bd4899a49a765328a2d7f482b8ee08d9e5003e7961ad5fef43eab254515b6ac9

Sharing

Copy URL

Twitter E-mail

General

Target

ed2f17990d6eac3f8f0c102fbcd49eca_JaffaCakes118
Size

532KB
Sample

240411-ma2qrahd36
MD5

ed2f17990d6eac3f8f0c102fbcd49eca
SHA1

f50e1441a8a817ccb70d0ba511cbeaace6293774
SHA256

bd4899a49a765328a2d7f482b8ee08d9e5003e7961ad5fef43eab254515b6ac9
SHA512

53452ebf16576eb33cf212026343f49c620590fa4c7b6375c128c472c9b8b876badaef5e123569781466337e081f4cd2a0356b1af40e12e0533f8ce548a6ef26
SSDEEP

12288:dpYxAvDfOF1yLB8PBcA8vB6Ord8O7EcbQ6AYtDK1A8MCx37Yz:cxAvDfa1yLiBo0M3bQ6AYtGq/CxLYz

Score

7^/10

Malware Config

Targets

- Target
  
  script.media.aggregator/aceplayer.py
- Size
  
  1005B
- MD5
  
  2fb64744df3f43c468cf2f9b3dccb4ed
- SHA1
  
  8ebf040aa79d8595af3bcee1c55fb5bdcb91cb3d
- SHA256
  
  7e541a19bbb62cb04f6dc2688f45af7474125582bc0997e54391386a33333423
- SHA512
  
  9b20b4b3adb2848acea1a74cf01fef6e71c7ba3aaec9ea35d6e187c8e2b117fb103eb2372d2cb5cc2b5aa87ac2596f67071ba4fef8d1be1714bf39ba29adad66
Score

3^/10
behavioral1 behavioral2
- Target
  
  script.media.aggregator/afteractions.py
- Size
  
  8KB
- MD5
  
  258b8408781c2bf3098ea1a4423ebe7f
- SHA1
  
  bee5f4f3d545cd62ced28947fac9b4e950664192
- SHA256
  
  da3b70203653b5986ba35473a834e71fefe5d1fb954f3f300ed989e7fd961602
- SHA512
  
  29f94ff51e711e7da31c8b0c081649f18dc032e9dede9d5bafa64839c85022284d07b001df1eed91231c416135a57f549569985cd2193881cd94c72c33c864d1
- SSDEEP
  
  96:8NK52LuYiq77fx/cQ6gFmmuBeOqck0NPwQkh5QnfYArG/kOnPd9rO3Ghw2jvugQv:b8xwbkUMyfYlfnPHrO3oTuv
Score

3^/10
behavioral3 behavioral4
- Target
  
  script.media.aggregator/anidub.py
- Size
  
  12KB
- MD5
  
  9cdc684c1bbbd60abc5b96256333ecf1
- SHA1
  
  29e33f8dd445f229c6e026caef7090403db78424
- SHA256
  
  aa846d1bbc040b008e0002e22c6ae4fab5f1e2a85ec10b0225735f39dc883e8f
- SHA512
  
  f52191183f0ed86fc115fbe16f4529a1d62d83da7b40ee0556966ee128a6a6c68836cc0db2803ccd58234e3ab6ce41ae3f429c6cb91dbf7f15e61dd5dd120015
- SSDEEP
  
  384:pqahqAX4vTzpLXsmidCXqFb6gW3pHRV2eqIo/8BL:hYAX4vGmpXqF6gW3VG//sL
Score

3^/10
behavioral5 behavioral6
- Target
  
  script.media.aggregator/backgrounds.py
- Size
  
  9KB
- MD5
  
  592647d53aec53f52ce7c86016978920
- SHA1
  
  c7c76e446ddfe7d9d4127090319f7582ff3158ba
- SHA256
  
  bfb51123fdfd2309c5bca0841124d9ac3c5983ea4bff056f244e3e378f211ac9
- SHA512
  
  e6084c3cf09e63a537c79988e687beb264a709619668c791d9fecd9763dcdb888886c8636bc8fbf751de7dea412a39e70304e1c5637bec32d0db780ee0928e35
- SSDEEP
  
