4b27de8a7f73d469420c292dc63c895c075dfb3d6d641781eadeac3646e5f704

Sharing

Copy URL

Twitter E-mail

General

Target

42725ec7fc4d1185cb467d190aa47b86_JaffaCakes118
Size

29.4MB
Sample

240514-wv6d4sab65
MD5

42725ec7fc4d1185cb467d190aa47b86
SHA1

ad598703135dd71768ceb0117377ddf505151b75
SHA256

4b27de8a7f73d469420c292dc63c895c075dfb3d6d641781eadeac3646e5f704
SHA512

634691545e15909bce3567130ac6784fd096fc1a1c47b601e0b30e63400857e07ec58076266acebbc4e8709b82fcb805c5d2cef3d1311d662695382a5d8c0b13
SSDEEP

786432:Y1glFR5parBWvV/GgBP7gSgcxKZAEf69LIuIbWnt:/ljSWvVugF7g+HIup

Score

9^/10

Malware Config

Targets

- Target
  
  42725ec7fc4d1185cb467d190aa47b86_JaffaCakes118
- Size
  
  29.4MB
- MD5
  
  42725ec7fc4d1185cb467d190aa47b86
- SHA1
  
  ad598703135dd71768ceb0117377ddf505151b75
- SHA256
  
  4b27de8a7f73d469420c292dc63c895c075dfb3d6d641781eadeac3646e5f704
- SHA512
  
  634691545e15909bce3567130ac6784fd096fc1a1c47b601e0b30e63400857e07ec58076266acebbc4e8709b82fcb805c5d2cef3d1311d662695382a5d8c0b13
- SSDEEP
  
  786432:Y1glFR5parBWvV/GgBP7gSgcxKZAEf69LIuIbWnt:/ljSWvVugF7g+HIup
Score

7^/10
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/FindProcDLL.dll
- Size
  
  3KB
- MD5
  
  8614c450637267afacad1645e23ba24a
- SHA1
  
  e7b7b09b5bbc13e910aa36316d9cc5fc5d4dcdc2
- SHA256
  
  0fa04f06a6de18d316832086891e9c23ae606d7784d5d5676385839b21ca2758
- SHA512
  
  af46cd679097584ff9a1d894a729b6397f4b3af17dff3e6f07bef257bc7e48ffa341d82daf298616cd5df1450fc5ab7435cacb70f27302b6db193f01a9f8391b
Score

3^/10
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/KillProcDLL.dll
- Size
  
  4KB
- MD5
  
  99f345cf51b6c3c317d20a81acb11012
- SHA1
  
  b3d0355f527c536ea14a8ff51741c8739d66f727
- SHA256
  
  c2689ba1f66066afce85ca6457ecd36370be0fe351c58422e45efd0948655c93
- SHA512
  
  937aa75be84a74f2be3b54dc80fac02c17dad1915d924ef82ab354d2a49bc773ee6d801203c52686113783a7c7ea0e8ed8e673ba696d6d3212f7006e291ed2ef
Score

3^/10
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/License.rtf
- Size
  
  80KB
- MD5
  
  f88030e0dad2f147a9a92273e42ab7ff
- SHA1
  
  59ce44ecf43cf862568fd0fae195087d70addabf
- SHA256
  
  90320eb1db0f32fd92e2f27da1920c1ac507c1489d12af5fa623088ba44658ac
- SHA512
  
  e4404818a0dbb81c28da71762f4965d3243b597c1a5f048eddd48eeee7e69bc987fc5b430ec005eb0ff2a2dd2d15005962d4bb42e14c9691eca41537fbd2d2da
- SSDEEP
  
  768:pgkm+XwEUTnJ4mbjWnxJ327tLFyYDSn1C1IYG4:Bvt/B4
Score

4^/10
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/SkinBtn.dll
- Size
  
  4KB
- MD5
  
  e4ec95271ff1bcebab49bdfed6817a22
- SHA1
  
  2c03e97f4773aea80ecdb98a1482e5896fe4677b
- SHA256
  
  ee1c06692a757473737b0ebdef16f77b63afac864d0890022d905e4873737dd6
- SHA512
  
  771a527133806307a1b17b7e956d6a3c16e9bc675bf084b43204ae784a057dac2726dbf90645692876043a4e7365ba8825c167621fde4760c79cd84679e2aa3d
- SSDEEP
  
  48:iIf3aEDfeWm8JHFQbUrUPJJDFoetaxn/pFW3GNivz187eqzI/kMr8oX0Zbj:lv9Dfw8DQbhD2iaxn/PHmiNI/dQFZH
Score

