Overview

overview

7

Static

static

7

setup.exe

windows7-x64

7

setup.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

Easy_Burning.exe

windows7-x64

7

Easy_Burning.exe

windows10-2004-x64

7

Uninst Eas...ng.exe

windows7-x64

7

Uninst Eas...ng.exe

windows10-2004-x64

7

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

VisualISO.exe

windows7-x64

3

VisualISO.exe

windows10-2004-x64

3

cdrecord.exe

windows7-x64

7

cdrecord.exe

windows10-2004-x64

7

check_file.exe

windows7-x64

7

check_file.exe

windows10-2004-x64

7

compare.exe

windows7-x64

1

compare.exe

windows10-2004-x64

1

cygwin1.dll

windows7-x64

7

cygwin1.dll

windows10-2004-x64

7

info.html

windows7-x64

1

info.html

windows10-2004-x64

1

language.exe

windows7-x64

7

language.exe

windows10-2004-x64

7

mkisofs.exe

windows7-x64

7

mkisofs.exe

windows10-2004-x64

7

problem.pdf

windows7-x64

1

problem.pdf

windows10-2004-x64

1

sh.exe

windows7-x64

7

sh.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f8cf104087e0379599cdcc28cc8baa04_JaffaCakes118

  • Size

    1.5MB

  • Sample

    240418-1lhnxaff53

  • MD5

    f8cf104087e0379599cdcc28cc8baa04

  • SHA1

    4060dc796bb80862651fdbf90fdb33f30293125a

  • SHA256

    965616976ed28bffd24f8316ba6bad5d6008dc511c757643f038bc6c57c37e2b

  • SHA512

    5da8d36b3dde390db4c9caac5a3ca9dab4da3c6c9a00d4973a57ac97113252d18da0cc164ca636d41ccb6145599f3c35779648d2382c5fea850985f173a4f9a3

  • SSDEEP

    24576:C0r1fFj4TFh6+K8UTps4E2F/fgAXxcN0LJey60dU4z2N3lAOEIST29QrVpS7N/nX:Dr1tcTp4XgABcf6dUx3lbE32KhpkN/nX

Score
7/10
linkpdfupx

Malware Config

Targets

    • Target

      setup.exe

    • Size

      1.5MB

    • MD5

      0878e6d9ef048ec2fa1242f41efcbd23

    • SHA1

      df2eec2f03a400d6af63083ff87554ccbb4b7c1c

    • SHA256

      3b85494d6061fd5776aaebe6ed3d9279db2e54b32d2732cf7d0142fe625f5668

    • SHA512

      55197a346c3a0d17fb69425b3f263a7f20c21a00868f509a79170b7ff20d3ad7625b4ee79a8af8f0f3182c34034b008d50a07a2b98566720a72f318f0e531611

    • SSDEEP

      24576:2dxGJlyasqigby7xut7UgXxGzsHtRxGDRGCs6MaPJ+M6+dhp5l9TfgSodpkLlDu9:iwyasqtYxC4gBGzqGDse54M6u5nmrkLE

    Score
    7/10
    upx

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

    • Target

      $PLUGINSDIR/InstallOptions.dll

    • Size

      12KB

    • MD5

      43ba71f370a45aebcde86d76b83b208c

    • SHA1

      1f14e3c253a5b7255b617084b45e51ef9d6717e4

    • SHA256

      6d0a19614efb523f78477429df04b71459ee69b3d16231798dcfa539b3d2a64c

    • SHA512

      36aaf1ccb7c1085ba9fbacbad6c1505c9e389be5e9bd52ee7046b48302b8239d6e34dfeeb32a2708c4fb7d5a85c1d202fbdabcdd6a2cced0099249640443b551

    • SSDEEP

      384:0Klm7i+c3QW6ckPhyDEaLnz2bbBBIXwZ:hqi8BcyhEhL6bbTI

    Score
    3/10
    behavioral3behavioral4

    • Target

      $PLUGINSDIR/LangDLL.dll

    • Size

      5KB

    • MD5

      4551aee5b604f7a4fdeb95dc1364adaa

    • SHA1

      e6aa9b8072351b098a6b777616f4e949051dfc01

    • SHA256

      e90123bb975b4d9a79efcf9e84f849d9de1c9a564f62197092e7f7ad718578d3

    • SHA512

      0be8829d33af093b9bc6b5d6ee1506656b9fe513f518e1922804e93b59e3c5832f8ae78fa79fb095da5630765949af812cd7d88e2b42daed0150e5798abc9445

