05e9bb0df411e4c57a2d41a6d5aa59e3669dffe8e47894c2c620147b64e950e4

Sharing

Copy URL Twitter E-mail

General

Target

36e4c155874405e78af27f9629aaa47e_JaffaCakes118
Size

1.0MB
Sample

240511-2gw66scc2w
MD5

36e4c155874405e78af27f9629aaa47e
SHA1

a0b96af7f1889b67df8a25dbcb2d21ab9fae6c75
SHA256

05e9bb0df411e4c57a2d41a6d5aa59e3669dffe8e47894c2c620147b64e950e4
SHA512

3268a107b8c9d99c16176eaa586f378fb34f3b99b332a2314aa39e09b2bf7fdd34464de8a608fd0fec27a7403188f3017953f9c47c7c199f91646708ec24ef12
SSDEEP

24576:f+RBEimd9kjEYZKlKVjXwUFl70i8lJj/gr0fh9:2YNfuEP2vFlejb59

Score

7^/10

execution upx

Malware Config

Targets

- Target
  
  36e4c155874405e78af27f9629aaa47e_JaffaCakes118
- Size
  
  1.0MB
- MD5
  
  36e4c155874405e78af27f9629aaa47e
- SHA1
  
  a0b96af7f1889b67df8a25dbcb2d21ab9fae6c75
- SHA256
  
  05e9bb0df411e4c57a2d41a6d5aa59e3669dffe8e47894c2c620147b64e950e4
- SHA512
  
  3268a107b8c9d99c16176eaa586f378fb34f3b99b332a2314aa39e09b2bf7fdd34464de8a608fd0fec27a7403188f3017953f9c47c7c199f91646708ec24ef12
- SSDEEP
  
  24576:f+RBEimd9kjEYZKlKVjXwUFl70i8lJj/gr0fh9:2YNfuEP2vFlejb59
Score

7^/10
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/BI.exe
- Size
  
  75KB
- MD5
  
  6964bdfaed9fee6a60e24928a45c3c85
- SHA1
  
  57f9ae81840ae02483c9191e4f9d0209b033c817
- SHA256
  
  209b8cef0922660712526d81e593e4e367e848f255d686771e7914ea701ff7a5
- SHA512
  
  266df60f87737c4f9c0780a58bfb36eeef5c765e12fcc8c70d6a05e468e879acaf3c90fd7add1cc8cec39268d949a0509741ca61ffad09ec94bd7315ef4c6be5
- SSDEEP
  
  1536:KVdePelp2Xy+tuQOzOYE5aXPni9F8yggK0acQ2XzDvn:lweqOYEUXPni/vn
Score

7^/10
- Loads dropped DLL
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/DownloadACC.exe
- Size
  
  168KB
- MD5
  
  b0173f2ae31b0fbbe53c3e77476f244e
- SHA1
  
  3e2420113e5857e1828d8df67af0acabe2f12972
- SHA256
  
  f5c1e89c49ff0b4fc83bd304d98982038afb2db90cf137dc20f267f2edf9418a
- SHA512
  
  206eb35466812302d31fc5e8d4829301a0c5d606bfe3d9ac02bbbdcfae1781408f839d4f282dced00eb8b04e5ccb9b58a178e1af65be5461ab623949c9ab5a67
- SSDEEP
  
  3072:LweqOYEUXPnwrtdTYlcdkjmz1LWWlCiCoRWVugrhZurKjx6Cqbf2SDX0yCmM:EEUXyvYesmZiyCiCosXhZuu8f2SnM
Score

7^/10
- Loads dropped DLL
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/FirefoxHandler.dll
- Size
  
  36KB
- MD5
  
  297f686666aab3309cabc430199dfd10
- SHA1
  
  0e57ded3db82a5c6de284a6fa93cc38bb8834ac9
- SHA256
  
  6eef17cfaa4e4420f41a5e80c2fc49f4c1b8e44c8b648982c5cf5311fbd91dca
- SHA512
  
  39ba6a6523df27c9e4e5d764a6ddde8129bbf80800b4b660354307d2601e84ed0783a6c035c5c1411a12177f95617db43d7ae2f3b0a2f5389d4d2681276196ac
- SSDEEP
  
  768:J92TwvrKHG8lvQdxk/+IX19elUSrMQLisawIUqoULdAOfK+2+ZI:X2kvkyxkWIF9elU1+ALWOfZZ
Score

3^/10
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/OCSetupHlp.dll
- Size
  
  842KB
- MD5
  
  5b8d0d2cd9d60412262f166e15357961
- SHA1
  
  cab78c31f513d1f2bf43205af88a3bbfab11b1ca
- SHA256
  
  2c028b33da28063270a7c4f7f8affafdea63a766627178cb166253f14f3a4c4e
- SHA512
  
  e4a05b5479c1b9edc49d36356e1a7e212cc100f11d600bae8d6303a6c1e1ed329c10eaa1d5228860d3a7999147bc8c920c07f3acaf197f1b8df955a583c7230f
- SSDEEP
  