  192:PB8EDCXFzcC49PYZ/xc0lsv/1ctvGoUm4:PBPDUsvtcQ
Score

3^/10
behavioral7 behavioral8
- Target
  
  script.media.aggregator/base.py
- Size
  
  17KB
- MD5
  
  5dd46877aa1eae66ed630bbbc1de9ba1
- SHA1
  
  36e284d8d6c7d78dcb6b53d7da763eb3f49b68a1
- SHA256
  
  d2a65fcaf5c5fc15d1f7e446b8f0dd8cbc751d8f686b3523b632d350228fb2d3
- SHA512
  
  280953645640a6bfe11fe280390dc378496752fa36aaafc07e97f7ac181df88e4a595ab3b0113022d8ed0d9caf95077c6585043cadd1a93fec492f8e9fedc88f
- SSDEEP
  
  384:LShNDc8eyO0uXgS8OBa+tKZKKmhKoWXOYSPbc564Ng:uXDc1yOSOBaMKZTuzFckR
Score

3^/10
behavioral10 behavioral9
- Target
  
  script.media.aggregator/bencode.py
- Size
  
  3KB
- MD5
  
  4d212c8f17948c771eb176d830963d2d
- SHA1
  
  7b984352bcf42a73cc8b85fe87be2498867769c3
- SHA256
  
  b8b0dda8e1f1365bdc13df66565d50b6c4d571c6ddb7476ebe41a63b8b48fba4
- SHA512
  
  3add392004c923cc67a448ea481c92cb934edf2ddc3d98648ee5afcd7546150ef64684ec0129cb8a9188f67deaf8b30c2aab2a61a5cab7cb2057832c2a801c53
Score

3^/10
behavioral11 behavioral12
- Target
  
  script.media.aggregator/bin/u8runner.exe
- Size
  
  21KB
- MD5
  
  24735674aa04d36f56c748d89f40bfc8
- SHA1
  
  d8ea00e14a2caced07dde803dad2f702759a93e1
- SHA256
  
  97eb4203ee0b6b789388b55e0550c04865d006e6df3ff7d29edadb11b2bffa45
- SHA512
  
  030a43a7cba0c6e75790693160fe4b8ea5802f34c03e6fcde25a44dca7bdbe32da2b0a3643f816a6175d144173d09d69a52e6ed48b8699d1469aa9e9d307fe09
- SSDEEP
  
  384:ROV3Ohl55MJ+PtLcFuoInpqbiEB1+9GfrBWp+G6X:gJRQFHyiEB17frm6X
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral13 behavioral14
- Target
  
  script.media.aggregator/bluebird.py
- Size
  
  12KB
- MD5
  
  c56cfe0c840f3e59ca134e65bd581d62
- SHA1
  
  8f6f9f217f135be7a7e2adf270a7cb42afd47727
- SHA256
  
  03e52f0d1a8e38a7f8901303a65a1e8b7419706eec30e9fefd19db713fb098a8
- SHA512
  
  7ca89032263fd5d5812a31ee9bac563c66d8349b1f1f5a28efd0ad01f81c987c1c33c9b9a00c587cd457d7432f2a6fa7a333ee0cf114cb93f44be6e1e94b1900
- SSDEEP
  
  192:ttcQZct7oCqH9pN1myaaJC3FNpsabIfp5tfhZcQNRZcHp6rrNTzgEKCW:ph9FgKC3FNpsa2bZ8HENTzeCW
Score

3^/10
behavioral15 behavioral16
- Target
  
  script.media.aggregator/context.py
- Size
  
  13KB
- MD5
  
  f1d8af0648fae7e48a231332f9b8bb3a
- SHA1
  
  6b37dfb09eaa7c3a8b6c958181a832d9f17b5497
- SHA256
  
  2734f14baf0c04d0b1f1406637ce70c0d3ad557da52c936b457ed2372f19aff0
- SHA512
  
  5734d6e5137ccb594ed161d5ec18a7fd3e692373ed5142301feb8cfc6ed972edb61ddb92615684a0accb5f6d982b0c7c8670db5201f5613b2a7a5749a2502992
- SSDEEP
  
  192:KmMYwiEWTMm6AMYyiLEOqmErWBlcP2/1G+M3DxFNeeaHvyhPQIs0KKdm7BPzTDj2:KP293yiLEO7AWkP2dVuKIt2Pza
Score

3^/10
behavioral17 behavioral18
- Target
  
  script.media.aggregator/context_get_sources.py
- Size
  
  390B
- MD5
  
  421ef20655da174e786179948e909a18
- SHA1
  
  1fec1a07de27bb45227a79384d8e95dc9d8122ca
- SHA256
  
  6ae4d6f8908cfc712ff8c9d36d849477845513a434ef08c085139c6db14761f2
- SHA512
  
  ca64558c9817cbf199a4fc81902ad82a0116ddf5a91c0954184be78eefbefd48ee8cce002443ddaeb3b3d2776bfbddb8d7137c39b9e15428228e70686e0a2d76
Score

