Overview

overview

7

Static

static

7

f98dcdb4e8...18.exe

windows7-x64

7

f98dcdb4e8...18.exe

windows10-2004-x64

7

$PLUGINSDI...er.dll

windows7-x64

1

$PLUGINSDI...er.dll

windows10-2004-x64

1

$PLUGINSDI...dl.dll

windows7-x64

3

$PLUGINSDI...dl.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

DomaIQ.exe

windows7-x64

1

DomaIQ.exe

windows10-2004-x64

1

DomaIQ10.exe

windows7-x64

1

DomaIQ10.exe

windows10-2004-x64

1

OfferBroke...03.exe

windows7-x64

6

OfferBroke...03.exe

windows10-2004-x64

6

config.dll

windows7-x64

1

config.dll

windows10-2004-x64

1

routes.dll

windows7-x64

1

routes.dll

windows10-2004-x64

1

setup__120.exe

windows7-x64

7

setup__120.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    f98dcdb4e8828ac45c70fc8987e9808a_JaffaCakes118

  • Size

    1.1MB

  • Sample

    240419-fkqb5sad7t

  • MD5

    f98dcdb4e8828ac45c70fc8987e9808a

  • SHA1

    f05b3b7ab781a33b3fcc4ecf97fc20a40e4d7200

  • SHA256

    7898b6cc8fbb7bbb477e563fe950aafb0b36e8ffcd6c34ebc21f15b7802b40f0

  • SHA512

    8b6126a2eb58ab51cba5c1699e8c21bc7f1856761f9699279360a5059e2d1eaafdf5162cfda50c0918e7682aa9f6c36c3bfa9bd905480d0e5674eef0fe329084

  • SSDEEP

    24576:YFJDqRTJwr3rVrthcIF4gN8BoYU/qPYWSAClp:Q/vzhcI96tPYWcb

Score
7/10
evasiontrojanupx

Malware Config

Targets

    • Target

      f98dcdb4e8828ac45c70fc8987e9808a_JaffaCakes118

    • Size

      1.1MB

    • MD5

      f98dcdb4e8828ac45c70fc8987e9808a

    • SHA1

      f05b3b7ab781a33b3fcc4ecf97fc20a40e4d7200

    • SHA256

      7898b6cc8fbb7bbb477e563fe950aafb0b36e8ffcd6c34ebc21f15b7802b40f0

    • SHA512

      8b6126a2eb58ab51cba5c1699e8c21bc7f1856761f9699279360a5059e2d1eaafdf5162cfda50c0918e7682aa9f6c36c3bfa9bd905480d0e5674eef0fe329084

    • SSDEEP

      24576:YFJDqRTJwr3rVrthcIF4gN8BoYU/qPYWSAClp:Q/vzhcI96tPYWcb

    Score
    7/10

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

    • Target

      $PLUGINSDIR/Banner.dll

    • Size

      4KB

    • MD5

      0116a50101c4107a138a588d1e46fca5

    • SHA1

      b781dce23e828cf2b97306661c7dad250a6aaf77

    • SHA256

      ab80cf45070d936f0745f5e39b22e6e07ba90aa179b5ec4469ef6e2cb1b9ef6b

    • SHA512

      55de6aeaad05b01a25828553d3ea9f1b32a8b0c35c42dc6106bed244320e3421ec6a6f5359b15f9d18dd1e9692ca5572b2736d9d48cceb07b9443601d00a5988

    Score
    1/10
    behavioral3behavioral4

    • Target

      $PLUGINSDIR/NSISdl.dll

    • Size

      14KB

    • MD5

      a5f8399a743ab7f9c88c645c35b1ebb5

    • SHA1

      168f3c158913b0367bf79fa413357fbe97018191

    • SHA256

      dacc88a12d3ba438fdae3535dc7a5a1d389bce13adc993706424874a782e51c9

    • SHA512

      824e567f5211bf09c7912537c7836d761b0934207612808e9a191f980375c6a97383dbc6b4a7121c6b5f508cbfd7542a781d6b6b196ca24841f73892eec5e977

    • SSDEEP

      192:tUZTobBDJ68r67wmsvJI5ad9cXzFOVu+mZ/P3p+57CvpVqDxVp01Dwn2GRPgsfA:6Bo/680dCI5adOjFOg9//p27uNw2Go

    Score
    3/10
    behavioral5behavioral6

    • Target

      $PLUGINSDIR/System.dll

    • Size

      11KB

    • MD5

      c17103ae9072a06da581dec998343fc1

    • SHA1

      b72148c6bdfaada8b8c3f950e610ee7cf1da1f8d

    • SHA256

      dc58d8ad81cacb0c1ed72e33bff8f23ea40b5252b5bb55d393a0903e6819ae2f

    • SHA512

      d32a71aaef18e993f28096d536e41c4d016850721b31171513ce28bbd805a54fd290b7c3e9d935f72e676a1acfb4f0dcc89d95040a0dd29f2b6975855c18986f

