General

  • Target

    0652b1de5204c2f98711b3e476f4145a_JaffaCakes118

  • Size

    1.4MB

  • Sample

    240428-3ln7ssca58

  • MD5

    0652b1de5204c2f98711b3e476f4145a

  • SHA1

    9dfc2d597c8837ed60f92ae9568bb1a75b358674

  • SHA256

    163db73cda2074215bdf265b11cba2f0c27137e93ecfa74caeb7576542a60def

  • SHA512

    70a1e90e0587170681c68651e6d04d9051f244d284cdabe8b4aa4d3759e060a421f412ab449baf298d7b182503b0daffb040228d5f58638cef8bc6b431c3d4b1

  • SSDEEP

    24576:L2KqYz3utEROE3cvWt9xkAzb8cQlE++NHXYNoPfSG:pD/OKc4xXz6F+iNoCG

Score
7/10

Malware Config

Targets

    • Target

      0652b1de5204c2f98711b3e476f4145a_JaffaCakes118

    • Size

      1.4MB

    • MD5

      0652b1de5204c2f98711b3e476f4145a

    • SHA1

      9dfc2d597c8837ed60f92ae9568bb1a75b358674

    • SHA256

      163db73cda2074215bdf265b11cba2f0c27137e93ecfa74caeb7576542a60def

    • SHA512

      70a1e90e0587170681c68651e6d04d9051f244d284cdabe8b4aa4d3759e060a421f412ab449baf298d7b182503b0daffb040228d5f58638cef8bc6b431c3d4b1

    • SSDEEP

      24576:L2KqYz3utEROE3cvWt9xkAzb8cQlE++NHXYNoPfSG:pD/OKc4xXz6F+iNoCG

    Score
    7/10
    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Target

      $PLUGINSDIR/InvokeShellVerb.dll

    • Size

      4KB

    • MD5

      1a6e1ea7e90e50d9a18e034e7cde41a6

    • SHA1

      93148d67fc2cee4537f749a8c98a0735065241a8

    • SHA256

      2fddc8b8ab4bf4838ea374d25e4cb9e83362c3f1cb24f380137d14c814d56169

    • SHA512

      53d35e9e4a0d45a5b37da7952f7bf8c26666fa57748c3d292fd154e40a602f08ad55735cefe9bdf043e03e3eff3e58d603bd9980ef291b3c5f409228dd5ba872

    Score
    3/10
    • Target

      $PLUGINSDIR/MoreInfo.dll

    • Size

      7KB

    • MD5

      bd393029cc49b415b6c9aeb8a4936516

    • SHA1

      c67fd92fffd18941bed41bfd6ac4f3b04fd123df

    • SHA256

      227a4fc9408a44faa5eca608a974bd536814f97b8a4d28b4cac479727167b026

    • SHA512

      3bb8e5cf4bea7e8adaa62196e58fff9031f49fd4efa78e5bd3e4b9c4e9ba1523864567521793053595d90abec719761a5964ff3abe04b93b24d52e5ffa4c1f96

    • SSDEEP

      96:LEjAlUFPxXJugoImuaKbkBSEPTpsxKaVQ4Ad:gjAiFPxXJugoImJKQk8yxKaVVe

    Score
    3/10
    • Target

      $PLUGINSDIR/System.dll

    • Size

      11KB

    • MD5

      bf712f32249029466fa86756f5546950

    • SHA1

      75ac4dc4808ac148ddd78f6b89a51afbd4091c2e

    • SHA256

      7851cb12fa4131f1fee5de390d650ef65cac561279f1cfe70ad16cc9780210af

    • SHA512

      13f69959b28416e0b8811c962a49309dca3f048a165457051a28a3eb51377dcaf99a15e86d7eee8f867a9e25ecf8c44da370ac8f530eeae7b5252eaba64b96f4

    • SSDEEP

      192:0N2gQuUwXzioj4KALV2upWzVd7q1QDXEbBZ8KxHdGzyS/Kx:rJoiO8V2upW7vQjS/

    Score
    3/10
    • Target

      $PLUGINSDIR/UAC.dll

    • Size

      13KB

    • MD5

      a88baad3461d2e9928a15753b1d93fd7

    • SHA1

      bb826e35264968bbc3b981d8430ac55df1e6d4a6

    • SHA256

      c5ab2926c268257122d0342739e73573d7eeda34c861bc7a68a02cbc69bd41af

    • SHA512

      5edcf46680716930da7fd1a41b8b0426f057cf4becefb3ee84798ec8b449726afb822fb626c4942036a1ae3bb937184d1f71d0e45075abb5bf167f5d833df43a

    • SSDEEP

      192:qP6KdXy+Yo7e1J8qC25a5mDFmCLGUCVGpU6uNck87I0S/TDqwyTq+:q/q3Pgd5mx6VkEck87ILCTN

