110577d957889abb26d55891ca4b51e78cee9aa540fec542ae33142495f7ebe1 | Triage

Sharing

General

Target

49b422470563a817972466667106b12e_JaffaCakes118
Size

190KB
Sample

240516-gp787afc74
MD5

49b422470563a817972466667106b12e
SHA1

0fe123206e9bebf0d52cf51c4fef9c4f07adfac5
SHA256

110577d957889abb26d55891ca4b51e78cee9aa540fec542ae33142495f7ebe1
SHA512

993fbfe5622fbcb4b2c9c6c07bc67a3bace67bc8fe45791ac2149484b846759daa361642bac94379250b327c71fb64e02b49777b2723283e70cd5fe95847f8e0
SSDEEP

3072:HFXoDt6QAmP/NO4v4ZkxhJWu4zzb0D9u8mbQ9hVpSuAsqZ4ABp1vjAk2lm511SL:mAQnIaoYqu4zn0cAVvgekF4

Score

7^/10

upx

Malware Config

Targets

- Target
  
  49b422470563a817972466667106b12e_JaffaCakes118
- Size
  
  190KB
- MD5
  
  49b422470563a817972466667106b12e
- SHA1
  
  0fe123206e9bebf0d52cf51c4fef9c4f07adfac5
- SHA256
  
  110577d957889abb26d55891ca4b51e78cee9aa540fec542ae33142495f7ebe1
- SHA512
  
  993fbfe5622fbcb4b2c9c6c07bc67a3bace67bc8fe45791ac2149484b846759daa361642bac94379250b327c71fb64e02b49777b2723283e70cd5fe95847f8e0
- SSDEEP
  
  3072:HFXoDt6QAmP/NO4v4ZkxhJWu4zzb0D9u8mbQ9hVpSuAsqZ4ABp1vjAk2lm511SL:mAQnIaoYqu4zn0cAVvgekF4
Score

7^/10

upx
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/StdUtils.dll
- Size
  
  21KB
- MD5
  
  62cd3e9089314d24f0817c231dfa859f
- SHA1
  
  907fc4cef9bf22b3814dcf1cd06fc2b3c3ec842e
- SHA256
  
  93530c4c3cfa4a6c87671050a52eb673228a597e9052622e57bec02fec5328ce
- SHA512
  
  ccbe4f18013fd1055ca575d15faec1773268404b5dd1af40de865b39bf18457ca8d9078d3d3932fffdcebb5e76a807adce39b1091bda897ca53d60c6798fd041
- SSDEEP
  
  384:1DBI+2XKPdeyYTpLhDaSR61M01rP41WKSthVGBJwSAkBMyO:1K+2XsdeyMRhOSRAn1wWXKM
Score

3^/10
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  24KB
- MD5
  
  e7143c9655d4d4a9efaa578748c6bc45
- SHA1
  
  f8ac5c6ecf4847e1bbeafe021881a46e20f09e7c
- SHA256
  
  5c25a47da05d6ec943baec00977aae4825fe06db370b765afc1a5d39670ccbe2
- SHA512
  
  deadec14af2048188ae6c56cacec0fad9e9c86bbd352e664a999f2df8d0cef23575e6cc85bdfdc5105d69f5b0bdcca95a7b9f052f31676295ab6e3cae01cf8de
- SSDEEP
  
  384:EjuFHgNpQsSBO9+N5qoNvRjEJMmG+cGSjOBhpVPY8cCBfbwdxc4:ZOkooN6JMmGU6OBhbajxp
Score

3^/10
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/inetc.dll
- Size
  
  25KB
- MD5
  
  29e2dcdfb57ee3ab5e2bbc2fc3c42f02
- SHA1
  
  bd6cafcce5b70ee15311f9f53e9fd4aac819ccda
- SHA256
  
  2b7a69e98ed4975fd4eade513cff17099c43b3eebe7e7641696d1d20e8e14b2f
- SHA512
  
  f71c981b3b5308566b56156462d106ebf8e49a32e55b70891f9d70338941afd347cb4df374fe38b9b3d7309f63dd75a7c80ebe02bb8941d558cd638a6f8daf7a
- SSDEEP
  
