7d93356ce79e5c931bc2951c4284d42fc9210c8e130ffec7833463f3d7aaaa75

Sharing

Copy URL

Twitter E-mail

General

Target

12bcdb449b0071b8451c4887a87efef9_JaffaCakes118
Size

5.5MB
Sample

240504-pnbslagg44
MD5

12bcdb449b0071b8451c4887a87efef9
SHA1

34f179932ac93e0bf92c2fd8cd9fd44d479742fe
SHA256

7d93356ce79e5c931bc2951c4284d42fc9210c8e130ffec7833463f3d7aaaa75
SHA512

7be9f14b0535f8b43789136349d6725af474b5ab3820f74928a4ec2bcdd6df4747b8644937908a1a87c7d8e7d88db88505a6954861705077ab2bebdbf8ccc0a8
SSDEEP

98304:l7vDN1vO9D5WE8YvH/UoGPiYaq1g5ox28qHIHic0SKVdIcVOteMO9hLQPZFTXjOF:l7bsfP/FGPEox25Hcwgc8eR9qtOFjeGb

Score

7^/10

discovery upx

Malware Config

Targets

- Target
  
  12bcdb449b0071b8451c4887a87efef9_JaffaCakes118
- Size
  
  5.5MB
- MD5
  
  12bcdb449b0071b8451c4887a87efef9
- SHA1
  
  34f179932ac93e0bf92c2fd8cd9fd44d479742fe
- SHA256
  
  7d93356ce79e5c931bc2951c4284d42fc9210c8e130ffec7833463f3d7aaaa75
- SHA512
  
  7be9f14b0535f8b43789136349d6725af474b5ab3820f74928a4ec2bcdd6df4747b8644937908a1a87c7d8e7d88db88505a6954861705077ab2bebdbf8ccc0a8
- SSDEEP
  
  98304:l7vDN1vO9D5WE8YvH/UoGPiYaq1g5ox28qHIHic0SKVdIcVOteMO9hLQPZFTXjOF:l7bsfP/FGPEox25Hcwgc8eR9qtOFjeGb
Score

7^/10

discovery
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2
- Target
  
  $INSTDIR"/OpalViewerUninstall.exe"
- Size
  
  33KB
- MD5
  
  f6dfe8bc82bd1e1152afa6ee3fac4646
- SHA1
  
  18320868bc2fb7446f009254bb2d3cb7646b7f09
- SHA256
  
  541e22d9e35f613427ba76ed6c5b9e6302b91488496ce2995df6f4a9653b842f
- SHA512
  
  2f7e8cf844af80269beddf6f9e9cdd9fc637ba1039425c40603f24e0da1c44debff3e0506a5be939d592352426fe43f9fa66d47528a15c4b4f33d61dd2907ab5
- SSDEEP
  
  768:l1cVhpQI2EQK0iPDh84nScF15GYbWjXO3XJjJRnypHxSh:TQpQ5EP0ijnRTXJ+Ah
Score

7^/10
- Executes dropped EXE
- Loads dropped DLL
behavioral3 behavioral4
- Target
  
  $INSTDIR"/bin/"/$OUTDIR/OpalPreFetchListener.exe
- Size
  
  3.0MB
- MD5
  
  09fb5ad76eca6b305f7a39dcc118da05
- SHA1
  
  87fdea53c2c5e1206e96324a4b0cd2b4ebc50330
- SHA256
  
  cf08e4185f69e2515de0319bd6b730ca2bda4f8273b6f8cd5604ee1fbddf7801
- SHA512
  
  53183e6d17e87c2dfc945f7602e69741dc98e24d67332e936d6dc0bb8ce52fc25667fa64e95752bf614ee6b9ec0c56ae27a895f252008f5d84cc47f9a06e2105
- SSDEEP
  
  49152:BZemog2rOh1/oyc0V+HUSqCAwsKEeylDXZdHOue+pDLOYada+C/n4FtnJCf0o:BZemovqJoycA+hMKEeyFXHO+OZda+dkB
Score

1^/10
behavioral5 behavioral6
- Target
  
  $INSTDIR"/bin/"/GdiPlus.dll
- Size
  
  1.6MB
- MD5
  
  4d328694bb516e46d2d184950d94433f
- SHA1
  
  9b31771a8c201b74c846da1f1a254866dc2f912d
- SHA256
  
  8199452af9e5289c126d0ff9d99f2302c52861ec49008702b7f95d64d316383c
- SHA512
  
  dadf21cb702e309ba0f271e13a9c3e9d4bdb5cdd79699d331242c988c591716c265c11fb5a35a8b0d5892861d1c6d519ace228f2d4fcf0d3e604e33be4fa7cd2
- SSDEEP
  
  24576:GSWwWpX3g7mgl074FUSIgi3g4bMG0x15IMQMLklslaswMeEd5DoQbcnO5c/K:GhwltF7C3/ouMvoslp3on
Score

