6e8a08d6caf0e0ad6a555da452f403b0bcf2e8fdf8f968130eda3686a4e1555f

Sharing

Copy URL

Twitter E-mail

General

Target

8f03f7ee05c78eb5fdabb6df801a9f76_JaffaCakes118
Size

4.7MB
Sample

240402-rp15zsda62
MD5

8f03f7ee05c78eb5fdabb6df801a9f76
SHA1

e64d150e76a7f389f928c8632e8f5e04637150bc
SHA256

6e8a08d6caf0e0ad6a555da452f403b0bcf2e8fdf8f968130eda3686a4e1555f
SHA512

8ca3068481fd97ea2fdd87c55ac22c4b0028624f4f8c1a3c398c402abaf9f886be8c68bdba36cea779243e30eeed701143e68e852c5c6023b88ebfaa014829f4
SSDEEP

98304:dYUYX7LFEp/niZuZMPcvCxcuyrO44C34GrrrvWN5j38II15CjB2TKR:dYPLFEptZvxukDZ34eWPjMN15cB2T8

Score

7^/10

Malware Config

Targets

- Target
  
  599151.301.25077.7868139.LNK
- Size
  
  561B
- MD5
  
  57050773638b46dfc5f60930cd1cb266
- SHA1
  
  3219f88ea28c525eb35050939d2ecb01d6fa7282
- SHA256
  
  7ae01fd7aa0b5898eb36548024f2cc8156216322ea6402eb8f04180adfc9539d
- SHA512
  
  181885faf9a655befaa6755fd003fd674e1ccf201c6718e9693754f4d5704230d62982430997b9dd85eee9f9139997cd67ea7c9c171f91f245eaa497e9796712
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Drops file in System32 directory
behavioral1 behavioral2
- Target
  
  TUP32980638916Y/ctfmon-dll-decoded.dll
- Size
  
  182KB
- MD5
  
  23b14120aecb4d67d836727c729340d9
- SHA1
  
  225be6cc75963513c72b394180a1bdb5418d9a06
- SHA256
  
  4af123558afa33de6944a4766fc63c6ed31b661cda5a1162f89e8f1edec0b0fa
- SHA512
  
  9be95e1e489e92967de883bbdf4512b2c9da556958f12d9c3c516bf6d5115c60a6d2a0549b9c0ca5b5c600ae213bd410e8273eecaea334025b591cc4779f96f6
- SSDEEP
  
  1536:leKfXcBeQXiQrJY+Brkk53AgZeOGTlbR30oNdJWc6FPfwnS3c1NwGqbQMgsjinUI:gKd8OMIOGMEnYs0iIVZuqDSo7Cp
Score

3^/10
behavioral3 behavioral4
- Target
  
  TUP32980638916Y/ctfmon.dll
- Size
  
  321KB
- MD5
  
  e70e1fb9248f0924d9498f0cc600acd6
- SHA1
  
  fcbefd7803a0be915401c697612fda6db5316502
- SHA256
  
  68607e0043c83b83ab6653476ef90aff1d42812e2a6cf7e39149a551f63efb36
- SHA512
  
  da38c20cc95c7652411294f700fc6e1fd5a4f8cbee973de7b11e5bb7dac01c92a02457ebc37c892e0b6fe8e85c78f3280b2f1b84bc01dd462251802a0eec7b5b
- SSDEEP
  
  6144:OH/+9BleXV0WSlQ3tKclZX5sOlIO/GMiVyl9I//WSN:ojM4KcXX55IO/GgW
Score

1^/10
behavioral5 behavioral6
- Target
  
  TUP32980638916Y/ctfmon.exe
- Size
  
  872KB
- MD5
  
  c56b5f0201a3b3de53e561fe76912bfd
- SHA1
  
  2a4062e10a5de813f5688221dbeb3f3ff33eb417
- SHA256
  
  237d1bca6e056df5bb16a1216a434634109478f882d3b1d58344c801d184f95d
- SHA512
  
  195b98245bb820085ae9203cdb6d470b749d1f228908093e8606453b027b7d7681ccd7952e30c2f5dd40f8f0b999ccfc60ebb03419b574c08de6816e75710d2c
- SSDEEP
  
