e0ab6ef803903b6866fb2dcddf7352e06fedc088a2b8314f7829cc9f83f2a22e

Sharing

Copy URL Twitter E-mail

General

Target

602984a33503e83cbf18dd14cbb1a5ea_JaffaCakes118
Size

22.9MB
Sample

240520-vceb8she56
MD5

602984a33503e83cbf18dd14cbb1a5ea
SHA1

72d2b30ef207ffa9d7b85bb81c877bd8ed285930
SHA256

e0ab6ef803903b6866fb2dcddf7352e06fedc088a2b8314f7829cc9f83f2a22e
SHA512

f269950e9402d5dbec337f32c68ba33d6b62a19b0d2f78e037b5d4c2343ff4a130fb4607090f4e3f6909f98485fa0582e6f0835591682f223582af32b761191e
SSDEEP

393216:1wEZQPeotULkt4rzM8g0WDYfv/kpAyLNmMBhvlMgZaiLKqQ:1DQPeotarg+v34Nda/qQ

Score

7^/10

upx

Malware Config

Targets

- Target
  
  602984a33503e83cbf18dd14cbb1a5ea_JaffaCakes118
- Size
  
  22.9MB
- MD5
  
  602984a33503e83cbf18dd14cbb1a5ea
- SHA1
  
  72d2b30ef207ffa9d7b85bb81c877bd8ed285930
- SHA256
  
  e0ab6ef803903b6866fb2dcddf7352e06fedc088a2b8314f7829cc9f83f2a22e
- SHA512
  
  f269950e9402d5dbec337f32c68ba33d6b62a19b0d2f78e037b5d4c2343ff4a130fb4607090f4e3f6909f98485fa0582e6f0835591682f223582af32b761191e
- SSDEEP
  
  393216:1wEZQPeotULkt4rzM8g0WDYfv/kpAyLNmMBhvlMgZaiLKqQ:1DQPeotarg+v34Nda/qQ
Score

7^/10
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  $COMMONFILES/Blueberry Software/$R0
- Size
  
  92KB
- MD5
  
  8f8311ab8408372d6d14dc0510fce09c
- SHA1
  
  a94ca92a4260914f603c125ae821b1ab7df1f919
- SHA256
  
  33a515a02d98a39386f37de370d5e439e1be765e2ed0cf48f14580621b07cd99
- SHA512
  
  7c4a12067e83a20eb35e7ee5a713614a6da61b19de64a664d3aa81b2ade3e0f0710a752cf6a218aecad692a9909808152fca3fa5b054df00a2bd9ff7d6bd3445
- SSDEEP
  
  1536:sahw8JkXk5OHYZudRyRCGda5++05CRbnapx:sa2Qk74TdTd5ubC
Score

1^/10
behavioral3 behavioral4
- Target
  
  $COMMONFILES/Blueberry Software/$R2/NSIS.Library.RegTool.v3.$_81_.exe
- Size
  
  5KB
- MD5
  
  1f694e53532eb452ce7ae7f4523fde76
- SHA1
  
  59609431a30f3a01aa07003dd09e9600961fbc2f
- SHA256
  
  13e8d49e4729e2e6f71956770582c1ec2b632068a3cc9eb8fdc7a3428bab151c
- SHA512
  
  046334e0ea75227938c706c2fa7a7ca64cc10433eeeb1835a045f5a079beceb1a059e44f348d2f1d6e2797de966c3004f3a9c37b78a1b18c90fb851edeac38f9
- SSDEEP
  
  96:GFw199Edyn/3sxi2sS8HVrqbdC9Xh+MClQGZ56:D19CgfsbsS8HVWbd9XlQGZ5
Score

1^/10
behavioral5 behavioral6
- Target
  
  $COMMONFILES/Blueberry Software/BandLoader.dll
- Size
  
  92KB
- MD5
  
  8f8311ab8408372d6d14dc0510fce09c
- SHA1
  
  a94ca92a4260914f603c125ae821b1ab7df1f919
- SHA256
  
  33a515a02d98a39386f37de370d5e439e1be765e2ed0cf48f14580621b07cd99
- SHA512
  
  7c4a12067e83a20eb35e7ee5a713614a6da61b19de64a664d3aa81b2ade3e0f0710a752cf6a218aecad692a9909808152fca3fa5b054df00a2bd9ff7d6bd3445
- SSDEEP
  
  1536:sahw8JkXk5OHYZudRyRCGda5++05CRbnapx:sa2Qk74TdTd5ubC
Score

1^/10
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/AdvSplash.dll
- Size
  
  6KB
- MD5
  
  13cc92f90a299f5b2b2f795d0d2e47dc
- SHA1
  
  aa69ead8520876d232c6ed96021a4825e79f542f
- SHA256
  
  eb1ca2b3a6e564c32677d0cdc388e26b74ef686e071d7dbca44d0bfa10488feb
- SHA512
  
  ff4e6e6e7104568fc85ef3a3f0494a5c7822a4ceaf65c584ad534f08f9a472a8d86f0a62f1f86343c61e2540b2254714b7ea43e4b312ff13d8271ff069386fa3
- SSDEEP
  