  12288:b+wnK6z+X9XgFnDgQlOpmtZkYZYiWRREaQDEK/8MoSTLyrQCT30:iTdwZDgQ4p2ZkCYHtQIK/8M7TLyrQe0
Score

1^/10
behavioral10 behavioral9
- Target
  
  $PLUGINSDIR/ProxyInstaller.exe
- Size
  
  80KB
- MD5
  
  ae46810a8cc8046a8f396387a784d7de
- SHA1
  
  e5abea4b477c2d9a2453ba07e62401ea2cceb9db
- SHA256
  
  12cef05324704a9b50fc4629ec859ba85acfb134ae289b710d19fe978450fdf5
- SHA512
  
  4c62a1fb36f4a61facb15b5a7115f3dd111352cd30928ecc73a33a92262571ef9c067196512558d019612df1dfeb12d024a44d9d08e51432c9fca0de92c5bc40
- SSDEEP
  
  1536:xVdePelp2Xy+tuQOzOYE5aXPnXF8OrVSoemJzNhb+NyfE6q/P63:iweqOYEUXPnfrVSZmJzNU4fk/P63
Score

7^/10
- Loads dropped DLL
behavioral11 behavioral12
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  17KB
- MD5
  
  a4f38d1c7a480f5da1bb8097b8b939db
- SHA1
  
  b3129c2a0e61881381463f5e0cbbffa573daa845
- SHA256
  
  e1180e1e3344c7536150275e33de53dc1dd1a3ca03be66c4d4875fe5bcd4e436
- SHA512
  
  fed89f7ee9364fc2f4b9f82c4563713497043947e98dbb03e7d755681adf3ae661aba80d08e59988a23695fc64481b69d9842b7ec7d2b572cc872c4c9957febc
- SSDEEP
  
  192:WN2gQuUwXzioj4KALV2upWzVd7q1QDXEbBZ8KxHdGzyS/KxKb+nYe+PjPArJUxVy:tJoiO8V2upW7vQjS/0nYPLWUHWteMy8v
Score

3^/10
behavioral13 behavioral14
- Target
  
  $PLUGINSDIR/WebApp/Css/PIE.htc
- Size
  
  39KB
- MD5
  
  a219e20e2678b66b24b9067a2e228a8d
- SHA1
  
  a942a10f546102c2e93919992619c28a17d140d6
- SHA256
  
  172eaf95ae8ee7073d7d2d20a11b13eaaf0a355d426f0c839a06296c534db344
- SHA512
  
  e43b5a432994b2508434520630282718cf6d2c83dce16f53f24279a199c5588b57216150f33c9ea16309fdb58b54b71562695583ee058ce76946cde244237ba9
- SSDEEP
  
  768:SjRVYqD2v6Bgpcb5J9Ohl9ohgQoieFViNLCZac9Z0A5v:SjRVcyu+b5Dmog1ieFRZp9ZJv
Score

3^/10

execution
behavioral15 behavioral16
- Target
  
  $PLUGINSDIR/WebApp/Failed.htm
- Size
  
  5KB
- MD5
  
  27df5779326e5c88bacfb3d5296f7eb1
- SHA1
  
  31b4a4256c12a72f1b197cd84e465e6e57aea23d
- SHA256
  
  9bd5c5bda9151c75f85d9e1a0b58e65ffce04f2d056b083b954f9ed092d7e904
- SHA512
  
  9bba22244471569b1acc2403af4a0e223bfe005d54918c83edc294f126a76e9538450eb399a3832ef01518758cda618f786fd05e7d543c5367ff21258f73dd7a
- SSDEEP
  
  48:QrA9QWWrR3XcJ3EHBVQ5xBxw7z7y4EfpyyxgQvdvHlbFsGhLh48gpPPeBX4yVwJW:vmQ3EYXygfpyyxgsHJh48gpyVwJtSf
Score

1^/10
behavioral17 behavioral18
- Target
  
  $PLUGINSDIR/WebApp/Js/API.js
- Size
  
  9KB
- MD5
  
  0c1797a7fe8c65cf36ca5bc35aad0ff7
- SHA1
  
  b2754700c45211e641a59c1ddf55f47d55d43bdc
- SHA256
  
  85ec98a0fc8ff6c202e0a01142814a5a5438a71636a4025a2a8506cc7b22edba
- SHA512
  
  76e5eefc894f815099e8360d89253505b8f29974b71d63e0a5e0636e6db9f8793bf11e992140b89d478a856402741222ad0bf2acff72f95d13fb60b370b13231
- SSDEEP
  
