General

  • Target

    41e52017f48ae7c7dee7a4cf08b71352_JaffaCakes118

  • Size

    113KB

  • Sample

    240514-r8wdvabh33

  • MD5

    41e52017f48ae7c7dee7a4cf08b71352

  • SHA1

    bfef133c259c4b660a9d0966a0d77707ba5b18d5

  • SHA256

    30e07e1ffb8283f4c30c9bd643e759cf8246bee8e3bfa4de8ea30beac532a68d

  • SHA512

    2f28054d6c4f91150f5d63659014c84981cf409e7135303697fb83c25c509078dd4b1c6adb835ef7fe4b91d95069e9300ba4877390ceaeb15e7827e5e3e47ccc

  • SSDEEP

    3072:EwJ52Y7ZoH5XJaGWee+VzFnwast+j8g7lckSl:EwHysdV+VzJJ+kSl

Score
7/10

Malware Config

Targets

    • Target

      41e52017f48ae7c7dee7a4cf08b71352_JaffaCakes118

    • Size

      113KB

    • MD5

      41e52017f48ae7c7dee7a4cf08b71352

    • SHA1

      bfef133c259c4b660a9d0966a0d77707ba5b18d5

    • SHA256

      30e07e1ffb8283f4c30c9bd643e759cf8246bee8e3bfa4de8ea30beac532a68d

    • SHA512

      2f28054d6c4f91150f5d63659014c84981cf409e7135303697fb83c25c509078dd4b1c6adb835ef7fe4b91d95069e9300ba4877390ceaeb15e7827e5e3e47ccc

    • SSDEEP

      3072:EwJ52Y7ZoH5XJaGWee+VzFnwast+j8g7lckSl:EwHysdV+VzJJ+kSl

    Score
    7/10
    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    • Target

      $PLUGINSDIR/System.dll

    • Size

      11KB

    • MD5

      a436db0c473a087eb61ff5c53c34ba27

    • SHA1

      65ea67e424e75f5065132b539c8b2eda88aa0506

    • SHA256

      75ed40311875312617d6711baed0be29fcaee71031ca27a8d308a72b15a51e49

    • SHA512

      908f46a855480af6eacb2fb64de0e60b1e04bbb10b23992e2cf38a4cbebdcd7d3928c4c022d7ad9f7479265a8f426b93eef580afec95570e654c360d62f5e08d

    • SSDEEP

      192:aVL7iZJX76BisO7+UZEw+Rl59pV8ghsVJ39dx8T:d7NsOpZsfLMJ39e

    Score
    3/10
    • Target

      $TEMP/upholder.dll

    • Size

      52KB

    • MD5

      de0f2c4a5b7c7974f19f48b08b3d55d7

    • SHA1

      fb4eea0fa23f0dffa17a141dd9a66e919a79d6c4

    • SHA256

      ae257e13507e2980446867e3b5cfb9a5c57c2d09c24079d59667938e82c204b7

    • SHA512

      812ad695df0188565f31e3db646ac7a41db41320bc3b03ea504dba8f027018661cc9fd47a38833df28e3db1bcfa45cf2b244c9231bf6bca6f01ddd81ff578c6e

    • SSDEEP

      384:dNGrfGDudTR3VFKmlkYtlosjEfXyyoSwWa3C9svaAU+k9SVItAEVN8aUYwZS7PrX:mrD9RHHbMyuwdC9s7U+kJAEVN8azX

    Score
    3/10
    • Target

      uninstall.exe

    • Size

      33KB

    • MD5

      889515c301e7bfdd6fac809dd3439183

    • SHA1

      bb0902cfc9798a7d1c8e0f3288c8bec0d60bb1fe

    • SHA256

      fb3f23fade8d4c62a85a5d5cb95db292ea1c3a93ecf331ac9da58104a7dde2aa

    • SHA512

      d9dde3b5b69c2c7e1308126c3375aa484943eb3614c04cfc1d2df41a63194e85e62f9391ef72b405c8078e8bb5d220c0f77e5d37c4a08360d321b67af3559f30

    • SSDEEP

      768:dWwSOHQVoQM8ios/aASUsWRs25iUk68v1fT3XJPdE2JRnUWop:EwJOoN1oYaoZ5iV685XJPCTWop

    Score
    7/10
    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks