General

  • Target

    126fff08a5955d42438875e98c23487e_JaffaCakes118

  • Size

    4.6MB

  • Sample

    240504-m47tvsca4s

  • MD5

    126fff08a5955d42438875e98c23487e

  • SHA1

    c358de8d49e52feb00342e2413b67448ec620ea5

  • SHA256

    5c8976657c81b6efedcccafafc4fa3a9ad53f2c72abde0e8256ee9c1de0cbdf2

  • SHA512

    32fdcd5d68dc367febd26a076f2db003f98fbf5248bac33b87904ec818e5bc43cad4904ce54307a652dcc5cce699ca854f539f8807520902ff5c865cbed0392e

  • SSDEEP

    98304:qwoiFIZ3et8abLGAQfBIqtO/ZIpBrfhuM/etsIcqC3qK:qwl/hPQfBIf6phZx/osJqCh

Score
10/10

Malware Config

Targets

    • Target

      126fff08a5955d42438875e98c23487e_JaffaCakes118

    • Size

      4.6MB

    • MD5

      126fff08a5955d42438875e98c23487e

    • SHA1

      c358de8d49e52feb00342e2413b67448ec620ea5

    • SHA256

      5c8976657c81b6efedcccafafc4fa3a9ad53f2c72abde0e8256ee9c1de0cbdf2

    • SHA512

      32fdcd5d68dc367febd26a076f2db003f98fbf5248bac33b87904ec818e5bc43cad4904ce54307a652dcc5cce699ca854f539f8807520902ff5c865cbed0392e

    • SSDEEP

      98304:qwoiFIZ3et8abLGAQfBIqtO/ZIpBrfhuM/etsIcqC3qK:qwl/hPQfBIf6phZx/osJqCh

    Score
    7/10
    • Loads dropped DLL

    • Target

      $PLUGINSDIR/InstallOptions.dll

    • Size

      14KB

    • MD5

      296a5f3179fa8d7a7a855eaf696ede44

    • SHA1

      57aa5b71553ed282dd22c768e039a187f5c13f63

    • SHA256

      ee0ad77e681c4d0fdf1d67df5f4ca03e6bdd8e3b05dfb47a83ad5c733ed62960

    • SHA512

      bc527d1485f468e8d098057e0e38e8cb7aa6eb64d4ca30927b99b1552a3177b132b989015ff95bdf2ca046bf11a54b4b456f51e024fbc734fbb548c3499e53f6

    • SSDEEP

      192:r6JaVGQ+xI5EeuyvMmGpeWH2J5xprN+AxTyK72dwF7dBdcQOz:r6JaVh4I5rpPbTy+BdhO

    Score
    3/10
    • Target

      Analizador.dll

    • Size

      90KB

    • MD5

      79712c20fe2155cf1ab4fa1b07969e9e

    • SHA1

      1f45b7aa4c6434e3008d2b8cb9096e8d38dbc0d8

    • SHA256

      b9ce82cf7b4f51617a04fe79489fa186a6750e071530d13b303435f739518a99

    • SHA512

      ca75f89481f216842874b567e1a5746cb144680d7034470690e3466126f3fbf7dbd6b8f07be41cc98dc7b8f16a4ecfd0aac0fa6d48f44699d2de9592a7f2c3af

    • SSDEEP

      1536:U2tof5xxLs8npufZTEoqphLaI+EqeO8uWGMtB5lKJP0uT4PP0uTzuBNGMG3UXBN:hK57A8nAxTEoqp+eOUtLI2uKUXr

    Score
    3/10
    • Target

      Ayuda.exe

    • Size

      1.7MB

    • MD5

      2e21ce4260d255c7dfc58bbaa21d20d2

    • SHA1

      a042dc3f09edaee569d7b9fc5c1f901e1775a434

    • SHA256

      97e933dfd6fe33126da146836f639b7cb9e152a26df08a36362dd823961bc7d6

    • SHA512

      bc7a97da2580a6690483b95314641f17dd8e034831d48383c181322187958f3ce3c4ba97f706745074714f7324e6fa119d2b78f17eb1aa0be09fce2900bf9c7d

    • SSDEEP

      49152:aMWUARVFZP6/KyhiIEltAplV3y7JRbgGK5BLhb76N:XwPX7+EIpX3yTbhK5BLZ76N

    Score
    7/10
    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Target

      E-mail_Marketing.exe

    • Size

      6.1MB

    • MD5

      76ff28758fd13b3d5a676241c926c58b

    • SHA1

      70f6ef335a1270b12fcbcc01985e24ec62742444

    • SHA256

      f388a08c09b113da055e7a1d668ab6aef0904dc3b8031184060a040909636d52

    • SHA512

      b28b47e2eec8172fd37cd31910a2234f3e32785e9a580154ebbb98fbbc337f828ad7a9562b52c9f4a985957eea6d4078c1ed1b31080a4286daed2f2b2e8629c1