3^/10
behavioral19 behavioral20
- Target
  
  script.media.aggregator/context_repair.py
- Size
  
  5KB
- MD5
  
  928d57c5d7cdcd9a219fc5d48bed3953
- SHA1
  
  545f7d1c692ca8d78dbbedb1842723426eb54a46
- SHA256
  
  03a36002769337a2586633496ae41ca675054de77594eaf1c0d432a6d10c829e
- SHA512
  
  7bd782f147d79d0a6b91fb3cd96507e91ee728190a6638dc2499d0ae2b507c92b105f33ee184459830aaa2a8ad4c6dd3ccfe1486fb43c134050d87d327627eba
- SSDEEP
  
  96:ZEV+sHJn7dtp7UF3kwTECS2KXvHkwEFmrCDBcRsNbxWBtXlouYhQ6louczLyh2qy:ZE8spn7dj740wYfNGF+6cOVyXlBYhQ6Y
Score

3^/10
behavioral21 behavioral22
- Target
  
  script.media.aggregator/context_search.py
- Size
  
  464B
- MD5
  
  55124731005cfb82179f4674c7074df5
- SHA1
  
  c5951f0e20a754a571d41dbe0db617b916c6fe39
- SHA256
  
  148826180c8d4aff55e846c31bfff85f7eb6e10e2f8a9e19aac2db04143dc6ae
- SHA512
  
  4fcd2f566403d37b4b64962fd1c99693a66e9bfa3bfd994c375b901de87de815e0e1971a135a36ad850e4efb2cb92b2c456105897816f731b78ab0d3f9fc833d
Score

3^/10
behavioral23 behavioral24
- Target
  
  script.media.aggregator/context_settings.py
- Size
  
  80B
- MD5
  
  567d354b2fab22d7697889834ef22e47
- SHA1
  
  eca7f60805d0214a34635c4fad299e809e289099
- SHA256
  
  e916f531fb732614ec70dc1f347eb74bf11414e7ea409ea6af8a3307359be902
- SHA512
  
  75a911aa0d223c32ee4f4f5fde0eb5aa66bb5545ff5864801762659563ed4bef90b505280f509e036b7151bcc5f66b01318458cf66aca8694ff96c98e45e6e61
Score

3^/10
behavioral25 behavioral26
- Target
  
  script.media.aggregator/context_show_similar.py
- Size
  
  1KB
- MD5
  
  0ab65d97948e75fe95504ed6fca49f52
- SHA1
  
  f3f30121637fc944acc98be48cc15214cd13ddde
- SHA256
  
  7dfa3272e22b5d4b60de04027dcc1deabc16232560a6e54b06e5577b59070376
- SHA512
  
  542292e9ca6636fcc6ed4adfd49f31e6468d2cf1e50ef0300a99c31402acbf579bad22226dea39c6f046080ba973a4494ec0b897c459f7dd24774690cd9ad4c3
Score

3^/10
behavioral27 behavioral28
- Target
  
  script.media.aggregator/context_united_search.py
- Size
  
  297B
- MD5
  
  73b63c55212eca45a07d67c25f163af4
- SHA1
  
  4c22558c9cbcb0459238bcd8ecfcd18914fd444b
- SHA256
  
  945d3153d6a94caf41a64103503ff17f7d814b94f37b8ebdc46cb6d40485f9f2
- SHA512
  
  12f47e34da53534a5bc6e8e69589fe639523f37fb4c3fd00a13a409db70349f8ef7b8056145a69dae857dfde7d4a0bcaa5be6f59d0809bea2dcd3e6300186a12
Score

3^/10
behavioral29 behavioral30
- Target
  
  script.media.aggregator/countries.py
- Size
  
  4KB
- MD5
  
  bd9beb398d8d4c36d3ccf7803897c3d4
- SHA1
  
  24679a19c2a66d2780ec79716c14c8eb2c2d31df
- SHA256
  
  92146083ee4b6e38ab3b18c506b196ecee0dce6417a231f827a120b743a09075
- SHA512
  
  37b37b7cf668c6c735fdce6a24317af1942583bed15475cb86f8f1389d562c9d020516b4bff0fae445d5a1875731624e8edb80c7e7a7fdade26e0bcf15b82a25
- SSDEEP
  
  96:YWiefRX4EIWSEhEwCGTGpEaEH2UracfqUzEJFX1ZzhkapmhqsQmmqXsmXpFR3BLH:YW6pWSQ1CE2PNUrdUXjRnsbRXFRgS/LX
Score

3^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Checks computer location settings

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32