694a0a4c1eb0b180680efb14257b130c9235b4124053a7487d3910806f09a93c | Triage

Sharing

General

Target

484507321ebf6611d8f2a6761c230246_JaffaCakes118
Size

6.1MB
Sample

240515-14yg3seh88
MD5

484507321ebf6611d8f2a6761c230246
SHA1

f34c7af99acc695d90fb71a90502e91693cd2069
SHA256

694a0a4c1eb0b180680efb14257b130c9235b4124053a7487d3910806f09a93c
SHA512

e28290fe4500fbcfad2d9c9b21e6132ecdf12df3660e5703c43f0db53012442f087cac03c0ce68eed8068e54b8a7ff3ec01e06b4af6df46534d01fc2b07af7a9
SSDEEP

196608:GabygAp6frFaRNJFHI2TIj55L0HCKSrlSEW:jX5JaRNJFHI2TIj55MulI

Score

7^/10

execution upx

Malware Config

Targets

- Target
  
  Au3Stripper/AU3Stripper.exe
- Size
  
  141KB
- MD5
  
  06ec8d7f719458bbcf29a5fae8ce8921
- SHA1
  
  856fbafa394af0051fd17cba3486523873a413e1
- SHA256
  
  a72bd10f27a91a5d042ea3319f06fdf81025ab71e892a4580d8a7d4eac700baa
- SHA512
  
  d57e0987a1a1bbc565974e65ff93db8359a946aabf8d63e9889920717f40bae651f908b29a3c04383bccac7657aca65f32c9814ad565c0cc50f32155200c71ca
- SSDEEP
  
  3072:Ik4q8oX5o+1/r67KHuPN7D+QrQt9WPPaPD8AW33+m:j8oJn/r67KHi7D//XalOB
Score

4^/10
behavioral1 behavioral2
- Target
  
  AutoIt3Wrapper/AutoIt3Wrapper.au3
- Size
  
  300KB
- MD5
  
  d0c029e0eefc20979c499790f64e2fe4
- SHA1
  
  49e7763221375237f168dab6ff4ff76f4cc08217
- SHA256
  
  980c1f6bcc4293a2dd3008b9c1bb61431c5767d5defd70b3ea711fe0ce541d50
- SHA512
  
  252dd5285bd34d70d6379ce1854a0f0abe7469f67a54b4b6f2fb0ad4efc4255d4caad2cbd96c70f445e67ab85c1773e85a43b7bb56283da583e8cb552eab658e
- SSDEEP
  
  3072:gWUj1/KhDlg7CsL3y8vGlUlFea8jvpPI/8ncEg4KN/h90WLqGXxWw:ho/KhDRsrrea8jvpPI/JEg5N/zqGBWw
Score

3^/10

execution
behavioral3 behavioral4
- Target
  
  CodeWizard/CodeWizard.au3
- Size
  
  108KB
- MD5
  
  dfc9b4c91036a0e02ec7c72ebafd017a
- SHA1
  
  348fce184316e6ee9945beef4c5dce5367aa2933
- SHA256
  
  061a9afb2cebba39d17d03d78cfa09353c12551d2495f8d74bd5b00f9b9a304c
- SHA512
  
  fa19cf305ad08d30fed4ec22a3b9a7920cf7dbdea6c51f1f19be4e537fef1671c5b9db00b6d2585d91e856420dc1c4a4559a9a7436bfc3abd948076752999286
- SSDEEP
  
  3072:qLL5PjjXyWVY9UTCkhP0aWCyVmYX1tV1dNvDvr20KbXD:QJ
Score

3^/10

execution
behavioral5 behavioral6
- Target
  
  CodeWizard/CodeWizard.chm
- Size
  
  135KB
- MD5
  
  2bb6e64a279fcda24cc09a314616457a
- SHA1
  
  51f06274c33cd55d5807e590e7b8e1dd369ce87b
- SHA256
  
  d454e0cb8ed646fc5b684b77d547fb9ae00022066ebdd9a7739e436a045b9ac3
- SHA512
  
  59ffaa6381b6b93339453c1c09dac09570f2fbe23fd7ac5e68659935a1ecb86ff715ee1c98700b6115d6e5612c23df42b8e9f98aafda7713bad24de6e20fd38c
- SSDEEP
  
  3072:+5E+SGmR8bpKBXweEkOffwOkaGJCMooi1wRxr3EUPA+mI4bz:+PFb4xwPoO2Ct4jhoR7v
Score

1^/10
behavioral7 behavioral8
- Target
  
  CodeWizard/ReadMe.txt
- Size
  
  5KB
- MD5
  
  4fca9c136283e860e9d8fa78d30da491
- SHA1
  
  82ebe05393ffc039139b21cf9d9b6085ea7d2dda
- SHA256
  
  01eecb91b2d16c0bf512cea3bbbaa6ed9157f1c420c925dcb61c3d68ee285058
- SHA512
  
  31d5c3e4d1fdecad583d7d0e840487ca2533674e9eec914eff4d5f8bc00a5328fceac4ac17c3c7dfb3432172ea9cadb2995a3c0111a4307d35c6395aa19e8081
- SSDEEP
  
