9384258fd7b85a94f96d317280ddddbd46553b66545210745b83dece15290992

Sharing

Copy URL

Twitter E-mail

General

Target

Jello.jar
Size

74.0MB
Sample

240426-szd9msfd9x
MD5

5edaf374a8a0656ae1f7a7c1aae570fc
SHA1

2f36ec07b25086e4d6187e2e1fe0648fda047aea
SHA256

9384258fd7b85a94f96d317280ddddbd46553b66545210745b83dece15290992
SHA512

7f867cd3fe0b94cf4219e1a95f9c9c8e2127ccb24e0777e352376db49a1afa44e09ec6a1590c4c138f941cd7cda38d0e56439acca89dd1f7938c5ef4a3cfe28a
SSDEEP

1572864:KcxUMhc4kf79RK71VkrxUyoBFKwavxtRSBTyQRMWd0EDG:KcxUAkD9R8VkVCew+xtsIIMWd0EK

Score

7^/10

Malware Config

Targets

- Target
  
  com/sun/jna/linux-aarch64/libjnidispatch.so
- Size
  
  102KB
- MD5
  
  65fe1a58cee5e1b8480389c17c761765
- SHA1
  
  b738cd6cac0aee243edf4e8aae3eaf846f3d601f
- SHA256
  
  e38d9d053e8bf3be88050b40b1672d9f59c8df7d1ac54d9366b3382de39f541f
- SHA512
  
  d44149fd0d0e00958e1e0f93eee5b14adae70e6e7e5290a407979b6d2a820349645d0b25475c89b9049644089b9d543016cc238a7dab41f0e1357ddf489294d9
- SSDEEP
  
  1536:8dZHYrtzPR4kMlIvYz8+xEoGnZqK5bUcDUIrruRO7b7kQ0eccT+F28w3XGNjValN:2HYRzlhrHx73kXkvfp5bXHoZecba
Score

3^/10
behavioral1 behavioral2 behavioral3 behavioral4
- Target
  
  com/sun/jna/linux-arm/libjnidispatch.so
- Size
  
  104KB
- MD5
  
  61442d4a5025564cfaa5ce45edfd8140
- SHA1
  
  32e3827c02458cf54a60a3d0fd4591ad4235b060
- SHA256
  
  ba5ce0c7458d222217cb0281185ee5d6bc289e05285285337072362fd114949e
- SHA512
  
  87cf522a49dde68e35bcd67f01d7bdb104f33bf209c36692cc2d77b3d390ab6cae8dd6ccf2a12de325499f9f0ec0d75f58a3ac690afe85c5e9624bb8668f7abb
- SSDEEP
  
  1536:3XFUlvbd9ZqRG5iztcoGHch9GTI/Se6h5feVIEYVpX3EV14lVEsDl6:3X6d9ZqA5ykToS3h5yIEYsV14lasU
Score

3^/10
behavioral5
- Target
  
  com/sun/jna/linux-armel/libjnidispatch.so
- Size
  
  108KB
- MD5
  
  d82de066ba33e24a14d469d2696fefea
- SHA1
  
  8deaac189b208dc4000a2376dbfafb1ffc4d7886
- SHA256
  
  1ed7f4faa0e2e81d949a562c9df67ad97cdd32c4bd65b7bd6603cd2da75dca95
- SHA512
  
  bcedb4fb82c78c479ce1b8c979cc8f209febfe0d6d7b8bb34bf7ed8c24f090a1facc37cdfda412692ef8310239d44d5487df35cc1055c0da5ac9d346680e4807
- SSDEEP
  
  1536:hAd6t7PdTjffW9Ol4yglXLgie2qIkRhAGKe2cMEmV14lVEsm:hj5PLlgl7gIqnRhAGKetmV14lasm
Score

