General

  • Target

    5021940f2b2512b21c6bb75840c3aeb7_JaffaCakes118

  • Size

    1006KB

  • Sample

    241017-bxhqlsybqn

  • MD5

    5021940f2b2512b21c6bb75840c3aeb7

  • SHA1

    723c7f4b7411016f0ef10b54769c746a97e96718

  • SHA256

    a23129d44d76c4fd6db18d478058ce9466a56af78bb84fb5bcbff4be6e1ba161

  • SHA512

    3e4372af1e4913b95e8dc115c279d6c3f888f3b9f4808ff5a3718847bb1898b3713a4c2101fd73178ecfe888549f01c4485b1c8e40dbb65f972d8d88ae572c6f

  • SSDEEP

    24576:XfJ9MSMiVApT3uj38MnmH3NfHOjmUkUKYZk:X5Vq7A37nmXhuyck

Malware Config

Targets

    • Target

      三国注册网站修改版带教程/Aws.exe

    • Size

      780KB

    • MD5

      b6c542d26b50ef92819b8bde6fa2d8f1

    • SHA1

      bed75236c5f043b0e101be739cd3daa06c82dea2

    • SHA256

      af2b944ff0622c0f8fa19d8986764cd539f929cba4a9efc61353676eef692157

    • SHA512

      574b2501fdf48e4400999224bf7245113e043c531684724759f65840e83048f36c2ff27318a6fab5dc45ab49e292e272b7001c866570b72eb214971401775073

    • SSDEEP

      12288:ZPO/UpmKINbTpUKDxU7nrLgpNCB5Vr3UKcyQpydB+5uzvpCEK44lvan9t2CS:ZUKIpruD4pEmyvBAovpCEKvu9tQ

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

    • Target

      三国注册网站修改版带教程/CheckCode.asp

    • Size

      1KB

    • MD5

      81b095418274fc2133db6ced3a1cb3a3

    • SHA1

      393c1275eb288899989e37249fd6f003452e3e4a

    • SHA256

      92892d206aacd75268d6329e91f2895eb2ea006fc458067ddff2d47c69cfe6b3

    • SHA512

      1a857dca1e0afc99c39b5fa0d71ec1b51aa4dd36960ef7c8c240ff41069f386f12a864fabc6b7dfc41c2e9ed9ad88679331563c9d68ffa7054b37f20974a0c52

    Score
    1/10
    • Target

      三国注册网站修改版带教程/Images/objectSwap.js

    • Size

      7KB

    • MD5

      219ffb227021e00d4fd155671a05e0c8

    • SHA1

      856fd3de57b16008da565598c45c94dc21b534f2

    • SHA256

      a858d5e537181b127c86c2ca3375e9f63860d0ff45759846d44537c382ed95d2

    • SHA512

      f67428f2fd92966e395a153e16853f7d779dea6cc1768576e1ca48ce01fca93580effef52b696163b58a805deda7adb8121c708633cac8d48dd1b3692593b992

    • SSDEEP

      192:zdS47KFgdXhOAyoIt1B72WwNpsMgDGSkdeSJAV1Ae/:Bxw/972O7S41T

    Score
    3/10
    • Target

      三国注册网站修改版带教程/Images/tab.js

    • Size

      2KB

    • MD5

      f39b8a7e19cbc2e87d0f22fcea031369

    • SHA1

      71e08778a33a0ac141d84002857e16af97b15de1

    • SHA256

      166a8bd1aa367273970312c6a735dcbbdccbc3d7fc08a98c2be3cbd79771e35e

    • SHA512

      733e6af2ca959e0425024ff9d8a8265f369821d76e3205f899b040f363d3f4e56671f181632553a540a78a2dcf7f75aec21b2aafdea5126de188f579c3d4f694

    Score
    3/10
    • Target

      三国注册网站修改版带教程/config.asp

    • Size

      346B

    • MD5

      fa0552bbd02a8c4290f5e708fce23df4

    • SHA1

      89c0ff1e580630bea458c6e5ad30c2bf970f9c47

    • SHA256

      f1d0b3895ae4e7ce9b093b83de00e494611bf8a02cc783718a53120ac5d234a7

    • SHA512

      fe644f7c4285b01abdaa9da97e129c87b32bd9e61bf2629bb90627f8a9c4aa5394ce4a8f9260b268c111df70765e10f77cc5d1f2c771c539c505e6c20e02b19e

