General

  • Target

    12bcdb449b0071b8451c4887a87efef9_JaffaCakes118

  • Size

    5.5MB

  • Sample

    240504-pnbslagg44

  • MD5

    12bcdb449b0071b8451c4887a87efef9

  • SHA1

    34f179932ac93e0bf92c2fd8cd9fd44d479742fe

  • SHA256

    7d93356ce79e5c931bc2951c4284d42fc9210c8e130ffec7833463f3d7aaaa75

  • SHA512

    7be9f14b0535f8b43789136349d6725af474b5ab3820f74928a4ec2bcdd6df4747b8644937908a1a87c7d8e7d88db88505a6954861705077ab2bebdbf8ccc0a8

  • SSDEEP

    98304:l7vDN1vO9D5WE8YvH/UoGPiYaq1g5ox28qHIHic0SKVdIcVOteMO9hLQPZFTXjOF:l7bsfP/FGPEox25Hcwgc8eR9qtOFjeGb

Score
7/10

Malware Config

Targets

    • Target

      12bcdb449b0071b8451c4887a87efef9_JaffaCakes118

    • Size

      5.5MB

    • MD5

      12bcdb449b0071b8451c4887a87efef9

    • SHA1

      34f179932ac93e0bf92c2fd8cd9fd44d479742fe

    • SHA256

      7d93356ce79e5c931bc2951c4284d42fc9210c8e130ffec7833463f3d7aaaa75

    • SHA512

      7be9f14b0535f8b43789136349d6725af474b5ab3820f74928a4ec2bcdd6df4747b8644937908a1a87c7d8e7d88db88505a6954861705077ab2bebdbf8ccc0a8

    • SSDEEP

      98304:l7vDN1vO9D5WE8YvH/UoGPiYaq1g5ox28qHIHic0SKVdIcVOteMO9hLQPZFTXjOF:l7bsfP/FGPEox25Hcwgc8eR9qtOFjeGb

    Score
    7/10
    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Target

      $INSTDIR"/OpalViewerUninstall.exe"

    • Size

      33KB

    • MD5

      f6dfe8bc82bd1e1152afa6ee3fac4646

    • SHA1

      18320868bc2fb7446f009254bb2d3cb7646b7f09

    • SHA256

      541e22d9e35f613427ba76ed6c5b9e6302b91488496ce2995df6f4a9653b842f

    • SHA512

      2f7e8cf844af80269beddf6f9e9cdd9fc637ba1039425c40603f24e0da1c44debff3e0506a5be939d592352426fe43f9fa66d47528a15c4b4f33d61dd2907ab5

    • SSDEEP

      768:l1cVhpQI2EQK0iPDh84nScF15GYbWjXO3XJjJRnypHxSh:TQpQ5EP0ijnRTXJ+Ah

    Score
    7/10
    • Executes dropped EXE

    • Loads dropped DLL

    • Target

      $INSTDIR"/bin/"/$OUTDIR/OpalPreFetchListener.exe

    • Size

      3.0MB

    • MD5

      09fb5ad76eca6b305f7a39dcc118da05

    • SHA1

      87fdea53c2c5e1206e96324a4b0cd2b4ebc50330

    • SHA256

      cf08e4185f69e2515de0319bd6b730ca2bda4f8273b6f8cd5604ee1fbddf7801

    • SHA512

      53183e6d17e87c2dfc945f7602e69741dc98e24d67332e936d6dc0bb8ce52fc25667fa64e95752bf614ee6b9ec0c56ae27a895f252008f5d84cc47f9a06e2105

    • SSDEEP

      49152:BZemog2rOh1/oyc0V+HUSqCAwsKEeylDXZdHOue+pDLOYada+C/n4FtnJCf0o:BZemovqJoycA+hMKEeyFXHO+OZda+dkB

    Score
    1/10
    • Target

      $INSTDIR"/bin/"/GdiPlus.dll

    • Size

      1.6MB

    • MD5

      4d328694bb516e46d2d184950d94433f

    • SHA1

      9b31771a8c201b74c846da1f1a254866dc2f912d

    • SHA256

      8199452af9e5289c126d0ff9d99f2302c52861ec49008702b7f95d64d316383c

    • SHA512

      dadf21cb702e309ba0f271e13a9c3e9d4bdb5cdd79699d331242c988c591716c265c11fb5a35a8b0d5892861d1c6d519ace228f2d4fcf0d3e604e33be4fa7cd2

    • SSDEEP

      24576:GSWwWpX3g7mgl074FUSIgi3g4bMG0x15IMQMLklslaswMeEd5DoQbcnO5c/K:GhwltF7C3/ouMvoslp3on