3^/10
behavioral10 behavioral9
- Target
  
  $PLUGINSDIR/SkinProgress.dll
- Size
  
  4KB
- MD5
  
  cc037c4703d3ec257efeef2ce0a1a20e
- SHA1
  
  b3d6cc8f687a31fb2c1a5921a38de9429af20502
- SHA256
  
  888b32ecbc37ce67d4edc28d894cba0a4f4e2488cfc2212d1af011bd0bfe97ff
- SHA512
  
  120bfa0a68775bef04c1863023b0e73a41982284fb36da7f497fbb7d5ed8631ad02fa09951424d339f6fefaa90a17c12f949dd68bb33bad64b1b7cace489d2a7
Score

3^/10
behavioral11 behavioral12
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  11KB
- MD5
  
  c17103ae9072a06da581dec998343fc1
- SHA1
  
  b72148c6bdfaada8b8c3f950e610ee7cf1da1f8d
- SHA256
  
  dc58d8ad81cacb0c1ed72e33bff8f23ea40b5252b5bb55d393a0903e6819ae2f
- SHA512
  
  d32a71aaef18e993f28096d536e41c4d016850721b31171513ce28bbd805a54fd290b7c3e9d935f72e676a1acfb4f0dcc89d95040a0dd29f2b6975855c18986f
- SSDEEP
  
  192:7DKnJZCv6VmbJQC+tFiUdK7ckD4gRXKQx+LQ2CSF:7ViJrtFRdbmXK8+PCw
Score

3^/10
behavioral13 behavioral14
- Target
  
  $PLUGINSDIR/WndProc.dll
- Size
  
  3KB
- MD5
  
  f0cb331dd4bd92a6ebce45e7cd1cf5ef
- SHA1
  
  b66ea0c10b08750295f2dc7c170b370402393214
- SHA256
  
  e7b3115fa2ce4a8fa09beeefa4fb634a474197f38a2854ce9be60d0a26016458
- SHA512
  
  7c33418f39b91ae0d4cc8b560f516bac293593eef539832815028878c2058bf1691c2d767a039cf312989839071f2f6f0b6d9d59835acdfff6b448bf1ffea271
Score

3^/10
behavioral15 behavioral16
- Target
  
  $PLUGINSDIR/nsDialogs.dll
- Size
  
  9KB
- MD5
  
  c10e04dd4ad4277d5adc951bb331c777
- SHA1
  
  b1e30808198a3ae6d6d1cca62df8893dc2a7ad43
- SHA256
  
  e31ad6c6e82e603378cb6b80e67d0e0dcd9cf384e1199ac5a65cb4935680021a
- SHA512
  
  853a5564bf751d40484ea482444c6958457cb4a17fb973cf870f03f201b8b2643be41bccde00f6b2026dc0c3d113e6481b0dc4c7b0f3ae7966d38c92c6b5862e
- SSDEEP
  
  96:hBABCcnl5TKhkfLxSslykcxM2DjDf3GE+Xv8Xav+Yx4VndY7ndS27gA:h6n+0SAfRE+/8ZYxMdqn420
Score

3^/10
behavioral17 behavioral18
- Target
  
  MouseHook.dll
- Size
  
  32KB
- MD5
  
  83e96e88af411677973c5b17c7d44fd9
- SHA1
  
  b8df234b5822eae22efa51ca3239885c08b2c5ec
- SHA256
  
  81b1e978de4f4191449a031d6c0b792197ad7abde4b58e9bb284e3a0304b4cb0
- SHA512
  
  f3264cf3a52fcb2a3a02628125e98598fdb1265c4ff36ea4017d3ef1b3d1941def6331bd8b087a8707dc165c541182c8c64dee27951c23aeef444ee1f6b1b532
- SSDEEP
  
  768:MHr98zW8XvCBcax7BpGai292OKtFLWNKDmSv6a:ML98zW8fCWaB12OKtFKda
Score

1^/10
behavioral19 behavioral20
- Target
  
  NPSWF32.dll
- Size
  
  16.7MB
- MD5
  
  ec55112edb2ce5bc2bfcacdb9c2150f4
- SHA1
  
  a52ea3b221e7814c230d480d157db13596c8bf7c
- SHA256
  
  c989a6aa5c4a09cd097a45c2bafc7be2c0660d867e345b8ec0ade957bee2361f
- SHA512
  
  85198107be6ffada85b54dc686e2e84e1d459d1e88809f74db4ba1b1e1b28b069d9d449883fcb817d9b5b36cc19b4d3ba0ae327f205b4123466f5f783063d40f
- SSDEEP
  
  393216:hPm6P/fc8M8JtuEm1pDN2buG6vj+rIZHti1DxO6nEID2TuBa:hO6P/E8M8JtuE/IuO61SiE
Score

