147a342db53ebae2993dbdabdab97f47e99a542c733a0ed3fce06d60231ce7a7

Sharing

Copy URL

Twitter E-mail

General

Target

e89a47be423f986bab07ec87c9875b82_JaffaCakes118
Size

1.8MB
Sample

240408-2qw8jaea78
MD5

e89a47be423f986bab07ec87c9875b82
SHA1

b59e3092c6a5587b6f9fb3002e227f3294ac9359
SHA256

147a342db53ebae2993dbdabdab97f47e99a542c733a0ed3fce06d60231ce7a7
SHA512

97bd47820f131bb32bfc6c512b7521d432c62ec431749fe9757dd8aa6428b14270f91c34f2a06dd59230a27970d29e2e4b2ab850b48158b8c5e9f880e4532e6d
SSDEEP

24576:/rMMFKDlavjUEQElhcjUuS+kQ0LaSA8o19MNMeE5GKSL1hCGjOFCYzfCADRXriJs:/rMMYlavoRkQb8CuMebPbNYR2iuKF

Score

7^/10

upx

Malware Config

Targets

- Target
  
  e89a47be423f986bab07ec87c9875b82_JaffaCakes118
- Size
  
  1.8MB
- MD5
  
  e89a47be423f986bab07ec87c9875b82
- SHA1
  
  b59e3092c6a5587b6f9fb3002e227f3294ac9359
- SHA256
  
  147a342db53ebae2993dbdabdab97f47e99a542c733a0ed3fce06d60231ce7a7
- SHA512
  
  97bd47820f131bb32bfc6c512b7521d432c62ec431749fe9757dd8aa6428b14270f91c34f2a06dd59230a27970d29e2e4b2ab850b48158b8c5e9f880e4532e6d
- SSDEEP
  
  24576:/rMMFKDlavjUEQElhcjUuS+kQ0LaSA8o19MNMeE5GKSL1hCGjOFCYzfCADRXriJs:/rMMYlavoRkQb8CuMebPbNYR2iuKF
Score

7^/10

upx
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  11KB
- MD5
  
  3e6bf00b3ac976122f982ae2aadb1c51
- SHA1
  
  caab188f7fdc84d3fdcb2922edeeb5ed576bd31d
- SHA256
  
  4ff9b2678d698677c5d9732678f9cf53f17290e09d053691aac4cc6e6f595cbe
- SHA512
  
  1286f05e6a7e6b691f6e479638e7179897598e171b52eb3a3dc0e830415251069d29416b6d1ffc6d7dce8da5625e1479be06db9b7179e7776659c5c1ad6aa706
- SSDEEP
  
  192:eP24sihno00Wfl97nH6T2enXwWobpWBTU4VtHT7dmN35OlbSl:T8QIl975eXqlWBrz7YLOlb
Score

3^/10
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/UpdHelper.dll
- Size
  
  130KB
- MD5
  
  bb40f596eab5c6598d320677b1731d62
- SHA1
  
  2c3f547355e07ba6585d955237a35e1125173028
- SHA256
  
  8b972cd7532648027a533330481a6fed08f70718b31396ddf6579519e862b169
- SHA512
  
  a2b6757d82bc9ad02516ab83b31c81c310cefc04ffe8ba1937febe44da2e9786a093fba21f6ed412403acde404a6684f7c2ad7f7696c03379fde9d3aee19b436
- SSDEEP
  
  1536:Xxl/6f/Vjj2C6+omP/I2IYhRN/YD70Z7+OpzW4kDcXMkoXsWjcd0w+bTTshSQlm/:BB2UOq+1W4rMkoY0w+bTTshSom
Score

3^/10
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/md5dll.dll
- Size
  
  6KB
- MD5
  
  7059f133ea2316b9e7e39094a52a8c34
- SHA1
  
  ee9f1487c8152d8c42fecf2efb8ed1db68395802
- SHA256
  
  32c3d36f38e7e8a8bafd4a53663203ef24a10431bda16af9e353c7d5d108610f
- SHA512
  
  9115986754a74d3084dd18018e757d3b281a2c2fde48c73b71dba882e13bd9b2ded0e6e7f45dc5b019e6d53d086090ccb06e18e6efeec091f655a128510cbe51
- SSDEEP
  
  96:5mArJv6F3TqDmgK4ghEin1US36eHQZDUDgGogZcko5Nt4AMP:5XJ63LhR6inZ6dsgZkKQT
Score

7^/10

upx
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral7 behavioral8
- Target
  
  $_1_/Modules/clc.dll
- Size
  
  111KB
- MD5
  
  68ec32cf0860c9db2f668964a928c913
- SHA1
  
  3949cd9177b93bc4ad76fdaf8bc2eb2252802972
- SHA256
  
  f1107b54b4cbbfbd7a894226317918f5aadafd56c65ea255c81facdc539b88be
- SHA512
  
  267bf7498638c7a062e617b44b0eed61df441ea3ea4efb7cded47c062d903d084594797be5a9ccc783a5fd50f84799a2f33afda03cfff731b0e7c215b649f18e
- SSDEEP
  
