c4079adbd900f429976e7363d635dca803e7d244675263ebb30b1ea8fc889e29

Sharing

Copy URL

Twitter E-mail

General

Target

3d05a8947be0bcc024ff5d1ced04cfc0_JaffaCakes118
Size

5.0MB
Sample

240513-3g99gaaa4y
MD5

3d05a8947be0bcc024ff5d1ced04cfc0
SHA1

65b3ffe52e65bc064fab835782e7f879293a48bb
SHA256

c4079adbd900f429976e7363d635dca803e7d244675263ebb30b1ea8fc889e29
SHA512

c72828b294a2a4a88aa2fe399902655ce6f97fb17446469be744ed5acf45b0c47e8a6e8a3086642f32913db394a86653dfb8375fc938201dc632fe55beb0f48a
SSDEEP

98304:OidVSbALddtw9jOaH+3FrzAtwmFPZbw23WCGnDK4OIAENSGuzUMj/DccPLvVH3Zv:OiUALddm9j16FrzqwuPNw23WCGW4OIAB

Score

10^/10

Malware Config

Targets

- Target
  
  CaLibraryPro.dll
- Size
  
  1007KB
- MD5
  
  628096820b6af8b72810ee27634db5c5
- SHA1
  
  9f297e1095d1e42e3c68d99e6faffa36ace16d85
- SHA256
  
  4bd35a051caaa3fcf240b18111415f062329ff70af844fd5ea21ef2a81662d97
- SHA512
  
  6d5c3fc3a3475fc90a7941dc515254f1da03f041d6300790ac9c39530b7dada7990f79ddbb35dba88a62d8c9c4bea8fd381b75a862874a8ff381e2bd6392cc6c
- SSDEEP
  
  24576:+7DpBQzFjXMGGY1YEyjxB0KpHeQuRRBzpqB9GBKG36w:iBM79YEEPHe/RRBzpqWKG3P
Score

1^/10
behavioral1 behavioral2
- Target
  
  GGLanguage.dll
- Size
  
  148KB
- MD5
  
  48cfefdcd1b9f0246e47e224491c75dc
- SHA1
  
  2d34d41bcca5757849b752b4845462fcb7ca1b3d
- SHA256
  
  089e472bccecf674ed5a08fff38d86be4b74ef7a64ef7aa0dbd2d4e3e83e25fe
- SHA512
  
  61b24536f4f37f4320d5167a984bb18f2c47c493a76dcd8a7602f64c12c1c9df5ffae26f8bed59c4e1034d17efc6de2d57d3357b5015327299b57640dac09957
- SSDEEP
  
  1536:0YgB7kWAmbIiOymNymRwyAR2rc/xvVfEw2vc1Q:akWKirhQ5Acc/xvVfsc1Q
Score

1^/10
behavioral3 behavioral4
- Target
  
  GGLanguage_Pub.dll
- Size
  
  179KB
- MD5
  
  4d40effb2c7b14da87c6a13f5798fe9c
- SHA1
  
  464801df58d151086a85b2ba97e62d9c9fc4a803
- SHA256
  
  22a6ef8d24b59c5d9b6468dfa820078575e461a4929b6b1df745ddac2bed3095
- SHA512
  
  1ecbb19439203767572a6d7e7ac4d5f28620b76cebcf527c6a61e6c06d0641e98b93a2c0d2a07338e786da60b35e794eb7cf8f90ffc2f13bf9ca2c40ac5bed2b
- SSDEEP
  
  1536:BYRgv2bReTx7p5mqt64gZDDjR2rc/xvVfUw2vcyq:Lv227nDtt+DDtcc/xvVf8cyq
Score

1^/10
behavioral5 behavioral6
- Target
  
  GdiPlus.dll
- Size
  
  1.6MB
- MD5
  
  a49decbfaf009c82e5e414f885f181f0
- SHA1
  
  33e718389544dcb4cb645641e4f6d8591707cda6
- SHA256
  
  085696538c772e4a09449a3046293a59b6a72fc096d777c47511285ae5e53b80
- SHA512
  
  e267ecd74de5c4259dc4fa8214bda73c9b8a1f090032a411dfd4514c3b99fef40d77faaea1716d1bdb91a16b5aca085fc603d7b708c417e3f938274416a4ed3e
- SSDEEP
  
  24576:QNbyBLXgMfMUBMPkfvz427j6VtpmoSk+iBL5btJ5uBsnM8olmhb6BmGlO:QNWgMfMyXz42nWX61otts8pbuJ
Score

3^/10
behavioral7 behavioral8
- Target
  
  GoldGridPublic.dll
- Size
  
  2KB
- MD5
  
  245228b8b97dcb61b3cedb07a871f277
- SHA1
  
  af41a41dce98dd1871ba2b4dda780bd302c5f0ad
- SHA256
  
  4aaefcc18aa3d777aa5bf7ba07f1730db71d5ce6f1d6d099c400fa269d4db67a
- SHA512
  
  667b510d17f6574ddc4f034db0a3196b96e937150c016d67d52879fc09aaded1331784a1be070eb1c214bcb6257035e509a1a39174e2846a761444520c06ede6
Score

