dbdc4bbf70c2c98f63488758b63677bee47f87423efddab8b550b386a946355f

Sharing

Copy URL

Twitter E-mail

General

Target

05b2e446b87dad61177d560c91d612b7_JaffaCakes118
Size

1.5MB
Sample

240428-vykfdada4t
MD5

05b2e446b87dad61177d560c91d612b7
SHA1

097fa15ac7dfea88430bfef9795241c77a3eb50b
SHA256

dbdc4bbf70c2c98f63488758b63677bee47f87423efddab8b550b386a946355f
SHA512

53b9170023eb6fd6bc214e25f866346c350d3e2115ea965ceb8d6df910babb938afbc670946b24212cb4dd569f4209b8f0c91d3bec4d7580d4fe6827dca30246
SSDEEP

24576:qgJJGasR9FOUlzblRNw/s6v09dLcAScJ5gloPTHyXCJJuYlt2N30Vk72+NVmDk:PJJZglFRN7T9dLcASW7Tc2+NVmDk

Score

7^/10

Malware Config

Targets

- Target
  
  05b2e446b87dad61177d560c91d612b7_JaffaCakes118
- Size
  
  1.5MB
- MD5
  
  05b2e446b87dad61177d560c91d612b7
- SHA1
  
  097fa15ac7dfea88430bfef9795241c77a3eb50b
- SHA256
  
  dbdc4bbf70c2c98f63488758b63677bee47f87423efddab8b550b386a946355f
- SHA512
  
  53b9170023eb6fd6bc214e25f866346c350d3e2115ea965ceb8d6df910babb938afbc670946b24212cb4dd569f4209b8f0c91d3bec4d7580d4fe6827dca30246
- SSDEEP
  
  24576:qgJJGasR9FOUlzblRNw/s6v09dLcAScJ5gloPTHyXCJJuYlt2N30Vk72+NVmDk:PJJZglFRN7T9dLcASW7Tc2+NVmDk
Score

7^/10

spyware stealer
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/InvokeShellVerb.dll
- Size
  
  4KB
- MD5
  
  1a6e1ea7e90e50d9a18e034e7cde41a6
- SHA1
  
  93148d67fc2cee4537f749a8c98a0735065241a8
- SHA256
  
  2fddc8b8ab4bf4838ea374d25e4cb9e83362c3f1cb24f380137d14c814d56169
- SHA512
  
  53d35e9e4a0d45a5b37da7952f7bf8c26666fa57748c3d292fd154e40a602f08ad55735cefe9bdf043e03e3eff3e58d603bd9980ef291b3c5f409228dd5ba872
Score

3^/10
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/MoreInfo.dll
- Size
  
  7KB
- MD5
  
  bd393029cc49b415b6c9aeb8a4936516
- SHA1
  
  c67fd92fffd18941bed41bfd6ac4f3b04fd123df
- SHA256
  
  227a4fc9408a44faa5eca608a974bd536814f97b8a4d28b4cac479727167b026
- SHA512
  
  3bb8e5cf4bea7e8adaa62196e58fff9031f49fd4efa78e5bd3e4b9c4e9ba1523864567521793053595d90abec719761a5964ff3abe04b93b24d52e5ffa4c1f96
- SSDEEP
  
  96:LEjAlUFPxXJugoImuaKbkBSEPTpsxKaVQ4Ad:gjAiFPxXJugoImJKQk8yxKaVVe
Score

3^/10
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  11KB
- MD5
  
  bf712f32249029466fa86756f5546950
- SHA1
  
  75ac4dc4808ac148ddd78f6b89a51afbd4091c2e
- SHA256
  
  7851cb12fa4131f1fee5de390d650ef65cac561279f1cfe70ad16cc9780210af
- SHA512
  
  13f69959b28416e0b8811c962a49309dca3f048a165457051a28a3eb51377dcaf99a15e86d7eee8f867a9e25ecf8c44da370ac8f530eeae7b5252eaba64b96f4
- SSDEEP
  
  192:0N2gQuUwXzioj4KALV2upWzVd7q1QDXEbBZ8KxHdGzyS/Kx:rJoiO8V2upW7vQjS/
Score

3^/10
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/UAC.dll
- Size
  
  13KB
- MD5
  
  a88baad3461d2e9928a15753b1d93fd7
- SHA1
  
  bb826e35264968bbc3b981d8430ac55df1e6d4a6
- SHA256
  
  c5ab2926c268257122d0342739e73573d7eeda34c861bc7a68a02cbc69bd41af
- SHA512
  
  5edcf46680716930da7fd1a41b8b0426f057cf4becefb3ee84798ec8b449726afb822fb626c4942036a1ae3bb937184d1f71d0e45075abb5bf167f5d833df43a
- SSDEEP
  
  192:qP6KdXy+Yo7e1J8qC25a5mDFmCLGUCVGpU6uNck87I0S/TDqwyTq+:q/q3Pgd5mx6VkEck87ILCTN
Score