    • SSDEEP

      48:SHZNPtcWCeM7etAo1UurdGl4A0h2TpXHWFv+wewzpv1XP3GhaEJwVof2ynh1:qN1cWxfzrrh2cFvWwFtSic

    Score
    3/10
    behavioral5behavioral6

    • Target

      Easy_Burning.exe

    • Size

      347KB

    • MD5

      64e404d143c2c47cc27ebdb2cd632ace

    • SHA1

      4dee8a695cc50ea4cf4c10148a8dab12a776ed54

    • SHA256

      448e6303f29088335f2c50d6f6a0b583b2d5ab3f01ab4771bbba54a118c20ebe

    • SHA512

      23ffdbf7ec5eb3e85484c14f5b8c43c85a94dbd89a8cbfb70618f1e869faa10a5916522d54b7fc39f310ee1f57a01e30e52aa6c799b0bd5807132b34b3eb6a41

    • SSDEEP

      6144:DxohjoZA/KCy9zCefDNFOJYRkskjz968NNuzTvoyWfey8PHSG0eQiXI7u:FOjX+9zCCtvqzxNwOfeyYHS6QCku

    Score
    7/10
    upx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral7behavioral8

    • Target

      Uninst Easy_Burning.exe

    • Size

      47KB

    • MD5

      60a7fa390d2b6061c309b0c8b4d95120

    • SHA1

      e2094b3d416bc66ac78198ada11fffc36f8c74e7

    • SHA256

      0832fda513aacf4f8c83c273572ba81b7f9b2f7146d5f53c6f6b5062b66bb8cf

    • SHA512

      c8294865f28e978a6850a895594df476227c57471aff11bc14233d03c7d09c491ecbf2f3d7d17506c80768c5abe23bc29632362c70aac5c532a63d1a08fd4984

    • SSDEEP

      768:pzXMDQjSd6UYmZa2qG4SRG9S9syxlI+zJRnfAm6kRRH2iZxUgejgN71J+gyWfojX:pL4Q2E+ZaSRG89tlDTAeLnUgggB1JDyr

    Score
    7/10
    upx

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral10behavioral9

    • Target

      $PLUGINSDIR/LangDLL.dll

    • Size

      5KB

    • MD5

      4551aee5b604f7a4fdeb95dc1364adaa

    • SHA1

      e6aa9b8072351b098a6b777616f4e949051dfc01

    • SHA256

      e90123bb975b4d9a79efcf9e84f849d9de1c9a564f62197092e7f7ad718578d3

    • SHA512

      0be8829d33af093b9bc6b5d6ee1506656b9fe513f518e1922804e93b59e3c5832f8ae78fa79fb095da5630765949af812cd7d88e2b42daed0150e5798abc9445

    • SSDEEP

      48:SHZNPtcWCeM7etAo1UurdGl4A0h2TpXHWFv+wewzpv1XP3GhaEJwVof2ynh1:qN1cWxfzrrh2cFvWwFtSic

    Score
    3/10
    behavioral11behavioral12

    • Target

      VisualISO.exe

    • Size

      564KB

    • MD5

      2246d1b3a790fe9e83140be0af0832a4

    • SHA1

      2ee99ce70802f22306de80115529a2e0d49f5cfb

    • SHA256

      9e5380042b2de563155ff173ed0ad14bc41744760190ad76b204d637e9276c2b

    • SHA512

      e7d3450bd67a16dfe38a881fa91ec010322ca2aff2d7806e09fb15ec7faac2747c4d48a56f1f0aafaa8266e26056d56aa42d523dba56a317d5a9bafa435bb505

    • SSDEEP

      6144:M5rF2vS/LbHmrWKdcLd55ligBvof2MapKND50f5wOjQ79pni0BKWIOUtm:erkazbHmrWKdWrligQ+MY4DSDU79Ud

