01660548c489bfe36162a94718e70195ecbed28d2651bb497681c544306cf294 | Triage

Sharing

General

Target

8273ac6b373595f151e4958b9549dff5_JaffaCakes118
Size

1.7MB
Sample

241031-kbjkfsvcpd
MD5

8273ac6b373595f151e4958b9549dff5
SHA1

53443e79a44a50f8e008b56bb2c2d3640d2f7917
SHA256

01660548c489bfe36162a94718e70195ecbed28d2651bb497681c544306cf294
SHA512

1ed7bdfdb6fecc8d7319fdb1833358e077750d7778bfc77b820fcc84f409165082e63283b0ae843974cb18ca718b49bf27b439fcce60c5e84de688755767ecd7
SSDEEP

24576:f0DXukCu+3zck47zEIkgpoX+VQKDd0YtQzCg1GCp/4Dk6ZCcsKWNOR53gdiNU0Zp:suosIlLkgp48QzYtQFSbCchd3wmFXd

Score

7^/10

discovery vmprotect

Malware Config

Targets

- Target
  
  abc/炫舞助手V0710心动版.exe
- Size
  
  1.7MB
- MD5
  
  39a272179f2026a84f523beceb9d9830
- SHA1
  
  8772310503defd97556f5d41c628659c7ed62321
- SHA256
  
  ae1fdb0fd93d9f92ca02b13558d672b6132002921122394a491e6665f3023789
- SHA512
  
  56e95e95ba0994a06754ec6c2731f7d1859962fefeb035a9dcbb7e974854f64d84bd601a431acbc8ff48b097738affd4b72dda05699ab6aa73589d1aabeddfb5
- SSDEEP
  
  49152:nsOjYRHeDVePWpFujM7g/tUJw9vHqRruco3zdGYgd6FxGQZ:sOjYVeDV+HIs1UJSvUD+cB
Score

7^/10

discovery vmprotect
- VMProtect packed file
  Detects executables packed with VMProtect commercial packer.
  vmprotect
behavioral1 behavioral2
- Target
  
  silentoi_29065018_29.exe
- Size
  
  229KB
- MD5
  
  f568fb9875b08175080f59dcda8a6d8b
- SHA1
  
  1d15526bfd4ee989386f9036760873f7a3d1b82c
- SHA256
  
  a8b92f66b588cfe92aafebfdaf1ebd5a6736e5c66ea8dcd21a1201e9be00283f
- SHA512
  
  aa8a6590572d4a5397fe719add532e250d8ea80be9e315eb0b365b4f96c44c43c73ae5ea231296e11f75c517b6d732efb25dd865eef9b7fc6cace0eccfd97a0c
- SSDEEP
  
  3072:AjDwC/1s6DUrWSBJ6zStxUiKbVjbt2FYFZiEsliRJ+wIS/Tr/TpT:AjDR/hDUKSBlxU3b1xgYFUliRTIe
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  运行炫舞助手V0710心动版.bat
- Size
  
  246B
- MD5
  
  0346285b2fa0672dbb01a172f3c965a6
- SHA1
  
  a438c4fcb298ed3b93b2267ce975f6147bb147bf
- SHA256
  
  67341b8a6e0245939a754c72f377abbeea4c60ae389ff4f7cf0817b11f584fb2
- SHA512
  
  026a5d795b0afaefe723088b81f7d2ecc24bc03229a64a60905602d15f7f03f60ad391e2cfbb2a680cc77c2238287409ddc3c395010c3bb27f0d183f2b037c15
Score

3^/10

discovery
behavioral5 behavioral6

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryvmprotect

behavioral2

discoveryvmprotect

behavioral3

behavioral4

behavioral5

behavioral6