10a4cb7a2790344ded0513b288d0431967a44706a345f50d1b8fec8e244793d9

Sharing

Copy URL Twitter E-mail

General

Target

60fd3b8ea8463039da35aba4969b484b_JaffaCakes118
Size

6.8MB
Sample

240520-y2hmqsfe46
MD5

60fd3b8ea8463039da35aba4969b484b
SHA1

aa1d7a60de8012f30473e4af418e431e1b9ec70d
SHA256

10a4cb7a2790344ded0513b288d0431967a44706a345f50d1b8fec8e244793d9
SHA512

ec8785df0c46d28d1a971375948376f027d22c23be1660e330b406535c51f7f8a8450e423052357b6bde1d487ee0dd81a8ff7932f932c96e47ff6c70ddb972aa
SSDEEP

196608:w1s7ppR40wTTG8hg+2Azsr8ZKMSiwfW/5vy+NQzFtWod6:w1s7bm9HJ12AzsIiiwcEMQzFtWh

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  60fd3b8ea8463039da35aba4969b484b_JaffaCakes118
- Size
  
  6.8MB
- MD5
  
  60fd3b8ea8463039da35aba4969b484b
- SHA1
  
  aa1d7a60de8012f30473e4af418e431e1b9ec70d
- SHA256
  
  10a4cb7a2790344ded0513b288d0431967a44706a345f50d1b8fec8e244793d9
- SHA512
  
  ec8785df0c46d28d1a971375948376f027d22c23be1660e330b406535c51f7f8a8450e423052357b6bde1d487ee0dd81a8ff7932f932c96e47ff6c70ddb972aa
- SSDEEP
  
  196608:w1s7ppR40wTTG8hg+2Azsr8ZKMSiwfW/5vy+NQzFtWod6:w1s7bm9HJ12AzsIiiwcEMQzFtWh
Score

7^/10

discovery
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/inetc.dll
- Size
  
  21KB
- MD5
  
  d7a3fa6a6c738b4a3c40d5602af20b08
- SHA1
  
  34fc75d97f640609cb6cadb001da2cb2c0b3538a
- SHA256
  
  67eff17c53a78c8ec9a28f392b9bb93df3e74f96f6ecd87a333a482c36546b3e
- SHA512
  
  75cf123448567806be5f852ebf70f398da881e89994b82442a1f4bc6799894e799f979f5ab1cc9ba12617e48620e6c34f71e23259da498da37354e5fd3c0f934
- SSDEEP
  
  384:oW4gLK82JvtosNCPhXKJ18hcEP1+f+pvMPbkdTg1Zahzs60Ac9khYLMkIX0+Gbyk:oW4i/2JloB5IQ9AhkwZaKRu
Score

3^/10
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/nsisdt.dll
- Size
  
  5KB
- MD5
  
  df4795dfabe3bc9278a73d496cc4b40d
- SHA1
  
  2648ded47e29ecf3e1a1cc20c631e83caf566897
- SHA256
  
  2261027077f23c8dba6b72af28862832aaa059740d0f5634b46cabb14326dd10
- SHA512
  
  013d9712c3d699a7f41ab3e55931c9abb421fb2eda3542da5a4831ad2f073a1b0643120cc78147db0bfcd01df98ade3045ecb2f1e252fff1dc40be845e5ae303
- SSDEEP
  
  24:etGSyYi61xyMmuEwv61OVXOwr+t5blXgO8ELnD3TPrHjf7Xz5CY1aeBEW58q6TvK:6y2xyNuEwWwU5blmPeB958xTvT7L/
Score

1^/10
behavioral5 behavioral6
- Target
  
  GUPlayerUninstaller.exe
- Size
  
  623KB
- MD5
  
  dd1742b1fe84bcf782fea9bdd527521f
- SHA1
  
  a2ca8bfa3e20006196208357ac5c9759e457a6fa
- SHA256
  
  7de3aa1f91a5b962eb8465f8a675b6facebf97887bb8c0f9f7332741a8487513
- SHA512
  
  d28da6ad76e93c89d363c376e165c35e7fe254dfc7e8d24051cfebccffdbbd41e713f87d53a9479fac22a3a2d0b6b162a7c0437888dbb86d782f498b45dba4d1
- SSDEEP
  
  12288:xjhnCPVsLMQOJngD3i4L4zzlH5CouQAcTYpnwa/:1VCPVsNOJuwCouQAjpnwa/
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Drops desktop.ini file(s)
behavioral7 behavioral8
- Target
  
  GuPlayer.exe
- Size
  
  837KB
- MD5
  
  4dd44873cad8fe9565eef1dfe558ccbf
- SHA1
  
  7d3b2b3add64f80db9920021e294543e12eca5a5
- SHA256
  
  f47606417adda99fce024a0734f4ed4975d2ccb696a35c4b6815a95b8352b80c
- SHA512
  
  0563c8a4058f16f2149f895559468aa864e5c2b623a440374632a5da60647252a36ae88911f50db67edfec3fe5ffd09c5396fe35aa84ec463a8a3bffc8ba578a
- SSDEEP
  
