ad639bb9d966273c305fc59b2f2a661cfb77944cd4aa0c83e3333c65cc13a510

Sharing

Copy URL

Twitter E-mail

General

Target

4e6875dca7cd0e0f0adf0b442d154e54_JaffaCakes118
Size

14.8MB
Sample

240517-ezzcxshc96
MD5

4e6875dca7cd0e0f0adf0b442d154e54
SHA1

51f2b36729ef9399012e4bcc7491e1a8db97e377
SHA256

ad639bb9d966273c305fc59b2f2a661cfb77944cd4aa0c83e3333c65cc13a510
SHA512

8b202299e72db8aa75257924ed6f20e1f857fa734d99881097312410464ea32ea1d458e201261eeaed49456385ee167c1181968b1075414fb7409bf9598b9689
SSDEEP

393216:Z9NG/Al8lpkrA1qrbirvaMAPWm1r54a2JBDr+3ApNer:Z9Upku3rHAPneDK7r

Score

7^/10

execution persistence

Malware Config

Targets

- Target
  
  4e6875dca7cd0e0f0adf0b442d154e54_JaffaCakes118
- Size
  
  14.8MB
- MD5
  
  4e6875dca7cd0e0f0adf0b442d154e54
- SHA1
  
  51f2b36729ef9399012e4bcc7491e1a8db97e377
- SHA256
  
  ad639bb9d966273c305fc59b2f2a661cfb77944cd4aa0c83e3333c65cc13a510
- SHA512
  
  8b202299e72db8aa75257924ed6f20e1f857fa734d99881097312410464ea32ea1d458e201261eeaed49456385ee167c1181968b1075414fb7409bf9598b9689
- SSDEEP
  
  393216:Z9NG/Al8lpkrA1qrbirvaMAPWm1r54a2JBDr+3ApNer:Z9Upku3rHAPneDK7r
Score

7^/10
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/DLLWaitForKillProgram.dll
- Size
  
  28KB
- MD5
  
  9c4b8ec42d89f7557bfd90798ce52787
- SHA1
  
  2376dde426ea65aa27c30e304086310605382475
- SHA256
  
  ed52bdad7b383a179b9b0e21fefdda2d72695c5263a815d5e1e0bfac6c718548
- SHA512
  
  17c12a27a08746755868558c037376dd7e20f03f0f71888c1329903b70975a54f57786c3c32bf88aaf30119f11ed978a6830ba91949e11cfc94fbb5ad95305b7
- SSDEEP
  
  96:EP5ZuFye0MyQW4uPwhs+R/+gFrE1m/U/uG98bp2y+HS21kEZ1b+4Tu9C1uGg8wBu:akFyFRQ5wIzlH/UGq36EZY4T+Gul8U
Score

3^/10
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/FILEDownPlug120308.dll
- Size
  
  28KB
- MD5
  
  89c563060d908e5df6848ad15731e6d0
- SHA1
  
  404d8d41700ecc907e5b7c849a0dcde8edda1e72
- SHA256
  
  8bd1c61e9be2b8b07f6dac4782a96ee9e679c5f163133a51b57e1ecd72f3eff9
- SHA512
  
  8eb86ed92ba4d3305a954d824a1ffc23d9aef02559c794c085f67583f32d8228834b09ad45edfd8a78b4634e62344f53e1106db64134b8dd2c5e0fae391da763
- SSDEEP
  
  384:UCpErQTFze4TRt19H9emlJfbyLx/etuFVclW:YkTA4n19H9jbZMKlW
Score

3^/10
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/FILEDownPlug2.dll
- Size
  
  28KB
- MD5
  
  89c563060d908e5df6848ad15731e6d0
- SHA1
  
  404d8d41700ecc907e5b7c849a0dcde8edda1e72
- SHA256
  
  8bd1c61e9be2b8b07f6dac4782a96ee9e679c5f163133a51b57e1ecd72f3eff9
- SHA512
  
  8eb86ed92ba4d3305a954d824a1ffc23d9aef02559c794c085f67583f32d8228834b09ad45edfd8a78b4634e62344f53e1106db64134b8dd2c5e0fae391da763
- SSDEEP
  
  384:UCpErQTFze4TRt19H9emlJfbyLx/etuFVclW:YkTA4n19H9jbZMKlW
Score

3^/10
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  14KB
- MD5
  
  eef9e469e8a30717974499f277d97e2a
- SHA1
  
  2d33c25984ebd9116beeb55cdde4c5c86c023e5d
- SHA256
  
  1f35bb6728237483c779005fc227e69fef51b0bafd32d15855d483948a337078
- SHA512
  
  d860132106a1c03dfa23f983b3c503f1216ac02f3d47833b96dfb333fb30bc8ab4d4fecd1f1f0a89f0c7f3586405461e2d53c26f282bb48970e549659b364b48
- SSDEEP
  
