7830cc6b5e9c4caf132201538fa0b8748aa75c457e0fc03664b18d74382ea4e9 | Triage

Sharing

General

Target

90a2341fb8bff0c710e5d1747c5674ac_JaffaCakes118
Size

357KB
Sample

241123-ztlj4asndj
MD5

90a2341fb8bff0c710e5d1747c5674ac
SHA1

15c5ff429d6a9d605e5bf864ea69b29c1072cd31
SHA256

7830cc6b5e9c4caf132201538fa0b8748aa75c457e0fc03664b18d74382ea4e9
SHA512

d1e25115dd4a343b57b75e2b1f54ab408230dfdb2547b4186136da9dd21d37ca13c438d079a504eeaab907bb8ad5cad7affbcff0f3d8b483c74e754a8684f1b9
SSDEEP

6144:YtL1BOAxh/uE9HQcnncypDr2CoRlM6yZKjByV8LauWBox6Hf0GtFyBytcgLK1:YJXO+39dcyRD/07Laxo8tFyB2cgO1

Score

7^/10

discovery themida

Malware Config

Targets

- Target
  
  wjtfxgq+4/《玩具防御》修改器.exe
- Size
  
  691KB
- MD5
  
  6e4e7078f13c82c204913adbdffa9638
- SHA1
  
  0e6015cfe042b2251532063ce9854f2b4854ef2e
- SHA256
  
  5c4d7cab76598d1f492445b6f17324dda297adf9f071895cc6c27f6c0376b5d5
- SHA512
  
  40defc11641bb8a94876296ad2d4884cf9cee6f6826295ead86b5041136c131c051ec5a82236bd7e07f81abac1770e34519874a88856970789c7f7ffae084a44
- SSDEEP
  
  12288:9EDCJJDXb8qWvvMyesvleMkWzChpBTfgYvVHcgwSuLfKtTZ:9mQGbvNvjkJPKu+lvW
Score

3^/10

discovery
behavioral1 behavioral2
- Target
  
  wjtfxgq+4/最牛的单机游戏下载网站.url
- Size
  
  76B
- MD5
  
  f3a3a75babaac3ba5ed8dddf5125d76d
- SHA1
  
  6e3c39f915ca393a6c88b8c67f74d7f1902fdcd9
- SHA256
  
  eeb0f36f0d854bd9d61dea51b517098ddfae007389935a40343c1a2a3173d6f9
- SHA512
  
  6d63e964b2c3a96db47072d4f53cb91e077081b4ab0764c1c1aadb58c0ddb7b79487e31cc7d7016055c78db65717a2471d1aacebf292388b30ddbb7ced96cc9c
Score

1^/10
behavioral3 behavioral4
- Target
  
  wjtfxgq+9/ToyDefense.exe
- Size
  
  123KB
- MD5
  
  a546b4c7af02f0c4874e811f75f14f26
- SHA1
  
  eccf45a601def958920e005a2786e98cfbba88e6
- SHA256
  
  ce3df12d2208c6f4f2a759b149f212f0b5fb82e32dae90c2f86811e48c59feea
- SHA512
  
  31dda827fdb2516131f30d680bf2fff1100ee5cfae0e6ae297ada15e9ea415608a10a18eb7cddaaf4055405c27f3d2095d531e7656badab5f377568279165a28
- SSDEEP
  
  3072:et4tf/vSmzVsnEyI+Z8YtcJ5bL+FrtlzXeixfyLAnZ:eq7KEpCt7zDxfbZ
Score

7^/10

discovery themida
- Themida packer
  Detects Themida, an advanced Windows software protection system.
  themida
behavioral5 behavioral6
- Target
  
  wjtfxgq+9/最牛的单机游戏下载网站.url
- Size
  
  76B
- MD5
  
  f3a3a75babaac3ba5ed8dddf5125d76d
- SHA1
  
  6e3c39f915ca393a6c88b8c67f74d7f1902fdcd9
- SHA256
  
  eeb0f36f0d854bd9d61dea51b517098ddfae007389935a40343c1a2a3173d6f9
- SHA512
  
  6d63e964b2c3a96db47072d4f53cb91e077081b4ab0764c1c1aadb58c0ddb7b79487e31cc7d7016055c78db65717a2471d1aacebf292388b30ddbb7ced96cc9c
Score

1^/10
behavioral7 behavioral8

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

discoverythemida

behavioral6

discoverythemida

behavioral7

behavioral8