Overview

overview

7

Static

static

7

3050e391ab...18.exe

windows7-x64

7

3050e391ab...18.exe

windows10-2004-x64

7

$PLUGINSDI...me.dll

windows7-x64

3

$PLUGINSDI...me.dll

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...FC.dll

windows7-x64

3

$PLUGINSDI...FC.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$SYSDIR/distance.dll

windows7-x64

7

$SYSDIR/distance.dll

windows10-2004-x64

7

distance.dll

windows7-x64

7

distance.dll

windows10-2004-x64

7

doc/Money_...ipt.js

windows7-x64

3

doc/Money_...ipt.js

windows10-2004-x64

3

doc/RU_STR.js

windows7-x64

3

doc/RU_STR.js

windows10-2004-x64

3

doc/_1c.htm

windows7-x64

1

doc/_1c.htm

windows10-2004-x64

1

doc/_204-350.htm

windows7-x64

1

doc/_204-350.htm

windows10-2004-x64

1

doc/_35ndszayav.htm

windows7-x64

1

doc/_35ndszayav.htm

windows10-2004-x64

1

doc/_35numschet.htm

windows7-x64

1

doc/_35numschet.htm

windows10-2004-x64

1

doc/_35schet.htm

windows7-x64

1

doc/_35schet.htm

windows10-2004-x64

1

doc/_35selffirm.htm

windows7-x64

1

doc/_35selffirm.htm

windows10-2004-x64

1

doc/_adras.htm

windows7-x64

1

doc/_adras.htm

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    3050e391ab331127cbedc344c49bf5c6_JaffaCakes118

  • Size

    17.2MB

  • Sample

    240510-wf87fshg31

  • MD5

    3050e391ab331127cbedc344c49bf5c6

  • SHA1

    6b30bf239cfcbe13142a045e50700aed303b03ba

  • SHA256

    88c871fe1cae64d0a72103a3df002e9a192e6061f4f08eba3859c395abe948da

  • SHA512

    59c886f2441c9f8778e0df041999bbd01ea9f7041624b38c0b99bc1cd7ce62961cdef591e3a3110fff77262eafe845949f58d8a795fc655f03932536603f90b6

  • SSDEEP

    393216:gHlxV6D5uwCLifzjNDkcXRERqkPD/BrNJOVP8tx1+X:mUD5FuirdXm1DvJ2Ox1O

Score
7/10
executionupx

Malware Config

Targets

    • Target

      3050e391ab331127cbedc344c49bf5c6_JaffaCakes118

    • Size

      17.2MB

    • MD5

      3050e391ab331127cbedc344c49bf5c6

    • SHA1

      6b30bf239cfcbe13142a045e50700aed303b03ba

    • SHA256

      88c871fe1cae64d0a72103a3df002e9a192e6061f4f08eba3859c395abe948da

    • SHA512

      59c886f2441c9f8778e0df041999bbd01ea9f7041624b38c0b99bc1cd7ce62961cdef591e3a3110fff77262eafe845949f58d8a795fc655f03932536603f90b6

    • SSDEEP

      393216:gHlxV6D5uwCLifzjNDkcXRERqkPD/BrNJOVP8tx1+X:mUD5FuirdXm1DvJ2Ox1O

    Score
    7/10

    • Loads dropped DLL

    behavioral1behavioral2

    • Target

      $PLUGINSDIR/FontName.dll

    • Size

      8KB

    • MD5

      80fc669a19766341bf93e0814f206b07

    • SHA1

      f9ee3008abbf5d154dd705b20a5df274e78d320d

    • SHA256

      6f199ea45550e187d89dde24ec23fa64897c876abe98dec33d7b78363dd87ebc

    • SHA512

      02ee16524db98314c082f7098e3f56ed8546885f663a34b142a84442a7c08beb17ab9688a4b5bc05109284732c1db5db381b27ad63ef6d89e8aef5a31c732c0e