  96:6hNSXIcmYjkvTS6MnBNZ1BMjDfhkkEkkXstWpPwoS:JXIpzTSd1BSk/kJtWpP
Score

3^/10
behavioral10 behavioral9
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  14KB
- MD5
  
  325b008aec81e5aaa57096f05d4212b5
- SHA1
  
  27a2d89747a20305b6518438eff5b9f57f7df5c3
- SHA256
  
  c9cd5c9609e70005926ae5171726a4142ffbcccc771d307efcd195dafc1e6b4b
- SHA512
  
  18362b3aee529a27e85cc087627ecf6e2d21196d725f499c4a185cb3a380999f43ff1833a8ebec3f5ba1d3a113ef83185770e663854121f2d8b885790115afdf
- SSDEEP
  
  192:86d+dHXLHQOPiY53uiUdigyU+WsPdc/A1A+2jwK72dwF7dBEnbok:86UdHXcIiY535zBt2jw+BEnbo
Score

3^/10
behavioral11 behavioral12
- Target
  
  $PLUGINSDIR/StartMenu.dll
- Size
  
  7KB
- MD5
  
  a4173b381625f9f12aadb4e1cdaefdb8
- SHA1
  
  cf1680c2bc970d5675adbf5e89292a97e6724713
- SHA256
  
  7755ff2707ca19344d489a5acec02d9e310425fa6e100d2f13025761676b875b
- SHA512
  
  fcac79d42862da6bdd3ecad9d887a975cdff2301a8322f321be58f754a26b27077b452faa4751bbd09cd3371b4afce65255fbbb443e2c93dd2cba0ba652f4a82
- SSDEEP
  
  96:2fiqP7bO2qHkAC40KhvSE+6nrxtMn0iGd88qRLqtJ1tbRhElfRx2:siqP7OHX1Q4xtcf8qo/ttgfRx2
Score

3^/10
behavioral13 behavioral14
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  11KB
- MD5
  
  c17103ae9072a06da581dec998343fc1
- SHA1
  
  b72148c6bdfaada8b8c3f950e610ee7cf1da1f8d
- SHA256
  
  dc58d8ad81cacb0c1ed72e33bff8f23ea40b5252b5bb55d393a0903e6819ae2f
- SHA512
  
  d32a71aaef18e993f28096d536e41c4d016850721b31171513ce28bbd805a54fd290b7c3e9d935f72e676a1acfb4f0dcc89d95040a0dd29f2b6975855c18986f
- SSDEEP
  
  192:7DKnJZCv6VmbJQC+tFiUdK7ckD4gRXKQx+LQ2CSF:7ViJrtFRdbmXK8+PCw
Score

3^/10
behavioral15 behavioral16
- Target
  
  $PLUGINSDIR/nsDialogs.dll
- Size
  
  9KB
- MD5
  
  c10e04dd4ad4277d5adc951bb331c777
- SHA1
  
  b1e30808198a3ae6d6d1cca62df8893dc2a7ad43
- SHA256
  
  e31ad6c6e82e603378cb6b80e67d0e0dcd9cf384e1199ac5a65cb4935680021a
- SHA512
  
  853a5564bf751d40484ea482444c6958457cb4a17fb973cf870f03f201b8b2643be41bccde00f6b2026dc0c3d113e6481b0dc4c7b0f3ae7966d38c92c6b5862e
- SSDEEP
  
  96:hBABCcnl5TKhkfLxSslykcxM2DjDf3GE+Xv8Xav+Yx4VndY7ndS27gA:h6n+0SAfRE+/8ZYxMdqn420
Score

3^/10
behavioral17 behavioral18
- Target
  
  $R0
- Size
  
  128KB
- MD5
  
  309dfa965601450b32a0b25991e780ba
- SHA1
  
  fdd64007b70fb96c69ef1b976fd738cbc90a1e71
- SHA256
  
  f1acb1eb5a3fb6da77eb6f4ba0a9b5d74af004a3a5b5ee004af67fa80484f516
- SHA512
  
  0be452bfe4cb088209c169b6e6566fcce72b87cd72d8b8f931525dd34c7b8f7d22953bc80bb8a616f28378dba376fe38ae204c18bf6bd34d362ed186eb30e3b4
- SSDEEP
  
  1536:ExzPACwkEgI79MTALM3bDOfMLh+L7yuWVqHRur8ykS860k90fHAbjt1MCv4TW:QzPBQgI79MTAo3nFhesJ46003Ht1STW
Score