3^/10
behavioral10 behavioral9
- Target
  
  $PLUGINSDIR/UserInfo.dll
- Size
  
  4KB
- MD5
  
  c7ce0e47c83525983fd2c4c9566b4aad
- SHA1
  
  38b7ad7bb32ffae35540fce373b8a671878dc54e
- SHA256
  
  6293408a5fa6d0f55f0a4d01528eb5b807ee9447a75a28b5986267475ebcd3ae
- SHA512
  
  ee9f23ea5210f418d4c559628bbfb3a0f892440bcd5dc4c1901cb8e510078e4481ea8353b262795076a19055e70b88e08fee5fb7e8f35a6f49022096408df20e
Score

3^/10
behavioral11 behavioral12
- Target
  
  $PLUGINSDIR/ask_eula.rtf
- Size
  
  167KB
- MD5
  
  7bd45e3280288dda6fd602031e2066e8
- SHA1
  
  db4d49155de06f6a10ae50c01c612e4d998547bf
- SHA256
  
  4346de72fee6dbe8b74218d8d9550395bf7f26634eb026ff6359fa0f855e9a4d
- SHA512
  
  a3a40b878d46531127a55550c807e6a17374d5d52bd645ba6b61fc0ae551d348247c4d4969c32e60b7bdad7ce1b3167f3d87b4eab2746ae305f182d4084c09d3
- SSDEEP
  
  1536:ZZAZp31HamwWkLTX6sbKIJ8rqj5mXoArAp0blt5S2y4e4N:ZIp3haYl2to
Score

4^/10
behavioral13 behavioral14
- Target
  
  $PLUGINSDIR/nsArray.dll
- Size
  
  6KB
- MD5
  
  7fc4723bb0a4118e5f91047021d1aacd
- SHA1
  
  092a321a21d802045105ecc8cd3c9d7d2c6da923
- SHA256
  
  8f9bfeebfa3b070b116de61a63271b6c25af0dbb4bbfb4ae73e334d1f8517efd
- SHA512
  
  1fe86533987ff1c4d446b231dc1ff2c3bbce224ae91b73ffead539f08740bfb06d2f40f1aedf0571106dc4e12eec27aa32018c2bf5361b7488c07b4d90800f02
- SSDEEP
  
  192:EaNHOZqWdn+/a4YZkv1uULW1C4w2X2bM:EQudRQaYAU6hX
Score

7^/10

upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral15 behavioral16
- Target
  
  $PLUGINSDIR/nsDialogs.dll
- Size
  
  9KB
- MD5
  
  4ccc4a742d4423f2f0ed744fd9c81f63
- SHA1
  
  704f00a1acc327fd879cf75fc90d0b8f927c36bc
- SHA256
  
  416133dd86c0dff6b0fcaf1f46dfe97fdc85b37f90effb2d369164a8f7e13ae6
- SHA512
  
  790c5eb1f8b297e45054c855b66dfc18e9f3f1b1870559014dbefa3b9d5b6d33a993a9e089202e70f51a55d859b74e8605c6f633386fd9189b6f78941bf1bfdb
- SSDEEP
  
  192:SbEunjqjIcESwFlioU3M0LLF/t8t9pKSfOi:SbESjFCw6oWPFl8jfOi
Score

3^/10
behavioral17 behavioral18
- Target
  
  $PLUGINSDIR/nsExec.dll
- Size
  
  6KB
- MD5
  
  132e6153717a7f9710dcea4536f364cd
- SHA1
  
  e39bc82c7602e6dd0797115c2bd12e872a5fb2ab
- SHA256
  
  d29afce2588d8dd7bb94c00ca91cac0e85b80ffa6b221f5ffcb83a2497228eb2
- SHA512
  
  9aeb0b3051ce07fb9f03dfee7cea4a5e423425e48cb538173bd2a167817f867a30bd4d27d07875f27ca00031745b24547030b7f146660b049fa717590f1c77e1
- SSDEEP
  
  96:M/SspqrIYxLPEQhThvov3TE4/2Sa5P9QFFYzOx4uF3sbSEI5LP39sQvM:M/QUG7lhvov36S5FcUjliSEI5LuQ
Score

3^/10
behavioral19 behavioral20
- Target
  
  $PLUGINSDIR/nsisXML.dll
- Size
  
  11KB
- MD5
  
  a2725e4d4d57d9d497e0a384d2884417
- SHA1
  
  ee31ce04298964e5239368ca8fd7b3f1cda5d878
- SHA256
  
  e8b26d9497bf1f3be386158f7f338fa03c0cad9c893a7e96a0200a438c1733c7
- SHA512
  
  8d69e6bdd73a9845ba02917bd7f8e17e9a7a818348899d5ebb6e9055094c9b746550d6807c0412c2537a59b916b377aced3cf3932eb361d923816fd05866de99
- SSDEEP
  
  96:z50nDR93puFU7aMlUzVaXYDNwIJ1uUgkWJozlfGa3CeOY3/wDQhmrjpcAWvPaSZm:l0n3h+4uaMzOi/EQO11WHaSWjp9ffbE
Score