  192:ukS/WVXrXxcuci15hDdAiMQEFp8BOFYR6j:ukSscNi1jdx28BNRu
Score

3^/10

execution
behavioral19 behavioral20
- Target
  
  $PLUGINSDIR/WebApp/Js/ExternalParams.js
- Size
  
  170B
- MD5
  
  9bb9bbd6f5283938a2d39dc98ef9c788
- SHA1
  
  e64df5bbe2a82fba4f5b6574325699c2a9f06791
- SHA256
  
  7caa0ac51df1796f4cc081616124cbf227bf7d8d83379c39b693fb3701a45a65
- SHA512
  
  eb5f19f33939062a441259ef8424ec116026d7b042496228dbc5b8311e196b7824f2b15f0847975aae9a617890f47d81c9274f102aaf964f877a531524c3ae9b
Score

3^/10

execution
behavioral21 behavioral22
- Target
  
  $PLUGINSDIR/WebApp/Js/PIE.htc
- Size
  
  39KB
- MD5
  
  a219e20e2678b66b24b9067a2e228a8d
- SHA1
  
  a942a10f546102c2e93919992619c28a17d140d6
- SHA256
  
  172eaf95ae8ee7073d7d2d20a11b13eaaf0a355d426f0c839a06296c534db344
- SHA512
  
  e43b5a432994b2508434520630282718cf6d2c83dce16f53f24279a199c5588b57216150f33c9ea16309fdb58b54b71562695583ee058ce76946cde244237ba9
- SSDEEP
  
  768:SjRVYqD2v6Bgpcb5J9Ohl9ohgQoieFViNLCZac9Z0A5v:SjRVcyu+b5Dmog1ieFRZp9ZJv
Score

3^/10

execution
behavioral23 behavioral24
- Target
  
  $PLUGINSDIR/WebApp/Js/ProgressBar.js
- Size
  
  3KB
- MD5
  
  44c16c5226c1593c195f514057061fb7
- SHA1
  
  bb4bd98314ac68c40031b66d0f035762a1b6666b
- SHA256
  
  4e57a7a100fa635c7bb1a451633eb6b628edaba4b78c625c828450ad819478c9
- SHA512
  
  5bce64414d49a6fc9b2094d6214c3e767c12cebb262957693661c7c4e440bfe233ee23e6226b73536d848f53d25399de711cb302c824e106dabc361ce7e1d99f
Score

3^/10

execution
behavioral25 behavioral26
- Target
  
  $PLUGINSDIR/WebApp/Js/Store.js
- Size
  
  5KB
- MD5
  
  2a9c08cfa638e2df0a2eb2670a42bd2d
- SHA1
  
  0ef46601f45f8ddf374606d8bfce726ad454420c
- SHA256
  
  ff6e4c551b8ddaf524442408be57c0ca17befd6aad9570897d7ed3f96a240394
- SHA512
  
  d8d6407f9f020f6e8a623e87ff36c3f528de9765706418c27d776838fc20a771837e146590e8acb1b6e9f017d8db4176d5c53c81777b89fc6ef60bc68e31bc63
- SSDEEP
  
  96:5xz3uYpl3U6bgcp1RSlDlKsDQxhlBHCk2HLksdP2QkHQZES+9sl/Ou5tpmIl0ZYC:L9QtDUCkGkb/U+9sf9aZ3Zb
Score

3^/10

execution
behavioral27 behavioral28
- Target
  
  $PLUGINSDIR/WebApp/Js/jquery-ui-1.8.16.custom.min.js
- Size
  
  9KB
- MD5
  
  e89fc840e15cb20c7b1e22f86380465d
- SHA1
  
  84b3bfcd03a5072e68be92b64e34635d6486fcdd
- SHA256
  
  70807ec00aa70f6d3a654465c8b697ed039a8e3c1beb5419ad5b5e2516075b90
- SHA512
  
  51deb88b88b2ba9aa623563102b603eaa3f40ff5e42989f1367d734b36c12a9d0518dc1d6355f3345838296d7da1a8fcf16220ebdf0ba2aaab108b70ea59d619
- SSDEEP
  
  192:TUJs4PzMe5rvf/594ey2LdVop37bNrbj45EDxVja:TU+4PQe5rvf/L4eyKwnF4CDxZa
Score

3^/10

execution
behavioral29 behavioral30
- Target
  
  $PLUGINSDIR/WebApp/Js/json2.js
- Size
  
  3KB
- MD5
  
  9b8cf1c97726c080629c98ddec68bebd
- SHA1
  
  5d764a5bc2e5cbb5f2569336e4c0c5f472d07f35
- SHA256
  
  1b6c626d6a600be68b11133c7bcd32fbcc8015951037bb36beaa067914367715
- SHA512
  
  67c590d216e73d0dd58974567dc248e0adb363c59e318efe1e715960a38220c1cfb98328cdb69941888f9e039d60980fd1fcf11084498fcb46f80c135cb60d24
Score

3^/10

execution
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

T1059

JavaScript

T1059.007

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Subvert Trust Controls

T1553

Install Root Certificate

T1553.004

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Executes dropped EXE

Loads dropped DLL

Loads dropped DLL

Loads dropped DLL

Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32