    Score
    3/10
    • Target

      三国注册网站修改版带教程/conn1.asp

    • Size

      371B

    • MD5

      0bafd5b2d02aec5f1fe64f8b84c13901

    • SHA1

      9ea79f36f42b4e54cf4dc6d6377612b0f2507a38

    • SHA256

      7bee8391e4e6837fb2d72d0dedb9e037338956c409865c4a7640512b8ed0cc48

    • SHA512

      3c3823121211965f15aeb99b9281e25f57a90e07abcaf4d5aa6bdebb2df271746c22dfe39cbeffdfaa51a64758337b9eb4b5fe9ef398c24c079edccefc63a296

    Score
    1/10
    • Target

      三国注册网站修改版带教程/end.asp

    • Size

      786B

    • MD5

      e60710697ef628650861e7717b096fc3

    • SHA1

      4d675c698dc1090b6c0bb3c76dd48fef7e489dd8

    • SHA256

      7ee8a65fae6e78ca10b49328e673de7394d5e134d9ee02aa6274ffcaf69e88a8

    • SHA512

      5f8778a19bfc70a6aa7945ea405afcb559261e73b595c33c92f35b22b6bfdae8da083b75adaeae39c9c3a9571a7e5642408a38a921eb3b9b450f96cbf3ca990a

    Score
    3/10
    • Target

      三国注册网站修改版带教程/head.asp

    • Size

      901B

    • MD5

      c9dc2dd2e5003dd3277c6fa66927900f

    • SHA1

      d0d7a4280e017a33d6ff9c8222901a3b9caba0c2

    • SHA256

      63232befaf592c6c616e218bc015635dc06ebd1a212d4d71e003e02fb3c3ddf7

    • SHA512

      551f8e75434b7cdea2765dfa3fb2ea9e9ad52ce767daeb169ed78e0307ce91413a6614c3ef197faa585618d5f2de8a26254cd41f000ba050adb8e0e8ef6bb6fa

    Score
    3/10
    • Target

      三国注册网站修改版带教程/inc.asp

    • Size

      10KB

    • MD5

      0f5d385cbdffe0856c5e178619cc3296

    • SHA1

      f4064a64d6decd8e6d0cf15f476466019f012477

    • SHA256

      4268ac9d2cb52fd2b36017a27a9ec83016d54a4e4018cba1ae054172c5682e0a

    • SHA512

      1220f245e44d7093ff5ee763eec0504a9c9a159c6390b369df88ef0049376d6574aa08714d80967ac9875700767174559971b7b0f7ab2bdcada2ff8d92f211d6

    • SSDEEP

      192:+hFq2WPOB/oFL/TnLMQD4b6gIL1bWzZ0/f9vfiN3VOtxitm9s:vOB/w8advKX

    Score
    1/10
    • Target

      三国注册网站修改版带教程/index.ASP

    • Size

      991B

    • MD5

      085b5b4283e400d119ac18e986127056

    • SHA1

      15a367676bca079b64e632c5d058937a10b1b4b8

    • SHA256

      144805e9f2de5f430268bc08e2cbe6fa9fb3adf680fe112b03468b110affd954

    • SHA512

      619a17f4c5cafc3341d4e9e6cbb0eb77e80b521258b6ac2388542e59d42d1a1de79e9c162c2cec6b019d72e8bfe01402b817b2fb914317cc377f6c015f170b31

    Score
    3/10
    • Target

      三国注册网站修改版带教程/md5.asp

    • Size

      11KB

    • MD5

      ae29ce4b5c373ce4aa57a4ba058aa061

    • SHA1

      61093c8c0dc5e79bc2d9d7f47151db76179a1339

    • SHA256

      3e307e9ddb1bf6e5c0d8354705c88da0d9c9a80f2b8afee7b118933895c1fd5d

    • SHA512

      58f69f2c448cde9ddadc3e032d8486842b9975adca28e7e7eac14e5cbcefaec72399e4ea2d0b25f9c5ea5a7ad2525b40606d43f2cbec0db7b28d105b19bc57c4

    • SSDEEP

      192:fvioOa+9Y7D8MzYn4zVnt0y7jj/+jGguhFYv0VjoVM4eaaYxkZDMq:OSFh7OgFYvWjoVnF9xKDF

    Score
    1/10
    • Target

      三国注册网站修改版带教程/msg.asp

    • Size

      3KB

    • MD5

      2c3fb27e40e5f7886fcb1de65ed45ec4

    • SHA1

      d16b6ef8f49dac439793f67c49ccf29227e567a2

    • SHA256

      0119a4a0c4210a24f5c6c8d66be47f4134f0f5e138a14c8775ef3a42a5bc3a85

    • SHA512

      34de36c31ea77ad7d2c01ce5e9c00ed032ab36f7aed2331f5cc5d050ebca40790490e44157bbb5cfb855f9e59e6c793dd35572a23fb3d8bcc371e95d2a56375b

