Overview

overview

7

Static

static

7

BleachBit-...es.dll

windows7-x64

7

BleachBit-...es.dll

windows10-2004-x64

7

BleachBit-...ib.dll

windows7-x64

7

BleachBit-...ib.dll

windows10-2004-x64

7

BleachBit-...et.dll

windows7-x64

7

BleachBit-...et.dll

windows10-2004-x64

7

BleachBit-...e3.dll

windows7-x64

7

BleachBit-...e3.dll

windows10-2004-x64

7

BleachBit-...er.dll

windows7-x64

7

BleachBit-...er.dll

windows10-2004-x64

7

BleachBit-...tk.dll

windows7-x64

7

BleachBit-...tk.dll

windows10-2004-x64

7

BleachBit-...it.exe

windows7-x64

7

BleachBit-...it.exe

windows10-2004-x64

7

BleachBit-...le.exe

windows7-x64

7

BleachBit-...le.exe

windows10-2004-x64

7

BleachBit-...z2.dll

windows7-x64

7

BleachBit-...z2.dll

windows10-2004-x64

7

BleachBit-...ro.dll

windows7-x64

7

BleachBit-...ro.dll

windows10-2004-x64

7

BleachBit-...e6.dll

windows7-x64

7

BleachBit-...e6.dll

windows10-2004-x64

7

BleachBit-...io.dll

windows7-x64

7

BleachBit-...io.dll

windows10-2004-x64

7

BleachBit-...ib.dll

windows7-x64

7

BleachBit-...ib.dll

windows10-2004-x64

7

BleachBit-...ct.dll

windows7-x64

7

BleachBit-...ct.dll

windows10-2004-x64

7

BleachBit-...tk.dll

windows7-x64

7

BleachBit-...tk.dll

windows10-2004-x64

7

BleachBit-...tl.dll

windows7-x64

7

BleachBit-...tl.dll

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e27884ba9268012701a4caa56f2928a4_JaffaCakes118

  • Size

    6.9MB

  • Sample

    240406-nw6r9she6s

  • MD5

    e27884ba9268012701a4caa56f2928a4

  • SHA1

    c913b2162279a41d2a68d07538880b152a296b36

  • SHA256

    be7f9c6015c1bfff3173610ee1585d7d30df70c84c951b1ea429d7c004cad243

  • SHA512

    5505fcefd7879fd789cff3998838faf3b5042660f545d2a2fa432a0d7cfa3257b9c3a16b19ad073532175c867926b3c07726f2153075edfe0fa4a82dba3019fe

  • SSDEEP

    196608:qhMfiyDh/4vE9rsSoHc5v1DvzOYzhQ95/hrLJkL:Y8iU4vE9Y27ZdQzhrCL

Score
7/10
spywarestealerupx

Malware Config

Targets

    • Target

      BleachBit-Portable/_ctypes.pyd

    • Size

      32KB

    • MD5

      cc11b8e57ca29437f88c4d7fe3236a66

    • SHA1

      891fc719c06f9fd82c42c2f1df6c289dc78fd1e3

    • SHA256

      8b0e3f46a2c7c31ed3e7b1d2e62c88c332866ea0f573a49c5c19ee106ab0bcfd

    • SHA512

      e9516bd082642263227fee620ef0b9dbe09ebf2335bdb263ed8c40bad2716176491f86dc0707c1f2c707d7e4c4651c32f9514d6fcbe53dbc01dee993df8cbdc1

    • SSDEEP

      768:uSqqqAE4RHQWfpiIum3Xmor4z9QWSzSk8YGiwWu50NiPEM:ul4RHffUI1nkvSzbcv0E8M

    Score
    7/10
    upx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

    • Target

      BleachBit-Portable/_hashlib.pyd

    • Size

      118KB

    • MD5

      527691f5051c8ed629fb01079a806404

    • SHA1

      34a77526b42634e5296f3caacd6af1ba10f6aac6

    • SHA256

      e7f107d553152c9305d93deec16d893c45c7b4aab344fda500b7d41c511db358

    • SHA512

      a35abc2153c473100e766bdddf552da0937a1433c8500b7e97ff076909bf0e8e0a53710400f12a586dd39469c5e78dbf4b8a6cb93d5299edb73c9f0768ccedcf

    • SSDEEP

      3072:Zq8BglamB65bntakVAaEpE5k0PHYXC0C/fqrwQ:ZtgU5b0b0PR/i

    Score
    7/10
    upx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral3behavioral4

