4d39afc3f3724a1b06419b90ec8887bad8b
SHA256

37e1d41e8a7c463e721cc294f2c5413ad750a81be4aa4fa982673c596c91f567
SHA512

7428694b502302b29c6941612ed0d34e7e11fea07fa88f1b03c5e73cf17db425506aa476e03830262551fddb39ed9a4647be08928384c243c5a5ecd45ed22d1e
SSDEEP

3072:2y5AvnlHjGAoVZv9wz8En32gzlIC/VqnCKwqNyu1Nn6XHpdA:2y5APBjGAoVXwR2EI+AwqNzn65dA

Score

7^/10

discovery upx

Malware Config

Targets

- Target
  
  Cadt.dll
- Size
  
  18KB
- MD5
  
  a32950525269db772ccdeec32e263d3b
- SHA1
  
  967ef6990f1cffb0d35fa769c24dfb19472190c7
- SHA256
  
  a49e7721e6b9adc134abbb01a35b19a4b2d41e5238fc0490acfa9505f29525ac
- SHA512
  
  9443f9418cb614765f119f2127d7c4ab8bac28139b2d1405daaaaae2f3baf6ec42fef135955f31f6ebad5f49902c5d296566b7e7cbf25506f06635d383260172
- SSDEEP
  
  384:vvKy0f6VBGFmhcbNrxhgT8QfYGpzhdWJaP80jkoy7hPV:rIFeT8QDzhdTk0mlN
Score

5^/10

discovery upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2
- Target
  
  DisView.exe
- Size
  
  26KB
- MD5
  
  808c16a7dd6a0cecb79e17ec1c91abe4
- SHA1
  
  79569622d19bf0a44c2af144997eca0f79f0f94a
- SHA256
  
  ba4f7223bdffbaecbd959c2049f024207979c654e0af7e0993bb41d195afded1
- SHA512
  
  7df1f3e15a59805fc1143e323d2563c2cef398f7093ee88a236bbe1c3fda5a659ee751a452154f12b46bfca1f13be911b848b05475f1686504c6115f0604377d
- SSDEEP
  
  384:KVizLy8w0ehFaR1u9PWAuTJTsab1PvkNbIaTQ/ZIIsr6nU4uHuf2vi:KQi8eDOU9PMTJ9PuA/rsrILo
Score

5^/10

upx discovery
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral3 behavioral4
- Target
  
  LZNT1Decompress.dll
- Size
  
  8KB
- MD5
  
  cc8d70fcc8de6b6bbf96c47588699bb4
- SHA1
  
  602e3925f173925a1ba84cd82504f4d7a99148f8
- SHA256
  
  a552b12a3b65c42915ae1b616f2112fe33739ad332756ecb0a6e579318ed1699
- SHA512
  
  939eacaf746ec216abc3223b8107e3523eabe0fdbce70091e80f6ac3bb6b29479d9315a0a26332f40491684039220c12ae31cbda39b96d3f3992734aa94d78b2
- SSDEEP
  
  192:VnHiklh6n1AIToTnN0TNEdv8JAITIb/k:V7AAIoCKd8JO
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  MalHost-Setup.exe
- Size
  
  58KB
- MD5
  
  7d82e10c1001e0a45c1e88fd3a8e9ec9
- SHA1
  
  e240c64f2e59f5c8afce1e055efed0fd78de0acd
- SHA256
  
  511f0c47b8e9ba10f0b482890e0f61917e98778d85436a1c775af40ebbec92eb
- SHA512
  
  aefab4cb613930a6bb225f6484f21591c5f6c5ed31b41dcc7ff079f8559373112bb174a4ebb48ba13f7e46ecbe6e8fcafb50b07729fa47cdb350418b5f72b843
- SSDEEP
  
  1536:ICyEt3BNqOhw+T+K7xelPScRZzZicAcDLw5:NNqWRTne/zZFAcDs5
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  OfficeMalScanner.exe
- Size
  
  122KB
- MD5
  
  e8e65e62170fae40391501a9ae2f64b7
- SHA1
  
  3badac9b841c90a9398102f67914bcb595374a6c
- SHA256
  
  6f74145fe6fba3cb4f4d113ba2103eb88cd3c0ada37f868a5fd08e4b7d9ed632
- SHA512
  
  a8247439e61729f1ded22d7ff8bb76599c55492e53fbbf9e2f3e9d8706cbb35f64da084a09f7282ef3440813a19ec6dfdb8adde6653f6193f454aaa12fd485f1
- SSDEEP
  
  1536:vZd3G3GG3SUNvSObKnxIt5ZsvQkvHOMH3n3vZAJtPuh5Ctqo:v/ARNvSaZsHOMH3n3vZAJtPuh5C3
Score

5^/10

discovery upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral10 behavioral9
- Target
  
  RTFScan.exe
- Size
  
  96KB
- MD5
  
  637794e0d1d4fbddc4533b6fe9732aec
- SHA1
  
  9045eec0e438aa21b550e1ae23912b080d43ab0f
- SHA256
  
  8ef618f41c4edd3224fed137b114c0c57eade1321cf6819921b6e9fa3e4f20ff
- SHA512
  
  fe7d391b09d926fa3d563250ed7cb0865fd8f33eb7f4543f88ead0d30be743a5344649729036cdb16b94eed3a136ab6a301e74beec9befb648fbf9bc86dfacfa
- SSDEEP
  
  768:r7ld2oS+IrbCuisIg54P0EqJFqslRS9UN6UxKbG+xHMNL9hzV7tGHRVOPd5P1Ie:dwOuisIg5Ku3XlRuMnobG+xHMfhzG85
Score

5^/10

upx discovery
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral11 behavioral12
- Target
  
  Unzipper.dll
- Size
  
  11KB
- MD5
  
  cfd39c43a7cd8b92fd003a112dd37d0f
- SHA1
  
  27a5895045755be9dc88fb9845d3f62a2d883906
- SHA256
  
  0d82d5119894ffa028041c07b11a0a6a787612407325b2d7cabb4d58ec5e94f4
- SHA512
  
  e2e002d0301e762f342b71fe63e0917dbd320eb388fb323b5881140af1e6b39d6a1a31c2d474c61357286d36a973edc453f9912ec670122c89f719ebeba3da61
- SSDEEP
  
  192:Cm+SHL24GgPoby3NRUog/O/gjho2aK3Mlg7Q8epu4NQjHRlVD6:D+uk6omLgjraKsS6uZlVm
Score

5^/10

discovery upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral13 behavioral14

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14