    • SSDEEP

      192:skXmDSN0DcNMrHuH5ZrmrK0ATftcYnXS:xwSAIAATVcYXS

    Score
    3/10
    behavioral3behavioral4

    • Target

      $PLUGINSDIR/InstallOptions.dll

    • Size

      14KB

    • MD5

      4cb36c62157fe5bf48aa7f20bc0a9eb0

    • SHA1

      ca194fb9ab75fbf23a0eb0814fd44996b5959210

    • SHA256

      a4774fa2602702951839d3d3a593f3b39e71e14c3fbab77bf6274935924d755b

    • SHA512

      fd141c0b8ead070b2b266344ad6e804df24a2dd578f78285ece6e003de35b4dfdac1ebbcc0ce2ca6f0a4e5673fc0e26639dcc5073e4e474d4ddcca9c6f978cdd

    • SSDEEP

      192:24n3T5aK+dHCMR1aQR9RuZl3WWmU7WYZsw1JpVGnrjJK72dwF7dBOne:Xn3T5KdHCMRD/R1cOnrjJ+BO

    Score
    3/10
    behavioral5behavioral6

    • Target

      $PLUGINSDIR/SimpleFC.dll

    • Size

      175KB

    • MD5

      941a7b4dc105c3487d2b2961dc6ccb01

    • SHA1

      ac71c5b759cabd78213748329909eaee60810d12

    • SHA256

      7274fe736fe36cdc8343b04fea6ff598ce384ead99ea94e4b47d4d329037331d

    • SHA512

      40b2067121366254a6ff048e05767c337ea3f811122f97a5ce283502b6b6bba3eb82b2637115e65772c8b32c6c1a8cf9f991b06731bf7e71ffe5a6cf026ed5e6

    • SSDEEP

      3072:l2sd6EP05etg+rKTTmYjcnPMdsRrdU+/mbM/AuaNoNglzppVn5OtcieI0Yr61u:Us4zIg+rKTTmnhfAoSxZ5O10a

    Score
    3/10
    behavioral7behavioral8

    • Target

      $PLUGINSDIR/System.dll

    • Size

      11KB

    • MD5

      4d3b19a81bd51f8ce44b93643a4e3a99

    • SHA1

      35f8b00e85577b014080df98bd2c378351d9b3e9

    • SHA256

      fda0018ab182ac6025d2fc9a2efcce3745d1da21ce5141859f8286cf319a52ce

    • SHA512

      b2ba9c961c0e1617f802990587a9000979ab5cc493ae2f8ca852eb43eeaf24916b0b29057dbff7d41a1797dfb2dce3db41990e8639b8f205771dbec3fd80f622

    • SSDEEP

      192:BPtkumJX7zB22kGwfy0mtVgkCPOse1un:u702k5qpdseQn

    Score
    3/10
    behavioral10behavioral9

    • Target

      $SYSDIR/distance.dll

    • Size

      76KB

    • MD5

      872e1736a0fa3f03ae58865bb02c7293

    • SHA1

      cd033b6f6f2a28e0222df5054b20ea1fdfcdd8f2

    • SHA256

      f5877c80863a073044cbf7434d350a8bc72ff7ae9bb9b0f4807f200445ea33d3

    • SHA512

      1050422ea45e3f2f2fbd41912cb146bafb8ac7676bb88f414084377e675b098eccbebeeed8a2cd48d952919c4bf7f6e20081743862b1b22a368c404d544e9d40

    • SSDEEP

      1536:hH29Nej6qX6/2g03pmragUWvCYqJwfWP41wz1eNtIJNwsl/SKqk:hWjepO2J3pmGgtnsv1eNPQ/tqk

    Score
    7/10
    upx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral11behavioral12

    • Target

      distance.dll

    • Size

      76KB

    • MD5

      872e1736a0fa3f03ae58865bb02c7293

    • SHA1

      cd033b6f6f2a28e0222df5054b20ea1fdfcdd8f2

    • SHA256

      f5877c80863a073044cbf7434d350a8bc72ff7ae9bb9b0f4807f200445ea33d3

    • SHA512

      1050422ea45e3f2f2fbd41912cb146bafb8ac7676bb88f414084377e675b098eccbebeeed8a2cd48d952919c4bf7f6e20081743862b1b22a368c404d544e9d40

    • SSDEEP

      1536:hH29Nej6qX6/2g03pmragUWvCYqJwfWP41wz1eNtIJNwsl/SKqk:hWjepO2J3pmGgtnsv1eNPQ/tqk