  384:ViY1+aFplLBSgN9afuzwZAEecpuB3NVeMUPOSya4fa0Ac9khYLMkIX0+GGxky8oO:ViY1+a3e1mwJKVSPO5a4fsO
Score

3^/10
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/license.rtf
- Size
  
  1KB
- MD5
  
  0f42839c33c22077dd0f4cf46c905869
- SHA1
  
  d4471aeb47a6960a783753051964bdd6c79d09ce
- SHA256
  
  6ebd1f89aee1eb294f19340989cf5d460fb106c4edb522d9873e422bba5655d7
- SHA512
  
  cf155b3cb71bc294d156766d628526129c3c172ae25f156f7ce5d72b1ec7c46f27cd999ac62f96ebded1454cc5a3abffa54d815c6ca2413d2f88d82449acf8b9
Score

4^/10
behavioral10 behavioral9
- Target
  
  $PLUGINSDIR/nsDialogs.dll
- Size
  
  11KB
- MD5
  
  66cfc94903c8cfa492fdab42bde2026d
- SHA1
  
  d07194419d914eae5dc54a480ebddb0a8cb32f25
- SHA256
  
  82e21860521feea4d15ff7f30538b9d0ed1860747c98549ec85217178a6db632
- SHA512
  
  ecbc2c9361bef9332fe8e1675d11884c344b26f437eee9db3ec0b5999bf20e16b1d863c192e2091375a870cf8f4674deec16875ba56757b88cc859288305eeb7
- SSDEEP
  
  192:mMmfEKSweFA9/H5aE3KRmQv295JrbQMH2klPdIobEEdTFdHg:OfEBwe+VH5avmQv29XrUMHVlPFEEdjHg
Score

3^/10
behavioral11 behavioral12
- Target
  
  $PLUGINSDIR/nsJSON.dll
- Size
  
  7KB
- MD5
  
  b9cd1b0fd3af89892348e5cc3108dce7
- SHA1
  
  f7bc59bf631303facfc970c0da67a73568e1dca6
- SHA256
  
  49b173504eb9cd07e42a3c4deb84c2cd3f3b49c7fb0858aee43ddfc64660e384
- SHA512
  
  fdcbdd21b831a92ca686aab5b240f073a89a08588e42439564747cad9160d79cfa8e3c103b6b4f2917684c1a591880203b4303418b85bc040f9f00b6658b0c90
- SSDEEP
  
  96:Zw8NZ0x0OOdzJt0TwYKj7W/NYDNd9fQ6blfW+KrWC69r7ncnrD6Qdm:6e/7vAmrHblfW3iCmDcru
Score

7^/10

upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral13 behavioral14
- Target
  
  $PLUGINSDIR/nsRichEdit.dll
- Size
  
  5KB
- MD5
  
  02f1858b3131ffc3fc5e3a5391d3a489
- SHA1
  
  454a6d749cf55ff990bd9f57941aca9d1f1674f6
- SHA256
  
  f00bd6d3e7c7b8e8ad18b7dc6275fb80cc720fb164200a6506f50f6e66998b12
- SHA512
  
  8147fa8014a5065f4fed7de1fbb9c2ee2c1b94d63596f7bbcf6821ecd41a73d25ebdfa1e71ca74d7598cba063042b6dfcaf050a23d0c855a7b6fbc94147ab41b
- SSDEEP
  
  96:Z3CA+/dN6g2Aznq+1kaNar7ta6mKAJN0u4KOhB7lkZ3hBjB8wZ:Z3G/D26EaNar7QKzLdZkZX
Score

7^/10

upx
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral15 behavioral16

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16