    Score
    1/10
    • Target

      三国注册网站修改版带教程/nopass.asp

    • Size

      6KB

    • MD5

      e66eb6a618b2c5d309552adf301eb5a7

    • SHA1

      2fea5bbd5d262e3109ba347216203607c2d328c3

    • SHA256

      7f216e56b42e1687b60a45389accf2b3b688e92c8e110892fb570b740bec2abd

    • SHA512

      1de1d505fb226923dafb7728d8250fbb3d5f6e624d54bb55e152d9c9e18cb65b165fca5064c3ad17695e8c2cf14ac907c78758e3a3e09d08e140478f40a31c50

    • SSDEEP

      192:xILxv8uRGEIER9VjYqUPTnjxfIEIEMCHi/39yNbXyI:xOJ/IPr9Sf39O

    Score
    1/10
    • Target

      三国注册网站修改版带教程/reg.asp

    • Size

      7KB

    • MD5

      c90e423d557d7b3e13591d4b2563431b

    • SHA1

      7c7a20a9ff1eb6f4372a98b64632e82599993acc

    • SHA256

      f15e7a17378563eba38eb97dff660edd98733c12167b969ef23513fc5bfda6f6

    • SHA512

      cd427ff06585ecb22cee62358f536baa6215719db96bd80c54ab098d9988fadcd25181c33f346cbe51a0a1bd4acff2bdf66727d1d1a24b4565cd35ed0e637666

    • SSDEEP

      96:HiY/LRuHIxGg8tvlyASzSwu4tKcwuWeuEukqUPeynj9nlVCDXVKhyxmxxI9QjrDp:HiY/FLxv8Ty7dnqUPTnjZCDlKhVrIS3F

    Score
    1/10
    • Target

      三国注册网站修改版带教程/传奇私服,传奇外传,无忧传奇私服-新开传奇外传私服,传奇私服发布.url

    • Size

      150B

    • MD5

      7bfb1abe078a6fcc5a6b447191a2371b

    • SHA1

      b2da3d265091c73aa232dcdf39c357f72732ca9d

    • SHA256

      512f7e53f277253bc26b52140657e82554ad7e9117665f95d22215502e96b819

    • SHA512

      002d569b535646c3dc533fb5a440455b958e9f2aa79387ef075a4eb06098b0929ceb7a618e9d5f69299fd360de673a4fdc70d136622d8cf18da2d0a33c94ad8b

    Score
    1/10
    • Target

      三国注册网站修改版带教程/全国网游站长交流QQ群开通页面--加强互动沟通 无忧网游资源站.url

    • Size

      148B

    • MD5

      453d512079f8ed1c58e185d753835ece

    • SHA1

      74b8d847b6c882a78697947630d0e133322aa57e

    • SHA256

      10e551f11df447bb6e6f02df3b710c6d498267b7bb0c6e37185ecf8ed16e49cf

    • SHA512

      dc2ae61d3ac58f1a75a3f69290bfdca605a712e38dfd9786ae47fd35b0f07d2e9f3411cdd2ac40e7aa9909c300544287faecb3a09affc4ccc0a28cacb00575f7

    Score
    1/10

MITRE ATT&CK Enterprise v15

Tasks

static1

Score
3/10

behavioral1

bootkitdiscoverypersistence
Score
6/10

behavioral2

bootkitdiscoverypersistence
Score
6/10

behavioral3

Score
1/10

behavioral4

Score
1/10

behavioral5

execution
Score
3/10

behavioral6

execution
Score
3/10

behavioral7

execution
Score
3/10

behavioral8

execution
Score
3/10

behavioral9

Score
3/10

behavioral10

Score
3/10

behavioral11

Score
1/10

behavioral12

Score
1/10

behavioral13

Score
3/10

behavioral14

Score
3/10

behavioral15

Score
3/10

behavioral16

Score
3/10

behavioral17

Score
1/10

behavioral18

Score
1/10

behavioral19

Score
3/10

behavioral20

Score
3/10

behavioral21

Score
1/10

behavioral22

Score
1/10

behavioral23

Score
1/10

behavioral24

Score
1/10

behavioral25

Score
1/10

behavioral26

Score
1/10

behavioral27

Score
1/10

behavioral28

Score
1/10

behavioral29

Score
1/10

behavioral30

Score
1/10

behavioral31

Score
1/10

behavioral32

Score
1/10