    • Target

      BleachBit-Portable/_socket.pyd

    • Size

      18KB

    • MD5

      88187b8c9af1d3b3bf5783c7cd00a7d4

    • SHA1

      74e783c47a928b1b1ccbc14cb54701128870f99e

    • SHA256

      a6656eb806641e9796718463b5d8399f1ee0e0a046bf23130ea3dd19bcfa0f99

    • SHA512

      82a4e0cade6992f0b01638cf519f0cf80cf16e11fb69da2ccb74a17c956985e6bc306cd5f9d83c4e35811a5e7408dcf2d8cf158b6942a2c7d132f23001e8347e

    • SSDEEP

      384:MjbTf1VEZByG1z4vy+7ocUY0gBfIgmtbIghFI2P59:kbgWG1cvyWwPHvPr

    Score
    7/10
    upx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral5behavioral6

    • Target

      BleachBit-Portable/_sqlite3.pyd

    • Size

      24KB

    • MD5

      338493707b6442fa36f8cf17c63d925e

    • SHA1

      3531aba5a5f0bb46e8872f09f64babb533c0b97d

    • SHA256

      418b9d8509c657ba7c3add83bd3231c1bce8eda59784568e9572bc522609e62e

    • SHA512

      2b289e571c16ef66cf28bb2f96d41cd4b78aa92891589bb3da3b05c40fe6f24fe54e216ffa7e479f72caf64ef86be43e91841a70368aa4b6bf4936a1a459839c

    • SSDEEP

      384:HthVjt2U5gfK1puOtIInRbgX/GTCDGGGRO/dXsTxq1nVRfxsvW7BayTXJyzS:HtLB5g8p5i+6GGGIdXsTxIxYWayTX

    Score
    7/10
    upx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral7behavioral8

    • Target

      BleachBit-Portable/_win32sysloader.pyd

    • Size

      6KB

    • MD5

      ad864f447ca3b4a0a28ee67cbba25f5b

    • SHA1

      44fd485e14b69e0f1206e096f5fe67a03c851b7f

    • SHA256

      aa7637c7f4292f8525b876e9731d157eaaf2f3100c5711717d475c02c4b1a9d0

    • SHA512

      8a0dd26159af357560d741d8ad5ec68a3e492ab958f24493f44cef5769439978426d2f7d2656549d61493d21bd39421bba4a1bbb79f1b3f0ac4e9f3ea5fe9777

    • SSDEEP

      96:uLWdX69ydSP1Lfhhr0iE0Q+BdI1SfJVc2SpcG1SHN7haBOA8C7tCFTv:jdMysDhJE1+BOSfYpcGEtkrC

    Score
    7/10
    upx

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral10behavioral9

    • Target

      BleachBit-Portable/atk.pyd

    • Size

      29KB

    • MD5

      c953341cd4cf8b3867919a8760b58c62

    • SHA1

      9fa26229edc04a2679efe5a74d5889ab59381d51

    • SHA256

      72729b4d1ae6c324b9a39398cab0d72cd1176c0cebc92cc91a886264e28b7949

    • SHA512

      29d51473ffbcfb8fd2e757c71698cd06a3b9039adcd9e6da77aad9b138f9b3fbcb3c275ae70b0e2c90c8ffd5101ec97c4d7484942db4e210d86983dfcfbc7afc

    • SSDEEP

      768:ov48+Q+85gMgKh1siLSmLefFZKaJaPWC7:U48X+qJ1nLSn/Kh

    Score
    7/10
    upx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral11behavioral12

    • Target

      BleachBit-Portable/bleachbit.exe

    • Size

      39KB

    • MD5

      5b00e9f5daa52e101d49b05f263f34cd

    • SHA1

      e9abf8544fcd5083c68d45e24253805f2a21f1f4

    • SHA256

      9d87edf4e1fe91ea98d45bd867071c826407b79ab013017e68b11f8bae37aa46

    • SHA512

      643445b2bc1caf8ff18a5be2382a206566aca20f472a7c3e68e8c13bcfed66db8a9d3f11bcf9efc2f47e199265c4493eafdeb549942d13d9e9b2bdbb2ecb00ba

    • SSDEEP

      192:yfQG9DrqrcQf7iUiEaux1Yx/CUnSrXca31vbpKbcOF918avi22MwftaRR1s37cU:NG1ercMHiENYB/KXxFv8bHgfERRm3V

    Score
    7/10
    spywarestealerupx

    • Reads user/profile data of local email clients

      Email clients store some user data on disk where infostealers will often target it.