  12288:YiQnZ3YjS6RMiFigcxg7jLCL/bSBk18MxSAsXvOXg4YkwpdALgla+z6fgk2sndio:YiQnU1Lig+XWBk18M8Ax2u
Score

6^/10

discovery
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral10 behavioral9
- Target
  
  SDL.dll
- Size
  
  296KB
- MD5
  
  3ea7829589775f17f3b2bd13c646d2f7
- SHA1
  
  2f49dc36198c2db24293ec5b677340a159962438
- SHA256
  
  af5f2716f1669e09e362d6ce8d4878a162a521d2aafe1660199be574242d151b
- SHA512
  
  22649d9a216cd4f43bdeb4784bd6c1c4a3ebf99d73edbe4ff7a327d26a780dcd739c75692579ee12c1c516ca5845dabe41e81246e939583c27705fb8f0f636b8
- SSDEEP
  
  6144:uwGtZXn6NpaY+JOtOUm9ARogXSy5ZBYQcj8eKmzAlSQ:MzXn6paY+JOtOzGNiy5854L
Score

1^/10
behavioral11 behavioral12
- Target
  
  SDL_image.dll
- Size
  
  50KB
- MD5
  
  9272ad942a6788b025fc2cf16e3b1e1b
- SHA1
  
  e43b18a35e0f09613ace424af200cbff87040ad7
- SHA256
  
  2751864babb62fb8d82dbce09438da461c786b1b7d2915a6f6d0c0a53a8bc776
- SHA512
  
  012b0bef8aa0c296704ae0c0f6865593a2bdd19c8740406938ec7b62ff51bcaeff12fb27a31b6b9586ba7c8c85a510b94b15cd2f11574024a2c0fcc8ffe4c362
- SSDEEP
  
  1536:PQRgmekzqJm4rOJgxx7ExeCWGif9NfBDO:PQRgmekOJnrOMAifvA
Score

1^/10
behavioral13 behavioral14
- Target
  
  SDL_ttf.dll
- Size
  
  26KB
- MD5
  
  7140c1835488a94eebac9d848120488e
- SHA1
  
  4a7164e99fedb7f8fc7487908688efba892afe1b
- SHA256
  
  2e92d22ed9299fd0646bc4d3799bfa7dcf7d3d5aff16107a4a836eacaed2a524
- SHA512
  
  5a22673fe787cf03385eb399307480c7e11498818b474316b13e912ceb8a1b27c1dfbfbcde2f91d345ad8cca7d4b9966e462bcdefa4fe1cbc3f6879a5fb14da8
- SSDEEP
  
  384:xjmeFtKJqdJkjYQTTkSfLqS91fPC4krpi7Mxe6a8Vg3u:xjKJ03QvkSfLqOA072xV
Score

1^/10
behavioral15 behavioral16
- Target
  
  Uninstaller.exe
- Size
  
  47KB
- MD5
  
  848eb7564d19c2ec34e92ec33de88d2c
- SHA1
  
  163cca69ccc6b87d63181bbfec12f56776386542
- SHA256
  
  ad1da864fb1c0c3a67446118927bd07eaa8a2ca9289b369529fc6cdd7999a90a
- SHA512
  
  f06d8c637e30f39be3fc292802b18c400aaeca0e3ef13aec6e148fe2485130bdec1aae9016c43dbc4bb40ddd992685717e6081531121edb556384755dec93a76
- SSDEEP
  
  768:n1cVhpQI2EQK0iPDh84nScF15GYbWjXO3XJ0+YgiN98sbsIv5NDGF+:1QpQ5EP0ijnRTXJ0TgSJoICF+
Score

3^/10
behavioral17 behavioral18
- Target
  
  avcodec-54.dll
- Size
  
  14.5MB
- MD5
  
  3444d003c9b7c28474ef13a05d8c277a
- SHA1
  
  704b33660f11b6b98b6e8d0b42eb1cf1add84346
- SHA256
  
  63feba5bef1127278fc0a28b38f1b26223449c5c92a3bb8e180a8b1d26cd0d5b
- SHA512
  
  8c6889a34d14bc1afc6549ed17f56f722d8cc7bab8d109d2fce37482c4c800cb59992863a32de6970abcd05bcc6c111ef2183f0a944d2483586799c8d49ba5fb
- SSDEEP
  
  196608:st1NI199lhxR5AFC0WWIsFUzSqbE6ZDYqUxG+kf1OfLB5/sBru8y2CfjC91C7Uii:JXz1CxGX0RPT+j1hqkdpT/
Score

3^/10
behavioral19 behavioral20
- Target
  
  avdevice-54.dll
- Size
  
  1.1MB
- MD5
  
  9f5b32c3fab0a9439c1abb14671b9469
- SHA1
  
  04411717b7937c4bcc9ef52e455401d13eba810c
- SHA256
  
  2bb1715e84bd0ba4ba19c17a157d52191fb6ebdd6cab9ad31eb6c504acbf036f
- SHA512
  
  136ca4553d5497d125802fa60dfffdfc66c1de15cc92d54c07d23e5cf7f89d1ffb8aeef98499b177b78cba2e619c2de8e7ae1aed4d849a302450d92d38150df0
- SSDEEP
  