    • SSDEEP

      192:7DKnJZCv6VmbJQC+tFiUdK7ckD4gRXKQx+LQ2CSF:7ViJrtFRdbmXK8+PCw

    Score
    3/10
    behavioral7behavioral8

    • Target

      DomaIQ.exe

    • Size

      342KB

    • MD5

      5e738ce64ecf55da1cd48802a7c71728

    • SHA1

      8059044cb6db8138d4ce859d547f3edf44a5ae8a

    • SHA256

      9cfcc4e9519052814724aef4a32d591690ebaa271a14b2d8e45d2857f035bec9

    • SHA512

      89ec8a90f2f61de55ae88fdc79ab32e8a74fcfa0ac9f5757de0fcb4e5629ac5c43707304ce09ba41f4547b9882d505725a4f357c0a9b916421de6d300c2c30f9

    • SSDEEP

      6144:bMxDCNU8UqzcgEoysbFKAw4OgmQi6Wudtw/AJu0LSpm:lW8UEcfFGhsQ7O/AJuJm

    Score
    1/10
    behavioral10behavioral9

    • Target

      DomaIQ10.exe

    • Size

      342KB

    • MD5

      fb89f7aec7eee5da3d46020e97dbd456

    • SHA1

      6139d0a11e839d6d8ebed7b705f066ce8d01b82c

    • SHA256

      708a36fb9ac327e54d7e38fd2ee663638a79067edd335526554aeee36ff71510

    • SHA512

      4a9d79d34f94ea7fd481b27d552d3f33fafead909b7b4d50b82a06eaa3f3ef1f66c48ab193b5004ff21f1c185fb9b01e94160a7983c1232094671e6629e69efa

    • SSDEEP

      6144:poErxU+fKdOfsCCobzIZ9f+GgoLG91wBQiUDP:zU+fPfv3XIZ9FBQhDP

    Score
    1/10
    behavioral11behavioral12

    • Target

      OfferBrokerage_14003.exe

    • Size

      918KB

    • MD5

      6c1b5c6c79e62be28ddcd9572a0fbef1

    • SHA1

      0bc4e3dcbfc8e1adde5a1e24b9daef181d4c155b

    • SHA256

      8513fec3155332e9bd899389078f5782a4bc9ab10c77261ec13081c176a3dbcd

    • SHA512

      5bb5c199f93b459f8b746fd86f61810730ca0d1dce71063d28b3c6733a31fe472ab06991b1f831ee4d6fccb078dba735545fae21acd8d368e46f4adca22a2e16

    • SSDEEP

      12288:MxDDECzvX7grLahW3dRWt7gdFN8tEW9oI9+fSRZfgWJKB60SECzYrSy2X0GNA0A/:Mnt7H9FnRZfle6HEHrSv6TMTTTyP

    Score
    6/10
    evasiontrojan
    behavioral13behavioral14

    • Target

      config.dll

    • Size

      28B

    • MD5

      2b04d41a99d21dedc2dd6d7de967309f

    • SHA1

      3c4ce2e5e375612fdd01f3930dd904f0a676cdb9

    • SHA256

      c4ec154f2f84395a300cf6b1be5471f8211b3e53ee1fb5cedc0f84cf4bb77146

    • SHA512

      e981df7183aa8dfc5887c90109d572236c595250197aea676ce7dfd19b584027945a9101ea4f30a69b44a59c54d681e1196211455b1bdaa8621a7b39b4e257e5

    Score
    1/10
    behavioral15behavioral16

    • Target

      routes.dll

    • Size

      257B

    • MD5

      8fc132d017671cb9f0322ef97411aed7

    • SHA1

      ec7587f1ce58736442912f1152fcc76c735eb26c

    • SHA256

      a5d0ce7bd7d4c43cb49c2a76ceef62fe78733c22ad6132da73a871f29aeb5280

    • SHA512

      2d5145b253ca05f3b28bb35dac53611cb7513b0502f01307cd47e592789abe85f68e6c8a312e5b319a34a0e10be6fb60b42cbf0b6084c43a07fdb96196192d37

    Score
    1/10
    behavioral17behavioral18

    • Target

      setup__120.exe

    • Size

      145KB

    • MD5

      a90dc54ac25bd460ae68b3b718ce8fce

    • SHA1

      b2738e14fd684925e46b726f099955a81de328b9

    • SHA256

      4900ca5c8763e510ab897d37df1d6621c7585a87720f8aa47c05c5b505a6759e

    • SHA512

      c289c94c2d4bca10e24e2d1225862209affb7e35fb2e24e4d3d173e43c966bbf696ae8b9db896ecca5178616cb7bd2de44bb1211e00003a049355fea09f119f5

    • SSDEEP

      3072:samWXrLYuX6Dg61CZTakdl+hVL2j0/VdRr4bdUPQHpWoIgGLXYsHMS9hq:saL7sd9vYl+byjcRr4A4pWor0XYtSG

    Score
    7/10
    upx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral19behavioral20

MITRE ATT&CK Enterprise v15

Tasks