      spywarestealer

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral13behavioral14

    • Target

      BleachBit-Portable/bleachbit_console.exe

    • Size

      38KB

    • MD5

      90e58e4429fa2a343863c11e77e62d58

    • SHA1

      0a379a9cdea80c519cbc17c872016c2f95e93da6

    • SHA256

      599f45703f1e34a82c2445943dbe7f92cf01c9c81b832f6a5c2823c79d556990

    • SHA512

      7dfc935c721201f18bd87aa0d47360d6fea4b59c0d4fa9b650f76805d836cc8d2269c9604db5f27f043a1d9b613bcfa23eeb008b1f7919f97b37cc9fa808f609

    • SSDEEP

      384:nePpqLhe7+aAg43ve+2PXC9jIfERRm3C:nL6KG1Py2e

    Score
    7/10
    spywarestealerupx

    • Reads user/profile data of local email clients

      Email clients store some user data on disk where infostealers will often target it.

      spywarestealer

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral15behavioral16

    • Target

      BleachBit-Portable/bz2.pyd

    • Size

      34KB

    • MD5

      6a83a417cdca1230480cd06dbf49e5ab

    • SHA1

      8b1206ecb7f0a9e8141930ec605def379bf68fa2

    • SHA256

      af84910acebe34f322cf8a0569a1abd63068cecd4d83e3b3e2d50043bbac5e16

    • SHA512

      93d903ddebee69bddcf07c5f80022c2895b0ae542c35484dc92fabc4d5f1fad65253f97b4134aff5e735bea5c14ec26ab929b508ae5feb3f82502dd83d35bbdb

    • SSDEEP

      768:XBFXsZ3elHI/OfFhVMnBvYqR94ws7o87P:fXculHMObOnVYyjb8

    Score
    7/10
    upx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral17behavioral18

    • Target

      BleachBit-Portable/cairo._cairo.pyd

    • Size

      18KB

    • MD5

      2c0fdc28b1a3c0b11160ec6e2177d47b

    • SHA1

      ec463f1bc0068badad777b014cf26a5ec95d9eb2

    • SHA256

      3f63cc994113096bfa7a8f12f4a5444f6b5057e22a3a4e0b05e5d9784b6e3849

    • SHA512

      f2d2583a3a6ccb39fd050b434d4be7b4250dde17a885a9bbe84a35b8483c0145680377163f720c04290c0d271978e2494db69a293b4f5bdc46f0ed9e23a2ec2b

    • SSDEEP

      384:y+ZQmBqlGVUONTqmWIg3krste3MYJ6OxWOXMgidGNlxr078AZHnAu:llfeONqmykrMTUBYuOXHAu

    Score
    7/10
    upx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral19behavioral20

    • Target

      BleachBit-Portable/freetype6.dll

    • Size

      303KB

    • MD5

      5a448da6e119e6af3694500f5ef82338

    • SHA1

      db92db62304b22503863f9b8f5dbc7b14be3e7dc

    • SHA256

      1dc8e799f65cd4619df0779a51bfa12fb2e11dd7bee5166bf92200b28e9aa3df

    • SHA512

      a75083ee51343a4ec03d68bb10cfa654eec09ff424e57042d2a1d9d6d613724766ac1e65f3e85a51ae58b5b470b2a0b0afa5e8c0f289ba7ca9d4ed510d365503

    • SSDEEP

      6144:PBJUMEHJkPJjyMyQ3V3vZ4kjzCa9+OJvKcEXIFKp0pDl60/IxDdX3fGbCqy:jUM+kPJjyMyQ3V35OovKZUa0pDlV0h//

    Score
    7/10
    upx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral21behavioral22

    • Target

      BleachBit-Portable/gio._gio.pyd

    • Size

      51KB

    • MD5

      9e1bfa29c42b6e01c7302292b8d306cb

    • SHA1

      c0210cf5b84c5eb7fa94d911a5bd521aabb613e9

    • SHA256

      af2dbeac29ae3954e792e7aa417c65d8f3d35bef314ee2fe6d903f7edf161eb6

    • SHA512

      ad9e6c0ec20336c6d732618961b01f98aae81ee141e64ef87cf75c85517d42861a2ed42884ac97e16abf9dce04b821fe997a6265a952bafa507bc8e6b66c28e1

    • SSDEEP

      768:PSdtE1+6PSGlIdl1KrtiBkuDArs1WPhoeLRtCnmsdctH7ouC/ZjJfcMXT6pr53tY:2o9jmaB+WPhZyeJMuiZ1jWrqn

    Score
    7/10
    upx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral23behavioral24