1^/10
behavioral6
- Target
  
  com/sun/jna/linux-ppc/libjnidispatch.so
- Size
  
  120KB
- MD5
  
  d729cb9fb13fa13d316cebf418635748
- SHA1
  
  2db92a3f5bb6a8134435c541cf164b0c9a4840db
- SHA256
  
  b214ec6f2ca15d47c73ae24c4ac9a4db1339a61586dc509f7ba641ebf123c0ee
- SHA512
  
  8f685209e6528d2aa6d26327319237122020fe45b007098c73be1405a427ba29b992d0f688706fa8a9a91dc9838ca2b580229a2437d9bcfe196c3e19e5e0573e
- SSDEEP
  
  1536:E3NQsEVLJvxfczrzBB3pd55jx36WtsGqAtCyALh1xaAratPJHfaUakL6wB/C1UnN:E3NhuLrabHBfBYxAfMnOikV14luskEA
Score

1^/10
behavioral10 behavioral7 behavioral8 behavioral9
- Target
  
  com/sun/jna/linux-ppc64le/libjnidispatch.so
- Size
  
  129KB
- MD5
  
  ada4fba90f068dae3c6db207fb58b50e
- SHA1
  
  3eeb0e27084dc73bcf28e610f2a10a5993858825
- SHA256
  
  40f4a05e84c9cdfcc52a3befef8d8f7780c09ffcfd401d5f710cf84731022bf6
- SHA512
  
  95211484358b0ec681b1495e5f6db03378ef1971e3b1fff0911250da2c1f5b79bbc697989eda7c3fe5816169055721c5919545ee9aab289b1fe33c2bce4dcc73
- SSDEEP
  
  3072:Di/Jp8TZwz9mKh18HmXf3FViC3W40vVYKQNDV1oZccyR+Sog+wq/+jKE:dNkPDiH4mMV1oZccZ
Score

3^/10
behavioral11 behavioral12 behavioral13 behavioral14
- Target
  
  com/sun/jna/linux-x86-64/libjnidispatch.so
- Size
  
  108KB
- MD5
  
  ca031cbc21dbe7783778463284aec0d3
- SHA1
  
  2ff0eb3ca44f1919e3ed389902529f9b6241c47c
- SHA256
  
  f682c339cef8c636b42f85c0fc623d1b088f1d2cf1c60aad3ad9ac306bff4552
- SHA512
  
  2135099ff6b22e354c208cce4c331c3ffb0ce7eb42caf65dfc52630b2ec925ae90943c2263cd45a0a10717c571fff44e75182bd0184c8a4b00abc74ac0bd49d0
- SSDEEP
  
  1536:1GVyqQzwFr0Bt6F3m51YAqcic1eZ4tl22RVyJOY0nV6YB6VWmFFb/uZJuaCfz7b4:1PqQz7f+2vYAsZJOTwVWmFFyZJuLfz4
Score

1^/10
behavioral15
- Target
  
  com/sun/jna/linux-x86/libjnidispatch.so
- Size
  
  103KB
- MD5
  
  d70f1b31c7acb4e8a7e0225363af1d3d
- SHA1
  
  f08bac3d9e535d2a41377212dea20cf8fe862193
- SHA256
  
  89da7c462d320daa68c34de11f90726713107a11044460db25be92f6b8916d7d
- SHA512
  
  48dd57d765af5dded164dba054a9a3b42cecd4b2cfeb69931e8d797812b95a4e7321c06a656dc3814bd887af8c91e319028b7baa9214b9037c00aabad101824e
- SSDEEP
  
  1536:tZ7vtXpXPZTF1T3xVAlAzxGLb/mrZU4y2q6Ox3lIrGGFFb/9JPR64:HvJjXF6QSDmrZUoO2GGFFZJ5P
Score

7^/10
- Deletes itself
- Enumerates running processes
  Discovers information about currently running processes on the system
behavioral16
- Target
  
  com/sun/jna/sunos-x86-64/libjnidispatch.so
- Size
  
  128KB
- MD5
  
  613edb39ca8138114cce0ce63d31b39a
- SHA1
  
  0c355b95ce52f15b1ba75d53078fabb3ad6ff380
- SHA256
  
  8599e9e10d2aa9d4d28c017c0d5517d3fa2fcb8524f2d4e655a4f4ef89284481
- SHA512
  
  5335424855cec383cc3a63cb605e2184b615d80b2c47f6ebef5bbe4ab69309c514b5a3536b8f4e42b2d065a0b4a61eddedab843808b361e0825f51eeb3c32acf
- SSDEEP
  
