221b160532a8bd6357a78ab2dadbfb74a9101c030362ea6b5e1a06a7a38f4efc

Sharing

Copy URL

Twitter E-mail

General

Target

4cfa77241309f09eb0a9cb69c0319347_JaffaCakes118
Size

1.1MB
Sample

240516-zths7sgb5s
MD5

4cfa77241309f09eb0a9cb69c0319347
SHA1

fd5d89fdba0973dff9267c7ba3d45c3491c3dc24
SHA256

221b160532a8bd6357a78ab2dadbfb74a9101c030362ea6b5e1a06a7a38f4efc
SHA512

3f5d632c3d5d363764ca8c65e632c043eb4025f2bc642e08b6f7a6fdaf6c3e7f645e029f144dded1c9443b2926a48b299296e568258b5b44227b390807307fa5
SSDEEP

24576:G8IF5Hr6yALUQhj2XltNwHs3kB4Z2m/0Y94pLikcZZep0/tty:jgNjAL92XhSs3r7/0+4pLitZep0Hy

Score

7^/10

Malware Config

Targets

- Target
  
  4cfa77241309f09eb0a9cb69c0319347_JaffaCakes118
- Size
  
  1.1MB
- MD5
  
  4cfa77241309f09eb0a9cb69c0319347
- SHA1
  
  fd5d89fdba0973dff9267c7ba3d45c3491c3dc24
- SHA256
  
  221b160532a8bd6357a78ab2dadbfb74a9101c030362ea6b5e1a06a7a38f4efc
- SHA512
  
  3f5d632c3d5d363764ca8c65e632c043eb4025f2bc642e08b6f7a6fdaf6c3e7f645e029f144dded1c9443b2926a48b299296e568258b5b44227b390807307fa5
- SSDEEP
  
  24576:G8IF5Hr6yALUQhj2XltNwHs3kB4Z2m/0Y94pLikcZZep0/tty:jgNjAL92XhSs3r7/0+4pLitZep0Hy
Score

7^/10

evasion trojan
- Executes dropped EXE
- Loads dropped DLL
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/$_354_/ProxyInstaller.exe
- Size
  
  77KB
- MD5
  
  0a04346dd845d2da2fd7495e79d1fd29
- SHA1
  
  73d70293b36f53177d2af86b92696209411a620f
- SHA256
  
  38a547d439ba02165e6c8eebda518bd8389f7f5a466dd5932db07bf6a3255699
- SHA512
  
  71f1dd266293781122a942be0a069e212215d619af35682e7b3b9d16dcd005d698740cdc6df07fef0041ccae5b9bf11511c59ff884cca02426a20ca2f3c61e65
- SSDEEP
  
  1536:9VdePelp2Xy+tuQOzOYE5aXPnYF8suJ0mvlOX5C8e7ixoB:mweqOYEUXPnlJBj8eGqB
Score

7^/10
- Loads dropped DLL
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/$_355_/BI.exe
- Size
  
  65KB
- MD5
  
  0781655ec56f48f0878cf9b8cfb96a26
- SHA1
  
  b72a9d7e146df7d10a3f1483c9a9d32c224b9fdb
- SHA256
  
  6122edbae7a047d7ea93fa7cf9383cbefca9e18b571c9f183f9a1bfd6d2faa77
- SHA512
  
  7d21d5d36bbd25cc63163387f70d4d01c68bbb99c94481ca33f494f4954c7e7e1b02c77d9297892373575751ec9825264b4af926c844f58abfb6a24ead5e1309
- SSDEEP
  
  1536:fVdePelp2Xy+tuQOzOYE5aXPnq9F8RSZ7dcZYl2:YweqOYEUXPnqsqzl2
Score

3^/10
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/$_356_/DownloadAcc.exe
- Size
  
  163KB
- MD5
  
  305af6be819ca06d6088fabfa3b4ce5e
- SHA1
  
  6e4c55b28863df05b6cc91072cbf2ab0865dd677
- SHA256
  
  16971b1bd82a3dc497f4d80a975c25e855a506a9490d0afb8661e220f8aad615
- SHA512
  
  9964507a6bc87b84d8ac089a8e948e4017f34912d18a05d1d871e7a6e64cf6170233650c986b4cde820b8847ecbd04e3354c24006af393687203a191b46d2a8f
- SSDEEP
  
  3072:8weqOYEUXPn2M+aUGHV0pn40pTEnVe+csybUnawkKJq:9EUXuYVEn4VVQ3uq
Score

7^/10
- Loads dropped DLL
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/BunndleOfferManager.dll
- Size
  