    • Target

      BleachBit-Portable/glib._glib.pyd

    • Size

      19KB

    • MD5

      6c2c8ec24fd7a31f2eeec4b7ac86e173

    • SHA1

      bb1fec2a0a82d168a8858c771fdf628a4eb33194

    • SHA256

      a54d4445ff6c8eba6304bfeba7927ff6097e29edf6b7f6802b042a72176a310c

    • SHA512

      f1ec6e8c4f648507d13e3f931377f69892d6650f7eb96a861aa76f83fb9cc4fcb8195828a2107f12fafd3a05c71d6482ecbb82f95794981be9cb223d6493b5e8

    • SSDEEP

      384:oEQsh7lyQVTtE7irPauFKOpoRlMRXUrEj1BNAsD6TllMFZGN:BdQQVTkQaSKOGROSro8s2wZM

    Score
    7/10
    upx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral25behavioral26

    • Target

      BleachBit-Portable/gobject._gobject.pyd

    • Size

      34KB

    • MD5

      fca90bf794b33577aece407246a8ff43

    • SHA1

      6d97793501847792b864cd0bc30fcad1663fe3b2

    • SHA256

      1e34717f06cebda65c318a4f1da0c2953e69bbb608ffc20d4c926aa56496763b

    • SHA512

      12cbed9d1070449d11b5245eb61f6e9864e43b7d0ed79e678725a240b30c5d85cc581b261a9700a27d569d80e51d7bc23004da5fb15f370f545ea089fd4f3e15

    • SSDEEP

      768:KWRRYEdrjFudIViAgqnnEkBaq3dfM/82nHViB6:KqdNud2uqE8aqm02Hc

    Score
    7/10
    upx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral27behavioral28

    • Target

      BleachBit-Portable/gtk._gtk.pyd

    • Size

      277KB

    • MD5

      b1f14e514fc302d85097b45ea056db5d

    • SHA1

      a8b59bd59c91d35f5b3ade33c5de30a50233cefe

    • SHA256

      d6f233dc447d7ec4169ff8819aa4857c440407fa890077aa50147b8cab74d5ff

    • SHA512

      991fba850010cbeeb6d7f8575991b40dde37adeb9203175244233ac01fc74f2402b8e28afb05fe070990808371ca3bbccb9d18d32375ac4188a948d516e0bffd

    • SSDEEP

      6144:Y9xmZI4BD6q8M3SbTUub0rFdzRMMvlbGIrdmj3n1Cu+UfdDJS2PtO9:DZI4BXccuArFdzKMvlbnrqnEk1FxP

    Score
    7/10
    upx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral29behavioral30

    • Target

      BleachBit-Portable/intl.dll

    • Size

      51KB

    • MD5

      d2052e93b5c0334c9e1acdb2517be1aa

    • SHA1

      ca2249751edddfe0161884eaf0de60c23a9fb127

    • SHA256

      ad13f3bcd45db704b40f7127829dda238920bf1097fafed89a902e36d420ed29

    • SHA512

      74de1bc1f862836d7da646cc6d272e433f0c7a78503eeb0656b50fe6d37ac545467d90387b8a4165e197139e38973b65a1dd8ddb562d90ed0c548c478b653cbf

    • SSDEEP

      768:yVUkB/uu/jF8kVkOYFmmuLAjQaUbllafj7q5xK9nv6EerYztREbCNxWAUG9f:yOG/jj2SkGmuESblaU4hCbMxF9f

    Score
    7/10
    upx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral31behavioral32

MITRE ATT&CK Enterprise v15

Tasks

static1

upx
Score
7/10

behavioral1

upx
Score
7/10

behavioral2

upx
Score
7/10

behavioral3

upx
Score
7/10

behavioral4

upx
Score
7/10

behavioral5

upx
Score
7/10

behavioral6

upx
Score
7/10

behavioral7

upx
Score
7/10

behavioral8

upx
Score
7/10

behavioral9

upx
Score
7/10

behavioral10

upx
Score
7/10

behavioral11

upx
Score
7/10

behavioral12

upx
Score
7/10

behavioral13

spywarestealerupx
Score
7/10

behavioral14

spywarestealerupx
Score
7/10

behavioral15

spywarestealerupx
Score
7/10

behavioral16

spywarestealerupx
Score
7/10

behavioral17

upx
Score
7/10

behavioral18

upx
Score
7/10

behavioral19

upx
Score
7/10

behavioral20

upx
Score
7/10

behavioral21

upx
Score
7/10

behavioral22

upx
Score
7/10

behavioral23

upx
Score
7/10

behavioral24

upx
Score
7/10

behavioral25

upx
Score
7/10

behavioral26

upx
Score
7/10

behavioral27

upx
Score
7/10

behavioral28

upx
Score
7/10

behavioral29

upx
Score
7/10

behavioral30

upx
Score
7/10

behavioral31

upx
Score
7/10

behavioral32

upx
Score
7/10