  1536:2KG9Qn9FLF5BIsv1DVB7e5AfD6craYi+hFzCCVlpyTYiKnuqYvb9fV:uQn9FLF5JVM5ygYfhNRoL
Score

1^/10
behavioral17
- Target
  
  com/sun/jna/win32-x86-64/jnidispatch.dll
- Size
  
  240KB
- MD5
  
  68bf293ed84fec43a17dbc830b6001c1
- SHA1
  
  e2841508e29f91c168c0a620c57cec387f681a6c
- SHA256
  
  19e394e5d7a64f1e5063043f6f8d23243db22ff87d67e9e930bd13f8b12bf275
- SHA512
  
  31679b608c01138c97dd0cb6692a00359e398623097650b72a8f4f2701955232657431df41dc3b1f5681de0c30ae6357d1d8343c6124532f2a067210bd1c9fb8
- SSDEEP
  
  6144:mGWyWK+wrp1cJakX7dHmLm6rj6vPhxnZKF13nMH32fHy0AXN3:mGW5PwNNrCPhNynMX
Score

1^/10
behavioral18 behavioral19
- Target
  
  com/sun/jna/win32-x86/jnidispatch.dll
- Size
  
  202KB
- MD5
  
  b5d228ec0995e645e6172e40fa6056d6
- SHA1
  
  608b01c2ca4ac56f656117b2e4b66575579fbeff
- SHA256
  
  3b25c00ce41d70c8d73f89b7e4bfac7e86883ba48ef44da0a408e1eed4bf9398
- SHA512
  
  5c4e61b90b9aaf2d8b2c3a8c4369147575ac7c051d057505527d4f2866e02c57284d587816a03a9d46c57801dcf2a7b2fd1a88364d9455544caf59a92bb4a066
- SSDEEP
  
  3072:TAKbz2PfmCGM7U565wvgFLyKZsoHlT93Akp/dJyVASY+l3B5ZmYzdWm7S:U3XcMQ5653LrHtSY+l3B53zd57S
Score

3^/10
behavioral20 behavioral21
- Target
  
  darwin/libdiscord-rpc.dylib
- Size
  
  254KB
- MD5
  
  beb3574192f4dbda488132c4d1371a1e
- SHA1
  
  de91e30e19fa59b5921cad4d00ed6d134581f6a0
- SHA256
  
  1c1eb77e9c58de106f410257217ebf8281b44876f3b072d3513dcb343e37340e
- SHA512
  
  e4c418775953ff3daeb725b5a7243a02384d53e61549d87c32b19e224e0bd7b57ed02b3c3a4b21a3d8732fa63eba8fc47a8770b6038035e551916f143177a362
- SSDEEP
  
  3072:LJiJGddtKrtA8bUHYtmbFooNfjABtvJQGkDFvUp2NrkJeIR6n6Dcd66654xArhBj:LJ2A8Iow+NS4J+pyDV1
Score

1^/10
behavioral22
- Target
  
  lib/libJTouchBar.dylib
- Size
  
  134KB
- MD5
  
  8162017b4b8423543d1557aa875c9dbb
- SHA1
  
  70c99d32bee45a8657a1ebe377468ee8d1582960
- SHA256
  
  828fb361293a9128210fa175b6bbd241ca467e2f1e34d17bcfb9ada6ec8fc32d
- SHA512
  
  27c0de273246330ccee412ea5b8775e779bdb336e1e180d1029812452a7c04805107a26e7bfb72af5c6d71ebf5accecca6d4ebc31bf3e8fc0f384dd93b194188
- SSDEEP
  
