898ca7aa129126a615282db699c2c3545f05df4c5660ee16bd9b42913ff5818f

Sharing

Copy URL Twitter E-mail

General

Target

5f06a605a226b23c3ab073d94160c9f2_JaffaCakes118
Size

1.5MB
Sample

240520-pfvwhaae96
MD5

5f06a605a226b23c3ab073d94160c9f2
SHA1

6fb9f601e2c10366710ebef0f977187ecd7ada45
SHA256

898ca7aa129126a615282db699c2c3545f05df4c5660ee16bd9b42913ff5818f
SHA512

c515746fb9245ec0127efba6f53082d0d82302dcf16d6cd1e4ad84b247399827eb4c7f929358ec0f06439efd1d781f66e8760cd101f098e76269bf38095f0cf5
SSDEEP

49152:aBefu9+dxbLShOvtUwXF0je51a6mJjfQYE9bd+sHIx/:U+uCL1NXF0jeTa6Mjf+9Z+sI/

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  5f06a605a226b23c3ab073d94160c9f2_JaffaCakes118
- Size
  
  1.5MB
- MD5
  
  5f06a605a226b23c3ab073d94160c9f2
- SHA1
  
  6fb9f601e2c10366710ebef0f977187ecd7ada45
- SHA256
  
  898ca7aa129126a615282db699c2c3545f05df4c5660ee16bd9b42913ff5818f
- SHA512
  
  c515746fb9245ec0127efba6f53082d0d82302dcf16d6cd1e4ad84b247399827eb4c7f929358ec0f06439efd1d781f66e8760cd101f098e76269bf38095f0cf5
- SSDEEP
  
  49152:aBefu9+dxbLShOvtUwXF0je51a6mJjfQYE9bd+sHIx/:U+uCL1NXF0jeTa6Mjf+9Z+sI/
Score

7^/10
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  11KB
- MD5
  
  a4dd044bcd94e9b3370ccf095b31f896
- SHA1
  
  17c78201323ab2095bc53184aa8267c9187d5173
- SHA256
  
  2e226715419a5882e2e14278940ee8ef0aa648a3ef7af5b3dc252674111962bc
- SHA512
  
  87335a43b9ca13e1300c7c23e702e87c669e2bcf4f6065f0c684fc53165e9c1f091cc4d79a3eca3910f0518d3b647120ac0be1a68eaade2e75eaa64adfc92c5a
- SSDEEP
  
  192:em24sihno00Wfl97nH6T2enXwWobpWBTU4VtHT7dmN35OlESl:m8QIl975eXqlWBrz7YLOlE
Score

3^/10
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/npHelper.dll
- Size
  
  333KB
- MD5
  
  b4265a7ee9968e9c59aa7ff90ce6198b
- SHA1
  
  8a3447319d888fecfc29f8a57c06bd2839ca0f6e
- SHA256
  
  224f9121cdfd4dfc675d2648e6a00d5ba78be1428e740fb7f1ed0f0865d4abec
- SHA512
  
  2be0ee3dfbff2a1a555a0faa1bbe5ed9c8b8d17be754e10371560277716a53895a6fc41629c8250d5846691d84eb5fb8318b5ff0b1e3e06f5272a7a5a4e504c9
- SSDEEP
  
  6144:rghB4p062SsPDOF0HDF1PldFkElDJhhAOBlXIwzYeO4:rgzwYDqmHDz1XhhflXTzYe9
Score

3^/10
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/nsDialogs.dll
- Size
  
  9KB
- MD5
  
  0d45588070cf728359055f776af16ec4
- SHA1
  
  c4375ceb2883dee74632e81addbfa4e8b0c6d84a
- SHA256
  
  067c77d51df034b4a614f83803140fbf4cd2f8684b88ea8c8acdf163edad085a
- SHA512
  
  751ebf4c43f100b41f799d0fbf8db118ea8751df029c1f4c4b0daeb0fef200ddf2e41c1c9c55c2dc94f2c841cf6acb7df355e98a2e5877a7797f0f1d41a7e415
- SSDEEP
  
  192:ob8cSzvTyl4tgi8pPjQM0PuAg0YNyhIFtSP:mBSzm+t18pZ0WAg0RhIFg
Score

3^/10
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/terms.rtf
- Size
  
  25KB
- MD5
  
  1153e2a560d57a437f1d36c83f71f4d4
- SHA1
  
  c3c7bcf70b78d9f73f07bc0669e369f93a29b48c
- SHA256
  
  e574e50039d95463fbaa0ffdc10c6278ebb6cdbf58a0c27db11efd06fb2e3bdf
- SHA512
  
  3592f5e0b170dc90b1f86d7b65ede4ae3feacb4234deb47a4cfc9893c2c2212b6cb0d5cfd37c46389d027acea11bec84cce8f90a980c303e2338c74bc406097c
- SSDEEP
  
  768:tqWJISmWT4vzCulk6IZ0zrl3gxDaZE7SsvA:tJIYT74dSaa7Sso
Score

4^/10
behavioral10 behavioral9
- Target
  
  $_14_/$_14_/$_20_.exe
- Size
  
  2.7MB
- MD5
  
  64133076cb7a7bb2fcc79d5a3f1a1424
- SHA1
  
  845af69b14906476e2a17e411d7d024e820f3589
- SHA256
  
  2d4a496260a45beafb59f90c243031a58dc2b34de7824e26c4365c90206dfa34
- SHA512
  
  0544c15e03d24f4b459479943cd2612920b7c15285ecaf16cb67b0fa4361f747a51507cf9616064eadff9adeda019d1655a648bcf25b9d51e44e981e5f16a021
- SSDEEP
  
  49152:/HcCyPpdiaNDG+hu+tUzc1qaXCwL7v+AqpH+/uWdMyWjevlODyYX45U4pn:/HcCWSScc19tL7upH9Do1
Score

1^/10
behavioral11 behavioral12
- Target
  
  $_14_/Uninstall.exe
- Size
  
  109KB
- MD5
  
  e129b8a705222e47225ffbb76d9724d5
- SHA1
  
  325920cdc1ddf65d74a74dca9dfde15e4835b7f6
- SHA256
  
  2f7fd012284edcff658f512dead1bc539eb1490421137d54a363728199fffcf8
- SHA512
  
  52d782f2698c4324b5dc8374af46ca1c369920b79942f0c55cb3c62e1876455658c75542ab1dffd5ab81c2ce213cc3a42f633938b666145f3f55fed7a5bfefd2
- SSDEEP
  
  3072:74lLpkXGED3iNuQZndILLBR147AcQOBjUirY:ApkXGhz7uHWbM
Score

7^/10

discovery
- Executes dropped EXE
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral13 behavioral14

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Loads dropped DLL

Executes dropped EXE

Loads dropped DLL

Checks installed software on the system

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14