General

  • Target

    f20cc30308fcc08ca4d868479358af7e_JaffaCakes118

  • Size

    470KB

  • Sample

    240415-155yjsbg6y

  • MD5

    f20cc30308fcc08ca4d868479358af7e

  • SHA1

    5dcc5ce726c76b53648757b92fff5444f6a3c415

  • SHA256

    de67798965cc3ecf5b4ca5f8a6e64ce5f852276716e173dcc50febffbbff3d41

  • SHA512

    93ae6d62ffb5cce7cba97be3fb56a0623aecf49ea8d8c4780d980d7b254ad89b1cc5e28d24312ff890dc7116bc7d00b77bf07d063fafb49ac82a38d1ba16c5e6

  • SSDEEP

    12288:FkdPzFi0q43amIzmxzITNO2ERSilJzLt51Pi:FKPzO4smxIpOm2Ra

Malware Config

Targets

    • Target

      f20cc30308fcc08ca4d868479358af7e_JaffaCakes118

    • Size

      470KB

    • MD5

      f20cc30308fcc08ca4d868479358af7e

    • SHA1

      5dcc5ce726c76b53648757b92fff5444f6a3c415

    • SHA256

      de67798965cc3ecf5b4ca5f8a6e64ce5f852276716e173dcc50febffbbff3d41

    • SHA512

      93ae6d62ffb5cce7cba97be3fb56a0623aecf49ea8d8c4780d980d7b254ad89b1cc5e28d24312ff890dc7116bc7d00b77bf07d063fafb49ac82a38d1ba16c5e6

    • SSDEEP

      12288:FkdPzFi0q43amIzmxzITNO2ERSilJzLt51Pi:FKPzO4smxIpOm2Ra

    Score
    7/10
    • Loads dropped DLL

    • Target

      $PLUGINSDIR/InstallOptions.dll

    • Size

      14KB

    • MD5

      325b008aec81e5aaa57096f05d4212b5

    • SHA1

      27a2d89747a20305b6518438eff5b9f57f7df5c3

    • SHA256

      c9cd5c9609e70005926ae5171726a4142ffbcccc771d307efcd195dafc1e6b4b

    • SHA512

      18362b3aee529a27e85cc087627ecf6e2d21196d725f499c4a185cb3a380999f43ff1833a8ebec3f5ba1d3a113ef83185770e663854121f2d8b885790115afdf

    • SSDEEP

      192:86d+dHXLHQOPiY53uiUdigyU+WsPdc/A1A+2jwK72dwF7dBEnbok:86UdHXcIiY535zBt2jw+BEnbo

    Score
    3/10
    • Target

      $PLUGINSDIR/LangDLL.dll

    • Size

      5KB

    • MD5

      9384f4007c492d4fa040924f31c00166

    • SHA1

      aba37faef30d7c445584c688a0b5638f5db31c7b

    • SHA256

      60a964095af1be79f6a99b22212fefe2d16f5a0afd7e707d14394e4143e3f4f5

    • SHA512

      68f158887e24302673227adffc688fd3edabf097d7f5410f983e06c6b9c7344ca1d8a45c7fa05553adcc5987993df3a298763477168d4842e554c4eb93b9aaaf

    • SSDEEP

      48:iV6pAvmNC6iMPUptxEZK65x/AmvycNSmwVsOYJyvrpXptp/JvR0Jlof5d2:2811GED5ZTvycNSmwVsTJuftpZR0Sd2

    Score
    3/10
    • Target

      $PLUGINSDIR/System.dll

    • Size

      11KB

    • MD5

      c17103ae9072a06da581dec998343fc1

    • SHA1

      b72148c6bdfaada8b8c3f950e610ee7cf1da1f8d

    • SHA256

      dc58d8ad81cacb0c1ed72e33bff8f23ea40b5252b5bb55d393a0903e6819ae2f

    • SHA512

      d32a71aaef18e993f28096d536e41c4d016850721b31171513ce28bbd805a54fd290b7c3e9d935f72e676a1acfb4f0dcc89d95040a0dd29f2b6975855c18986f

    • SSDEEP

      192:7DKnJZCv6VmbJQC+tFiUdK7ckD4gRXKQx+LQ2CSF:7ViJrtFRdbmXK8+PCw

    Score
    3/10
    • Target

      32/npbhp.dll

    • Size

      106KB

    • MD5

      622a6b345ea8547565910499c97c6ec7

    • SHA1

      cfbb2e775cb84f15ac3716933a012056683c448c

    • SHA256

      b58022dc414732a10a543507d25ddd488918fa0449ce0c0620b2b41f78a6851b

    • SHA512

      cdb62ee56dcaad2a7fb48ec0901759f595513320a0ef670ec4abf8fa266985d2385ab3668d033fca07ae2b8eb47a6bd8181e433ef7d09ef0712fcadfc0266c91