    Score
    7/10
    upx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral13behavioral14

    • Target

      doc/Money_FR_script.pas

    • Size

      7KB

    • MD5

      ac7d2b0ddb39121dcc119bf65e10c54c

    • SHA1

      b85568fa81704af2023ddecde6f5d722a83a7303

    • SHA256

      a130049f7a0faa98e2017cb8762df3622bec56c2e48e5e6480897b58a7301b52

    • SHA512

      fc4e94a7bff4b72b36a37095e483491451ab8b092311b7c47346bc50e418b7ee2d4c59d1d6308781c83eed82b48a7974b725bb721be9e37a15f41f6aa5c09083

    • SSDEEP

      192:/cBy0iG79bJQ4XVQM5L0kmYD6F+Tc4Lpuz4d0TKRhCthwjlMgLYPMH6rT5xQxEh:/IvTj8t2D5k

    Score
    3/10
    execution
    behavioral15behavioral16

    • Target

      doc/RU_STR.pas

    • Size

      4KB

    • MD5

      00ef5bd93028b54ce10c87f6a76d7ddc

    • SHA1

      49ce3c6da0fa44493474df5e5c019d4f230eceff

    • SHA256

      fe5a24a8811e55a071fcb906bb9e47250f5d2f6230a5a71bb299f94d4759d481

    • SHA512

      fc330f05718f1f88ae073bd0a057750c66c17866e536e4678367fcc555221134ac0c0d913ce41a644a768b3920ad98a41393acfecf5336514e85544c336f14e1

    • SSDEEP

      96:U+kUmuMbOw76n4ZIqV4VoJiTM5L0kmYD6F+Tc4Lpuz4d0TKRhCsg/B7/FEtkywD0:MUmFbJ64zVQM5L0kmYD6F+Tc4Lpuz4dL

    Score
    3/10
    execution
    behavioral17behavioral18

    • Target

      doc/_1c.htm

    • Size

      1KB

    • MD5

      d975bb6d6e9a1d39674e6b8f94af7002

    • SHA1

      347002dddbd44de6488a3fb866ec93f998833c03

    • SHA256

      f019026d0c07ee24b5410227df1cc660455f82662355de162ffd05e47ff8d1c6

    • SHA512

      83ee686ed732aef95f3d12291b8951ef6261dec693d4e9603fc4fa77e038bab2ae409a01a911bcb6d42f850b645e4282025bff8987ff43f8ce66cc260d678d7f

    Score
    1/10
    behavioral19behavioral20

    • Target

      doc/_204-350.htm

    • Size

      795B

    • MD5

      1d6a566345a671dd834560d2081c3155

    • SHA1

      65cf11a860bb266f14e0b8ac5537b19a8061c909

    • SHA256

      c241f457df46522da7c49d775a91994d78338a518f6644aed0f504cbfc386522

    • SHA512

      2f3f0e7af11d07e91e01352b33f73a1fe6fb7611552a2480ef2a16e730ff7d368d19c8c708a8a715154a29bd5ebdb25b3726383557da274489a4bceb3da49061

    Score
    1/10
    behavioral21behavioral22

    • Target

      doc/_35ndszayav.htm

    • Size

      1KB

    • MD5

      fe7a6959b113cc46755f21fbd69d2617

    • SHA1

      7f245630fbe39de398efe7d39c12b4857375690a

    • SHA256

      966954b50adda7dc5b1e9127d004018fb0af2a0f13268208ec021845359ec99d

    • SHA512

      eaf9186774ac20bb2271fb296aebda666e75834cf6f53da321845ec26a59fa445f2a0705ae24300ddcc4d49c11fa2e0e8a8cab979d6fcd36d07d2e4535fa18f9

    Score
    1/10
    behavioral23behavioral24

    • Target

      doc/_35numschet.htm

    • Size

      19KB

    • MD5

      ca62e3ad8a910ad5c35e13ea685d7b66

    • SHA1

      482a76ed26c66eb7d844e5a6b12e2c2370cd1dd3

    • SHA256

      1acf83ced0bcf60822c16ca05e1378e589c3c3b372b5cc21dcf6f94f9d6dbaca

    • SHA512

      247b7e3bd9c91331098dd273995d8f7dd3a37c1fc0ab52dc0eabaea01acbe24c7d60c05306684af077e2cb6e577eb04e1a203ab87f16b0fd2a1b9731b7f4187d