  1536:7blX0Qr5OjahlcLbOkUXvLUbWxx1anRtdpnjEtGw2qg3VmwlHM4:7ZX39Ojkcq/LUbqetDAtG+gQs
Score

4^/10

evasion
behavioral23
- Target
  
  lib/libJTouchBar.dylib.dSYM/Contents/Resources/DWARF/libJTouchBar.dylib
- Size
  
  827KB
- MD5
  
  d0a895cc19141bab337e2e152952271c
- SHA1
  
  e6488dc1d946cc99e8999af2c83c6bde98e72375
- SHA256
  
  10d8555f73d7e2f37597259b44c4b2930652724f4bc778e3e5ca7425e7bf46cb
- SHA512
  
  4920ee2457a81205c36971c52574fc3776ba543cbfde0492351650b307fcf24706d6f3960890463f5ac9f5ccd0b65d8f38bd89ba887d837bab1fa8880ec4f4a6
- SSDEEP
  
  12288:v86wi+N2JKxMMdgMkIXoTlG837lOLKalHK7jQl+NEq3u:E6kN2IxSGslPElHK7sl+Ne
Score

4^/10

evasion
behavioral24
- Target
  
  linux-x86-64/libdiscord-rpc.so
- Size
  
  645KB
- MD5
  
  430b21aca080a7552171e22bc7ce9767
- SHA1
  
  51e4d66a7591b776479f712f01dcb8571b0ad6fe
- SHA256
  
  ae74dde38496ca8c726c79e09f78b836047e779c80f8aabce52a857f31304d4b
- SHA512
  
  b9fdb3070bc210ac4cf1c7c1f440675282d900e996708070e214ce3eb8f50b72b3e30be25ca0bca4124fa91e620ae709b26092ad558e462d692bb010019a7501
- SSDEEP
  
  6144:weP2/FCUiwHLkSjaaG7KVOHuNyFuEqCzJ7x/ZOPvdhLCW/RPihSmafmItWlMuyIU:ILtjaaGuVOHyi1x43pRsAR
Score

1^/10
behavioral25
- Target
  
  win32-x86-64/discord-rpc.dll
- Size
  
  391KB
- MD5
  
  0fb548e59e41d3cc86e1e03d5ec4fba9
- SHA1
  
  0b9715d71ef16ca7ea9dda0bac6a3944cfa01955
- SHA256
  
  dc080eb3d14da1e68f952df526f0f6cd3a865a0f558d6b04a29599503fbf50da
- SHA512
  
  d77f318185e3fda3f7aa365bea4da6a6b903464d5cb5fcd6e3aed894ef5287e8a5108903eef4c194c747793828bc1f1dee2077fa5cbb462f7aec3be646cfa0a0
- SSDEEP
  
  6144:QbfZaRA2CfvxiavOFYq4Pj0AjnW3UJC0NdcvcxWuYpHRPTDpAMydmyDX:QbfZaRhCs14PS370o5pH576
Score

1^/10
behavioral26 behavioral27
- Target
  
  win32-x86/discord-rpc.dll
- Size
  
  300KB
- MD5
  
  55ae3c97c8dbc0164ad82a8bb53e358b
- SHA1
  
  16017a86e06545690279e9e5215ff13f3d532621
- SHA256
  
  3ade46bd17d6cd114b0e7f79f8a1e985b9221b92d897c28d32d659f032991bb1
- SHA512
  
  4b2e91f0d062691493c2e64d6b3b3907687037581d24210b59b2a5efc790d276f1034f6d28b7c039cd9f96f55676ee097db7fec43c0819e57e6122e3649a2c7f
- SSDEEP
  
  6144:h26NF2PAVBNzHKj/s8mVGbBnyvdo5Jw/5SrPVk8CylOv995IIwlPs:h26uPAtqjtmCn4WI/5SrPVk8CD95IIl
Score

1^/10
behavioral28 behavioral29

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

T1564

Resource Forking

T1564.009

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

Sharing

General

Malware Config

Targets

Deletes itself

Enumerates running processes

MITRE ATT&CK Matrix ATT&CK v13

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29