1^/10
behavioral19 behavioral20
- Target
  
  $R2/NSIS.Library.RegTool.v3.$_81_.exe
- Size
  
  5KB
- MD5
  
  1f694e53532eb452ce7ae7f4523fde76
- SHA1
  
  59609431a30f3a01aa07003dd09e9600961fbc2f
- SHA256
  
  13e8d49e4729e2e6f71956770582c1ec2b632068a3cc9eb8fdc7a3428bab151c
- SHA512
  
  046334e0ea75227938c706c2fa7a7ca64cc10433eeeb1835a045f5a079beceb1a059e44f348d2f1d6e2797de966c3004f3a9c37b78a1b18c90fb851edeac38f9
- SSDEEP
  
  96:GFw199Edyn/3sxi2sS8HVrqbdC9Xh+MClQGZ56:D19CgfsbsS8HVWbd9XlQGZ5
Score

1^/10
behavioral21 behavioral22
- Target
  
  1041/LogSysServer.dll
- Size
  
  160KB
- MD5
  
  cb9d5d57b10a3529aa0b3ae70ab56325
- SHA1
  
  db2c0e4de6af27df0409b27f8c40df4481c13b8b
- SHA256
  
  ce7907e12c1774c0620efab22eb97f9c46925ad93bbe151f8ad37f188df96977
- SHA512
  
  352684b297269cc9d217701511d92659a4b2b16856911b11b67c080d5b1670a9068f84329d1450f741f8af14d421f38759a8929c70b48a9d527ad1110a8eaea0
- SSDEEP
  
  1536:2PLWaYhnkALzau3dq3LdY2PCIDNvxrkPI8xzdfW+iEnSPxX83V:6Bm53I3LdrPC5zdfWESPxX8l
Score

1^/10
behavioral23 behavioral24
- Target
  
  ActiveBand.bpl
- Size
  
  45KB
- MD5
  
  c36a5f6b5582d5fd6c9c19c1bc6b8b1d
- SHA1
  
  77ac565efff47b2d8995598f01e119627c144661
- SHA256
  
  c6d35a6d689d92cffc29f71a9472fb7244982a6f4ccc4e51d4aca1441045ae17
- SHA512
  
  3f35960cd3076021366f3c195269a5a2c0400b0fbce48402d96a68ce240d24752df1537809bea4220c30580ba26be5cb78d8ce741a7823a4923d23dba5b405ab
- SSDEEP
  
  768:qrG8rd9MSG/Z+xunR4BkE4KmMgUI8B1pdxlZquS2aebx/+JYBIB1sh3EJ:oG8rjjG/Z+xuR434JoY+hU
Score

1^/10
behavioral25 behavioral26
- Target
  
  BBIPP.dll
- Size
  
  7.6MB
- MD5
  
  d43e3560e072df52edc5ce342197c1d1
- SHA1
  
  7fa887b54ab76f3c6e86b1326d7f441e6cd46258
- SHA256
  
  3a6e2c4c3d98996a98735f0c23ab84cb8aa546c3589dc8e94a468cc8a9f5cdf6
- SHA512
  
  5aa50ea01115e85b990ef18664906f919b5e666a172b63ec337da397c129f0ff83a744d200e053c9c9132dc0161358e5723c350bc91470e44aedc1e71605e83f
- SSDEEP
  
  196608:MYgB1y1n0ju5hBlHWEhIq6q8EzZruImX:tAX
Score

3^/10
behavioral27 behavioral28
- Target
  
  CheckForUpdate.dll
- Size
  
  5.0MB
- MD5
  
  c750aa66281e93002b8d155d3a516568
- SHA1
  
  d623f551fa08b76fa87002139831fa369d5b6571
- SHA256
  
  5ef1e8fd70fca762804de304a2f01d460015a824e3fda3b3edb5cb01103f1497
- SHA512
  
  b9a5507c2ff3e05e70623306f9ef0476edcd9e0dad2e60b7de0aef374a5ba414246e5b6ff2c97ff8f8db5538dd0b9453c01289fa5444b2e94731377c94764148
- SSDEEP
  
  49152:V5E6ZIdMNWCwJX12xivHr1vSG4dgw9v2Y8vX9R6T8523EEc+HOwi4WCBsu4Bx1uG:7Zxi/j2z8vXw8wi4Tnn9
Score

5^/10
- Drops file in System32 directory
behavioral29 behavioral30
- Target
  
  FLVScreenVideo.dll
- Size
  
  83KB
- MD5
  
  74283d568c482660a7387a16df4c2571
- SHA1
  
  3e90d7eae27f480cbeb57d05ca809d7ac6032e30
- SHA256
  
  174a460339148532fd8b24c89010c65d6cc1c2085c509247ae86a3e868a22c11
- SHA512
  
  b02cc2a43fd0fe0c09a0572b7de95a09883568442a89b8bcd97ef0eb6a1b98301957ab428a8515a431fa6c7d96e692d68b1d9f0dd7038f39efe01537087cc00f
- SSDEEP
  
  768:Fprc+386kY5ma78ct+JnIn2FrT447OCRUYNSIRgVV2ChHkYqoWDT2Enuy6VA0fJH:FW+3z4OCncHkIeT7nh6JfJfOSyNoxFx
Score

3^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Loads dropped DLL

Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32