1^/10
behavioral10 behavioral9
- Target
  
  KG_Crypt_API.dll
- Size
  
  53KB
- MD5
  
  c8b5751886fb1fbfd182e225ae01aca7
- SHA1
  
  a7a88a4eb732dd4f71c938ba27e015e4438fed1e
- SHA256
  
  886e3dcda7fdfa1ece28894d87f45c0a0ed73bdd5d8ca31c741e90a74dd818b6
- SHA512
  
  c6fd4b54c66ca5faf5b242802fdaacff50e1cd74117a8238d15e2cd04987339aad4a8c3ee5418f0da8f05a046fc20fccdda5a8943d0e9cdc35732692e97285f3
- SSDEEP
  
  768:Adv8STwuz17xt5Ka069OTpiRjHoW8wPNLFPe+oZgpLWUbCE:Adv8STwyV5HITpiRjHouNJvoZQaQCE
Score

1^/10
behavioral11 behavioral12
- Target
  
  KG_Crypt_COM_API.dll
- Size
  
  52KB
- MD5
  
  fa4389b7349c2afa6008cfc3fa5207b1
- SHA1
  
  97909978a5cb1415d948aea8d250ddc1742451b3
- SHA256
  
  d1679d84a35bf3563256d1215f4b7bf07b406356b6dc513e95fdff02161a250d
- SHA512
  
  51753777d707682ff6d639b0a303f99c83ed479e396bac972bc8b0616fa17979638a9574ae92f24d8998ae51e55dcb8b608df3b0f611ee1701d27394bafd57d7
- SSDEEP
  
  768:/3h0n+UruQNwAUukAXmvgTGvZXsrz3caNS9RoW0Ap8rrdtr21:/3an+UruOwbomvgTGhXIzMgaoTd21
Score

1^/10
behavioral13 behavioral14
- Target
  
  KG_LicEnc.dll
- Size
  
  372KB
- MD5
  
  8a922c5995f02cf1cd6b503711bced13
- SHA1
  
  ffd6b9c710bee5abcbf357532f12c28fe5e897e5
- SHA256
  
  4d1ecc3574947768c4689ec0a603c6eaf5974aebfbd3b1b415a27f62cc50091c
- SHA512
  
  7fc18c2eae42ce4b0d299e661bd661b59d2d293a58a433385b7e18034d4d915f6226c33c3a15a62632df8e08de0d681530f88e808fe5f88c894fc23ab11ce731
- SSDEEP
  
  6144:BWazDco8bzUXvnsPCGynyIdOf/RMriEMN+fSdP3o+0RuyuqAl:RsoazUE6xdOHCr9SdPC0yu3
Score

3^/10
behavioral15 behavioral16
- Target
  
  MakeSignature.exe
- Size
  
  1.5MB
- MD5
  
  65050987d23fc2645b902be63251c88e
- SHA1
  
  938402d9aa8984218cdf1ce2c7de10d743186522
- SHA256
  
  209dd4c6724dafd5efa5547ca539fb77577b3eb53e5b8f49880083e9b5654505
- SHA512
  
  028ae64d29f467602f99c37080c1aa2625c236417a1858153431c7196aa549c53521fdb95eb5602adb8d5bf304d6941f0901d3bd13dfd1a9dd09761c2d50bbb4
- SSDEEP
  
  24576:zxLYY39NI09KbSdGpDN3PKQ1bxnxigbhsdxT:dLYyIJSEpDVXl5xigbhWxT
Score

3^/10
behavioral17 behavioral18
- Target
  
  PublicModulePlusin.ocx
- Size
  
  2.5MB
- MD5
  
  ac5b798479b163e732574ff442001559
- SHA1
  
  570ba95fd366ba902b935bd12d0c74d954ca377e
- SHA256
  
  1430b1e59ec9c9647964618306105c7a040f9f9e1ceb9f22b255843dedbba695
- SHA512
  
  4d69e38d9481fca84f00a75c3514209bb4f2eee68acbd77340c4909b04f885f8a03b67823765ced863fdc34e8a0d624c16631ff7acf20e77a7107e35113b8d91
- SSDEEP
  
  49152:R76zFMWgFFS0OfWtz8LQ4/1kYrLALX+2/aQ:RGzF9gbOfWtm1rLALO2L
Score

1^/10
behavioral19 behavioral20
- Target
  
  PublicModulePlusinParam.dll
- Size
  
  2KB
- MD5
  
  6af2d5781bfb6dee71cb5fe3b0cd60c6
- SHA1
  
  401577ab4df23cc312a5528c2966bcc5dc844161
- SHA256
  
  c80ab9ef2508fe8ac4a1507e6279182a9d72dff34f79cc4bb4ea45109a2c1ae4
- SHA512
  
  4655c3c36b34e3bb284bacede6e702f3c5a3d1c59ffecbf094902e7214782dba7dc303278b52f12ec97ecaf0e0c09611abc3de5c9d98bfc9110a2be382b6dd0b
Score