  3072:BbRT3QJFzdoXYqPQ9bLw20IgYE9pFGNlw8jlZQxvoLAX:/3QJF5aYqPQ9bLh0SE9TKjlZQxl
Score

1^/10
behavioral10 behavioral9
- Target
  
  $_1_/Modules/crm.dll
- Size
  
  104KB
- MD5
  
  d925422843f1e14f6504456764219367
- SHA1
  
  493c1992685c7413a9497aab830175ba92b1f80e
- SHA256
  
  ec27c6987d403bb31df794b47060fe707bca85c058ecb62b8a6ec9ab35de2c06
- SHA512
  
  9a510d68428c05f63cad243ba43a954fd595f57e2e88dddd0bf79094d19fb80ef9a71803cf635160bc88f4632176c330dadfef04681cff24fdba67732d1f9a06
- SSDEEP
  
  1536:T/Jq1OQ6koWSM0Ly46qP0z234SlqH0QqRCHsx+pKN/sQ37bYigzoSK5NJxri6:TU1J46qP0zolBMMx+AN/sQ3Y5oHj
Score

1^/10
behavioral11 behavioral12
- Target
  
  $_1_/Modules/wis.dll
- Size
  
  42KB
- MD5
  
  875b93e5075b75fba8b080c578e9170c
- SHA1
  
  3e04baed759bafcf80a3edc7f16054739ceb1972
- SHA256
  
  3a942e2bfd313ecdbd48ebe05653b50d904f9b1dc30c86067446885a8d01dff7
- SHA512
  
  54c008a278de9fe898cc661393df22b62be9dddd31ab910e311a52ab7035b93949baeba7ff4fc40371061bdc6d9ac9ebc6dc5cd6e31050b44964e172162f6b89
- SSDEEP
  
  768:TkPmePU4gW1YH7FzxIT7JOB3+NI2giTcsuCGkjam54RZcCTRUf/HXNJxriD:TkPmePU4pKbBKT7JOIu9lUOsWZHT8/3g
Score

1^/10
behavioral13 behavioral14
- Target
  
  $_1_/RtHelp.exe
- Size
  
  334KB
- MD5
  
  cdda1f88ec6c73e0f71a4549121165f9
- SHA1
  
  b4736704971dd67d904d3664772c815888d60d03
- SHA256
  
  0946e5e56039b750820fad2169e66ffe31a5a0d93fc17734948c40f9ef147c43
- SHA512
  
  e72c718fe4f0786d171ebc2daf1402667cf380e88877b5675ac782ec22e1b643a4b19b39e193c9002674f2ced61d22de0a7a4f8db9a621fe61534be28fc28775
- SSDEEP
  
  6144:oawJ67wblyFxImB8K7BvFRVidQhq/Jx8W:937wQFWmzaQhGf8W
Score

1^/10
behavioral15 behavioral16
- Target
  
  $_1_/msvcp110.dll
- Size
  
  522KB
- MD5
  
  3e29914113ec4b968ba5eb1f6d194a0a
- SHA1
  
  557b67e372e85eb39989cb53cffd3ef1adabb9fe
- SHA256
  
  c8d5572ca8d7624871188f0acabc3ae60d4c5a4f6782d952b9038de3bc28b39a
- SHA512
  
  75078c9eaa5a7ae39408e5db1ce7dbce5a3180d1c644bcb5e481b0810b07cb7d001d68d1b4f462cd5355e98951716f041ef570fcc866d289a68ea19b3f500c43
- SSDEEP
  
  12288:FqULIc5nb9rywgfyhUgiW6QR7t5sA3Ooc8sHkC2eRxUH:PLHnhryLfBA3Ooc8sHkC2eRxUH
Score

3^/10
behavioral17 behavioral18
- Target
  
  $_1_/msvcr110.dll
- Size
  
  854KB
- MD5
  
  4ba25d2cbe1587a841dcfb8c8c4a6ea6
- SHA1
  
  52693d4b5e0b55a929099b680348c3932f2c3c62
- SHA256
  
  b30160e759115e24425b9bcdf606ef6ebce4657487525ede7f1ac40b90ff7e49
- SHA512
  
  82e86ec67a5c6cddf2230872f66560f4b0c3e4c1bb672507bbb8446a8d6f62512cbd0475fe23b619db3a67bb870f4f742761cf1f87d50db7f14076f54006f6c6
- SSDEEP
  
  12288:TmCyHcMpK7QdgD+9Tr8r3FmJciMgLFWkA8qTWu+FVlofpJCjNdr12iqwZeq:TmCyHNIQdTryVmCipIkqTWu+Fr
Score

3^/10
behavioral19 behavioral20
- Target
  
  Modules/7z.dll
- Size
  
  893KB
- MD5
  
  04ad4b80880b32c94be8d0886482c774
- SHA1
  
  344faf61c3eb76f4a2fb6452e83ed16c9cce73e0
- SHA256
  
  a1e1d1f0fff4fcccfbdfa313f3bdfea4d3dfe2c2d9174a615bbc39a0a6929338
- SHA512
  
  3e3aaf01b769471b18126e443a721c9e9a0269e9f5e48d0a10251bc1ee309855bd71ede266caa6828b007359b21ba562c2a5a3469078760f564fb7bd43acabfb
- SSDEEP
  