  12288:6pVWeOV7GtINsegA/hMyyzlcqikvAfcN9b2MyZa31twoPTdFxgawV2M01:6T3E53Myyzl0hMf1tr7Caw8M01
Score

3^/10
behavioral7 behavioral8
- Target
  
  TUP32980638916Y/ctfmon1.exe
- Size
  
  870KB
- MD5
  
  82d2590bfa019845cbdd670427d31674
- SHA1
  
  5b96ae15e9d3e0db2ebd4d94c930a39bf1829afe
- SHA256
  
  7d361e62e333b2ed467505025fd04c75b63c6aca9b15dad6f76adc8bd1deadbd
- SHA512
  
  8d071e78cf1db6d8391b567e64a04e42fd0b83bab3b2d3af729899b41a92cb7068576914a63fbbd3af3601d74a49e9620bab0a6788c13d4dad6319ce837380ee
- SSDEEP
  
  24576:FAHnh+eWsN3skA4RV1Hom2KXMmHahM065:0h+ZkldoPK8YahY
Score

7^/10
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
behavioral10 behavioral9
- Target
  
  TUP32980638916Y/ctfmon1_.au3
- Size
  
  32KB
- MD5
  
  252e0eb89a2db92371e656bd27f6159d
- SHA1
  
  c079f873fe7cbfe4f997f826f18ab9714e746ddc
- SHA256
  
  0f977614e29c69399e36c2adab87e671c132b371f61bad3a876a2c5165872e88
- SHA512
  
  b6a9b70991d1a832b47dd7446a7704161ec8d498c02ff1c53eeceb6d50ec9831132b8e4f262cad8defbac32cefed056300f975e8b4f9e6b31389e75066db75c5
- SSDEEP
  
  768:w6P2LLXfXcS4C838XhiTpRoD9q96/gbeUVF7wsgc:wFLLXj4f8MTDokwsLhN
Score

1^/10
behavioral11 behavioral12
- Target
  
  TUP32980638916Y/log32.dll
- Size
  
  849KB
- MD5
  
  5940e289c6b12fc210f02827ae95e679
- SHA1
  
  05b3480680a0916fce0efdff04e0747108d020d1
- SHA256
  
  a468044a374a872732928cf9f1814b7e26dab28e381ca43a8ccfa54a2c67eeae
- SHA512
  
  50955647265700e9273099e5f0069b498f7ee18bb7fb4fe022dc8cc221e0e919f7f6d37697181dece4ab68daa533e58c7130d2207299380e6ebfd93556809905
- SSDEEP
  
  12288:sMNAxBEbeSjrXclVrLbbmme4ftzI49afudh3vDslV+icmSkZnT6LanG2V:WqeSjrXc26zIOh3v4lV+ic1k/rV
Score

1^/10
behavioral13 behavioral14
- Target
  
  TUP32980638916Y/log33.dll
- Size
  
  4.1MB
- MD5
  
  3817ad8b2378d21659bba745d25733ae
- SHA1
  
  69e2b7b6e85ff68a1c6577a8730804017cdf3ed5
- SHA256
  
  13f97b7a9bded8da6d67bd1c22eb32b7c95646f35dcb95cb8e7e49e5a202cff9
- SHA512
  
  4644d903a1cee272318a7d9185d2dd6bf6e0fdf4ff414d3d1d4c06e7006d9c12af5cb4077969065726ce89af6e54fff4746cddfc7d04442bd32969d7fb0c8904
- SSDEEP
  
  49152:gemWWqogqE5BW3dCFNyG1z1GwVGZFhMLl1YBDAktp6Wb30njr3zZVv8zpdg:NLogjwNCbyEz1bY6rYBDXGrjT8z3g
Score

1^/10
behavioral15 behavioral16

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Checks computer location settings

Drops file in System32 directory

Checks BIOS information in registry

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16