3^/10
behavioral7 behavioral8
- Target
  
  $INSTDIR"/bin/"/NMSAccessU.exe
- Size
  
  69KB
- MD5
  
  b400ed9fa710f2e5fc3c1cb14d7947b0
- SHA1
  
  d77f613f01fab94575e9adb15965290fb711ed07
- SHA256
  
  b24739b43153df0159876526c5437f66f6037c614335e6d2b11afc1950eab032
- SHA512
  
  6f46721c86b7ce0775919513c3c4014e88a1d62b75ea78bf35ffebd83cd50f1977fcc7ba0222350b70de94915b1e26cc06c25e1cc1ecc7ea480f947d4deebf01
- SSDEEP
  
  1536:A1AQz0jegsvE7bpkkmxrMaUFc1kqZCg2tgn4sC:CAQhgl7bLmYqZCHtgnBC
Score

1^/10
behavioral10 behavioral9
- Target
  
  $INSTDIR"/bin/"/NMSDVDXU.dll
- Size
  
  1.2MB
- MD5
  
  8f2e118719c0a8329ef00b58bb256483
- SHA1
  
  a9b426f52a7f931e2a268e28b25d93249ac515ee
- SHA256
  
  5fdbd14f8b88d21b58a138433c035031fb6a8c6be756b828dc126fce426dee70
- SHA512
  
  9ebe4c54556ab09f7fb7792f35ceb7459b7c306c08f3806bc28f7345020eac44f0a88ad9fab631bed5523112eddeb28d3cca03734ede4443cde4660b35f05007
- SSDEEP
  
  12288:syFGsBFzQWdOpRrrOgYQw4E+qbcDxh0X3e5F/oaCDMYUKLv+nU4LcHqaB3sg:sNs/ROpRef7bkxRjYXz+jL+qw3sg
Score

1^/10
behavioral11 behavioral12
- Target
  
  $INSTDIR"/bin/"/OpalPreFetchListener.exe
- Size
  
  2.9MB
- MD5
  
  84d20300bb7610edccaface9aaa57c48
- SHA1
  
  7735989d0fd2f0ef226bc3dae7d0b5f3585ae7a5
- SHA256
  
  6f5dca6c5260bec1bdd951a4bd9d22d89c0969f7511980331589d45d2b7cbb4f
- SHA512
  
  c156b383f77a190105cb864230fe6822fbeb34abfda65107d06e6c858b4199465797568e7c46994609591019b23a31fc72b61053f6e0fff419f511bdc5a891e4
- SSDEEP
  
  49152:FZemog2rOh1/oyc0V+HUSqCAwsKEeylDXZdHOue+pDLOYada+C/n4FtnJg:FZemovqJoycA+hMKEeyFXHO+OZda+dS
Score

1^/10
behavioral13 behavioral14
- Target
  
  $INSTDIR"/bin/"/OpalViewer.exe
- Size
  
  8.7MB
- MD5
  
  e0f2ab5c6bda9d8a19e676228c11013f
- SHA1
  
  acd5bfaa8523a43c034cdbe0429cbdfd0957b342
- SHA256
  
  2c421b0d56b61cd21f04f9cb3589900625a70dff453fb96aee90d4a1fc87b78f
- SHA512
  
  2ccc14927af80a0dbb40a58fae691ff89ecf4e864ce24e20ec588a8b68b388a2460173d8b7a7be5c84264503827430f27efb6ebf8767adefb06f8e8c275b7244
- SSDEEP
  
  196608:oWg7jt+oBzznrU4AqXh/BwPWpGpf2CKHe:oWKbnrU4oPWpGpf25He
Score

1^/10
behavioral15 behavioral16
- Target
  
  $INSTDIR"/bin/"/OpalWebKicker.dll
- Size
  
  552KB
- MD5
  
  a4bde4b2b0c5423a05fc497057a64fbb
- SHA1
  
  3f0d2862c31fe4fc018cb48ca202e87e6b15046f
- SHA256
  
  d4d980aa2ffcdb68a9984f31fa49f64bd491476a39d1169b0a5efe153a4f7f4a
- SHA512
  
  53b68a903ef916ccfa39e39b32cfba4da914879e6fea6946ced74e0320b475d5798dd297991bca1af71e63074d5611ef64c6f2e5bbb0d0de89b2f81188bd6c29
- SSDEEP
  
  12288:UMz1oPEKZG8uNEZorJ2NaInSZFt6ol9p1E+KdwFYW:D5oPJZG8qoQJaaISZaol9pi+YW
Score

1^/10
behavioral17 behavioral18
- Target
  
  $INSTDIR"/bin/"/VizMMC.ocx
- Size
  
  1.1MB
- MD5
  
  9e27fa1bbb7bf9a826d9092c69e79e4b
- SHA1
  
  78a0f434aec0e14e4654dce1fd7515ac22a9daaa
- SHA256
  
  b5fd602a3f7228fc2978e00dc7c50869f9bde6c351391894a299c186301454c8
- SHA512
  
  c29acfbe00e416667880d0d2c37ff1ad75f27dbb209129a9bc451c5c7df409c597c38fa26245b57b7e46f4dc39315e4647313c6762f45462cc258a12aa4ee165
- SSDEEP
  