  24576:TW+wsDaQw6DDz3qRyPnmGfrnvVUKueY8RmneWtJ:TasY6DwOBfrnvV7UeWt
Score

3^/10
behavioral21 behavioral22
- Target
  
  Modules/cdp.dll
- Size
  
  91KB
- MD5
  
  2f369f9928242f730d3cf48678158111
- SHA1
  
  f31361fb3ed6f6654ad921cdc59786df4c10885a
- SHA256
  
  a056ad6496931b0c0a9405cf4f7a34db68c3b78b30d4907f9472994b836ea022
- SHA512
  
  c22c479183f66b65e1cf5b7ed75e30f18db5fd7f6427c04385990d181c53216df33994f296ed235357cc0f22e4d437e97983f910ec67fc7e52fe48fafbbebabe
- SSDEEP
  
  1536:0M2it9IgWVjtPojH1MtpM7fiOTsaM8ZcZqyPe4cN6jUNJxriz:0M/DWVK1MtpFaM8Zeq+e4cN6aO
Score

1^/10
behavioral23 behavioral24
- Target
  
  Modules/clc.dll
- Size
  
  111KB
- MD5
  
  68ec32cf0860c9db2f668964a928c913
- SHA1
  
  3949cd9177b93bc4ad76fdaf8bc2eb2252802972
- SHA256
  
  f1107b54b4cbbfbd7a894226317918f5aadafd56c65ea255c81facdc539b88be
- SHA512
  
  267bf7498638c7a062e617b44b0eed61df441ea3ea4efb7cded47c062d903d084594797be5a9ccc783a5fd50f84799a2f33afda03cfff731b0e7c215b649f18e
- SSDEEP
  
  3072:BbRT3QJFzdoXYqPQ9bLw20IgYE9pFGNlw8jlZQxvoLAX:/3QJF5aYqPQ9bLh0SE9TKjlZQxl
Score

1^/10
behavioral25 behavioral26
- Target
  
  Modules/crm.dll
- Size
  
  104KB
- MD5
  
  d925422843f1e14f6504456764219367
- SHA1
  
  493c1992685c7413a9497aab830175ba92b1f80e
- SHA256
  
  ec27c6987d403bb31df794b47060fe707bca85c058ecb62b8a6ec9ab35de2c06
- SHA512
  
  9a510d68428c05f63cad243ba43a954fd595f57e2e88dddd0bf79094d19fb80ef9a71803cf635160bc88f4632176c330dadfef04681cff24fdba67732d1f9a06
- SSDEEP
  
  1536:T/Jq1OQ6koWSM0Ly46qP0z234SlqH0QqRCHsx+pKN/sQ37bYigzoSK5NJxri6:TU1J46qP0zolBMMx+AN/sQ3Y5oHj
Score

1^/10
behavioral27 behavioral28
- Target
  
  Modules/cus.dll
- Size
  
  102KB
- MD5
  
  afebf92fe3ceb4ad86cb806d6aaa0d7d
- SHA1
  
  1d9e7c4b8c1d938bca48dbb8edb53b6f34522ee4
- SHA256
  
  efa1abf8a7d331681a20739e362f8a0faec2fb8f8bcc7a7f2e4ba76147fbf4a5
- SHA512
  
  8c910f690f97200203fc4820d19a70bd51afc5e3bebeafe3107453eb6bc71166b152b3bb2f82586d3e06b9930a1be12daf43434ab763087792e3e468d563b581
- SSDEEP
  
  1536:J7PSVQhAoTtwAjjk2Ve9z7BvFjuJfCv6+LSEYxQcetvch89lVsmU79tjHOCshOi0:JD+807BvFjuJWVVY9ICshOIbZDa
Score

1^/10
behavioral29 behavioral30
- Target
  
  Modules/nls.dll
- Size
  
  150KB
- MD5
  
  f8d4328ec95e1c9c2da90a40afca7fc5
- SHA1
  
  365f1e0be60f9409a5011ca52ffded27a4958317
- SHA256
  
  d7f5649ca516c6a6e49adc09d21822e00577638132e88a1e7ffe37fe10cca323
- SHA512
  
  a3abf56de3f602cbbb64da70102226414c5b87e28577a41f7232f10135b320cf4191da7a10b3d0ed2820775baa2e24c0001b8eacbb035594131f58ee4e313ffe
- SSDEEP
  
  3072:p/w1bxOjPhv3+aQb4aXY61y+gfztlZQTOLHwwrx:S1bYjZ2aQbzFTktlZQKH1
Score

3^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

T1120

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

ACProtect 1.3x - 1.4x DLL software

Executes dropped EXE

Loads dropped DLL

UPX packed file

Maps connected drives based on registry

ACProtect 1.3x - 1.4x DLL software

UPX packed file

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32