    Score
    3/10
    • Target

      $PLUGINSDIR/UserInfo.dll

    • Size

      4KB

    • MD5

      c7ce0e47c83525983fd2c4c9566b4aad

    • SHA1

      38b7ad7bb32ffae35540fce373b8a671878dc54e

    • SHA256

      6293408a5fa6d0f55f0a4d01528eb5b807ee9447a75a28b5986267475ebcd3ae

    • SHA512

      ee9f23ea5210f418d4c559628bbfb3a0f892440bcd5dc4c1901cb8e510078e4481ea8353b262795076a19055e70b88e08fee5fb7e8f35a6f49022096408df20e

    Score
    3/10
    • Target

      $PLUGINSDIR/ask_eula.rtf

    • Size

      167KB

    • MD5

      7bd45e3280288dda6fd602031e2066e8

    • SHA1

      db4d49155de06f6a10ae50c01c612e4d998547bf

    • SHA256

      4346de72fee6dbe8b74218d8d9550395bf7f26634eb026ff6359fa0f855e9a4d

    • SHA512

      a3a40b878d46531127a55550c807e6a17374d5d52bd645ba6b61fc0ae551d348247c4d4969c32e60b7bdad7ce1b3167f3d87b4eab2746ae305f182d4084c09d3

    • SSDEEP

      1536:ZZAZp31HamwWkLTX6sbKIJ8rqj5mXoArAp0blt5S2y4e4N:ZIp3haYl2to

    Score
    4/10
    • Target

      $PLUGINSDIR/nsArray.dll

    • Size

      6KB

    • MD5

      7fc4723bb0a4118e5f91047021d1aacd

    • SHA1

      092a321a21d802045105ecc8cd3c9d7d2c6da923

    • SHA256

      8f9bfeebfa3b070b116de61a63271b6c25af0dbb4bbfb4ae73e334d1f8517efd

    • SHA512

      1fe86533987ff1c4d446b231dc1ff2c3bbce224ae91b73ffead539f08740bfb06d2f40f1aedf0571106dc4e12eec27aa32018c2bf5361b7488c07b4d90800f02

    • SSDEEP

      192:EaNHOZqWdn+/a4YZkv1uULW1C4w2X2bM:EQudRQaYAU6hX

    Score
    7/10
    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Target

      $PLUGINSDIR/nsDialogs.dll

    • Size

      9KB

    • MD5

      4ccc4a742d4423f2f0ed744fd9c81f63

    • SHA1

      704f00a1acc327fd879cf75fc90d0b8f927c36bc

    • SHA256

      416133dd86c0dff6b0fcaf1f46dfe97fdc85b37f90effb2d369164a8f7e13ae6

    • SHA512

      790c5eb1f8b297e45054c855b66dfc18e9f3f1b1870559014dbefa3b9d5b6d33a993a9e089202e70f51a55d859b74e8605c6f633386fd9189b6f78941bf1bfdb

    • SSDEEP

      192:SbEunjqjIcESwFlioU3M0LLF/t8t9pKSfOi:SbESjFCw6oWPFl8jfOi

    Score
    3/10
    • Target

      $PLUGINSDIR/nsExec.dll

    • Size

      6KB

    • MD5

      132e6153717a7f9710dcea4536f364cd

    • SHA1

      e39bc82c7602e6dd0797115c2bd12e872a5fb2ab

    • SHA256

      d29afce2588d8dd7bb94c00ca91cac0e85b80ffa6b221f5ffcb83a2497228eb2

    • SHA512

      9aeb0b3051ce07fb9f03dfee7cea4a5e423425e48cb538173bd2a167817f867a30bd4d27d07875f27ca00031745b24547030b7f146660b049fa717590f1c77e1

    • SSDEEP

      96:M/SspqrIYxLPEQhThvov3TE4/2Sa5P9QFFYzOx4uF3sbSEI5LP39sQvM:M/QUG7lhvov36S5FcUjliSEI5LuQ

    Score
    3/10
    • Target

      $PLUGINSDIR/nsisXML.dll

    • Size

      11KB

    • MD5

      a2725e4d4d57d9d497e0a384d2884417

    • SHA1

      ee31ce04298964e5239368ca8fd7b3f1cda5d878

    • SHA256

      e8b26d9497bf1f3be386158f7f338fa03c0cad9c893a7e96a0200a438c1733c7

    • SHA512

      8d69e6bdd73a9845ba02917bd7f8e17e9a7a818348899d5ebb6e9055094c9b746550d6807c0412c2537a59b916b377aced3cf3932eb361d923816fd05866de99

    • SSDEEP

      96:z50nDR93puFU7aMlUzVaXYDNwIJ1uUgkWJozlfGa3CeOY3/wDQhmrjpcAWvPaSZm:l0n3h+4uaMzOi/EQO11WHaSWjp9ffbE

    Score
    3/10
    • Target

      $PLUGINSDIR/registry.dll

    • Size

      24KB

    • MD5

      2b7007ed0262ca02ef69d8990815cbeb

    • SHA1

      2eabe4f755213666dbbbde024a5235ddde02b47f

    • SHA256

      0b25b20f26de5d5bd795f934c70447112b4981343fcb2dfab3374a4018d28c2d

    • SHA512

      aa75ee59ca0b8530eb7298b74e5f334ae9d14129f603b285a3170b82103cfdcc175af8185317e6207142517769e69a24b34fcdf0f58ed50a4960cbe8c22a0aca