1^/10
behavioral21 behavioral22
- Target
  
  Setup.dll
- Size
  
  168KB
- MD5
  
  0edf254a0df55c3ef8407109b8bd4b22
- SHA1
  
  a05f0d55cecd2dc42f2518dc0899cf5e966dc6b6
- SHA256
  
  357f01fe6d9cbc94d2f5664c20b5ad69ec2bee03dd79e709a70649b1bf25dbaa
- SHA512
  
  d257dee8233f874bd32b3f55b27dfa7e617d33d77f7d33c52469500cd67f37dc987a131eceef6ddbe763857e0641a0440a62ee56e84fc54c11908aab3304f4fa
- SSDEEP
  
  768:il8lfVT7NTo2bqDDgh2usdzJU3Y7H2wh27VIEbzv4SuXjSfWtXyVpxSIFhohBVPE:Frcn6jEQshar
Score

1^/10
behavioral23 behavioral24
- Target
  
  SignatureSetEnv.exe
- Size
  
  50KB
- MD5
  
  82eadecc6119d1772eaad999795360e2
- SHA1
  
  dee65cc3646bdb7494f91da4f7ea7def84dcf59e
- SHA256
  
  e6bb55d3eb82283c98c654a36b80ddba02a727d004f9e86ee1f361c42db88a81
- SHA512
  
  ca05f12447a7167f194bf6d1332cc603c424997d8b58436fc1ea014f4544d861410b6ee390ac6a91492c7b867f2c08f9804f0289e9c013aced55d7c83f5a5499
- SSDEEP
  
  768:M5ZaYE8BqNJNtWN2BfsdortwYlq9Y/doyXfH:M5cYE8BqNJNtW4Wsw2q4oyvH
Score

10^/10

evasion trojan
- UAC bypass
  evasion trojan
- Checks whether UAC is enabled
  evasion trojan
behavioral25 behavioral26
- Target
  
  Uninstall.exe
- Size
  
  1.5MB
- MD5
  
  b5a8370552a360f4bc6185fb539a4f34
- SHA1
  
  83aaab072eb04321e2b621a12797fedd4e909779
- SHA256
  
  657622ad6083b84c5f29ac145e7be04b5f1b7ae6bd5e29d7fd84c3bcadb81d34
- SHA512
  
  493bb023575cceda0b0708639f9fc1e4835f59b09530cc2ebdd6def7e6f2a882a5e5b899ec4a3479625377318ee035814ce28d60d65691c304e051b4ceeb751c
- SSDEEP
  
  24576:UP+ogAb64FkuYMGxckGosIrpjJIOahHy2zEEMC54s4g/Ovc3WlXTCsTmJNm2v00:UjzHV3kY54hg/O1TdTmJNv00
Score

6^/10

evasion trojan
- Checks whether UAC is enabled
  evasion trojan
behavioral27 behavioral28
- Target
  
  Wintab.dll
- Size
  
  15KB
- MD5
  
  de5502d8a5c8db2fe4054192332f89be
- SHA1
  
  3c05a8ca3a3f3bb316a7818f9a8cc71d72d136de
- SHA256
  
  34c8a2cda564e3e26187973e7d96c4698aceff5abf6f491935aa0b8474a89fc1
- SHA512
  
  5ad255b2546f6c199e42e918b2ee4b3f55455fe745b9ea2805a8f5f37e4ae3cf668a765a8f9423dc5fe9adb2d9cb6fb3998b4e0a5f7de386db67b3529d3aa888
- SSDEEP
  
  384:RKt+iM7oRQ9+2WXC5vWihw6Coi0ZBemS/OG:8tR6WS5vWDo4
Score

1^/10
behavioral29 behavioral30
- Target
  
  Wintab32.dll
- Size
  
  100KB
- MD5
  
  b9db45f8187575af16eb9848db01d00a
- SHA1
  
  382d5d5d6fe151c59306a26bb172dbfde541b62d
- SHA256
  
  fb59a87a31b2730b16d5403c61e4e47883b43a1e3a871bce620d3d50a4f34a21
- SHA512
  
  319db492fc7bb8ba6040b876ce1cb6a090c59cb09eac8238171404765afd9dcab17d9fac3514e472a5b31ca1d4f965d30a8ac4ded46ad8b26d6b6d0822f53a1f
- SSDEEP
  
  1536:GN7t0FDTY2YC+GaThqICZJ10U66KN9RJduJFjoTYKkqEmLce:IJ0BTY2YC+GaThqZJRkTYKkqEmLce
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Abuse Elevation Control Mechanism

T1548

Bypass User Account Control

T1548.002

Defense Evasion

Abuse Elevation Control Mechanism

T1548

Bypass User Account Control

T1548.002

Impair Defenses

T1562

Disable or Modify Tools

T1562.001

Modify Registry

T1112

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

UAC bypass

Checks whether UAC is enabled

Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32