Overview
overview
10Static
static
71e8c1f3e8d...18.rar
windows7-x64
31e8c1f3e8d...18.rar
windows10-2004-x64
3CrmStar/CrmStar.exe
windows7-x64
10CrmStar/CrmStar.exe
windows10-2004-x64
10CrmStar/help.htm
windows7-x64
1CrmStar/help.htm
windows10-2004-x64
1CrmStar/index.htm
windows7-x64
1CrmStar/index.htm
windows10-2004-x64
1General
-
Target
1e8c1f3e8d0ca7a6fc980c486a7fdf63_JaffaCakes118
-
Size
672KB
-
Sample
240702-jswexaxarq
-
MD5
1e8c1f3e8d0ca7a6fc980c486a7fdf63
-
SHA1
1cd7c6ec620fcf6918d1451d5c63db335f784e9a
-
SHA256
fbb7385b196cfe0a7c6058cf93a779f34c95fd2c5fe7dc12852f333c821f2a21
-
SHA512
32798bbaaae34b73368df6157278ffa854635c851584c704b657546294d95d70ae8685676ef707da588e7c065c5ef8c03f2e99e2a223d4f33215f058a0f84db3
-
SSDEEP
12288:/EncKrG7o1Snfgnezyi8CRvNK6fDUmAENiytAcAnedKW0PX3aR8n97pzQ9:pgP1qfgnezX8oN73A1exkX3Vn9tzQ9
Behavioral task
behavioral1
Sample
1e8c1f3e8d0ca7a6fc980c486a7fdf63_JaffaCakes118.rar
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
1e8c1f3e8d0ca7a6fc980c486a7fdf63_JaffaCakes118.rar
Resource
win10v2004-20240508-en
Behavioral task
behavioral3
Sample
CrmStar/CrmStar.exe
Resource
win7-20240611-en
Behavioral task
behavioral4
Sample
CrmStar/CrmStar.exe
Resource
win10v2004-20240611-en
Behavioral task
behavioral5
Sample
CrmStar/help.htm
Resource
win7-20240221-en
Behavioral task
behavioral6
Sample
CrmStar/help.htm
Resource
win10v2004-20240226-en
Behavioral task
behavioral7
Sample
CrmStar/index.htm
Resource
win7-20240220-en
Behavioral task
behavioral8
Sample
CrmStar/index.htm
Resource
win10v2004-20240611-en
Malware Config
Targets
-
-
Target
1e8c1f3e8d0ca7a6fc980c486a7fdf63_JaffaCakes118
-
Size
672KB
-
MD5
1e8c1f3e8d0ca7a6fc980c486a7fdf63
-
SHA1
1cd7c6ec620fcf6918d1451d5c63db335f784e9a
-
SHA256
fbb7385b196cfe0a7c6058cf93a779f34c95fd2c5fe7dc12852f333c821f2a21
-
SHA512
32798bbaaae34b73368df6157278ffa854635c851584c704b657546294d95d70ae8685676ef707da588e7c065c5ef8c03f2e99e2a223d4f33215f058a0f84db3
-
SSDEEP
12288:/EncKrG7o1Snfgnezyi8CRvNK6fDUmAENiytAcAnedKW0PX3aR8n97pzQ9:pgP1qfgnezX8oN73A1exkX3Vn9tzQ9
Score3/10 -
-
-
Target
CrmStar/CrmStar.exe
-
Size
599KB
-
MD5
970c90814b1d3653862b0aca515cf31f
-
SHA1
a4a30a11336632777f299b678ff251b232ec9ca0
-
SHA256
35d4a5d6fbdc774b509b242ddd66b2a3d6e814fae5c8eb215843a3eb083fe0a4
-
SHA512
957a59e1c62d2926cc797129cc7fff5f19ba9e1528f119abc2726fedaa33d1b0998cf412a31586e3333a953497439bce3792108a0b5c929d40d736f73159d8d9
-
SSDEEP
12288:ST583zy4nHY9/926Z/aBBrSInCS/K5eKhUxD3ZjGELjjBUlXBxz:Te4nHYN9PN9IRicKED31vp2Bxz
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
ModiLoader First Stage
-
-
-
Target
CrmStar/help.htm
-
Size
9KB
-
MD5
5e9d1270e1408d74c53c9d8d86c8168d
-
SHA1
85ed8616833af86e37fd1102cd3399e3de11ceda
-
SHA256
93e9623356e156c01ece180c4236d7db4b03866cc919c95b98125b29002ed889
-
SHA512
3ac0b551d352e5aa5ced06f970e589c8401de6378cda4ba629aed7b82b28ffe2a51df8998f537c7845a0cadaeb1a99715d2ccea2f3e28ef36d049c6b6a122a90
-
SSDEEP
192:lZG2lZf3nBDDfSskSaLpZVHcK61Q1Ly6lEj1jTRic4cuBeacNHnaVJk24D:lzZf3nlspwVQ1Lh0jO0CJk24D
Score1/10 -
-
-
Target
CrmStar/index.htm
-
Size
9KB
-
MD5
5e9d1270e1408d74c53c9d8d86c8168d
-
SHA1
85ed8616833af86e37fd1102cd3399e3de11ceda
-
SHA256
93e9623356e156c01ece180c4236d7db4b03866cc919c95b98125b29002ed889
-
SHA512
3ac0b551d352e5aa5ced06f970e589c8401de6378cda4ba629aed7b82b28ffe2a51df8998f537c7845a0cadaeb1a99715d2ccea2f3e28ef36d049c6b6a122a90
-
SSDEEP
192:lZG2lZf3nBDDfSskSaLpZVHcK61Q1Ly6lEj1jTRic4cuBeacNHnaVJk24D:lzZf3nlspwVQ1Lh0jO0CJk24D
Score1/10 -