  96:yBwNvicIgAd8FOoZcY+yWt3KVMMLn0HlfwP/+2ZxWayp4QW:ytcce1cryyqL70HlU/+2ZxWTp4QW
Score

1^/10
behavioral10 behavioral9
- Target
  
  Koda/FD.chm
- Size
  
  98KB
- MD5
  
  118f3f2ea9db342d138dc9f0df6eca10
- SHA1
  
  44c8ed375182f3cf190443ccbd32c283b753c484
- SHA256
  
  aa1e9567aab833bed45c6f0189c01e0e3ffbf0b93a8183dbbc0bc7a0cd45af28
- SHA512
  
  a2d544da98f50b8a89e57ae388021829619a8c6bb8f568fb9b879de088777bfe030469821f17c264c2879498826d855f15fef82077aa910f051817e57fe24225
- SSDEEP
  
  1536:cPgD0F8uWIjpDv1SpxsBG/V1P2m/mVRNM8x37OeRG6CIPmQEQYPHRXUk:UgzdIjh0vK0V1f/CrMWFPmnQW
Score

1^/10
behavioral11 behavioral12
- Target
  
  Koda/FD.exe
- Size
  
  622KB
- MD5
  
  73c22e04aa4fff1f5d00cb3f974db64f
- SHA1
  
  d928576cd3dd2203f074db1482457fa4b5351f48
- SHA256
  
  440eea33d12813bf0b5545f21ad4a83189dd131182eecf196562c9714934eb95
- SHA512
  
  f0638daddff079694e7ceb61e6810beac0102b2312a6c8595a91085cc20f8e5dc821657cb84e10ec5265f36bc68046457248e95964b03dc99413648abe275859
- SSDEEP
  
  12288:i8y/DTFUZaksTm1TWckyksro97tCiwiI0uIA0rh/XUne02qR1WoSzISTl:Ly7TFUH4sWcHkrptSIdlEJNOISTl
Score

7^/10

upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral13 behavioral14
- Target
  
  Koda/Language/help_eng.chm
- Size
  
  343KB
- MD5
  
  cd869fe69c3177111ac449cb6194e60f
- SHA1
  
  fda6e8f7e93357e3edadc275fb77b89b2db39f08
- SHA256
  
  5de44dde00218816d77a29b132a6d744fcc7822bbaab053362f7570779ecccd6
- SHA512
  
  aeede2a158f52699f5fd771a3c4e387d1788bfa88e844c098f5929bfe9c4b218ce4e45bf2108212503fcfac50db4765db04c60ae51d65846123ce0e548aa7610
- SSDEEP
  
  6144:Yq7cpDhtOuKKKm8WxB6E+luPh2kqzx2GYqNTyjUFsuz6T1raeEHqT0T:rc/EHHg+8Ph2kmx2rqNrRzU12eEHv
Score

1^/10
behavioral15 behavioral16
- Target
  
  Lua/Class.lua
- Size
  
  7KB
- MD5
  
  07518260fbf6389d15b14d922e335923
- SHA1
  
  b016df2f7cfc1c655311fd1cf43b7369e0718998
- SHA256
  
  b09cf219454ed385a4929b1d901c72616144341e50d2e98e9050714d681ca5ba
- SHA512
  
  b32cc6dd150e6547c9acb79e6edb7f4c28c5581810297fc1e481d5e6a990bc5ff17495a0955f5ef57bc94271e7cb9a6f4229f725ad7efa36a0f8418e69bffa2f
- SSDEEP
  
  96:LO6h5dQU2rLZjGFfXn3nB0iSIqN4RM1v6ZB0Q98s7KzEFam+vnRa:7RwoX3mQdRa6oVaoY
Score

3^/10

execution
behavioral17 behavioral18
- Target
  
  SciLexer.dll
- Size
  
  1.0MB
- MD5
  
  5480f783617ba0ac017c3186bf30ab63
- SHA1
  
  bc842bb083deb73ea17f5f7568e525d9580de454
- SHA256
  
  035b99a34f93d8fb40380352724e3e628ec0beae8814ae8f15143db61c343c3f
- SHA512
  
  7b5f18dc266361d6df71d2ed9428ac4c097782c2fd2cdd13f03d5e30136fba9545b95015920d90c7ec6a37b315ae3146cdfe74b165b6a24f6f1c4cefcc08b62b
- SSDEEP
  
  24576:SdPpcqQXI2lTUAzOsHzcPWvqVJjDxnnKGEghjaCpXexSLz:o+qQXnTHOssPlnvjtpXe0Lz
Score

3^/10
behavioral19 behavioral20
- Target
  
  SciTE Jump/HelpFile.chm
- Size
  
  1.4MB
- MD5
  
  71ab458e1c380bd736eec10960a64f2d
- SHA1
  
  feafa0362779c604efd1e83bbcfd342200b5af93
- SHA256
  
  d745cbdbbc12bf3ccec0fa918e89f20196d42131fd63a14e2453c9593932daeb
- SHA512
  
  71c4006b18c68dc52f0f99ac58b7872602c6a94635978d40c520dad2bc603a28b62f2250ec3dfae7186c236b6a266c8abf979c39d86af5ff881cd3d45dccaf09
- SSDEEP
  
  24576:sZa5ZAr0cPmhJm3VlzNKr1jImBl3uN6R6ZReWGK7tx9BPM3EY8c3k:tPi0cuhJmFlzNKr1j/BEisPs3Em0
Score

1^/10
behavioral21 behavioral22
- Target
  
  SciTE Jump/Includes/WM_COPYDATA.au3
- Size
  
  3KB
- MD5
  
  f263d951ba7f97bb2204533d620b964d
- SHA1
  
  519b5e396a770132914ed7d30273c48b4dd253aa
- SHA256
  
  cad62bbb743f240efc6aff8fdeff0b4b1075f3deb04a9637266160a130b7f221
- SHA512
  
  1dafb2f5d51fd07d79fe73d2ccb788236eace22df629efa20da13c3cfc7478cbfe67882410075ddcba6df27954ddb09447225a5e86926a90d9d48f78c236eac1
Score

3^/10

execution
behavioral23 behavioral24
- Target
  
  SciTE Jump/Includes/_Functions.au3
- Size
  
  39KB
- MD5
  
  311e17433c7cda6605388a64a918235e
- SHA1
  
  214faddc0ce16875af95f0e3bd8c46af411dd6c2
- SHA256
  
  830a4d6f71bfaa7e35a968194242a9fc8f44efcba5576747e04a6c491acdb46d
- SHA512
  
  77fa3609dc2ca0623ed287fe66dbf1506bd1b54539e8d2a640a99ced2bb54a9a5a5ebfe8e76cd4fa98b403ec4912f0606c6681210dfabe38fe33addd310a264b
- SSDEEP
  
  768:SSAx8BB/xgs4L+LiN67cm7d1ZqrLlpLXByI+Nh7wM2FdQc3DFUvvxNWKJdw7TuN:PFBB/xgs4L+LiN67cm7d1ZqrLlpLXByF
Score

3^/10

execution
behavioral25 behavioral26
- Target
  
  SciTE Jump/Includes/_PreProcessor.au3
- Size
  
  1KB
- MD5
  
  b7cf5320488c4cb4a6e97b5fc241c352
- SHA1
  
  4983905c2207e21e124cb38cd2f54f4652cb83e9
- SHA256
  
  2d433121b77189f01dc2012f5801b8c45d84a44be2912b8a1fd4f0c40dd57cc0
- SHA512
  
  69c00f697564b12a2f16ae2749ba1baea4fa4689863c7c42327c6c1465b4d93d01b5bc75e7868abd8aacbceb7de73c24ea979d5fd37dd691fd65b9cc85553833
Score

3^/10

execution
behavioral27 behavioral28
- Target
  
  SciTE Jump/Includes/_SciTE.au3
- Size
  
  13KB
- MD5
  
  66cc3c50a8fb5f29cc84b348b4befa52
- SHA1
  
  337afeb17f8e022ee3af3fdd8ff32262a58d6387
- SHA256
  
  b3c060e227e03c16d1e63d88fca001e49e656283b3a76dadfafdda78f46eb65f
- SHA512
  
  17142e57d08706f24cd73e08c3ad86a39b662900c0dc62562ea9a245555d6ed3710b3535ae9b32cc10bb00011f408a5480992eff7daeb0593832d48a432e8c4b
- SSDEEP
  
  384:7MeS7wHTQmWBj9hHeE2BzEgppIP66dIgp2CeRdMLU7OjIxKPxl/1MNc1:Ae0wHTQmW9Sl1fppIi/OLadMLU7OjsCv
Score

3^/10

execution
behavioral29 behavioral30
- Target
  
  SciTE Jump/SciTE Jump.au3
- Size
  
  145KB
- MD5
  
  1ee7f75afc3bfbe3a018868a39b0d42f
- SHA1
  
  9d46ee2a5df950a790e6200f63a3ca984b084941
- SHA256
  
  24e4b616bb2297cd2038fe0ed513be718a2557402d62a46f98c2dd34a15df6a0
- SHA512
  
  91aa0a5749924b4c7ff43fe169163a5b0d457533e65172099db0580d4a48a312dbd7bcef72604fcca380177a451a686183423b8557a8886a90ad4cd49b53b6c4
- SSDEEP
  
  1536:JkxEXYsz8PFT8QQFJjlQu0rBrz6tceC09IM6X9yLFKslH:JrYVPFHQFJZQu0rBr+ceC09IM4yosF
Score

3^/10

execution
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32