1^/10
behavioral21 behavioral22
- Target
  
  cef.pak
- Size
  
  1.9MB
- MD5
  
  b35133263145b2ffe9cbbeca6970b366
- SHA1
  
  c9fd97f4a780feb8d4d93300851fb8deebce0d5c
- SHA256
  
  8d1cf0af440214a995246157add6ab1228b1ad17140b112142a7b6dfee2f8a7e
- SHA512
  
  a7cc65327b9ab95bf4c46944c7b1d2e67b67c29315d43a102d190ed57b3b169055f901ec60348f4bc671ab573d40a0a83e2a93c8b880e88c12bc0039353e8780
- SSDEEP
  
  49152:JdWehoacJXPOzv9g4b7xqw2UQRVGGG2pLTux:OGGG2pLTux
Score

3^/10

execution
behavioral23 behavioral24
- Target
  
  d3dcompiler_43.dll
- Size
  
  2.0MB
- MD5
  
  d0b21276fcb8f1ec8d72db0ffd3fe2bd
- SHA1
  
  912e0733aaf799539929157845f7637f762a40af
- SHA256
  
  91315458f446905021ede7c09dc8432378f3b5968f2160deda7e71a0d7a5e46e
- SHA512
  
  8d25ced5f0447de5c6adc6b6d8098371fff886a58bf755a2d6e063bcc29ba224a6e6c7a088bc2db53b2121760fa20abefe305e0dd151bc15ecb93f2f0dd6dba6
- SSDEEP
  
  49152:0pX9JVeE9HP6Zpy9KyhMI50Du8LljslNsHSHFUq9OiapbbO5Akc:w3P9HP6Zpy9KyhMI50Du8LljslNsyHil
Score

3^/10
behavioral25 behavioral26
- Target
  
  d3dcompiler_47.dll
- Size
  
  3.3MB
- MD5
  
  81e7547fa71130ff9fb6210f1ddc218d
- SHA1
  
  0f67b5adc03d1e14cf4bf17a135912becbaf57e9
- SHA256
  
  d83898a09bc99a4591c2ad383d884d2d6b92db61f922ccce007aef97cc4fe0a6
- SHA512
  
  47614077876ed634dd1717d62e113eed974d1b0bca6f78d5b5b538cbda28a26b14a8579245ac1590913a876e7b133baaff9fd6e17649ac70dba91b2dfd680e5f
- SSDEEP
  
  49152:0yZ9lnpmVm/w+EwVOmufvkQS8MH2J9CqS5Sqr88pPWW5KhQYPsXqUiQV:F9fWAwVBC8MH2JNSF8+YPsXqUTV
Score

3^/10
behavioral27 behavioral28
- Target
  
  devtools_resources.pak
- Size
  
  4.1MB
- MD5
  
  a58278a89b4f93b33e86bc279eaf1f3c
- SHA1
  
  aa2f1ff8e6f2878b0a3c9694e593378b9d155ac3
- SHA256
  
  25b79a02d1f19692414a4c42a31cbf185c995bcc852fb481d85ad92d0d4c8475
- SHA512
  
  fddf7f2f2f935c69fb95d6f8db47f6942399ee77b95abd7ac0b95cbfbafdd71a95cdfeccf9cfd6e2bd8bbf191b269ea3d63ce0fb1c0109a3284dc275d19b9f06
- SSDEEP
  
  49152:A40Fg40FrSTqIH0KM/YOARP/PK+i/s1mmQCIhTa40Fbv40F4q40F70qPqv8ANQRG:MTup/Yy3
Score

3^/10

execution
behavioral29 behavioral30
- Target
  
  ffmpegsumo.dll
- Size
  
  948KB
- MD5
  
  1076e3a345d715d0f36e14436bfe3da3
- SHA1
  
  05a2cd9089d310f79234f59ac58dcfd325fcc26f
- SHA256
  
  b8d6b6bb26d3a70d0a59f634068c3dc64e54623381f31b43475c24bfe5874fbe
- SHA512
  
  fb22199dda45afb161ad503cf0fd4353a9024733ce8c87f0312d26d69b9e384d9b4546077aa439ce02c67923baf5a38a9e59fe2c326b1b05d62e4b6a4727be97
- SSDEEP
  
  12288:K1P1NxYhYoIP0EnJJ3d3EMsHgh1nlwt8zdQ1NtjBUGCqGRXvMCEKXM+aPp6iBiEr:KiKfJJ3d3EMsHi1mmSndUjlM+StFd
Score

3^/10
behavioral31 behavioral32

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Command and Scripting Interpreter

T1059

JavaScript

T1059.007

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Information Discovery

T1082

Query Registry

T1012

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

Sharing

General

Malware Config

Targets

Loads dropped DLL

MITRE ATT&CK Matrix ATT&CK v13

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32