  12288:3j8HUCCcvoVAyfgmZX4H/kLZQw418nVD5ZroY4sek3eBiM5gjtpaNO:z8rFvaZXg/kLZQmnRjkY41ku5i/G
Score

1^/10
behavioral19 behavioral20
- Target
  
  $INSTDIR"/bin/"/WinTail.exe
- Size
  
  52KB
- MD5
  
  3a5bb63758bf6b7d9db7302282905fc9
- SHA1
  
  da9e4d73245685a5ab8d3c97985bcf4c1e5ce901
- SHA256
  
  f0bd288e745ded5dec8b55d16d8f85ec787caeafb9de09b67d751a6c7404cbaf
- SHA512
  
  745a4dc70c6dd64ee728308e049b3c55df9b2484ceee3662f0c6196507d8c8f5f20c582e550e63c817626bb4e53c59f23fb18f044340c857d351b3e129ecbf9f
- SSDEEP
  
  768:yaVsCWUeA96qbmALOV96YEVZeT/u1bmVm1gD8B5zxtHtZ/mKFInHOiB9uOcchdYO:9GEVZeTUS+NtNNmKFIntcYdYgo2J5
Score

3^/10
behavioral21 behavioral22
- Target
  
  $INSTDIR"/bin/"/lame_enc.dll
- Size
  
  158KB
- MD5
  
  3c0ac9f753dd0c4ad3d46f5f6aa36aa9
- SHA1
  
  f9138dbbe82174cb9c948aac92f3cf863221b105
- SHA256
  
  c84100d52c09703e32951444bd7ba4e22c5d41193e7420aacbbc1f736f4c4e1f
- SHA512
  
  bd7ade9cb90a2f3741cfcd8998c3548228c97592493004b0a0d6312058b9d4687a94fd4b22a67ee53a584de76b6dfd5835f6a691878e219ac7cb22c6524c32da
- SSDEEP
  
  3072:na8YerOYT9VJ7esAHyKI70YFCO6l8BvXJKMIPv2vmwu/8xS/B+08:hY+FBPeH1QpY8vXJUPvbwXxS/UZ
Score

7^/10

upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral23 behavioral24
- Target
  
  $INSTDIR"/bin/"/libxml2.dll
- Size
  
  625KB
- MD5
  
  37d9bf74558c5c4e7cd82e3d94ebb665
- SHA1
  
  3d07dbe217f0ded73be5614c6774621a5c9080a7
- SHA256
  
  8ed6747212836618800fff123d46759e864cf7369daf175c3e6d7a8a8c4e9b72
- SHA512
  
  b0a2e430c7211921a68568ac19d5702acbf8e6aaf0d51dfb767d7f3c3939541d63bf771d6af15cd9e93436b52c5d83bad6ad3d18865f82dd1acbd589121fb271
- SSDEEP
  
  12288:Rc2Y6o+rHr+Bd/uEfeffjd5Jc4RdhYRY+G:RnY6o+rHr+/uEfA5h73H
Score

3^/10
behavioral25 behavioral26
- Target
  
  $INSTDIR"/bin/"/win32pad.exe
- Size
  
  48KB
- MD5
  
  c64dafbcfa45da72cf40cfc6efd905ff
- SHA1
  
  20a33d7ada02d96a6babd0b0e2765f792303bc58
- SHA256
  
  2b1b0f375b7c7570bc641e88064b62e664f1ea81909381e92920953a536de86d
- SHA512
  
  9eccd8107c024ca246d3b75ba90c6de83a009ebf0bfa40964b0bece53b51127414a40bd350a5dba0058135a6cf7de4f120e4972c6fe3cd2f320d98fdf15a7d84
- SSDEEP
  
  768:iRsbn7J9p9wkYy4hNLPStjZGiV8G8by1btUNpSaoxgqC:/L7jp9DYtvocc8CJqmtC
Score

1^/10
behavioral27 behavioral28
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  11KB
- MD5
  
  c17103ae9072a06da581dec998343fc1
- SHA1
  
  b72148c6bdfaada8b8c3f950e610ee7cf1da1f8d
- SHA256
  
  dc58d8ad81cacb0c1ed72e33bff8f23ea40b5252b5bb55d393a0903e6819ae2f
- SHA512
  
  d32a71aaef18e993f28096d536e41c4d016850721b31171513ce28bbd805a54fd290b7c3e9d935f72e676a1acfb4f0dcc89d95040a0dd29f2b6975855c18986f
- SSDEEP
  
  192:7DKnJZCv6VmbJQC+tFiUdK7ckD4gRXKQx+LQ2CSF:7ViJrtFRdbmXK8+PCw
Score

3^/10
behavioral29 behavioral30

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Loads dropped DLL

Checks installed software on the system

Executes dropped EXE

Loads dropped DLL

UPX packed file

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30