408788edf56d330b9af977f1618a0207fd53cac5fbfca353b7b950907b87215f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

409441d818ef3bac76e3a40032495f4d_JaffaCakes118
Size

3.5MB
Sample

241013-sm6hcsshmf
MD5

409441d818ef3bac76e3a40032495f4d
SHA1

b35322693b791d46f9e19b7a139415d6ea9c7ce1
SHA256

408788edf56d330b9af977f1618a0207fd53cac5fbfca353b7b950907b87215f
SHA512

bb5b72a863a436f4f8ac7962156bd12751c26a3bfa7d521db5cf5620c92cffc1c4e7672025c4d91d71529cddf2fce081e8079739676105aee855f3dab9ffbe4b
SSDEEP

98304:4izVv38bt5ECOQKlTl/rsQKP+PB/5bRVchctMG5i:zVq8TlThKPq5Qhc6Si

Score

7^/10

discovery upx vmprotect

Malware Config

Targets

- Target
  
  VK-v33/Skin.dll
- Size
  
  90KB
- MD5
  
  343a0dd8583bd6d9c54cd55e123fa190
- SHA1
  
  57e7ff6d549d5e4ff37cf9c1d5c6ffb1d19451d4
- SHA256
  
  4aa1d937eff6fe54bcabc5a30f79ac2b4a60c91fe0ed4e5b4b66855ada144908
- SHA512
  
  c9293b0eb0877cee244c4c511b774ca596b7bb01105e32f7eb7bb11fc811d51bbd1bf356f163374837e80a69f2621d6771e4d03ec6c4bad19652154745718e00
- SSDEEP
  
  1536:QnimkAvYjZQrxE6jgaSwu/FNpWy9Q6uDuZNBSQ7c/zD+L9YpVuBbqoWuK0Es:QnHQZExnjgaSwuNNpJy6uDCNh7aD+hYO
Score

5^/10

discovery upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2
- Target
  
  VK-v33/V.exe
- Size
  
  1020KB
- MD5
  
  e28447d363cd3ac4572b7e0f0f327d1c
- SHA1
  
  7db5dfd968b7e9454199245ab773c15fdcce5232
- SHA256
  
  66ed8e3d717c8952e529b4fc504b409d1be4fc363e55b4431e09a7e7528b15ac
- SHA512
  
  8ada18bdb4c1fac967a46cb5934267597047687103b23a9af534bdc87d07794e61bc21965bcbfb1f30c23b963d9a41b9a53495e1bc738d6eba3c6f1c4919d2bb
- SSDEEP
  
  24576:HJCYwNNL1mXiUPCna1vVWX7Ro8KkARP6/hKiyzLk86sdj8:HJnwN09anIYu8KbC/hi0866A
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  VK-v33/v/War3Shout.exe
- Size
  
  34KB
- MD5
  
  5379ba27f462d4d0805461a9c5f7d638
- SHA1
  
  2ef57fe4bf6b021392d223b17c596b2cfaf3e1dd
- SHA256
  
  d188663c4cb249c3af45c6cbd31cc01f0a2be206b95c8500e2a96db26134e781
- SHA512
  
  09884f62784b15c52252dc4789feb6e0d72161e397433834ece06817ba563d17a3aed003ae53f87964075dff3a13d9b3f55fdd45bfdbf7b354e82bc6a405eb2e
- SSDEEP
  
  768:8/5yKouxljKvAaowrjZKaQ/qYnd6Ck9xg+nBZH2MlwWe:65VouxljKvZnZHNdWMOr
Score

5^/10

discovery upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral5 behavioral6
- Target
  
  VK-v33/v/pe.dll
- Size
  
  15KB
- MD5
  
  9fc93047d88741e9d5382dc7309f7379
- SHA1
  
  a8a237db66e374f9ed798e481678f9d5f8f80a15
- SHA256
  
  7fc33b4e2d7e4291a4599ffcbefe2e5772e3d53fbaaad32b54f10e8aada953ce
- SHA512
  
  86c181aad81a33cc243142ca0a2217e9414ffb5f5769d0538e9522f226840c94cf14ee3c71dcac2365ee6da99f81713cb32478abdf0312181c327aab34404325
- SSDEEP
  
  192:sDi0J0YW6wt5yZ7H2/UC1aADEprQtUYd7qQJIApg98fbRAQQ/Lt7qozp5ZinaxCV:s20X1Z7/C1BEprQtU6lBDRi/xOhag4K
Score

5^/10

discovery upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral7 behavioral8
- Target
  
  VK-v33/v/spb.dll
- Size
  
  2.2MB
- MD5
  
  11b58838ba62255863307a8942f89c59
- SHA1
  
  88a747ac9b514b7a55223175109fdc4cf24da66c
- SHA256
  
  b3be74db827f596632f78b452544791bdec39e146b090d3124fc666c0bb9787e
- SHA512
  
  311f2f6982a07734c557abaed19ff7fa0fb15a8ffa98ba7874a790440c5efb5080c05460c2606475711ae2b4529bf8096aa7f5a9cd709cf0f42f713b75528925
- SSDEEP
  
  49152:FLqehmLXd6ajt6RVLRkAfCpQxxXButgaMMG+pTMwboYBibl+0Ug9OdWoOAf9aDQb:V9GXd6ataBeQxxo2rMG0TMwcYYblb9Op
Score

7^/10

discovery vmprotect
- VMProtect packed file
  Detects executables packed with VMProtect commercial packer.
  vmprotect
behavioral10 behavioral9
- Target
  
  VK-v33/v/update.exe
- Size
  
  208KB
- MD5
  
  ab4253a5f7efab87559debc997162b16
- SHA1
  
  70717ffb2afc47dcd27024ed73f5b53fb9983bb7
- SHA256
  
  ebba48bdea17a07d7a9e8f52598c4b857001ca7d0f97b530ffece5047d2261f9
- SHA512
  
  093eef3075e7d580db118c181776e5626543e1632ee69feaca6f3c516644d9502225f530f6479ecb3446b26d3ce785536ad12118a2c48ff940afc8e39f78d36c
- SSDEEP
  
  3072:4Lim2ryQ5cVdWz7CG7vKuMUfbmVDGuim2ryQ5cVdWz7CG7vlL:uqyQ5SdW5vWUfbmp5qyQ5SdW5v
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  挂挂一族.url
- Size
  
  116B
- MD5
  
  238a33a14384fc7729baf6befd415536
- SHA1
  
  b2655a16b677ff0daa1e1ea6e4d64a31d1493d12
- SHA256
  
  abd02b72fd2fdc9948e51e64652b57a5452dad185a23a602f4090ba488894534
- SHA512
  
  c917ec7d57712e50fe60cf16a000ecf63d9e160705280675c61aec4acc2a602fc83971df85392ac951e121aacd4511622fc65aa3e498f4a75fb93cd27bcc1fa4
Score

1^/10
behavioral13 behavioral14
- Target
  
  牛牛牛电影网.url
- Size
  
  117B
- MD5
  
  7d64f84fb048fad8e3cf7dc7c20f926f
- SHA1
  
  fe0e91fcde266ebbee494140b58b48b3b8c25d97
- SHA256
  
  5796d61785ce9f34733d3418ba43c86169c46373c204e4425f95ae14af1b7bc1
- SHA512
  
  61d6bbff29f70ec77e96c1dd60c6f07593c6f1f4074f96fc66b2230c6b4cabbbd6b0f2b3176504b043fbf432955f15e4ade699b7401d7204a52b5921b52ea795
Score

1^/10
behavioral15 behavioral16

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

discoveryvmprotect

behavioral10

discoveryvmprotect

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16