    • SSDEEP

      384:W2mvyNjH3rPnAZ4wu2QbnC7qB7PnrvScaeYA4CIDEge/QqL2AQ:/75w/OfrzB4CUxuQfA

    Score
    3/10
    • Target

      $R1/$_1_/Uninstall.exe

    • Size

      194KB

    • MD5

      a7c8756c56e5a841b91da9d02e769f36

    • SHA1

      2ac01ffff9f107f67c701c11a3c89506765689ce

    • SHA256

      63aca71fc4d483663571e7fd733747a9c7afc527aba7cf3b7ccbbe8292aafb69

    • SHA512

      45e224f1c64aa70af39e59f8e2a5ad500d4bf1f9fa9156b0a6626b7737a43237c84562519a5694fe6db3b9696457ab2774fe9bc8bde5fba85fa9612eede969fd

    • SSDEEP

      3072:i5BuYAVrgUCPnSA44444444444444444444444NoPAZ4444444444444yZ6NdraL:i50gUC6fPZ6NdGbOV1pZR4xjXiV2

    Score
    7/10
    • Executes dropped EXE

    • Loads dropped DLL

    • Target

      $PLUGINSDIR/System.dll

    • Size

      11KB

    • MD5

      bf712f32249029466fa86756f5546950

    • SHA1

      75ac4dc4808ac148ddd78f6b89a51afbd4091c2e

    • SHA256

      7851cb12fa4131f1fee5de390d650ef65cac561279f1cfe70ad16cc9780210af

    • SHA512

      13f69959b28416e0b8811c962a49309dca3f048a165457051a28a3eb51377dcaf99a15e86d7eee8f867a9e25ecf8c44da370ac8f530eeae7b5252eaba64b96f4

    • SSDEEP

      192:0N2gQuUwXzioj4KALV2upWzVd7q1QDXEbBZ8KxHdGzyS/Kx:rJoiO8V2upW7vQjS/

    Score
    3/10
    • Target

      $PLUGINSDIR/UAC.dll

    • Size

      13KB

    • MD5

      a88baad3461d2e9928a15753b1d93fd7

    • SHA1

      bb826e35264968bbc3b981d8430ac55df1e6d4a6

    • SHA256

      c5ab2926c268257122d0342739e73573d7eeda34c861bc7a68a02cbc69bd41af

    • SHA512

      5edcf46680716930da7fd1a41b8b0426f057cf4becefb3ee84798ec8b449726afb822fb626c4942036a1ae3bb937184d1f71d0e45075abb5bf167f5d833df43a

    • SSDEEP

      192:qP6KdXy+Yo7e1J8qC25a5mDFmCLGUCVGpU6uNck87I0S/TDqwyTq+:q/q3Pgd5mx6VkEck87ILCTN

    Score
    3/10
    • Target

      $PLUGINSDIR/nsDialogs.dll

    • Size

      9KB

    • MD5

      4ccc4a742d4423f2f0ed744fd9c81f63

    • SHA1

      704f00a1acc327fd879cf75fc90d0b8f927c36bc

    • SHA256

      416133dd86c0dff6b0fcaf1f46dfe97fdc85b37f90effb2d369164a8f7e13ae6

    • SHA512

      790c5eb1f8b297e45054c855b66dfc18e9f3f1b1870559014dbefa3b9d5b6d33a993a9e089202e70f51a55d859b74e8605c6f633386fd9189b6f78941bf1bfdb

    • SSDEEP

      192:SbEunjqjIcESwFlioU3M0LLF/t8t9pKSfOi:SbESjFCw6oWPFl8jfOi

    Score
    3/10

MITRE ATT&CK Enterprise v15

Tasks

static1

upx
Score
7/10

behavioral1

spywarestealer
Score
7/10

behavioral2

spywarestealer
Score
7/10

behavioral3

Score
3/10

behavioral4

Score
3/10

behavioral5

Score
3/10

behavioral6

Score
3/10

behavioral7

Score
3/10

behavioral8

Score
3/10

behavioral9

Score
3/10

behavioral10

Score
3/10

behavioral11

Score
3/10

behavioral12

Score
3/10

behavioral13

Score
4/10

behavioral14

Score
1/10

behavioral15

upx
Score
7/10

behavioral16

upx
Score
7/10

behavioral17

Score
3/10

behavioral18

Score
3/10

behavioral19

Score
3/10

behavioral20

Score
3/10

behavioral21

Score
3/10

behavioral22

Score
3/10

behavioral23

Score
3/10

behavioral24

Score
3/10

behavioral25

Score
7/10

behavioral26

Score
7/10

behavioral27

Score
3/10

behavioral28

Score
3/10

behavioral29

Score
3/10

behavioral30

Score
3/10

behavioral31

Score
3/10

behavioral32

Score
3/10