57def8e75b76c6ea0c1237935885f9a8ef9cc74da91c2b4e1ba0a52f8d52e236

Sharing

Copy URL

Twitter E-mail

General

Target

63e7c88b7d73aebd3eae532e134e213b_JaffaCakes118
Size

1.4MB
Sample

240521-tllbgabd71
MD5

63e7c88b7d73aebd3eae532e134e213b
SHA1

e8473fd9f0d1e521ebbf4a1ec859e8223a339d39
SHA256

57def8e75b76c6ea0c1237935885f9a8ef9cc74da91c2b4e1ba0a52f8d52e236
SHA512

2ecdacd180c0b56305624a03f54bee9b161300511e536dc7cd970f29824fbb1001224351dc8ce4ca559cf33c8352f2e8445910a1b688ded0b4e630701efa73cc
SSDEEP

24576:R9O/wECn5NCokiH97L11n5lw1MR1lTWQHNHO+LX+FmmZRZ2/9p24S9UDTjO:f23Cn5NbLtLjc23lTpHhOOX+FvGFpJ1e

Score

7^/10

link pdf

Malware Config

Targets

- Target
  
  63e7c88b7d73aebd3eae532e134e213b_JaffaCakes118
- Size
  
  1.4MB
- MD5
  
  63e7c88b7d73aebd3eae532e134e213b
- SHA1
  
  e8473fd9f0d1e521ebbf4a1ec859e8223a339d39
- SHA256
  
  57def8e75b76c6ea0c1237935885f9a8ef9cc74da91c2b4e1ba0a52f8d52e236
- SHA512
  
  2ecdacd180c0b56305624a03f54bee9b161300511e536dc7cd970f29824fbb1001224351dc8ce4ca559cf33c8352f2e8445910a1b688ded0b4e630701efa73cc
- SSDEEP
  
  24576:R9O/wECn5NCokiH97L11n5lw1MR1lTWQHNHO+LX+FmmZRZ2/9p24S9UDTjO:f23Cn5NbLtLjc23lTpHhOOX+FvGFpJ1e
Score

3^/10
behavioral1 behavioral2
- Target
  
  $APPDATA/Lighttwist Software/Excalibur/uninstall.exe
- Size
  
  37KB
- MD5
  
  fd2319aed9fe376159f11acabc94d87e
- SHA1
  
  541a86bad76ca23749dfe99ee9192130c3d48e7f
- SHA256
  
  02d72a5303330191e965ef252704f02a07be5a21e236aa676bb4fe8a2ceae947
- SHA512
  
  ab7f608237db2e1232d18665b8fdbcb4425f8ed99675b949a62a4f34ccc0fa9e8e63c81673a681a2f2fb0b6aef2a0340e7cdac18c2a685be1595fbadadf95dcc
- SSDEEP
  
  768:+nnw4xRMjJ8FBDOLQmzPjhAVHx10Z0D3yuInmBd0cOJRntup256:wnw8RSijDtSA5xeZ0DbBCcqupH
Score

7^/10
- Executes dropped EXE
- Loads dropped DLL
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/AccessControl.dll
- Size
  
  13KB
- MD5
  
  9e7d36edcc188e166dee9552017ac94f
- SHA1
  
  0378843fe1e7fb2ad97b8432fbdcb44faa6fc48a
- SHA256
  
  d52a83c2a8551cebf48ff7a8d5930be1873bce990f855ccab4d7479cfeb22e3d
- SHA512
  
  92c31355cd124ba28c0ff9aa8fa34d5db9db0b093edb8978bc3cf94e1f72d526603d5d5c1e221dcb2ac6648bc420f4df9847c2b1e71046384d827814a77d1783
- SSDEEP
  
  192:y26NwF1FF8GqdxASZlSOnNGGPCqLXUdadWo2FfTCWWqDsYjGI5hBslft8gWNPjQo:I+8vwSZlgaJ3/4/4Q/bN
Score

3^/10
behavioral5 behavioral6
- Target
  
  Excalibur.exe
- Size
  
  2.7MB
- MD5
  
  affea8dcc2d38f13a72b5dc2fa513744
- SHA1
  
  9144db4a4f1dd75dfb00c77721da43d2047f01b0
- SHA256
  
  744ca529a4332ac4bc810be2304af1a136fa982034feea13270c7a83140934e6
- SHA512
  
  6761ab09536dada4e1be1c0859bb37bfb16499b3ba0c52a01b06fb5c8fd496d671f8cd9552a01c36d76664f815b4ce373d73402bca9a184d5969f50d48b5be0b
- SSDEEP
  
  49152:xcmYLe0oLUdo9gSsIKm30xfojiDgyZHoZu9xE:xcmQe0qU5fojiEy
Score

1^/10
behavioral7 behavioral8
- Target
  
  ExcaliburGlossary.pdf
- Size
  
  253KB
- MD5
  
  35f8055f20aa5546615d414c06dc55d9
- SHA1
  
  6eb967cae4c18f2c1bfecc6012d0d82342b0a42f
- SHA256
  
  d7ded95982c3b89330bd3265b2e872fb7dd6cdf15c775ec2680fb0eedba553f9
- SHA512
  
  7ece4ae2e44907c567bbba19f7aede9a7b389e1e230ccbffe9af8f3d7df7a72e8351861face7b7225ac512ffcc8e326ccdaebbce52b15cba8ac4fedaf91c8561
- SSDEEP
  
  3072:zjDiFS7sTPrRlu06icgT8uhl/qhlbUarh6gHtUFAEjWIzosja3XA3m8P43r:r7sTPVl4i9Tfh9ZarBDEi6ososmb3r
Score

1^/10
behavioral10 behavioral9
- Target
  
  ExcaliburHelp.chm
- Size
  
  37KB
- MD5
  
  c3e3de7b52e8cd8dfb01055bf7bfa7a5
- SHA1
  
  99e68770d436b7fec0a44b4f3d75438c6bc1fcb0
- SHA256
  
  8eb218818dd1b2b14d2005e8c4247ca090615c88cea6badc08f9d64f35662a4b
- SHA512
  
  7f2f5d51eadbf84ace90a43e2804547fff73953198cabcb0287d4718fdbc0c27594c54c86768fcc9a60dc9e059c122e5d944b185c7cb88671e616f17023c9531
- SSDEEP
  
  768:cLbWp77dPN4C405dSdZRtV+xSmQL6q3FtDYno1Q4O7YOADrcZoVSJki:cLbWp7xPN4CvSdZRSxouv8OsOAfcZPki
Score

1^/10
behavioral11 behavioral12

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Executes dropped EXE

Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12