    Score
    3/10
    behavioral13behavioral14

    • Target

      cdrecord.exe

    • Size

      134KB

    • MD5

      597e917a40119d09cc5c68c5a9fc920a

    • SHA1

      c9aa9498ccf4ff9b52c28f367a7f927ba7df9f88

    • SHA256

      8da95200d274b49e7fa51da24d3896db9f899e1e02f4accc2b99837a033632d8

    • SHA512

      3204d03d0a17bc9b6d49fcd1fe30ded59fe5cc0bf4e16cacf6cee1847a6fd2f1cfd299cffeaa2b807ba14c9677ced0581dcfa4fce21cf98ba5966a42c08373f0

    • SSDEEP

      3072:NaSsjz4X5TsG/OGJtNZPjcbZKPQk0aum8iJ2/GNbCYJBExyWcUi+:Ntsjz4JmGTAEoBaum8iUGN3jLJ

    Score
    7/10
    upx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral15behavioral16

    • Target

      check_file.exe

    • Size

      32KB

    • MD5

      4045ecfd57ef826f0167adf24969905e

    • SHA1

      f4fccbc0cf57bf80725147e8836f9f8cd275bc09

    • SHA256

      ea16576bb8984f290710e9c6c86e8027fbdf5cf8c3dba6221083cb8c04e0703c

    • SHA512

      09f6cffe7c07b78a05f9eaae79ffb875e8c310b213e92dce40d280d3e87dde316e0fd871a4fa263389be0d0413d2a75d2767c1b8a34c2bd7616d3a6c3b336de7

    • SSDEEP

      768:5c96lDFrqDB1tXlyhfYCfn5lBjtgyqvGI3SnCZY7h:5Ts1WtjDh

    Score
    7/10
    upx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral17behavioral18

    • Target

      compare.exe

    • Size

      34KB

    • MD5

      96b245d8c6c70fea363e0e4a87fb145b

    • SHA1

      6d616837874bf22a07f153f452ffc5824321793e

    • SHA256

      33e06417b5a2805a3d351bdeb0201f9144e6b5a4839505b9adc0091b06fc35c3

    • SHA512

      067912642d670c95258f7933fb2f8d3a129c87bbaf35495ebf7f5d4674150a253c6d09c860ed82928c4ddbf128c86821536d72ec55e6425b66bf6aa721ca5d45

    • SSDEEP

      768:lkm6ESI8Cfq3SnyygzW8iXDaa9gvqZ7c0PQKg4Q6qqr:B5QIyyghdM7rQ/4Q8

    Score
    1/10
    behavioral19behavioral20

    • Target

      cygwin1.dll

    • Size

      500KB

    • MD5

      405424a7869cf6a03fdc50871bd1fd42

    • SHA1

      197b549de251578c4a8f57f80fc45c87149b0836

    • SHA256

      9f04175a6f348948783ef9200d78fbbc8b82a904ce6980d8349284d1e011f495

    • SHA512

      a5677204bc2eea54c64593dc3849e4de924128b486ace9e142e1bf18fcaa694fdf8c38597585b442659fab8461e6158aba4fabd4b073d45eb0e565e5983ad324

    • SSDEEP

      12288:jWhhoRJLk0u0b+e7JtNkUlEDeS4Xa6p2e0mYPTb:qSRm0u0b+oDl9Xa6I1mYPTb

    Score
    7/10
    upx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral21behavioral22

    • Target

      info.html

    • Size

      471B

    • MD5

      e60bd8d5ff084d5739f28418890c0dc8

    • SHA1

      c10314d1ee9c9cc6835344784610c1a8ec4ec473

    • SHA256

      7ccef586a1398f5bd6d4842b94ab4286c16aec9dae528608df83fbfa24b67960

    • SHA512

      4b081fbc018e70953cd4c51e2eb282c9485533f31c37d69af20c7e0707963bfb8f4416898bf560ec07660a3bafc4067b0f2ddb15f00e36519bdf7445c2354fb7

    Score
    1/10
    behavioral23behavioral24

    • Target

      language.exe

    • Size

      17KB

    • MD5

      f86216cbacd08faf26a22d70b5c4dbca

    • SHA1

      1128d34e766a8ae71b6f2a940cc5743050132d9b

    • SHA256

      d085ee6bdb1e650f0f9aa10441ef370e4313d5557bdeaaaa808d11ba1ffd7cf4

    • SHA512

      b9cb61268b246b46cea9eed88ebb49d92fb593be1f510c92008832b1c97acf73e2625da167793800fa7de70c100368a4acadce6c6347737aefb8bce88cb84648