3^/10
behavioral21 behavioral22
- Target
  
  $PLUGINSDIR/registry.dll
- Size
  
  24KB
- MD5
  
  2b7007ed0262ca02ef69d8990815cbeb
- SHA1
  
  2eabe4f755213666dbbbde024a5235ddde02b47f
- SHA256
  
  0b25b20f26de5d5bd795f934c70447112b4981343fcb2dfab3374a4018d28c2d
- SHA512
  
  aa75ee59ca0b8530eb7298b74e5f334ae9d14129f603b285a3170b82103cfdcc175af8185317e6207142517769e69a24b34fcdf0f58ed50a4960cbe8c22a0aca
- SSDEEP
  
  384:W2mvyNjH3rPnAZ4wu2QbnC7qB7PnrvScaeYA4CIDEge/QqL2AQ:/75w/OfrzB4CUxuQfA
Score

3^/10
behavioral23 behavioral24
- Target
  
  $R1/$_1_/Uninstall.exe
- Size
  
  300KB
- MD5
  
  5221c7b9e997ca55a04536a6e06d956d
- SHA1
  
  3c7ea511c6d400123d7eee76043372c2d8d39ac6
- SHA256
  
  85157bfd33b4b761f1a0f924c0a48496d99d018cba4d8901129656bc4f72f207
- SHA512
  
  3b2bbdec9c3d735a0cc935199cca6ad43737e37ef12a535dd6d04d9b02f38ea18525884e6afccc7bf1a8c6f09e409003edfdc8497f72326b47a9962b34647379
- SSDEEP
  
  6144:N50gUCqUKdOEi9JEeF/mbOV1pj74oHKitRW:P0geUeqTF/sOV1pj7NHC
Score

7^/10
- Executes dropped EXE
- Loads dropped DLL
behavioral25 behavioral26
- Target
  
  $PLUGINSDIR/ApplicationID.dll
- Size
  
  52KB
- MD5
  
  b5d63240d145cef5a226a757bcb9cfa4
- SHA1
  
  043e7d43b74a71bb1f7ea7a8cccf2150879babe8
- SHA256
  
  096e40b3fd5803f323660b2687946d4d6ad004e84b27ab67d4f60707358ee375
- SHA512
  
  c67f4bebdb906cb30b9cbac02a3ca3d06d74d0a4d9f580873242059a7102b278dba2af7b4bbcb728b3dcc40396d56e5bc9aa68485b3657465e173a54666fa1ae
- SSDEEP
  
  384:Gubd5EUwI12n3t7LgbpbnGRemovGQLRQnM7zvnPjRFgiNrTU77eu7Ix1xPW+hLWD:/bd5EUMtgbnmMG0vvPZ5ki6YPW+hTL
Score

3^/10
behavioral27 behavioral28
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  11KB
- MD5
  
  bf712f32249029466fa86756f5546950
- SHA1
  
  75ac4dc4808ac148ddd78f6b89a51afbd4091c2e
- SHA256
  
  7851cb12fa4131f1fee5de390d650ef65cac561279f1cfe70ad16cc9780210af
- SHA512
  
  13f69959b28416e0b8811c962a49309dca3f048a165457051a28a3eb51377dcaf99a15e86d7eee8f867a9e25ecf8c44da370ac8f530eeae7b5252eaba64b96f4
- SSDEEP
  
  192:0N2gQuUwXzioj4KALV2upWzVd7q1QDXEbBZ8KxHdGzyS/Kx:rJoiO8V2upW7vQjS/
Score

3^/10
behavioral29 behavioral30
- Target
  
  $PLUGINSDIR/UAC.dll
- Size
  
  13KB
- MD5
  
  a88baad3461d2e9928a15753b1d93fd7
- SHA1
  
  bb826e35264968bbc3b981d8430ac55df1e6d4a6
- SHA256
  
  c5ab2926c268257122d0342739e73573d7eeda34c861bc7a68a02cbc69bd41af
- SHA512
  
  5edcf46680716930da7fd1a41b8b0426f057cf4becefb3ee84798ec8b449726afb822fb626c4942036a1ae3bb937184d1f71d0e45075abb5bf167f5d833df43a
- SSDEEP
  
  192:qP6KdXy+Yo7e1J8qC25a5mDFmCLGUCVGpU6uNck87I0S/TDqwyTq+:q/q3Pgd5mx6VkEck87ILCTN
Score

3^/10
behavioral31 behavioral32

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Unsecured Credentials

T1552

Credentials In Files

T1552.001

Discovery

System Information Discovery

T1082

Query Registry

T1012

Lateral Movement

Collection

Data from Local System

T1005

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

Sharing

General

Malware Config

Targets

Loads dropped DLL

Reads user/profile data of web browsers

UPX packed file

Executes dropped EXE

Loads dropped DLL

MITRE ATT&CK Matrix ATT&CK v13

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32