  339KB
- MD5
  
  f09bb97b9b8e2048fe562e78f761a0b7
- SHA1
  
  a7243e5768aea8717b22a6c7f0b144c5876dfe0f
- SHA256
  
  f65e438aa098d9e5742821763d355939724e923ea418ca7443439e7a409ba808
- SHA512
  
  430f4aa2945e366df3240ef96be3a1d0868383cb3a950cfe0b6fbf5fcd9cf239430900ae79bed3f55e15a50f365c8b021aa82c069826e96a355c8a7cfde66974
- SSDEEP
  
  6144:7yv0RMsT8lzZZOC4+OeO+OeN7VBBhhBBrXLsbg+vwzlTMw/8ZL8ITe:cYrAZOC4+OeO+OeNhBBhhBBzLsbg+vwd
Score

1^/10
behavioral10 behavioral9
- Target
  
  $PLUGINSDIR/Failed.htm
- Size
  
  6KB
- MD5
  
  4bca38bc78f5e8283655b1dda3d81b2c
- SHA1
  
  b1e61db910ebc37bcbf4650d773d727b15fc8554
- SHA256
  
  16b03f64adc522298a636a117869d821379e341314704a4eb7e2263689e76d91
- SHA512
  
  6b4559f2f658835ca3a5a8772f424415838990fd7b22ce9452577c6f1e92c8776fe8f25e2747e91dcf59b390084d82bc48f3bfaafb242c3374b0e98e81db3509
- SSDEEP
  
  192:0BA1WBLKOIIMwFTsVEuuzXLtnMB7QfOLCqaNhp:0yW9KOpsVEuuzXLtnMB7QfyDad
Score

1^/10
behavioral11 behavioral12
- Target
  
  $PLUGINSDIR/FirefoxHandler.dll
- Size
  
  36KB
- MD5
  
  297f686666aab3309cabc430199dfd10
- SHA1
  
  0e57ded3db82a5c6de284a6fa93cc38bb8834ac9
- SHA256
  
  6eef17cfaa4e4420f41a5e80c2fc49f4c1b8e44c8b648982c5cf5311fbd91dca
- SHA512
  
  39ba6a6523df27c9e4e5d764a6ddde8129bbf80800b4b660354307d2601e84ed0783a6c035c5c1411a12177f95617db43d7ae2f3b0a2f5389d4d2681276196ac
- SSDEEP
  
  768:J92TwvrKHG8lvQdxk/+IX19elUSrMQLisawIUqoULdAOfK+2+ZI:X2kvkyxkWIF9elU1+ALWOfZZ
Score

3^/10
behavioral13 behavioral14
- Target
  
  $PLUGINSDIR/OCSetupHlp.dll
- Size
  
  842KB
- MD5
  
  5b8d0d2cd9d60412262f166e15357961
- SHA1
  
  cab78c31f513d1f2bf43205af88a3bbfab11b1ca
- SHA256
  
  2c028b33da28063270a7c4f7f8affafdea63a766627178cb166253f14f3a4c4e
- SHA512
  
  e4a05b5479c1b9edc49d36356e1a7e212cc100f11d600bae8d6303a6c1e1ed329c10eaa1d5228860d3a7999147bc8c920c07f3acaf197f1b8df955a583c7230f
- SSDEEP
  
  12288:b+wnK6z+X9XgFnDgQlOpmtZkYZYiWRREaQDEK/8MoSTLyrQCT30:iTdwZDgQ4p2ZkCYHtQIK/8M7TLyrQe0
Score

1^/10
behavioral15 behavioral16
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  17KB
- MD5
  
  a4f38d1c7a480f5da1bb8097b8b939db
- SHA1
  
  b3129c2a0e61881381463f5e0cbbffa573daa845
- SHA256
  
  e1180e1e3344c7536150275e33de53dc1dd1a3ca03be66c4d4875fe5bcd4e436
- SHA512
  
  fed89f7ee9364fc2f4b9f82c4563713497043947e98dbb03e7d755681adf3ae661aba80d08e59988a23695fc64481b69d9842b7ec7d2b572cc872c4c9957febc
- SSDEEP
  
  192:WN2gQuUwXzioj4KALV2upWzVd7q1QDXEbBZ8KxHdGzyS/KxKb+nYe+PjPArJUxVy:tJoiO8V2upW7vQjS/0nYPLWUHWteMy8v
Score

3^/10
behavioral17 behavioral18
- Target
  
  $PLUGINSDIR/execDos.dll
- Size
  
  11KB
- MD5
  
  84eac2b0da307a3b0d17c35838d8e7ee
- SHA1
  
  ea472569b5d8c11132fac266f5e340300a33df76
- SHA256
  
  bdc28057be0a9e5b4f3735197a382680f646c1bcadb18fcdb6bed0caf6bcad31
- SHA512
  
  8f6c662b2de6ff3a306f2024a127e0eb79f8160dde7bfbc00095e25e0e2d905df8c291f854fae40005718478eac83db5f4622a40f7b8600ac19255b37dadfce9
- SSDEEP
  