  12288:2vrQw96L8ZQw6kUBrYVGG9vK9hx/ofBVJCpte+AqZxoBHA4ddJaH5rR:MQw9WAQwUBrYVGG9v64bJaH5rR
Score

1^/10
behavioral21 behavioral22
- Target
  
  avformat-54.dll
- Size
  
  2.8MB
- MD5
  
  0254ff9455393fb0a12d4d831f4509d2
- SHA1
  
  4182dbd56e2940967b9897d74cc80cc1068d22d9
- SHA256
  
  6cad709d61c57a581b67aaacab863ffcea54c7dd5232e27b823779f5cbf6d685
- SHA512
  
  bd452ea5f78e0057a9204a72ab79426bea5cf4e90e4ed36901e9885b11f8ef5c53a76fb5c928a66caa1ee5a15de10543077be9a8fe49e67b1bdd9c4c535fcba2
- SSDEEP
  
  49152:IjG0QdT3QKejeY2a2uqEaPpVid5Z3Yt/lBJRJ7Xa7OnyPs3DoIoI6NDjifaYqyOh:IjdQdT3QKen2vEaBVid5Z3Yt/fJR6CyH
Score

3^/10
behavioral23 behavioral24
- Target
  
  avutil-51.dll
- Size
  
  200KB
- MD5
  
  3d909daf2784bbab60e9bce4feffa91c
- SHA1
  
  b8cae33ae504e73786eb1b7a9bdc6a5d0a80a520
- SHA256
  
  39c888e4901f581841ef1bd1a41359e4c1dc70ace2b374f7c21a1021c9b7208d
- SHA512
  
  57a018ca50a71e4478f60d9090c23fefb758408f65c587bfaaad89c09da9bcf5121db7c02c9b0992e59952d2c80b951e2e264b82975cd7c258763dda8e81c825
- SSDEEP
  
  6144:x3erCTRwpLNGXUkF3xh0dPVsHB5STtyld:ilLNGrFhaEl
Score

1^/10
behavioral25 behavioral26
- Target
  
  libfreetype-6.dll
- Size
  
  451KB
- MD5
  
  69ecc2d6fc9158d9076eff16c85e1c66
- SHA1
  
  c76719103e395e928bb047bc45f780942e339c9d
- SHA256
  
  1bb7699c47f85b9ff43bab71b989a5d50da83c9204daae1108659fb0efd142f0
- SHA512
  
  bdce4bfb9dc7abac08b142ede4a82368606b3d7ccb715535b2c997e8826aa91cbc8131ef2baff7baf19d0d08463173c5373e508f5d9562ece439d05675a2d8ee
- SSDEEP
  
  6144:1yJduX41qkZCVNGdZZrI2q57e/lGOYZBZMSup1GBUyDwRCuWsEWmfD:UJO48KIzdeUOYBMhMBUoafEWm
Score

1^/10
behavioral27 behavioral28
- Target
  
  libpng15-15.dll
- Size
  
  148KB
- MD5
  
  dd66b547317df67b094aa6001671ea63
- SHA1
  
  5a17c877895ca85ccc4a9410c971e9cd49c2e9bf
- SHA256
  
  44549afb8e6b71e1214e2d1ec2633165665ed3aa9c34592ce2245727c0f1f57f
- SHA512
  
  e7c2bf69ca99bd26c9abc2f551043aea6792c4a7aacb67fa84fd360fa73bd9af13be72e93d6e18eb26fcda5a16bf838891542a871e216fd2c54e9f2e923d0024
- SSDEEP
  
  3072:D5uzhHSEV4QZtJiTOrDJK4HcE+085F5gTv9unMCmUzx:9myEV4QyMJK4HtgFaTvUn
Score

1^/10
behavioral29 behavioral30
- Target
  
  postproc-52.dll
- Size
  
  173KB
- MD5
  
  6e68aabb67815a0e7b1371832851c4b0
- SHA1
  
  9cb874604a0bc90b158a060580e43276b446dde2
- SHA256
  
  b34728ed4b4de6d522fe6659d94e4cf1bc7101033869c62294bf67afa20428d7
- SHA512
  
  25e73a1f7f392c0e6aabc9284565d78a0e25b27bba77b75a775f17512dd9c941aa790d6059b9dce52318bfbcbcda8e886c114ad21f899b49db913791272cd789
- SSDEEP
  
  3072:xK55J5JJ5Oi9mxJMydnQ1jk2bKVUPci5MunMiaa6aa66FBijDQ1ywmBI/Z+n81K5:w55J5JJ5z9mxJ3hd2bKVUPciSwNaa6aR
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Subvert Trust Controls

T1553

Install Root Certificate

T1553.004

Credential Access

Discovery

Peripheral Device Discovery

T1120

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Loads dropped DLL

Checks installed software on the system

Checks computer location settings

Executes dropped EXE

Loads dropped DLL

Drops desktop.ini file(s)

Checks installed software on the system

Enumerates connected drives

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32