c789f3686074617e1c909dfa6f93f472e494833c254a2eadb5ba948096412ce7 | Triage

Sharing

General

Target

2f82a626e189e3ee203c23954586cba9_JaffaCakes118
Size

28.8MB
Sample

240510-rhgsrsab5s
MD5

2f82a626e189e3ee203c23954586cba9
SHA1

e8e42be1a2d64cfc02f1890547c0ca1595c59764
SHA256

c789f3686074617e1c909dfa6f93f472e494833c254a2eadb5ba948096412ce7
SHA512

3ec51ff75869c772431499d989ff7dd34cc70b9d1f56e41f5ca2d8be33ab0a2e5d3a536cb78e59f272977084a2a3a4f411a8b4bf0c2fd59c05d010b681748eb8
SSDEEP

786432:0gzzJZO1TCJVJwpHPeYJzYcUdMKgIr7ldmCExS5vzE:PpZETCpKHmYVGdMKgIrholU5vg

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2f82a626e189e3ee203c23954586cba9_JaffaCakes118
- Size
  
  28.8MB
- MD5
  
  2f82a626e189e3ee203c23954586cba9
- SHA1
  
  e8e42be1a2d64cfc02f1890547c0ca1595c59764
- SHA256
  
  c789f3686074617e1c909dfa6f93f472e494833c254a2eadb5ba948096412ce7
- SHA512
  
  3ec51ff75869c772431499d989ff7dd34cc70b9d1f56e41f5ca2d8be33ab0a2e5d3a536cb78e59f272977084a2a3a4f411a8b4bf0c2fd59c05d010b681748eb8
- SSDEEP
  
  786432:0gzzJZO1TCJVJwpHPeYJzYcUdMKgIr7ldmCExS5vzE:PpZETCpKHmYVGdMKgIrholU5vg
Score

7^/10

discovery
- Executes dropped EXE
- Loads dropped DLL
- Checks for any installed AV software in registry
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  11KB
- MD5
  
  00a0194c20ee912257df53bfe258ee4a
- SHA1
  
  d7b4e319bc5119024690dc8230b9cc919b1b86b2
- SHA256
  
  dc4da2ccadb11099076926b02764b2b44ad8f97cd32337421a4cc21a3f5448f3
- SHA512
  
  3b38a2c17996c3b77ebf7b858a6c37415615e756792132878d8eddbd13cb06710b7da0e8b58104768f8e475fc93e8b44b3b1ab6f70ddf52edee111aaf5ef5667
- SSDEEP
  
  192:7DKnJZCv6VmbJQC+tFiUdK7ckD4gRXKQx+LQ2CSF:7ViJrtFRdbmXK8+PCw
Score

3^/10
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/kasearch.dll
- Size
  
  273KB
- MD5
  
  fa72134efe05fc7a2689e249f74c3f65
- SHA1
  
  f10c843b6cca133b7d7272ef8939a296c2b5162a
- SHA256
  
  e2ea47e381ceae1e9dfcbaef0c069c3eb66e6798efed79a98d117ea61043b2c6
- SHA512
  
  064b8e4cc09be97e0eed3444ef260c81cecd3c5a2aec8901247c4659326004444aeee347f7c5805417c6372fffcbf29a0d5fbe34de488e35e500bf53ac2e7cf2
- SSDEEP
  
  3072:Om872igieGB0eTcjgtQKfVvUtDgdTGYTFLieqsm61e1wpSH8hqvBwTtY8m4kBEN:J872DGCgTVs1gnTHmCe1ws8hqBF4eEN
Score

3^/10
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/setuphelper.dll
- Size
  
  425KB
- MD5
  
  31cbf1d1fe67d0f2fb06a76c537d9895
- SHA1
  
  4ca1882d38ec6ee6008b696366b4c9bb244e28e0
- SHA256
  
  7e5ee55ee9c2e482a8d8dadb00665ca2f93db74e95fe40c294f8518247a5f5f5
- SHA512
  
  95d8490c41a743f357f84b8b2236f4d6049fa7445e76ddd48f3efdc0fbddb6cc8f4f9dfa288880910eee18529afb85aec190dff728db8c76654c7f6568c06c9a
- SSDEEP
  
  12288:SuUj3aX/aS8pFrHBY9+QkO7+ftzFarhE1Rul:Sug3c8p9+YQk2+f/4l
Score

1^/10
behavioral7 behavioral8
- Target
  
  $_64_/$R2
- Size
  
  273KB
- MD5
  
  fa72134efe05fc7a2689e249f74c3f65
- SHA1
  
  f10c843b6cca133b7d7272ef8939a296c2b5162a
- SHA256
  
  e2ea47e381ceae1e9dfcbaef0c069c3eb66e6798efed79a98d117ea61043b2c6
- SHA512
  
  064b8e4cc09be97e0eed3444ef260c81cecd3c5a2aec8901247c4659326004444aeee347f7c5805417c6372fffcbf29a0d5fbe34de488e35e500bf53ac2e7cf2
- SSDEEP
  
  3072:Om872igieGB0eTcjgtQKfVvUtDgdTGYTFLieqsm61e1wpSH8hqvBwTtY8m4kBEN:J872DGCgTVs1gnTHmCe1ws8hqBF4eEN
Score

3^/10
behavioral10 behavioral9

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Software Discovery

Security Software Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10