Overview

overview

7

Static

static

7

CFyzwgSP61...��.url

windows7-x64

1

CFyzwgSP61...��.url

windows10-2004-x64

1

CFyzwgSP61...��.exe

windows7-x64

7

CFyzwgSP61...��.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1898b7ec07e1cdc844af1da354ab15cf_JaffaCakes118

  • Size

    2.1MB

  • Sample

    240628-dvqpjs1drn

  • MD5

    1898b7ec07e1cdc844af1da354ab15cf

  • SHA1

    03fd786fa79cecef90f695d994709969f033f25c

  • SHA256

    f6ed1a57eece0eb34d4a45cdd4bb058238a403fcdf8c27f172415188d35575cc

  • SHA512

    1a9ece98dd573101d64128ff1fe2e8b81586f07a8b4586b067c83006c65ae4cb64ad313ac3f35233cab3153de3cc45991aabac77a591666f5bb042e390e9c3a3

  • SSDEEP

    49152:zkwjuoWgwE3EdBXhPagUEti1lKubMV1Z3SDmTHZW5oA+dN4yfIXBV5:wwju9gP3Atv81lKubM1Si5i+nhIn5

Score
7/10
vmprotect

Malware Config

Targets

    • Target

      CFyzwgSP613/155绿色软件站.url

    • Size

      219B

    • MD5

      3a1f2a8a3ef08ae269517a69ea918b2c

    • SHA1

      7d2e6719702bc8472e045e010efa6ed3f7df4b5b

    • SHA256

      66eafefa8bb0155e60828476bde6068573fe64a4fd0aa052eba074dbe85d46cd

    • SHA512

      22203a78192cadc02d0f887247675925273a69e3be82ec1a331197f892216a282cc8f37c3ffbfb578a708244181037277b8cc6a40d8ec70cdf0feac5d80f8576

    Score
    1/10
    behavioral1behavioral2

    • Target

      CFyzwgSP613/影子CF辅助器.exe

    • Size

      2.4MB

    • MD5

      907870fda8ec4b9fee421e54cc8999be

    • SHA1

      27381263fa9234d91efd278b23d839a4d4ae68ec

    • SHA256

      8f22e7aaccbf2e18292da1d73914f496c8edc708780b4ae330a42e308dbc97cb

    • SHA512

      9186f7246d56d0a644911ea3f1cd77671c25fe9561941a6f7daec468b3b24074b076fcd362bb14ea46e3cb71b18d20c080cb86aca5e4ec4e6a6c93d818b5f6b7

    • SSDEEP

      49152:9VuulQ7NjAcJuL71O9KAAwIGL7d9mula/h8DbSYjHd3kwo3aXms5BXPeo8Z:9VuulQtJuL71vwIGL7d9llnuYhwbGBVW

    Score
    7/10
    vmprotect

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

      vmprotect
    behavioral3behavioral4

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks