27bf8e239f59a87c27cc9d1c7e92adece25427d246cb5c04fa0237930181fea9

Sharing

Copy URL

Twitter E-mail

General

Target

11880711c83d2d5b184fd25f5289ba0c_JaffaCakes118
Size

3.4MB
Sample

240504-fe1wpade7t
MD5

11880711c83d2d5b184fd25f5289ba0c
SHA1

272456b67e8c919a5ec7e76f37034ea04e06259d
SHA256

27bf8e239f59a87c27cc9d1c7e92adece25427d246cb5c04fa0237930181fea9
SHA512

e69afc36d385940e7db60b2a9b0cd40b541a046e340c7d2a8ac032c4af4d16df6843c51b4dbba7a9b45ebdd672fc600fb035a3095f4abc27c840906c3b33fb96
SSDEEP

49152:Pgla0nbzAW+THF2kA1+9WHyvJxnOy4hAT0sRkrwXykrY2R/UDaUbNc7Jl8ltyUk:PgZZ2FFA12OyvJjTbogyiY9LNc9WHBk

Score

7^/10

Malware Config

Targets

- Target
  
  11880711c83d2d5b184fd25f5289ba0c_JaffaCakes118
- Size
  
  3.4MB
- MD5
  
  11880711c83d2d5b184fd25f5289ba0c
- SHA1
  
  272456b67e8c919a5ec7e76f37034ea04e06259d
- SHA256
  
  27bf8e239f59a87c27cc9d1c7e92adece25427d246cb5c04fa0237930181fea9
- SHA512
  
  e69afc36d385940e7db60b2a9b0cd40b541a046e340c7d2a8ac032c4af4d16df6843c51b4dbba7a9b45ebdd672fc600fb035a3095f4abc27c840906c3b33fb96
- SSDEEP
  
  49152:Pgla0nbzAW+THF2kA1+9WHyvJxnOy4hAT0sRkrwXykrY2R/UDaUbNc7Jl8ltyUk:PgZZ2FFA12OyvJjTbogyiY9LNc9WHBk
Score

7^/10
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  11KB
- MD5
  
  6f5257c0b8c0ef4d440f4f4fce85fb1b
- SHA1
  
  b6ac111dfb0d1fc75ad09c56bde7830232395785
- SHA256
  
  b7ccb923387cc346731471b20fc3df1ead13ec8c2e3147353c71bb0bd59bc8b1
- SHA512
  
  a3cc27f1efb52fb8ecda54a7c36ada39cefeabb7b16f2112303ea463b0e1a4d745198d413eebb3551e012c84a20dcdf4359e511e51bc3f1a60b13f1e3bad1aa8
- SSDEEP
  
  96:zPDYcJ+nx4vVp76JX7zBlkCg21Fxz4THxtrqw1at0JgwLEjo+OB3yUVCdl/wNj+y:zPtkuWJX7zB3kGwfy0nyUVsxCjOM61u
Score

3^/10
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/nsDialogs.dll
- Size
  
  9KB
- MD5
  
  d9256d9acaecabb20b7e9a1595abfa36
- SHA1
  
  ece1cab181dac7729246da1d4494b8daa10c3b70
- SHA256
  
  d7b2c55977a541f8d075e48d4e0a82eec79ad247b0ed168c19a8518131acd19c
- SHA512
  
  5827cdbfde0e766d1b74ecb22f9614232031da41c21d0f6ff6c9d5dcdfc0adc23e8fd616eb020ab42208932444b5e0cb1e6d6e698bead412eae19624a180b6ff
- SSDEEP
  
  96:oHqZ4zC5RH3cXX1LlYlRowycxM2DjDf3GEst+Nt+jvDYx4DPqndYHnxss:oHq+CP3uKrpyREs06YxuidGn
Score

3^/10
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/nsisSlideshow.dll
- Size
  
  7KB
- MD5
  
  92148c2fcdc2c588aebc6acaef11ad4d
- SHA1
  
  5df90a446d80ad69816c2375e01287ba1c3fef96
- SHA256
  
  3beaaf45b95d7554e646812291025b873b1265ef63723aefe6ffeeac40469231
- SHA512
  
  a10951980148ff999a7a279cdb041c5a158be9f5a8abee22b51fae4cd8eeb84707724f7d4383eed0e90267bf299a9f041bb659aae624a9cf7cb97a58bf996924
- SSDEEP
  
  96:jxDCYdyPLISNJikdpdlCE5tJeCZiPodd:t8kkdD0OCLPodd
Score

3^/10
behavioral7 behavioral8
- Target
  
  $R2/CrashRpt1403.dll
- Size
  
  261KB
- MD5
  
  a4056f126c880f3a063e7b7918e78d92
- SHA1
  
  c8656f7fbc85d17a6ee63961933192ddb6f6624a
- SHA256
  
  d5f8d05db8459a147729e18745ce24d2511d77204dcea064423de387cced6c96
- SHA512
  
  5ed909d3cfd90761e4c6915e85ca4c9612b430548b965cdf93e288a10795427f85dfe2fb1a7e4123d5b88dda99ec76a24e15fcbeb24aa126299e24a87fa7b214
- SSDEEP
  
  6144:SvoV8jCL6O30U2RkVnL4GLQKpTc21J3y:XV8jVa0U2R2Lfp5c21Fy
Score

1^/10
behavioral10 behavioral9
- Target
  
  $R2/CrashSender1403.exe
- Size
  
  1.3MB
- MD5
  
  e3dd4e556e7ee335ab4c89f93a5871c8
- SHA1
  
  3c63f9b2259ef2a4960007a2395de88ff420fe84
- SHA256
  
  63d8092f8ac9c717b9518a6822ba84ae24017764dd7b20ac07755ade64162869
- SHA512
  
  cdc358fe63e8fdefec300411573c89e8f7a4d8e212c00bf47aa5c04b1d2ca9499acc856c20f601a737dd7fba7f6626997cff4e215353a42c1916a903c8503e5e
- SSDEEP
  
  24576:OODBQqPmR8X8CZsC5BRsq8iO5p9VfNhon9CgQMgirG74cb0Gx4pL8CbXTJDWO:zJa8X8CZsCF1Cp9VFSn9bQMgz74cb3h4
Score

1^/10
behavioral11 behavioral12
- Target
  
  $R2/GAME.EXE
- Size
  
  1.8MB
- MD5
  
  110f60b3a008158e0e8a5ea611027f16
- SHA1
  
  1ecb6bffb72f4e6d6575415b169dd60bf6abfc9b
- SHA256
  
  e6e1b56029f8871c25d0caf8bcedf7bf1699580d0dc24c90d79eb27e9d7e05b2
- SHA512
  
  483b3d0d52ce4e1c770db93884b74c5494e6b4041df8b06bd740ef2cb8a1189d26c1bdb4fe65cc6812095400b74e078dca40dd699549474b0ce24947d0f24525
- SSDEEP
  
  24576:PpXkWO2TbkxRXa6VPg+FAmcn1MX0DChCiYr3eN0+HMde4BxTopb0/KF8MhTAIzbT:RXPWjgzn+XJaXOgKh/Psn9dWTPJ
Score

1^/10
behavioral13 behavioral14
- Target
  
  $R2/SDL2.dll
- Size
  
  983KB
- MD5
  
  ae58662a16410481b477b78b8d47460b
- SHA1
  
  fb8b1ba166913c18eb00f8ca53439d0f4ee54359
- SHA256
  
  a23d944bea101c574875c13883088798cfda712de969dd14f529e870a0de87da
- SHA512
  
  93280d9ab366b3dfae6e40e50984764fab7be6ca6bd2b5a24d1182d67f06f9cc50203cc3d01a4232593c0c1ad03dfae56e119286d10b78d2e3d57b394bda8778
- SSDEEP
  
  24576:hEbJuxlv9Sawf3oEYsTXR7fxiGmUDZ/HJkAVJcJdKll6/QTjFZLFGPQRGnx54IC5:zlv9SlEJ8C/KjFnMMvvS4
Score

1^/10
behavioral15 behavioral16
- Target
  
  $R2/SDL2_ttf.dll
- Size
  
  51KB
- MD5
  
  bde2495fcd5ab9b2429f4c51055699f4
- SHA1
  
  02f8092bf3b51550bb5d1bd78e0e145df7e984dd
- SHA256
  
  7bf81e336da6f06320daeac031bfc28871feb77c489d3f75f88e7a1abea712f3
- SHA512
  
  9763b517f5bde7e21ece58669b26df6e322dfa786ce6a527a36e3241923285080af4df7e5588a671ddc81328b01251128bc324587bcd81ae5059031ce416fe32
- SSDEEP
  
  768:gXqzg+wMb7rTN5phhvePcw204Ha3MGtrcitaVzQmacAEeQxVemu1clBzI3sk:ge1HXrR5DhWPcwkHa3Mlk5Q6mu1cw8k
Score

1^/10
behavioral17 behavioral18
- Target
  
  $R2/WOL/PATCHW32.DLL
- Size
  
  181KB
- MD5
  
  6ec517e866e476401755281837295579
- SHA1
  
  08109c2ade310c8e345c688a6b61043967bc3ff4
- SHA256
  
  0ec6e25234ad74489eb1890d4de57bb6140bb8196bdc4a5dcac90dd9d16eb2dd
- SHA512
  
  03c250b763450033b3af3e209d82ea1b56dfea527b528d27d5328fca3846f94391628106973af96f1e7ee35ad0e96fdad36a0289ab01fbc020475301725c4d29
- SSDEEP
  
  3072:+RbF7+RecMpHaXkTamtpPb/+sF8Iu3mm3MKeQEhygkFhon8mnIFlD9PqGSuH7ayh:exCetWApTRF8Iu3mm3MaEhygkFh/mn2T
Score

3^/10
behavioral19 behavioral20
- Target
  
  $R2/WOL/REGISTER.EXE
- Size
  
  64KB
- MD5
  
  6556664a8840cf90e24f4368fb4843b8
- SHA1
  
  30110ab0094a13b3cbd627bced25b923c1c99a4e
- SHA256
  
  861f42c1eed88b62bf5c3ce06fad2c497dfddfeaecc75ee878ca405017a54ad6
- SHA512
  
  17d146f303feec1a76fb35663fb9683e4ef46ca5d9e4a25313e02388ae7d62b26114481af849dff0ae301ccd9e04e00666c7ffbb3814859a70ffae6e6cab6b09
- SSDEEP
  
  768:ByA1Axd6Ch1K9O44XQok6A3HlLBZduof/bKyx2X7iB9uqB+VV+2Q8mhgnKxouVJs:X1A31YOWFFZduonbhTiI3/gOouVJNWV9
Score

1^/10
behavioral21 behavioral22
- Target
  
  $R2/WOL/WOLAPI.dll
- Size
  
  208KB
- MD5
  
  bc31a00f29ce50e4b7a7a72c11eb5673
- SHA1
  
  b76be63eb2484b36aaadcd3c09ad8ba4526a6fde
- SHA256
  
  0b4ad4ad9dd3d6ce78e5de3218e73c3455e8d5be5a652ffb6cc33e3032fd3caf
- SHA512
  
  4695efceb0446fd421daea45a3d5e908cbbb72838eeb5613420dcafa0af65f5b5a1ab88b086c315e1b290a1dec8dd14117371d0929463da75f30aab0168bd6ab
- SSDEEP
  
  6144:ZHTo7O5KxSm/7fj5YeIxPD1GB1ZwqVCZ+qy:ZHT6ZYDKZ2
Score

1^/10
behavioral23 behavioral24
- Target
  
  $R2/WOL/WOLBrowser.dll
- Size
  
  72KB
- MD5
  
  9952f3320d89059c9440369ca038dd9c
- SHA1
  
  1ab6a9bcfe26aa9a28c0a8d269a45ce2158bec24
- SHA256
  
  c92d0f1f7a45cebe0ef4cac6abeb3de0bc3cab48da427ba31be5490752813291
- SHA512
  
  d80fcb0c1a4b31a9b1d83cccc2ae32960c1352baddf8e9ead93620ed5f6b074d5c9af477263bda55c62497b30d2aae71c5eebf2f0c995de032ae4bba13e21693
- SSDEEP
  
  1536:ZjmiQi+tv7TvKrn0zerKRrOwE5KJEhLoawgx:ZjmiQi+t6cKsrOw0OEhLoaRx
Score

1^/10
behavioral25 behavioral26
- Target
  
  $R2/WOL/unins000.exe
- Size
  
  74KB
- MD5
  
  a73b4c19a233181cd4cf0b9b8b3f7fbf
- SHA1
  
  3fc1038bb5c538d5167234817c868d6f7a7785e0
- SHA256
  
  b2c14524f74de7831b3246313485e4debecbd235647791a025653720bef850b6
- SHA512
  
  29d54ca315bf4fe91c4522a6244c0cd6a98046c74c8af1a3d8f5675f188cd58f5ce030d1ac3bfae4b3726c546d39ad164b28bb9e8bcd4dce7a696625b0ec64ef
- SSDEEP
  
  1536:HCfqNGLKnp5U+V7Chv3/2GQRGVtzdLQs68/G/OdMeK2R9:HGL2z5Chv/8GVtW8/G/OdM3U
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral27 behavioral28
- Target
  
  $R2/ddraw.dll
- Size
  
  220KB
- MD5
  
  32babea2162058413c466cf7a250d45c
- SHA1
  
  20fd2f4f97c17b60e4c6522f78da3c3397199ba3
- SHA256
  
  5108d926c066f5648bbf6485d72b61066cfbc68c81d1b6d58ad01f1782a9bab9
- SHA512
  
  eed05bfe2187fa3d720650817dccda996fa4316889b9586259d1c801d765cd9989ad8817358a7405a7783bda5d0a5c73fb1964aceaad8c605526ad0109356d28
- SSDEEP
  
  3072:rj8uCYhGsDIrvpSkzpWDPGmYrZIH/9ESKZ/ODt+psjRXBdrx67m16osJTbuO:rjkYhGsDIrvwkzWlYrZI2/E2+dUXu
Score

3^/10
behavioral29 behavioral30
- Target
  
  $R2/libfreetype-6.dll
- Size
  
  490KB
- MD5
  
  309daab1ca02fbbc030a90804033ee27
- SHA1
  
  83878a49d8254b871acf1bec3fe9a9e24cdfdfcf
- SHA256
  
  32f4ee8d26cd8b8c9eabd382d590dfae2e7e12f7c6376a30a9e3fb4013de2cd0
- SHA512
  
  2d5c3981b14eabcd2c2e88736140e8ffd312b1863e79c44b1339fe0f9eb95208e5ca93df1afbde0f9d742d2d9765f3d47f622d4e09bb3eb6069eb1244abcc112
- SSDEEP
  
  12288:id8ZXXXMpZ2dRNRDA9Qr5hn5e1j9R6d2sefEWmg:C8ZXXXMzSbDA9Qr5h5e964sTZg
Score

3^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Loads dropped DLL

Deletes itself

Executes dropped EXE

Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32