General

  • Target

    35e10c53232112b1193880e5b3ef36bc_JaffaCakes118

  • Size

    25.5MB

  • Sample

    240511-wqxamsdd66

  • MD5

    35e10c53232112b1193880e5b3ef36bc

  • SHA1

    d31c06051210c825c394da2842031b845f94f609

  • SHA256

    c37ac379f7614de0382c60dee8470067c15397a0679cff1f6e4b7f6b40f029b6

  • SHA512

    864e3dfb840b3ea9ff3c0478d97da3b7e98b587fdc75252d561f009b0e121491855624b7e46de736dba8f1ac02c56cf610d84d614f83407557a4b71538a54319

  • SSDEEP

    393216:gg+IWYDv9FYF3+x/h/13Bs+VYVY03ssoV+/Z/Zs+dEJxiTP/bciziKTDxb/rKXIE:H+7F3M/9Njf2tdEmUizB/rKYSoorz

Score
7/10
upx

Malware Config

Targets

    • Target

      35e10c53232112b1193880e5b3ef36bc_JaffaCakes118

    • Size

      25.5MB

    • MD5

      35e10c53232112b1193880e5b3ef36bc

    • SHA1

      d31c06051210c825c394da2842031b845f94f609

    • SHA256

      c37ac379f7614de0382c60dee8470067c15397a0679cff1f6e4b7f6b40f029b6

    • SHA512

      864e3dfb840b3ea9ff3c0478d97da3b7e98b587fdc75252d561f009b0e121491855624b7e46de736dba8f1ac02c56cf610d84d614f83407557a4b71538a54319

    • SSDEEP

      393216:gg+IWYDv9FYF3+x/h/13Bs+VYVY03ssoV+/Z/Zs+dEJxiTP/bciziKTDxb/rKXIE:H+7F3M/9Njf2tdEmUizB/rKYSoorz

    Score
    7/10
    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Target

      $(LSTR_76).exe

    • Size

      12.7MB

    • MD5

      2d73627f749ae3deed81002bc9c1219c

    • SHA1

      cad7735a7356be93704ad92a1b909c132810090b

    • SHA256

      25f9c485d17e1666e959c4d98cd29fc9cf833fe163ab80537a411ce5973938dc

    • SHA512

      be174fa33322ebde4405287ac9ed80b376cd5b1654fbe6f6473623922d2fdda264992d5a64b9a9a6faff811611291285bafa101a18a181741b495d9c3f865caa

    • SSDEEP

      98304:DjiNb9NQk8//YB9tDDD8888xBKKiiqqqqnnT0bUDcuT3eXHV9LsI47uxCKYtLUG+:DbcYhRok0EHEYqgeXST

    Score
    5/10
    • Suspicious use of NtSetInformationThreadHideFromDebugger

    • Target

      $PLUGINSDIR/Dialer.dll

    • Size

      3KB

    • MD5

      cfe0ac822ed2c3598de87fe3931c92a0

    • SHA1

      0c603bdf81abe835621f29acd5ab2a67e670e762

    • SHA256

      df2f6d3c9de979dbde3aa3cf0633fc8cd3215cfba5b5fc02f94338ac16cc2cac

    • SHA512

      cacbe97b03cd2037fe28ae928b292a1558fc88ac2dc0a27e859efb413529e47f099b429e41202151f4f52fabf33c67911472edbf41132df1a7e6d1f0eac03b3f

    Score
    3/10
    • Target

      $PLUGINSDIR/INetC.dll

    • Size

      25KB

    • MD5

      bcf627d0db38c8e772e292b509a625de

    • SHA1

      8ee208ff94930571b176ef92dba1c5ef5dd9c415

    • SHA256

      6bccf372e490c49a3850e4f326c6a988e08991bbfe6e89b9c35d3efe29d304c4

    • SHA512

      234c83b48e2f6e650a955cadcb227345f38392fc05101d21611c576307595a99e2e357be7ab6dc7d6d0a0deef501bc29dbca12907821cae9d9e2c8f17e21f7c1

    • SSDEEP

      384:XH7Nzpqwkh7R0EOrHn/ZeQaWbJQ2+r9e9dVpyeWZwcAyHEazjJ:Pi0EOT/5aWbJLSAvVpyd3J

    Score
    3/10
    • Target

      $PLUGINSDIR/ShellLink.dll

    • Size

      4KB

    • MD5

      d62d3e349689811f838dd10fb216eba1

    • SHA1

      edcafd517860cb6b4bd299e20b17ad74a6fa2a5d

    • SHA256

      5d103419245e2a5f124a96cace25d6836b2398edc0aa3919829b0fd6ad8b5d6a

    • SHA512

      fc7d5826cb9f85068ea702f007920bf7ae63758d13c48761e83cc9e8ac06b231f40e17a9f3340d60d874ad2cf6e0991eb98a52cf893ab785489e0cdbbf294f88

    • SSDEEP

      96:fQW7e3a0JF5jdrORE6C4tb+X+bzYz3Cl6nfkfLGpRO:4687JQCdiaR

    Score
    3/10
    • Target

      $PLUGINSDIR/System.dll

    • Size

      11KB

    • MD5

      a4dd044bcd94e9b3370ccf095b31f896

    • SHA1

      17c78201323ab2095bc53184aa8267c9187d5173

    • SHA256

      2e226715419a5882e2e14278940ee8ef0aa648a3ef7af5b3dc252674111962bc

    • SHA512

      87335a43b9ca13e1300c7c23e702e87c669e2bcf4f6065f0c684fc53165e9c1f091cc4d79a3eca3910f0518d3b647120ac0be1a68eaade2e75eaa64adfc92c5a

    • SSDEEP

      192:em24sihno00Wfl97nH6T2enXwWobpWBTU4VtHT7dmN35OlESl:m8QIl975eXqlWBrz7YLOlE

    Score
    3/10
    • Target

      $PLUGINSDIR/UserInfo.dll

    • Size

      4KB

    • MD5

      b98f45a83c1d09132e1e4ada1387a6f8

    • SHA1

      9f0a343ec5060b269d36fe1045cff14185f15d1b

    • SHA256

      23661a4b1f3d6744fcdd1b2379e5e602e6cf6bd5950b2d19b844527b2f626e99

    • SHA512

      cb446acd93c4dd79e81b920075a7055140b27d3e83b43ad899736a0d37e709974b27c5340a4b864e3b41714523dd4daee07b506a2c40b36f9b9d05fdd5cc2612

    Score
    3/10
    • Target

      $PLUGINSDIR/ad.html

    • Size

      191B

    • MD5

      8464f87975aa647c253e5403534f228f

    • SHA1

      0a1d2571a454b76ff43ade320631853650ba448d

    • SHA256

      85af9fb1cd755893365f5b0eb6fdb37533084dd8fea0245a12a83a4c1fa69540

    • SHA512

      d3a38b949eb81fa35fd7d3b9af65093fc70c53348d7f472bc2bb6a2af3fb9d0a45604965e06c13d365b82838f85d24bfd7bd5ced6832bd3b9572a2adf7845a4d

    Score
    1/10
    • Target

      $PLUGINSDIR/advsplash.dll

    • Size

      6KB

    • MD5

      505c7c214c17ac801f5930abc57d38c3

    • SHA1

      e9a17ed8182f92bf86babbd7ba8dd8770e8ff47e

    • SHA256

      999ebf5ef6bf51828193deaf7697e6d22419e437c65e603bffa0bb2acc7f40c8

    • SHA512

      30686f361db9d81c95912700af530529d4d89bf6b514a63ab5db6b20efc443b87aef44b598e45d33adee448ec1b6573ca035a1d20e11c78ea8253f1ecf5ebf38

    • SSDEEP

      96:oIUNaXnnXyEIPtXvZhr5RwiULuxDtJy+wolpE:oIx3XyEwXvZh1RwnLUDtU+I

    Score
    3/10
    • Target

      $PLUGINSDIR/nsDialogs.dll

    • Size

      9KB

    • MD5

      0d45588070cf728359055f776af16ec4

    • SHA1

      c4375ceb2883dee74632e81addbfa4e8b0c6d84a

    • SHA256

      067c77d51df034b4a614f83803140fbf4cd2f8684b88ea8c8acdf163edad085a

    • SHA512

      751ebf4c43f100b41f799d0fbf8db118ea8751df029c1f4c4b0daeb0fef200ddf2e41c1c9c55c2dc94f2c841cf6acb7df355e98a2e5877a7797f0f1d41a7e415

    • SSDEEP

      192:ob8cSzvTyl4tgi8pPjQM0PuAg0YNyhIFtSP:mBSzm+t18pZ0WAg0RhIFg

    Score
    3/10
    • Target

      $PLUGINSDIR/nsJSON.dll

    • Size

      18KB

    • MD5

      e89c7cd9336d61bb500ac3e581601878

    • SHA1

      45b2563daa00ba1b747615c23c38ef04b95c5674

    • SHA256

      431fc2ed27d0b7a1ce80de07989595effcc3ffb1dea1af6c0e178b53f6bd2f1e

    • SHA512

      09485a354ac4ace6084cb6fcbd92eee8488074763c8443638f78e655e45e8aa0fe40a45d4ce0dff116ed3a4bb7bc4d7d845a6ccf0e0bf35533ce81626a8db06f

    • SSDEEP

      384:u1ju3wCtynlKEJAIl0CU4BNe0i5wsVEABy/7tpnYmdnDQVJlN/BmqIw4n:t3wCtynHJAIl0CU4K7yAB8tpVdDQJNI0

    Score
    3/10
    • Target

      $TEMP/NSISPromotionEx.dll

    • Size

      1.8MB

    • MD5

      9e76a9d52f45845280024561eb0583d2

    • SHA1

      89a92563bfcb784ce0a17b3ba02e336f59dfb6b8

    • SHA256

      c10670e98eda82fe0984a02c88949ac1be96ca466d6d424a77ea5b67118e8d4d

    • SHA512

      9dab31a7dd32c01ca6d6ae38f38cfe8aa84a338b3cd4d540e308e246ec09f390a00bfc698a0b739951df66356a74de925b7e2c9be22c0e06ad2dd1b891451715

    • SSDEEP

      24576:YnLxB35LZ4nY2BNc3oXrgJnNZdC/eTPakySNerBOS7bCWlti66p:cLxph+hC3JHOeTPakyfkS7bHlti9p

    Score
    3/10
    • Target

      $TEMP/NSISTrigger.dll

    • Size

      97KB

    • MD5

      4a8178519a84a5aefd06c9c720360c69

    • SHA1

      d3598a9dee27879889b7ba3f3abe218586f11917

    • SHA256

      fdd180c2c1006d1538bae0e968d24ae70f7386f30b42e13e9cf45a48d1b0bbc0

    • SHA512

      967579323f7286fd3fa4f3c7f259ed9fccb63a8aa6fd2647fb8e2725c4d968b2fe2746a517078866393143d85c352e29a160b04a594f1b950d8918fa530655c8

    • SSDEEP

      1536:Yu57R+hRzZNzqwTL7laO4Qim8A1DwLkGqQcNasWjcd+B4Vc:Yu5+BnfL7jpKAGq1+B4

    Score
    3/10
    • Target

      CrashDumpCollector.dll

    • Size

      173KB

    • MD5

      68f39c3915feaa3a5251e6be0d471b52

    • SHA1

      c902b68cc1eb5b6c62ebe7f80ca8b123ff9820c9

    • SHA256

      bd998d4f342d5db04534ae9d9c3497d2dfc701341399998f49857b048e50b83a

    • SHA512

      1018e81735ef9cb8084d43d01aebf2ffcf56c88ea1c09f7df1aa56a7c4034d70c8fc407427d28cbb24af62eb4c09a5a7d3e39aa80f0d429a75178ae9d27b579c

    • SSDEEP

      3072:IIPHanTmyMY2I28ugIs7O/6rle+qjp9fD5bM/uR+7oHMf085oGeg:7PHkTmyMdVKE/q1mXfDfAfiz

    Score
    1/10
    • Target

      GOMProtect.exe

    • Size

      2.1MB

    • MD5

      c5405d47e426f55e5f92ff5d9ab59a92

    • SHA1

      5382e17969d82b213c3f429c3c6d584f8292553d

    • SHA256

      c71202f64f02ccc126e60fcc6f736da6759d9c64298108d5d044426f498a2a70

    • SHA512

      275b544742574f4c21c81b94bce88a1c22c1a0f9cf17e56194ce31a5ed2358d099f2c5b92288c067fe6496ac5eb7520dd06a6fb64dae1bf43caded2acad13fb8

    • SSDEEP

      49152:sxYDItNUIhitqrLOeK+aJn9x+Uw7X8ZzZ17KmgCskgk:sxx7UIItqr5zI0w

    Score
    1/10
    • Target

      GomVR.dll

    • Size

      225KB

    • MD5

      39b2b639ea38fc5af16729e32c25255f

    • SHA1

      041d9e62e4224ab45e1ebe40f12249c7bc138db2

    • SHA256

      f0ac5c963159905486fab58fb340ae6694a4154bb06fa088ef055f9d25ce9e2b

    • SHA512

      a39054918343cc903ada272c7bd38adad00563feb6a45ead23f157e7db85fc1c9d169fc0596b638be2dd08bd14c43948390e4a3a3b2fcc5bd21a2f582a85e1e6

    • SSDEEP

      3072:oWK0YC1ZFbd5vwyRUshkZIZpINQLyKpncLCQ/tSVCXQfkg2RJlTR0u7N:oWK0/dRwyeshkZSpIGe7Rs7fkg2bc

    Score
    1/10

MITRE ATT&CK Enterprise v15

Tasks