    • SSDEEP

      384:tu048my0x0kd40CuKLG6OZ2WTyCscVfC5Xzujx+9LrtyjF02bFF5LEOk74jyjVcj:E0488x0kd40CuYG6K2FQ16qjeLB1kvoY

    Score
    1/10
    behavioral25behavioral26

    • Target

      doc/_35schet.htm

    • Size

      3KB

    • MD5

      aa3aef7a74efa0e7565071bf03197e39

    • SHA1

      02ca16227fa6210c0a9cb029c6a7f232163410de

    • SHA256

      d13853431f35dfee433de2eb246e2394885a1c7c87c6c1857e0df5b0eea6aaa0

    • SHA512

      4e745da9af562d32105e758c959231b2353e2543ebbee6895202bcd4bc41d0d364f70be51036223796b7ebb21a77262dd91523dee73ff07b19e563c020e45edc

    Score
    1/10
    behavioral27behavioral28

    • Target

      doc/_35selffirm.htm

    • Size

      6KB

    • MD5

      6c4c3530f4cfbb6958173e03240192ae

    • SHA1

      20111cdc92d89dd3c4c4f616df01d4e26fdd359b

    • SHA256

      8bfc02ef55d3752a75b56283261839489321a9c04258a1aa4d5fb4dc1f636e32

    • SHA512

      c001d9b610de0c3bf364a02ba712ec1b672d8e69dcfd6d9c6408411608e804c3303b93ed8badff125e5f0ed0022c65dbd01d1634eb503c464f161d8ccc3b8b9b

    • SSDEEP

      96:e2TIv7nLd5t3mx2oPLiUw0z4LIFCx8SBUh38UGDbvHXxbf/HMk+CLBioL3A+Ndpy:e+IvpLIFCx7BUG9/pBlQ+NVw

    Score
    1/10
    behavioral29behavioral30

    • Target

      doc/_adras.htm

    • Size

      6KB

    • MD5

      cffcba1fc9c88b871eefe5087d15cf32

    • SHA1

      a13906b93fe8644a342dfd4c8be6482cde0ff1d9

    • SHA256

      768363b00388a04ef3a56a9a17c3f33d05c8c99da86aa356fbe25262cbc4289f

    • SHA512

      482d694458bec708a6728503221e3bf24a855c79c7fcec67830455e66a8f7f60358232bb4f6b440642ca228073528162eab6dac768998849ea830d3cd3ebb2cb

    • SSDEEP

      96:n/jcZRuZEEdE7uFZq4uNmepuMgb+oUnD+KdAK5RgmHICfIg9ddFixBuwxzgX6n+T:n/jO4EEOuFs4uNvuNPUnHAlxa6nrnVA

    Score
    1/10
    behavioral31behavioral32

MITRE ATT&CK Enterprise v15

Tasks

static1

upx
Score
7/10

behavioral1

Score
7/10

behavioral2

Score
7/10

behavioral3

Score
3/10

behavioral4

Score
3/10

behavioral5

Score
3/10

behavioral6

Score
3/10

behavioral7

Score
3/10

behavioral8

Score
3/10

behavioral9

Score
3/10

behavioral10

Score
3/10

behavioral11

upx
Score
7/10

behavioral12

upx
Score
7/10

behavioral13

upx
Score
7/10

behavioral14

upx
Score
7/10

behavioral15

execution
Score
3/10

behavioral16

execution
Score
3/10

behavioral17

execution
Score
3/10

behavioral18

execution
Score
3/10

behavioral19

Score
1/10

behavioral20

Score
1/10

behavioral21

Score
1/10

behavioral22

Score
1/10

behavioral23

Score
1/10

behavioral24

Score
1/10

behavioral25

Score
1/10

behavioral26

Score
1/10

behavioral27

Score
1/10

behavioral28

Score
1/10

behavioral29

Score
1/10

behavioral30

Score
1/10

behavioral31

Score
1/10

behavioral32

Score
1/10