    • SSDEEP

      384:W/x+UMwCEUE4W8Ww3zxg3fCv3c/axk31vkXteWayMizxB2Pe8K:WcU9encw9+6s+9eWayMiz+P

    Score
    7/10
    upx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral25behavioral26

    • Target

      mkisofs.exe

    • Size

      125KB

    • MD5

      14a0f190d9872e9de65a7107e5dbc1c8

    • SHA1

      f5df2fdf26c04759cff864c8df6db575c50d8574

    • SHA256

      5fa3b5257f654a16c8cfe724e8f34f69c48dd632d8f103c34ad97e28dd395f52

    • SHA512

      47f0f54f26a33e4f636716f2a632f3b63901f8fac912911c552ab86e49959026780c39f1e1ba8617a3744351fe86947b0495a1325ac5f2008dccaded81353ca0

    • SSDEEP

      3072:i5yTsuMdqzSYK3Et99foXoidWdlrw2DmFGGrdU:iUr2YK3Et9hgoiUlmcmi

    Score
    7/10
    upx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral27behavioral28

    • Target

      problem.pdf

    • Size

      6KB

    • MD5

      992c39d1f34365f56d8893d6dc083a3b

    • SHA1

      79a758dd8d1564ea275ae7fc0a7f776b2faa868d

    • SHA256

      3be2e406ecb6df8e673ad9cdea5a2c88bd0563f4e091cce8252b6c713ed52987

    • SHA512

      c9ab365079aa697b538b6f1655bac8b04de3bb029d2fe0f4da3acbaecc6aa159002b7f580b2ae79997cd58c4471744a096ab143de28fd83d185604d09b713ce6

    • SSDEEP

      192:+TNfT8QlZvY6paNEusp2W0b28/PLHBqYFaaSHVVKvDG:+JfAQl+DsghLh1jS6G

    Score
    1/10
    behavioral29behavioral30

    • Target

      sh.exe

    • Size

      35KB

    • MD5

      94d3d0b7399e8b81cab3d3faa85439fe

    • SHA1

      5fce092dde64b5310a98692273dd94b32fae6301

    • SHA256

      006a333cb4b268d798259fe79b8ba98eee854f02ca5fbaa4c8e3528f74f4a1a5

    • SHA512

      9b2ac3493c7f5aca682a0ebc5000df6315c447055d1cf41a8239437644e3f7863514d40c7c7525e2dbc6484bd4a5f96747f18622fb5d47112c92b7ad2a3368dd

    • SSDEEP

      768:WPbepWiys98ePTn1COW6Rni4FpOqVytqJ3kmkpL28:WPbeph8G15WmF6YJ38LJ

    Score
    7/10
    upx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral31behavioral32

MITRE ATT&CK Enterprise v15

Tasks

static1

pdflinkupx
Score
7/10

behavioral1

upx
Score
7/10

behavioral2

upx
Score
7/10

behavioral3

Score
3/10

behavioral4

Score
3/10

behavioral5

Score
3/10

behavioral6

Score
3/10

behavioral7

upx
Score
7/10

behavioral8

upx
Score
7/10

behavioral9

upx
Score
7/10

behavioral10

upx
Score
7/10

behavioral11

Score
3/10

behavioral12

Score
3/10

behavioral13

Score
3/10

behavioral14

Score
3/10

behavioral15

upx
Score
7/10

behavioral16

upx
Score
7/10

behavioral17

upx
Score
7/10

behavioral18

upx
Score
7/10

behavioral19

Score
1/10

behavioral20

Score
1/10

behavioral21

upx
Score
7/10

behavioral22

upx
Score
7/10

behavioral23

Score
1/10

behavioral24

Score
1/10

behavioral25

upx
Score
7/10

behavioral26

upx
Score
7/10

behavioral27

upx
Score
7/10

behavioral28

upx
Score
7/10

behavioral29

Score
1/10

behavioral30

Score
1/10

behavioral31

upx
Score
7/10

behavioral32

upx
Score
7/10