aef46a1721c206f840f4dc420b17eb703e80ee3276e0cd73834123e14a013397 | Triage

Sharing

General

Target

257855b2b6a8dbfd1cb0c5d486d11e2b_JaffaCakes118
Size

2.2MB
Sample

240508-srnhcadb66
MD5

257855b2b6a8dbfd1cb0c5d486d11e2b
SHA1

6d7740766a5de86df001a39bce82b313de1eaef4
SHA256

aef46a1721c206f840f4dc420b17eb703e80ee3276e0cd73834123e14a013397
SHA512

12c1d3d75ce086f0ca8ed34c3b1a7cf172cb950007172d9ae53c8234de226be04f29301d1f34ac204ec8cfb9031141b66ac31a31101cdf342dbb1201ddb71e6a
SSDEEP

49152:dgWFAS1CetCGJTt2MOSzSAUXMQU2NjXJw0FmWYSx4SJvJ7ZRLeduX:Xt1T9t2MOSfmMLWjXJw0FmWYQvJtgduX

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  257855b2b6a8dbfd1cb0c5d486d11e2b_JaffaCakes118
- Size
  
  2.2MB
- MD5
  
  257855b2b6a8dbfd1cb0c5d486d11e2b
- SHA1
  
  6d7740766a5de86df001a39bce82b313de1eaef4
- SHA256
  
  aef46a1721c206f840f4dc420b17eb703e80ee3276e0cd73834123e14a013397
- SHA512
  
  12c1d3d75ce086f0ca8ed34c3b1a7cf172cb950007172d9ae53c8234de226be04f29301d1f34ac204ec8cfb9031141b66ac31a31101cdf342dbb1201ddb71e6a
- SSDEEP
  
  49152:dgWFAS1CetCGJTt2MOSzSAUXMQU2NjXJw0FmWYSx4SJvJ7ZRLeduX:Xt1T9t2MOSfmMLWjXJw0FmWYQvJtgduX
Score

7^/10

discovery persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2
- Target
  
  $1/$APPDATA/MediaPlayerApplication2/uninstaller.exe
- Size
  
  40KB
- MD5
  
  a489ffddf0ab3bdf017ee442c0340ad1
- SHA1
  
  bc7cebaa2a1b943beec18e5e8ef9ad20fd1381fc
- SHA256
  
  bc1264fe953cb252d78766a1f51befaf4e8116ebfd8f92183b03942e5ddb6037
- SHA512
  
  f4cb3a7c6844320e5327a72d2d1018c68c56bb29eea90a07e97b81c4a3c7d91bdfe32ae24e192d4a101ac077f091d8d75e69d94a64bac63259b32fb8f4127937
- SSDEEP
  
  768:UJKOdm9o29rJYypQJ2JQJXJuKU+duC1ZHQ0D3LHSGiVNuUJRnEmCp:kTdm9B9lYypfMXvugHQ0DbLiNuyK
Score

7^/10
- Executes dropped EXE
- Loads dropped DLL
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/nsProcess.dll
- Size
  
  4KB
- MD5
  
  f0438a894f3a7e01a4aae8d1b5dd0289
- SHA1
  
  b058e3fcfb7b550041da16bf10d8837024c38bf6
- SHA256
  
  30c6c3dd3cc7fcea6e6081ce821adc7b2888542dae30bf00e881c0a105eb4d11
- SHA512
  
  f91fcea19cbddf8086affcb63fe599dc2b36351fc81ac144f58a80a524043ddeaa3943f36c86ebae45dd82e8faf622ea7b7c9b776e74c54b93df2963cfe66cc7
- SSDEEP
  
  48:Sz4joMeH+Iwdf8Rom/L+rOnnk5/OCnXeAdbdOAa4GPI+CJ87eILzlq7gthwIsEQW:64c/eFdfS/SSnkxNa4G+ueqPuCtGsj
Score

3^/10
behavioral5 behavioral6
- Target
  
  $1/MediaPlayerApplication.exe
- Size
  
  170KB
- MD5
  
  3cdc437ac9a03a6cca99d618cd397da4
- SHA1
  
  6a331756c30bb7777c2c7e6c07ca0562d7f500c8
- SHA256
  
  de24fb81d20c2aacb66f419c6e523416cf61c5ea5de3af0e25ed4eb301f3a6f2
- SHA512
  
  9aad7f0bdbe7d126b32fca359c3498888820edef9d23d866e5a481be877cd59e4da4944869ccd022581b332945ebecb9fb21d82cddf319a6480c722a23fc7015
- SSDEEP
  
  3072:Z2uFE3QmEvR2uny7A0Sn/ZXCequFF0uTTTHoYwHQh:ZrFEAmgRbHB
Score

1^/10
behavioral7 behavioral8
- Target
  
  $1/MediaPlayerInstallerStuff.exe
- Size
  
  115KB
- MD5
  
  18226dce3f8a67d3ed65c2d1a9f3b348
- SHA1
  
  59e983233a0c9ae32348fed758b14ec29cb1f987
- SHA256
  
  c748afc480f03f7e24b3eba8306ef108da235c39ee134a744363e2c22ed7afea
- SHA512
  
  46a18c49829afa289795ca4dac85931d60d60a1e52238841ec288d18c802aa2be6f8b3f14130ea25f86c73c37f89875b9b6f4743dcb05959e83614ad1c8b3efd
- SSDEEP
  
  3072:3EBc9sDrDQosHJYmdvwKPyy1eKLzxgd+1f2v02luo:ulIpY9Pzd+1fWY
Score

1^/10
behavioral10 behavioral9
- Target
  
  $PLUGINSDIR/nsProcess.dll
- Size
  
  4KB
- MD5
  
  f0438a894f3a7e01a4aae8d1b5dd0289
- SHA1
  
  b058e3fcfb7b550041da16bf10d8837024c38bf6
- SHA256
  
  30c6c3dd3cc7fcea6e6081ce821adc7b2888542dae30bf00e881c0a105eb4d11
- SHA512
  
  f91fcea19cbddf8086affcb63fe599dc2b36351fc81ac144f58a80a524043ddeaa3943f36c86ebae45dd82e8faf622ea7b7c9b776e74c54b93df2963cfe66cc7
- SSDEEP
  
  48:Sz4joMeH+Iwdf8Rom/L+rOnnk5/OCnXeAdbdOAa4GPI+CJ87eILzlq7gthwIsEQW:64c/eFdfS/SSnkxNa4G+ueqPuCtGsj
Score

3^/10
behavioral11 behavioral12
- Target
  
  $R1/mplayerc.exe
- Size
  
  4.2MB
- MD5
  
  e379e2e71017a9c9dccc0745dcc93513
- SHA1
  
  a22081f0620fc1c93c2816b8e87559eb962d6dc4
- SHA256
  
  fe2bceb7f99dfc746c8f76aa9a3120ab6716cb17d356d5ef95f4fb84a69d8039
- SHA512
  
  427d35ac0438ae1d70b16b5ba155070a23712b63858b8bf21a780af4201eef6ed6a9df3a1e6f7abb3ac4d24c7b75ba84c1b994f8837eee289a5a6b5c7799605f
- SSDEEP
  
  98304:ttMTnL3f/iIcTXZR1qU7FWG9MMVbFqo5cs+lzamVqIARzAXos3wcYM1dYoUAxdEr:nkbeNR9Lqo5cs+lzamVqIARzAXos3wcE
Score

1^/10
behavioral13 behavioral14

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoverypersistence

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14