  192:8np6d+dHXLHQOPiY53uiUdigyU+WsPdc/A1A+MTjK72dwF7dBEnbok:8p6UdHXcIiY535zBtMTj+BEnbo
Score

3^/10
behavioral10 behavioral9
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  11KB
- MD5
  
  c6f5b9596db45ce43f14b64e0fbcf552
- SHA1
  
  665a2207a643726602dc3e845e39435868dddabc
- SHA256
  
  4b6da3f2bdb6c452fb493b98f6b7aa1171787dbd3fa2df2b3b22ccaeac88ffa0
- SHA512
  
  8faa0204f9ed2721acede285be843b5a2d7f9986841bcf3816ebc8900910afb590816c64aebd2dd845686daf825bbf9970cb4a08b20a785c7e54542eddc5b09a
- SSDEEP
  
  192:qADKnJZCv6VmbJQC+tFiUdK7ckD4gRXKQx+LQbVUSF:qAViJrtFRdbmXK8+WVUw
Score

3^/10
behavioral11 behavioral12
- Target
  
  $PLUGINSDIR/nsProcess.dll
- Size
  
  4KB
- MD5
  
  05450face243b3a7472407b999b03a72
- SHA1
  
  ffd88af2e338ae606c444390f7eaaf5f4aef2cd9
- SHA256
  
  95fe9d92512ff2318cc2520311ef9145b2cee01209ab0e1b6e45c7ce1d4d0e89
- SHA512
  
  f4cbe30166aff20a226a7150d93a876873ba699d80d7e9f46f32a9b4753fa7966c3113a3124340b39ca67a13205463a413e740e541e742903e3f89af5a53ad3b
Score

3^/10
behavioral13 behavioral14
- Target
  
  DTCommonRes.dll
- Size
  
  4.4MB
- MD5
  
  f973679126068dd2cc87242a93d0f685
- SHA1
  
  476b8395683925f8a08fa5f8c29d9f33e2827efb
- SHA256
  
  948c2971233ea6372d250940c1b6a37681b9cf006d8f833eb71b04d70ba46e12
- SHA512
  
  eafb2d61955c1477e133e799958660a1d1a93c250b0b4aeb8b6d14ec9e11f853220c064ec7c2e55be3acefe4d42690356450ffb8039efc1bb6d899a600abe5ef
- SSDEEP
  
  98304:s7ey4x9tgguSkllGCo5NyKNoSEB4Xk3SucbeXVTutFFFdp:sgcICyEB4X5ucgutFFFb
Score

3^/10
behavioral15 behavioral16
- Target
  
  DTGadget32.dll
- Size
  
  442KB
- MD5
  
  9d19eebac50b6897d5013eaa7ed39cfa
- SHA1
  
  af79e9fc28437fc924d70e0de3f0f80006bf2eda
- SHA256
  
  c2c78c4ea56e80bcc00ccdee2914b3cff8acb469dd215206a3b39a779fe3d083
- SHA512
  
  ca1b601e3fd7c2e34763676f1687e64593d90d426b541e6d58d1816a62b34bd6928df722ed5ce0fc65ec39e3f3ad08ba618d1c117a3f1a9bab252435b1852b32
- SSDEEP
  
  6144:mqHW8/N8wn0nY3NtF+WqZ6vT0KzZfqqDL60xlkeshE7/92jdOc5:mL8/N8wj3NtaUT0KzZCqn65eLhQdOc5
Score

1^/10
behavioral17 behavioral18
- Target
  
  DTGadget64.dll
- Size
  
  497KB
- MD5
  
  72f7eae5ff8544f5ed2f8e20f10d8089
- SHA1
  
  b3e84f951b1330ba8691e936e436f4e61ce28b41
- SHA256
  
  365daf7571d0976fd42f6cea44c08f85ab94705851e770ee7e64d4d95f5b383c
- SHA512
  
  be70f7d1b1e741bd4fec6a4cd670c88365b312d39f8d60868d1414a90e1b99aa7ae243924403774a326e61a9df309dbf06ed9ad9fde60a6f304a5253e3d6cbda
- SSDEEP
  
  6144:oFnOxKVA8CQfpHPqnRhRpe/ua0ovvkWKZWlumr+TFApTR+5eqqDL60xlzlfb3gxo:FKVaG5CnJAcovsdzAu57qn6e6x4l
Score

7^/10

persistence
- Registers COM server for autorun
  persistence
behavioral19 behavioral20
- Target
  