    • SSDEEP

      98304:rpXf9QoQAjEccyG7w/LErbQ4BfLyQBmYs5j3:FP9Q3cI76LgBfLyQBz+3

    Score
    10/10
    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

    • ModiLoader First Stage

    • Target

      Extractor.exe

    • Size

      220KB

    • MD5

      1ced1b979203a7e4265ab844e807f64d

    • SHA1

      1227bf074ac939c23a689687c48ad58b50d04c78

    • SHA256

      25aa8133652829d5cc8284fd2dabc2a43ed1209e37414523e5e2b663feb4c602

    • SHA512

      893513fa46bc926475932c43c842e453254dfb325f069b77affc587eae1642d9914c0db69d521e154d6ffbdd2cd007bed5e30c065eb170390d8a32863ce6a2eb

    • SSDEEP

      6144:sny3kJ/IJzJKuCpCuEfbxWl3K8acHDc7ZkvF:gXhizJTCpCuEfbm4cjc7e

    Score
    1/10
    • Target

      Seguridad.dll

    • Size

      228KB

    • MD5

      4937dfb56023d9f33727c10865986943

    • SHA1

      cf9aa6877fda04af48d9319a226704b4bf46f177

    • SHA256

      50165ef998d9ee7c5ce29f07d95c48e4d72ba1dffbdc8c2165373d5de22aa8fd

    • SHA512

      2879db9aa169e412ede7f26ed5f5dfd1313947b3b781ea1cf7ff4bb52bf98af53fc9d130442e11910de344e5ec74d669f17412fa0278a38ebee5a65c3eece863

    • SSDEEP

      6144:bWoYdXW4FXVrt8y6lDHy7Qea/66nmdnFnJnJ3/n0vJXH0eYGe:yoSXW4frt8yoGa/b

    Score
    3/10
    • Target

      Servidor_em.exe

    • Size

      843KB

    • MD5

      e6ac282d40cf400c94d103d0bbcf513c

    • SHA1

      2815b404e72edaee8f5d792aafd4772f36c5bfac

    • SHA256

      0369ca889e4633817eb29361b91a190de4e09eaa276d02b01ff43ef1113c5cd1

    • SHA512

      a997557d722b254e42aeb1950c7a770905b8afdbf0b3f263317fc0db769e79cf249c4c5fcbc10ee43faecf426827a62ce6ce57c9cc9c76c8bae9008231e016e2

    • SSDEEP

      12288:7rLeWwy/TXBtU5f+EltYgBWcQeay/MTc2HS6L8OlhcmH7C3yiJqHT:7eCBmWElCZcQeRkVSQ8O3Z7CCJ

    Score
    1/10
    • Target

      libeay32.dll

    • Size

      1.3MB

    • MD5

      a724f5da0a0184b5668ef2d85a7346e0

    • SHA1

      7181fffaa6b8f0f29cf7cdd1b1b859c2b956d399

    • SHA256

      7f2284d3cca6171e50b47eabc4fddc8cd2c9641cab4edb12b26694427f559848

    • SHA512

      d9916d6581e5c25b6479445aef604e9e2dae6d64e1e7c6784516ef20616d2a8ab4253816ed7edbc289caaa9f1c88c6ba8441e8205616874ded5fd126644b83f2

    • SSDEEP

      24576:2ztZk+KpPT5xWiqKZc6ZetcmQXFwYyzEuugANpopyeqwkVQ3I:HrPWzaDetcmQXFwYyugupozqbVQ3I

    Score
    1/10
    • Target

      ssleay32.dll

    • Size

      330KB

    • MD5

      d34ecd24706dcfff478fe6fbe79026a9

    • SHA1

      e11540244a99a5d7c95643f14cce042de1710ac7

    • SHA256

      4a55ba7288d61c50d5f852c1d07877da46b036c49559e648006839a3cb932a55

    • SHA512

      16de6747156d1f7d6260e29a40706e4f81bc36e45246431bfcf0c097e8b598ed907edd4049240f080971efed07483876fad339a8940bda41d6ac6103fdf3b915

    • SSDEEP

      6144:5cJ4T6sWJwGzhK5smGmU+c0nxAF1ONpDlXLMNFXpF6IA/Tr/NE4PB0JvMCGomJCX:5cJ4esWJwGzhK5smGH+c0nxAF1OpDlbo

    Score
    1/10
    • Target

      uninst.exe

    • Size

      33KB

    • MD5

      c51798315db65135c51f2574fa021096

    • SHA1

      21882402dcf0e253e74cb19f6b76b5ff57e8cc25

    • SHA256

      829cbfdb3bd8a54320ab6084c415ff3025a39ef72a58a6c465782c3a51707ec6

    • SHA512

      45db5e2f36b58c9e6adce2fc66974cda111bae9d851f70f6f35d9d19201634acc56e6b7f372d730e1b8f1335a4af89d60ad2115827cddce54d53a441fd64cbb1

    • SSDEEP

      768:TXKsDnvuB3hRx867tuXLx5Ro2NP0u6X71F38s1mJlHu4:LKsTvudhg67q1mX7BmJlHz

    Score
    7/10
    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks