763060247e08ba76835b2b4940236415b53f1f3d35784e0bd72b10f0213c67e0

Sharing

Copy URL

Twitter E-mail

General

Target

38b7183330f7d0ddde8e288e15abb0ce_JaffaCakes118
Size

33.8MB
Sample

240512-g7fa5acf8v
MD5

38b7183330f7d0ddde8e288e15abb0ce
SHA1

84d9e8033caf54006470099c56fd984592684380
SHA256

763060247e08ba76835b2b4940236415b53f1f3d35784e0bd72b10f0213c67e0
SHA512

ccf9c2ada67d8c4d2b801ecc62951f33c86ae0d2b8c149c8454def081a5d96ff4ccf3c57ee5284729b82c06ea7579828da67f510bc3bb21f131f8b577713af03
SSDEEP

786432:sDebuWNHEDddtJZH86BAj+8Kszz0jOvASGJJ0IBPmqptFeV:syCZc62CHO6+ASSxmGM

Score

7^/10

Malware Config

Targets

- Target
  
  38b7183330f7d0ddde8e288e15abb0ce_JaffaCakes118
- Size
  
  33.8MB
- MD5
  
  38b7183330f7d0ddde8e288e15abb0ce
- SHA1
  
  84d9e8033caf54006470099c56fd984592684380
- SHA256
  
  763060247e08ba76835b2b4940236415b53f1f3d35784e0bd72b10f0213c67e0
- SHA512
  
  ccf9c2ada67d8c4d2b801ecc62951f33c86ae0d2b8c149c8454def081a5d96ff4ccf3c57ee5284729b82c06ea7579828da67f510bc3bb21f131f8b577713af03
- SSDEEP
  
  786432:sDebuWNHEDddtJZH86BAj+8Kszz0jOvASGJJ0IBPmqptFeV:syCZc62CHO6+ASSxmGM
Score

3^/10
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/NSISdl.dll
- Size
  
  14KB
- MD5
  
  a5f8399a743ab7f9c88c645c35b1ebb5
- SHA1
  
  168f3c158913b0367bf79fa413357fbe97018191
- SHA256
  
  dacc88a12d3ba438fdae3535dc7a5a1d389bce13adc993706424874a782e51c9
- SHA512
  
  824e567f5211bf09c7912537c7836d761b0934207612808e9a191f980375c6a97383dbc6b4a7121c6b5f508cbfd7542a781d6b6b196ca24841f73892eec5e977
- SSDEEP
  
  192:tUZTobBDJ68r67wmsvJI5ad9cXzFOVu+mZ/P3p+57CvpVqDxVp01Dwn2GRPgsfA:6Bo/680dCI5adOjFOg9//p27uNw2Go
Score

3^/10
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  11KB
- MD5
  
  c17103ae9072a06da581dec998343fc1
- SHA1
  
  b72148c6bdfaada8b8c3f950e610ee7cf1da1f8d
- SHA256
  
  dc58d8ad81cacb0c1ed72e33bff8f23ea40b5252b5bb55d393a0903e6819ae2f
- SHA512
  
  d32a71aaef18e993f28096d536e41c4d016850721b31171513ce28bbd805a54fd290b7c3e9d935f72e676a1acfb4f0dcc89d95040a0dd29f2b6975855c18986f
- SSDEEP
  
  192:7DKnJZCv6VmbJQC+tFiUdK7ckD4gRXKQx+LQ2CSF:7ViJrtFRdbmXK8+PCw
Score

3^/10
behavioral5 behavioral6
- Target
  
  RescueTeam2.exe
- Size
  
  1.8MB
- MD5
  
  e848532a094fe23ebd30fc2313da5ee9
- SHA1
  
  0d520543495903faf4ac156c6db3643e4a0d7935
- SHA256
  
  66f39901dac3534fc5b699956fd4682134d91b8eb20e5d7159dca57988154d9f
- SHA512
  
  1c5722c2c609af1ba78aa210ee6338c57a002f6356103d94e17bdd5e7ed25669b6e99792fa639c3769655dbdd6a11dc6a3c12d8d227d88483b050341f58baf16
- SSDEEP
  
  49152:2akTAmohdIjopZPoBL1mKuNwxskZbyqXWik:2cRhdIjopZKL13xPZbyqGik
Score

7^/10
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
behavioral7 behavioral8
- Target
  
  bass.dll
- Size
  
  96KB
- MD5
  
  8741c1669550d89bc781dfa5ac11da8b
- SHA1
  
  d083e66010aa0f884ad80823384e7f50c3eaaf68
- SHA256
  
  91dabc42430075dd6b29a143a6cbed02e2135b3db9f76bd90ddd7621a13da54d
- SHA512
  
  e7d0a0bf6852eb9ec24bf1e9e7546276469e6445437e949507facfc22009e3dc82994d6e9ed9aaeff9fc90c89507f325e47344d22d00d04238205873ce24fb01
- SSDEEP
  
  1536:jYcrMnh/DhwDXL0vhRZ9KEsgAL6OeUko/wToQUe4E8Gf6cp5WDXLbfYEjr/9:s+Mh/dzZg5gfTgSoq4PGScpkLbh
Score

1^/10
behavioral10 behavioral9
- Target
  
  tbgr.exe
- Size
  
  1.0MB
- MD5
  
  797a4182a7e1d4ac1df362f37ba55b4a
- SHA1
  
  90a2a4e90cd0548240594d1fe6941070c0928003
- SHA256
  
  0b861fd15f19eaacff10526e9510e14ddf229f7f7f6c19063e569beeefdb2e7d
- SHA512
  
  d88ae83a42526d440661e0d74c085eb29750f2e703f0020a6de80d7f04b0b5ce87431c800f967cb90e0bd88c4256ff12927cd2809ae41294de403c72c7b5ca70
- SSDEEP
  
  24576:PJMcX9tVVigeYTAcvpI9LbC2TrE04gOnRppPmzcezWwSKhJf:P91JLpm22Tt4hpLe6wLhV
Score

7^/10
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
behavioral11 behavioral12
- Target
  
  tbgrun.exe
- Size
  
  1.0MB
- MD5
  
  37170d3db73c6effcd9f2aef2d6ba7dd
- SHA1
  
  1c4361ecbb9f33b3fc320ba1475390538056fd88
- SHA256
  
  1bd410905a20be6f825b6b26001dadfa15a3c3a0788e5cb90f47253b2f5a7587
- SHA512
  
  0faf516873141150578869d31e33d6d6af3f095d15c845d0f2733352712b973e1709c1cf17e0f15d9ffa1ced17d06b7ce462f4f95916c6dcdc340e1ce4a3603e
- SSDEEP
  
  24576:xksvHyB1ug72/LsMQpi8soTd+TridY3auohc8nXcLmRaXRhAXA7O:xk6BUpuop+TWYSc/LCahhQsO
Score

7^/10
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
behavioral13 behavioral14
- Target
  
  uninstall.exe
- Size
  
  48KB
- MD5
  
  ce4a03dac18d35bad606ca0c15d2a3ba
- SHA1
  
  8dcd1a4fb86c975ad6264ab5ae6efcf876c89ded
- SHA256
  
  6936feb92f2b528c101f8ee25a18e7b39d15a6ba132c7e278c4dffa553a3c092
- SHA512
  
  cef3bf2b5068cf1d2cdd0b1e98f13b99fd0fa4fc189157fbf5438a9d753a2a882546231c9835a58c3744065c566a0b0e0f0cc3775652c834900acbab7052e10e
- SSDEEP
  
  1536:spgpHzb9dZVX9fHMvG0D3XJ5gdLeAyNxImT:6gXdZt9P6D3XJ5ceAvmT
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral15 behavioral16

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Checks BIOS information in registry

Checks BIOS information in registry

Checks BIOS information in registry

Deletes itself

Executes dropped EXE

Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16