    Score
    3/10
    • Target

      $INSTDIR"/bin/"/NMSAccessU.exe

    • Size

      69KB

    • MD5

      b400ed9fa710f2e5fc3c1cb14d7947b0

    • SHA1

      d77f613f01fab94575e9adb15965290fb711ed07

    • SHA256

      b24739b43153df0159876526c5437f66f6037c614335e6d2b11afc1950eab032

    • SHA512

      6f46721c86b7ce0775919513c3c4014e88a1d62b75ea78bf35ffebd83cd50f1977fcc7ba0222350b70de94915b1e26cc06c25e1cc1ecc7ea480f947d4deebf01

    • SSDEEP

      1536:A1AQz0jegsvE7bpkkmxrMaUFc1kqZCg2tgn4sC:CAQhgl7bLmYqZCHtgnBC

    Score
    1/10
    • Target

      $INSTDIR"/bin/"/NMSDVDXU.dll

    • Size

      1.2MB

    • MD5

      8f2e118719c0a8329ef00b58bb256483

    • SHA1

      a9b426f52a7f931e2a268e28b25d93249ac515ee

    • SHA256

      5fdbd14f8b88d21b58a138433c035031fb6a8c6be756b828dc126fce426dee70

    • SHA512

      9ebe4c54556ab09f7fb7792f35ceb7459b7c306c08f3806bc28f7345020eac44f0a88ad9fab631bed5523112eddeb28d3cca03734ede4443cde4660b35f05007

    • SSDEEP

      12288:syFGsBFzQWdOpRrrOgYQw4E+qbcDxh0X3e5F/oaCDMYUKLv+nU4LcHqaB3sg:sNs/ROpRef7bkxRjYXz+jL+qw3sg

    Score
    1/10
    • Target

      $INSTDIR"/bin/"/OpalPreFetchListener.exe

    • Size

      2.9MB

    • MD5

      84d20300bb7610edccaface9aaa57c48

    • SHA1

      7735989d0fd2f0ef226bc3dae7d0b5f3585ae7a5

    • SHA256

      6f5dca6c5260bec1bdd951a4bd9d22d89c0969f7511980331589d45d2b7cbb4f

    • SHA512

      c156b383f77a190105cb864230fe6822fbeb34abfda65107d06e6c858b4199465797568e7c46994609591019b23a31fc72b61053f6e0fff419f511bdc5a891e4

    • SSDEEP

      49152:FZemog2rOh1/oyc0V+HUSqCAwsKEeylDXZdHOue+pDLOYada+C/n4FtnJg:FZemovqJoycA+hMKEeyFXHO+OZda+dS

    Score
    1/10
    • Target

      $INSTDIR"/bin/"/OpalViewer.exe

    • Size

      8.7MB

    • MD5

      e0f2ab5c6bda9d8a19e676228c11013f

    • SHA1

      acd5bfaa8523a43c034cdbe0429cbdfd0957b342

    • SHA256

      2c421b0d56b61cd21f04f9cb3589900625a70dff453fb96aee90d4a1fc87b78f

    • SHA512

      2ccc14927af80a0dbb40a58fae691ff89ecf4e864ce24e20ec588a8b68b388a2460173d8b7a7be5c84264503827430f27efb6ebf8767adefb06f8e8c275b7244

    • SSDEEP

      196608:oWg7jt+oBzznrU4AqXh/BwPWpGpf2CKHe:oWKbnrU4oPWpGpf25He

    Score
    1/10
    • Target

      $INSTDIR"/bin/"/OpalWebKicker.dll

    • Size

      552KB

    • MD5

      a4bde4b2b0c5423a05fc497057a64fbb

    • SHA1

      3f0d2862c31fe4fc018cb48ca202e87e6b15046f

    • SHA256

      d4d980aa2ffcdb68a9984f31fa49f64bd491476a39d1169b0a5efe153a4f7f4a

    • SHA512

      53b68a903ef916ccfa39e39b32cfba4da914879e6fea6946ced74e0320b475d5798dd297991bca1af71e63074d5611ef64c6f2e5bbb0d0de89b2f81188bd6c29

    • SSDEEP

      12288:UMz1oPEKZG8uNEZorJ2NaInSZFt6ol9p1E+KdwFYW:D5oPJZG8qoQJaaISZaol9pi+YW

    Score
    1/10
    • Target

      $INSTDIR"/bin/"/VizMMC.ocx

    • Size

      1.1MB

    • MD5

      9e27fa1bbb7bf9a826d9092c69e79e4b

    • SHA1

      78a0f434aec0e14e4654dce1fd7515ac22a9daaa

    • SHA256

      b5fd602a3f7228fc2978e00dc7c50869f9bde6c351391894a299c186301454c8

    • SHA512

      c29acfbe00e416667880d0d2c37ff1ad75f27dbb209129a9bc451c5c7df409c597c38fa26245b57b7e46f4dc39315e4647313c6762f45462cc258a12aa4ee165

