12a7088867b3413fd09af61234ea7be5d9fa8199641dfa1cd87c7050db1bf479

Sharing

Copy URL

Twitter E-mail

General

Target

ec268fe6210af8b0054cda01f3ed56aa_JaffaCakes118
Size

101KB
Sample

240410-2nalrage8x
MD5

ec268fe6210af8b0054cda01f3ed56aa
SHA1

e2789f4d6b25065fd6019f67dea77bfa42bd9194
SHA256

12a7088867b3413fd09af61234ea7be5d9fa8199641dfa1cd87c7050db1bf479
SHA512

ea94ca9dcd3276fa656c0412227211ebe5955b60bd510f22f5a436c9a7388a4b234200bdd6b63447803be1efec3e2f94ecf4de5eb45ed812e0a6608f72516c6e
SSDEEP

1536:13cpyORJLuB4P4AJJad0299MJjifEJC2k+9Ritsv2FB:13c1fP4AJJadz99SjRYWE6v2FB

Score

7^/10

Malware Config

Targets

- Target
  
  ec268fe6210af8b0054cda01f3ed56aa_JaffaCakes118
- Size
  
  101KB
- MD5
  
  ec268fe6210af8b0054cda01f3ed56aa
- SHA1
  
  e2789f4d6b25065fd6019f67dea77bfa42bd9194
- SHA256
  
  12a7088867b3413fd09af61234ea7be5d9fa8199641dfa1cd87c7050db1bf479
- SHA512
  
  ea94ca9dcd3276fa656c0412227211ebe5955b60bd510f22f5a436c9a7388a4b234200bdd6b63447803be1efec3e2f94ecf4de5eb45ed812e0a6608f72516c6e
- SSDEEP
  
  1536:13cpyORJLuB4P4AJJad0299MJjifEJC2k+9Ritsv2FB:13c1fP4AJJadz99SjRYWE6v2FB
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/InetLoad.dll
- Size
  
  18KB
- MD5
  
  994669c5737b25c26642c94180e92fa2
- SHA1
  
  d8a1836914a446b0e06881ce1be8631554adafde
- SHA256
  
  bf01a1f272e0daf82df3407690b646e0ff6b2c562e36e47cf177eda71ccb6f6c
- SHA512
  
  d0ab7ca7f890ef9e59015c33e6b400a0a4d1ce0d24599537e09e845f4b953e3ecd44bf3e3cbe584f57c2948743e689ed67d2d40e6caf923bd630886e89c38563
- SSDEEP
  
  384:nUOPTbiJmdztwwKq8W1cyMjPzV0Ac9k+LMkIX1+Gn+XHdjf:nTikliwKq8W1rMjPzz+f
Score

3^/10
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/Math.dll
- Size
  
  66KB
- MD5
  
  9eb6cecdd0df9fe32027fcdb51c625af
- SHA1
  
  52b5b054ff6e7325c3087822901ea2f2c4f9572a
- SHA256
  
  54cf1572ed47f614b0ffb886c99fc5725f454ef7ff919fbb2fd13d1cbe270560
- SHA512
  
  864742ec6f74f94057b54cd9b09707c0125ac8db4844fa80af201e8b72a811bb68276c993e75bce67e5ece4f83644572edbdee5e963634c5a37839615faea97a
- SSDEEP
  
  1536:LP43WZ4Ql60gam+2MwRmPeqFVHbQH0ZZ1Iet:LwU609VMH0T/t
Score

3^/10
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/SelfDel.dll
- Size
  
  4KB
- MD5
  
  5e14f6774c43bdff6ffe0afb0d51c47f
- SHA1
  
  fb1e7b6e63afa6db6aa2033b5e7e90f1f4ba5e27
- SHA256
  
  7cb51ccf21655e9590a6c3232920b16a3dfef15ffe9df7b8e71f487ca8c24da9
- SHA512
  
  6ac533c0485156a68bd1460d8219acf7539b766590910cd646f4d7d4572c072f45369712d88d4e698f4e94aead8082abcbfacc3d6fe890046898f6c6d85274e3
Score

3^/10
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  11KB
- MD5
  
  00a0194c20ee912257df53bfe258ee4a
- SHA1
  
  d7b4e319bc5119024690dc8230b9cc919b1b86b2
- SHA256
  
  dc4da2ccadb11099076926b02764b2b44ad8f97cd32337421a4cc21a3f5448f3
- SHA512
  
  3b38a2c17996c3b77ebf7b858a6c37415615e756792132878d8eddbd13cb06710b7da0e8b58104768f8e475fc93e8b44b3b1ab6f70ddf52edee111aaf5ef5667
- SSDEEP
  
  192:7DKnJZCv6VmbJQC+tFiUdK7ckD4gRXKQx+LQ2CSF:7ViJrtFRdbmXK8+PCw
Score

3^/10
behavioral10 behavioral9
- Target
  
  $PLUGINSDIR/inetc.dll
- Size
  
  20KB
- MD5
  
  50fdadda3e993688401f6f1108fabdb4
- SHA1
  
  04a9ae55d0fb726be49809582cea41d75bf22a9a
- SHA256
  
  6d6ddc0d2b7d59eb91be44939457858ced5eb23cf4aa93ef33bb600eb28de6f6
- SHA512
  
  e9628870feea8c3aaefe22a2af41cf34b1c1778c4a0e81d069f50553ce1a23f68a0ba74b296420b2be92425d4995a43e51c018c2e8197ec2ec39305e87c56be8
- SSDEEP
  
  384:jQB2ZUVHUxgoJX0eBA6PcH85db+ya9cC0Ac9khYLMkIX0+G5xgZmT+m//a:j/UFeJ5S6PHLNa9cFam/
Score

3^/10
behavioral11 behavioral12
- Target
  
  $PLUGINSDIR/time.dll
- Size
  
  10KB
- MD5
  
  38977533750fe69979b2c2ac801f96e6
- SHA1
  
  74643c30cda909e649722ed0c7f267903558e92a
- SHA256
  
  b4a95a455e53372c59f91bc1b5fb9e5c8e4a10a506fa04aaf7be27048b30ae35
- SHA512
  
  e17069395ad4a17e24f7cd3c532670d40244bd5ae3887c82e3b2e4a68c250cd55e2d8b329d6ff0e2d758955ab7470534e6307779e49fe331c1fd2242ea73fd53
- SSDEEP
  
  192:oNcwTweFbs9t2n2Sgiga65/aHdaGZavaJIYX4Hw2:oNcwBFg22SEw47CPU
Score

3^/10
behavioral13 behavioral14

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Checks computer location settings

Deletes itself

Loads dropped DLL

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14