    • SSDEEP

      3072:6oXOh1F/H1cO/nTb505nl5SNk1ViLDcoZr:HXgH/VcAnTb501lViLAq

    Score
    6/10
    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

    • Target

      32/npinstaller.exe

    • Size

      76KB

    • MD5

      53a213808e49bb6c8dd1794988bf2014

    • SHA1

      165b8ea84a694f76ababb81f8a5ca08ded44d44a

    • SHA256

      07a24103b82f59832364d44252e9ab924f786c2c9fa9dae3964b281ca990c334

    • SHA512

      0faa2e5459ea0e42441902939c5647454dc70fcedae1396b4b0060e414412fe2c4f4c0f57497b561a7f48129cf160a0e8008db171f9c12c0d5836adb82243057

    • SSDEEP

      1536:VPFJvWOCzfOvcjRom6/LC//R7kyvMLGx5efsoVBMFCNO:VFJWl6mMLCmLGx5efseKFCNO

    Score
    1/10
    • Target

      32/npup.dll

    • Size

      161KB

    • MD5

      f995080c875abcc7d94c1a8d38cfc799

    • SHA1

      a332673a388a441305658bbfad03dd7c43aaff5a

    • SHA256

      2d0fc7211fa6415230b74c8fc2812135462d3218653421f8e216b8af272a832f

    • SHA512

      d722e7cf234103c1a4b2637ea2c3ddc8fc6d2500f5817267f57319087ac2e08a7f04db41195fc0313a873a1f4a14de89a0613831374a1589341f4eb16de466b8

    • SSDEEP

      3072:BrSzI5lpeb01sRrktpLHO8bhPXAgnca5u9obVY/:RCmlG1ktprO8hXAx9obVY/

    Score
    1/10
    • Target

      64/npbhp.dll

    • Size

      134KB

    • MD5

      d4d147ec79f59dc395e5a47ece7a13ce

    • SHA1

      e74912f20b61b76e4a9b08029bce5fe50feea3e6

    • SHA256

      cea4c8f63c843277acec7c3f9ecb940592ff0d27157ad36b9a26ed1294e18d50

    • SHA512

      e95904763608ab68759b3e497dfde6b5d95e056f50e9aeec99be3aa5cb809441e31feafc0eb85115501efa015ca56584804784dd4018a0ce71ccdb81b4d41d7f

    • SSDEEP

      3072:cjzANWk/88RC4lqvb0rMp+6NmqaQqNmIx5OdXKeDMayDmd:cvANB/FRC4g0rMsNTDeDMK

    • Registers COM server for autorun

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

    • Target

      64/npinstaller.exe

    • Size

      83KB

    • MD5

      b007814e55348fe2c4139bd5c3686948

    • SHA1

      e0cda8ba0e31584e7b9f626dcf87ad8f9ee53066

    • SHA256

      722329a37581d13b9babacff845d3777ea27239b66bdbbbc8a6f4e2e36814dc9

    • SHA512

      f36b86ff58dfa6c8222a4dc98547d64e9e0ffbd25b5c7ce899db0cdf75b56a28e1a6fd27f061e65995b2a8affbb5b215c9922598216b673ba7dccd6b9c39427a

    • SSDEEP

      1536:FhcU1PZ5F3o4Pv0rRIumOitlU+zHlCJJ5WGGe9VSn+gZoF3M53rzfAoVBMFp:vXZ34f1IuEtlU+OpG0VMm+53rzfAeKFp

    Score
    1/10
    • Target

      64/npup.dll

    • Size

      209KB

    • MD5

      dd0e1268ae634da072daf25f7721c3ae

    • SHA1

      bf4d5c3c1ccd9884a62209a1225d58875080339c

    • SHA256

      737dc617a4240219de645e571cea04f8df5a6fce511c3b6c6d72087f44ab8751

    • SHA512

      aea669f63d6940384fc06d4b5db446b7709e61a1b7759dba18f16b9eb7bf61c9f70f3592a00d43333bcdc28aecaec1b3e01545aa12520153be156c6ceff72676

    • SSDEEP

      6144:RfVRngUermoI55UmtRl8qs/ZITrkAeS0LVudJnQY:RdR7pHtRldTrpFNQ

    Score
    1/10

MITRE ATT&CK Enterprise v15

Tasks