  DTHelper.exe
- Size
  
  334KB
- MD5
  
  1e116630ee6aaf7d608a0fb39cc3a6f5
- SHA1
  
  e3fa88af16dfc2f082042e863b739327b5356ed7
- SHA256
  
  6a0a774fc3dc75b27ff7b9904551e548f11f0a990dd0faa4a44cf7fedc25c768
- SHA512
  
  3064eba59f1573b66bd1c9e19c8f9f50c048fa8ab46347b9e90299fb13c28acffbe812c8aa10422996f48d4126b8846102f8e1941c34720b2b6ae755d0054747
- SSDEEP
  
  6144:va31QFNDQ+mP7HFLjAhWE75Ynnet/R4KnM6Y:v9FNDQ+mzljAhdUU54Kny
Score

1^/10
behavioral21 behavioral22
- Target
  
  gadget.html
- Size
  
  733B
- MD5
  
  4464c90fda3793b1d2a052924f101630
- SHA1
  
  6d345ddbee572c72fafe8a2ae38a58ee964b8141
- SHA256
  
  cda12ce5dc43e497a8178af29640c7ce68c9d705cbff4f8dfb1a6ee88b8c3d92
- SHA512
  
  786c41e4230e7ddd4c205810f4d2563e226fc0a457349be57a1da2c1cf8b3a57d61d1cf4b25a129973864a11fc785263b61158207b7a0776da002e9b161d0af8
Score

1^/10
behavioral23 behavioral24
- Target
  
  jquery/jquery.min.js
- Size
  
  92KB
- MD5
  
  acc0adc6c188845a409bf158d2de4451
- SHA1
  
  881a17148bea7a96d05063d035f74bd6353fbb3e
- SHA256
  
  4332316d0fe4e2c7a9e213afa4d9cbf983ad5bf80cb47d98c9cacd5470e35889
- SHA512
  
  cf3549dcaecaaa87b2b24b0624c9ec31704bd4f84deaf62548230958c7ab4e3861d03f4aeaaaf708da9f953c8c557700f38ead32ffa4e021dbcc6a84e8cb0b6f
- SSDEEP
  
  1536:lYRKUfAjtled3TmtaFyQHGvCXseUOgRc9izzr4yff8teLvHHEjam7WuX3yzSiLnM:cUbCGvCD0932o2skAieW
Score

3^/10

execution
behavioral25 behavioral26
- Target
  
  jquery/newfunctions.js
- Size
  
  7KB
- MD5
  
  15dd54020cbfea21cc3465ed9d3fdc1a
- SHA1
  
  6dd3308af38c8f7a2b9e34c373499c4d525002e5
- SHA256
  
  5f00c0fd897258a9952116f2247d75dd746f07382a97764e4def4558b9db2594
- SHA512
  
  9559a7a7c00646ce30b1ba4505d42597109679d04a2ebae5185f048d58aeb52d20623aca97762c847bd818f96c0b0b20551aabdb1f9266ad556a17ebbf3c896a
- SSDEEP
  
  96:0uGZhkt9jvnOwnlnV3jJ3lQqaGHd2hqbjSA5NiDyF+bxbyqCKg:jGZhkPjPOKlKaNi2+VcKg
Score

3^/10

execution
behavioral27 behavioral28
- Target
  
  jquery/newgadget.js
- Size
  
  33KB
- MD5
  
  d197873734e0b958c0c43409e0229e1c
- SHA1
  
  7d61314cd72b1770fcbcf9000c54b9958a58c9b6
- SHA256
  
  53c232b5e959a2b5599f55969bc9a3f193ed60b8f3514f018dbb52463f914f65
- SHA512
  
  7785f6f79ea6939c1065ddbf3e9fee03fbf8d9b05fbe7ddf7146a6ba6516584e51924fe679046b181d011b711e192b6acaa712f8b85fb28f79896880cd54e12f
- SSDEEP
  
  768:Q7Kh0rV44mqVikpqMO/0zcdj5E3QiVMgUfM:uKhOtmqgKMvM
Score

3^/10

execution
behavioral29 behavioral30
- Target
  
  message.html
- Size
  
  1KB
- MD5
  
  5c27d1b43a2783d71118c29467a2a305
- SHA1
  
  723b21dd0543917c7c1d683a3d071abd4efd034d
- SHA256
  
  c843216b0cdc055a58c80cdd91bb5b1ca9b456afc79e96fa9ab63f572cd354bc
- SHA512
  
  23b1d99891a6367dba6615369576963b96999ee269a1da68fd18f122d7d1da1ea5415bec14cf03e647ec930fc92b7d7e67f01986038caa4bde72c87eabf20627
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

T1059

JavaScript

T1059.007

Persistence

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Loads dropped DLL

Registers COM server for autorun

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32