    • SSDEEP

      12288:3j8HUCCcvoVAyfgmZX4H/kLZQw418nVD5ZroY4sek3eBiM5gjtpaNO:z8rFvaZXg/kLZQmnRjkY41ku5i/G

    Score
    1/10
    • Target

      $INSTDIR"/bin/"/WinTail.exe

    • Size

      52KB

    • MD5

      3a5bb63758bf6b7d9db7302282905fc9

    • SHA1

      da9e4d73245685a5ab8d3c97985bcf4c1e5ce901

    • SHA256

      f0bd288e745ded5dec8b55d16d8f85ec787caeafb9de09b67d751a6c7404cbaf

    • SHA512

      745a4dc70c6dd64ee728308e049b3c55df9b2484ceee3662f0c6196507d8c8f5f20c582e550e63c817626bb4e53c59f23fb18f044340c857d351b3e129ecbf9f

    • SSDEEP

      768:yaVsCWUeA96qbmALOV96YEVZeT/u1bmVm1gD8B5zxtHtZ/mKFInHOiB9uOcchdYO:9GEVZeTUS+NtNNmKFIntcYdYgo2J5

    Score
    3/10
    • Target

      $INSTDIR"/bin/"/lame_enc.dll

    • Size

      158KB

    • MD5

      3c0ac9f753dd0c4ad3d46f5f6aa36aa9

    • SHA1

      f9138dbbe82174cb9c948aac92f3cf863221b105

    • SHA256

      c84100d52c09703e32951444bd7ba4e22c5d41193e7420aacbbc1f736f4c4e1f

    • SHA512

      bd7ade9cb90a2f3741cfcd8998c3548228c97592493004b0a0d6312058b9d4687a94fd4b22a67ee53a584de76b6dfd5835f6a691878e219ac7cb22c6524c32da

    • SSDEEP

      3072:na8YerOYT9VJ7esAHyKI70YFCO6l8BvXJKMIPv2vmwu/8xS/B+08:hY+FBPeH1QpY8vXJUPvbwXxS/UZ

    Score
    7/10
    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Target

      $INSTDIR"/bin/"/libxml2.dll

    • Size

      625KB

    • MD5

      37d9bf74558c5c4e7cd82e3d94ebb665

    • SHA1

      3d07dbe217f0ded73be5614c6774621a5c9080a7

    • SHA256

      8ed6747212836618800fff123d46759e864cf7369daf175c3e6d7a8a8c4e9b72

    • SHA512

      b0a2e430c7211921a68568ac19d5702acbf8e6aaf0d51dfb767d7f3c3939541d63bf771d6af15cd9e93436b52c5d83bad6ad3d18865f82dd1acbd589121fb271

    • SSDEEP

      12288:Rc2Y6o+rHr+Bd/uEfeffjd5Jc4RdhYRY+G:RnY6o+rHr+/uEfA5h73H

    Score
    3/10
    • Target

      $INSTDIR"/bin/"/win32pad.exe

    • Size

      48KB

    • MD5

      c64dafbcfa45da72cf40cfc6efd905ff

    • SHA1

      20a33d7ada02d96a6babd0b0e2765f792303bc58

    • SHA256

      2b1b0f375b7c7570bc641e88064b62e664f1ea81909381e92920953a536de86d

    • SHA512

      9eccd8107c024ca246d3b75ba90c6de83a009ebf0bfa40964b0bece53b51127414a40bd350a5dba0058135a6cf7de4f120e4972c6fe3cd2f320d98fdf15a7d84

    • SSDEEP

      768:iRsbn7J9p9wkYy4hNLPStjZGiV8G8by1btUNpSaoxgqC:/L7jp9DYtvocc8CJqmtC

    Score
    1/10
    • Target

      $PLUGINSDIR/System.dll

    • Size

      11KB

    • MD5

      c17103ae9072a06da581dec998343fc1

    • SHA1

      b72148c6bdfaada8b8c3f950e610ee7cf1da1f8d

    • SHA256

      dc58d8ad81cacb0c1ed72e33bff8f23ea40b5252b5bb55d393a0903e6819ae2f

    • SHA512

      d32a71aaef18e993f28096d536e41c4d016850721b31171513ce28bbd805a54fd290b7c3e9d935f72e676a1acfb4f0dcc89d95040a0dd29f2b6975855c18986f

    • SSDEEP

      192:7DKnJZCv6VmbJQC+tFiUdK7ckD4gRXKQx+LQ2CSF:7ViJrtFRdbmXK8+PCw

    Score
    3/10

MITRE ATT&CK Enterprise v15

Tasks