  192:Wx9pJ7jQs5toD6Cln/6tt19nYe+PjPArJUxVl+vlJar9ZCspE+TMQrs5R:WJtGblEnYPLWUHWteMHR
Score

3^/10
behavioral19 behavioral20
- Target
  
  $PLUGINSDIR/inetc.dll
- Size
  
  68KB
- MD5
  
  3f06f0843792d42062bea6a42ee8ac11
- SHA1
  
  0b054746b414653b1eb87f3a5550ced2b8d41340
- SHA256
  
  9db2b6fffadd4e383a7aa15d2c15596de12c7e523cc7e38ecf4a909b9196df12
- SHA512
  
  ea6884f612f973101179f29aeb938789392efb9f592cf6435c7f2d85f1a151cd559818a786341d46fa950fbe0af61fecb1bd6fd04f28b02666d5bdd203c7bffa
- SSDEEP
  
  768:zYfkrixzRbXkc0bVWFuQX10VKqfNT8HAaAE7npbdQp3AvQD+A+jck5/SKt0t:zYfkriHIDBWFuL8gBE7o+QR+//SAq
Score

3^/10
behavioral21 behavioral22
- Target
  
  $PLUGINSDIR/nsArray.dll
- Size
  
  12KB
- MD5
  
  6c41b7846fccb6edbbeba7ae13abbce2
- SHA1
  
  eebf8ef6bc529262ed9b0b38f21e49af243b8d75
- SHA256
  
  072086de8c1d354733b4f3555482656728e0a26be715e76b90c3a71faac7f8f6
- SHA512
  
  8189f41c564cb330c0f4c4b73c53f41c924a54914a62e80885451643d8ed7a3d7c5b6f7cd4b2a88a83a2ef1b6f063184812c53dda398eabd3508dd0ea02044de
- SSDEEP
  
  192:OaNHOZqWdn+/a4YZkv1uULW1C4w2X2bMsj/nYe+PjPArJUxVl+vlJar9ZCspE+Tf:OQudRQaYAU6hXUnYPLWUHWteMu/
Score

7^/10

upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral23 behavioral24
- Target
  
  $PLUGINSDIR/wajam_validate.exe
- Size
  
  17KB
- MD5
  
  474f39f904f0438e00eed8e959b4e186
- SHA1
  
  8de9f21e12d49a7888dc6630957af3030c4c0371
- SHA256
  
  09b45b3ed7932077ea0c10c9db46d8073d8acab291183899f5e5f9a4690cd6f4
- SHA512
  
  6bbdf3dd34d8cfafed60af4b73948ef3a1b246df3f60362e5fbad4e17b166834b048aefe6aa6d68fe01fe88989ad67dc28b6bc58214aaa02e4483f673dbfb703
- SSDEEP
  
  384:URfniwHlewYytKbZjHw3zhePvnYPLWUHWteMDuBZZ:URfiwFewcJHG4ntEn
Score

7^/10

upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral25 behavioral26
- Target
  
  $PLUGINSDIR/webapphost.dll
- Size
  
  827KB
- MD5
  
  4dc5c6692260f2191e1573dd1cb1bb32
- SHA1
  
  de77124c49f17798d2b576add2e1857515c35e10
- SHA256
  
  59f4916771a03fd9836df92196b31256c428fb50a287474359a55dcf03d32632
- SHA512
  
  9ab8135c7081487c8f9cca70bdb275553e722ac69aa1906af83657eb0ea8459feb0030e3417edff6abd1cce7ee06fc967babbd306e79911f767935db00fa549d
- SSDEEP
  
  24576:3AmjnnyOl5EdSjPWWTGprfljVrLjWf7IeMVXlPjF9J:3BpPWWTGhljVrLif7IeMVVZ9J
Score

3^/10
behavioral27 behavioral28
- Target
  
  $PLUGINSDIR/xml.dll
- Size
  
  124KB
- MD5
  
  8123bd4d3b32b352c4651d89d6597d88
- SHA1
  
  1655ae3b35cf3ed2dfa0a1212c6fd5c444a52d9c
- SHA256
  
  288a66549f2699eba1010c5ec989f546a1381411413e56f12b3dc6c5eb6694d5
- SHA512
  
  13a45cb9df3c062f473d0b7371370b24d7355aabe688254d93b4f7474264c4d79fe945591947765e8477db664ad00e132f247499cb64949f0378481aa5c0ba60
- SSDEEP
  
  1536:S2A8OSGjylgkara+70LICin9zgtg2LxowhtJu6MqSNicNEtIfF42q2KCZC:8zjLkarn7O+n9z2L6whFtGF42bKcC
Score

3^/10
behavioral29 behavioral30

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Executes dropped EXE

Loads dropped DLL

Checks whether UAC is enabled

Loads dropped DLL

Loads dropped DLL

UPX packed file

UPX packed file

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30