f4665a7274e113691256ab2e8d894098a5861558492ad71ee76544d029a172c1

Sharing

Copy URL

Twitter E-mail

General

Target

68ea74d81032cc2063e38713d1f60bc7_JaffaCakes118
Size

1.7MB
Sample

240522-2vkqascb3x
MD5

68ea74d81032cc2063e38713d1f60bc7
SHA1

10c89db2da989a74986c313784ed3911bd619ebf
SHA256

f4665a7274e113691256ab2e8d894098a5861558492ad71ee76544d029a172c1
SHA512

d71471c665b33bec2ac1f3504d7f0f3d167d111d5d71f61f9586a41cb7059a011d680b7eef935aef45a316681553f97de5e1f4c5204827c2c538e52cbfcd02de
SSDEEP

49152:Xh2qFcpFKLHn+om6N28ti3HqU/S4j8B7T9:XhxGFKT+F6N286KA6/9

Score

7^/10

Malware Config

Targets

- Target
  
  68ea74d81032cc2063e38713d1f60bc7_JaffaCakes118
- Size
  
  1.7MB
- MD5
  
  68ea74d81032cc2063e38713d1f60bc7
- SHA1
  
  10c89db2da989a74986c313784ed3911bd619ebf
- SHA256
  
  f4665a7274e113691256ab2e8d894098a5861558492ad71ee76544d029a172c1
- SHA512
  
  d71471c665b33bec2ac1f3504d7f0f3d167d111d5d71f61f9586a41cb7059a011d680b7eef935aef45a316681553f97de5e1f4c5204827c2c538e52cbfcd02de
- SSDEEP
  
  49152:Xh2qFcpFKLHn+om6N28ti3HqU/S4j8B7T9:XhxGFKT+F6N286KA6/9
Score

7^/10
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/nsExec.dll
- Size
  
  6KB
- MD5
  
  acc2b699edfea5bf5aae45aba3a41e96
- SHA1
  
  d2accf4d494e43ceb2cff69abe4dd17147d29cc2
- SHA256
  
  168a974eaa3f588d759db3f47c1a9fdc3494ba1fa1a73a84e5e3b2a4d58abd7e
- SHA512
  
  e29ea10ada98c71a18273b04f44f385b120d4e8473e441ce5748cfa44a23648814f2656f429b85440157988c88de776c6ac008dc38bf09cbb746c230a46c69fe
- SSDEEP
  
  96:M7GUb+YNfwgcr8zyKwZ5S4JxN8BS0ef9/3VI9d0qqyVgNk32E:eKgfwgcr8zylsB49Ud0qJVgNX
Score

3^/10
behavioral3 behavioral4
- Target
  
  DHSurveillanceDll.dll
- Size
  
  532KB
- MD5
  
  4d36e3ababb027e86032a54a532f1b98
- SHA1
  
  838b560af62c299ee423145609a41778fb326483
- SHA256
  
  4dc1d037066702597279695eccc6eba746650ffce9fc0f7d66b4a1bb67f93880
- SHA512
  
  84e66f2dc3066851196a02f3397eed82c2a159c063a1d34cd63a4e31eca3eb54f28de7f625b002dbe68a0bc0a7fd0331ec5fb1147123227da79fb21302112369
- SSDEEP
  
  12288:/szPp6OLmAmAxxbartNomeUk1ZSIT6ThiCd:/sDp6wmMxxbart2meUkM
Score

1^/10
behavioral5 behavioral6
- Target
  
  FileOperator.dll
- Size
  
  84KB
- MD5
  
  980eba5a8136d6817095e3dbc3fb0e0c
- SHA1
  
  979b280a76b05a2c5a5ab7f19e08ac577de08b53
- SHA256
  
  d1b86efc564ee0ee606abd7902735e4a42dac59e61f9ddc4e402f12ef7d6dea1
- SHA512
  
  299497929cd06a67b4f26a418eeb35d458a9bb03628f05755d5a3e58a4a9b90701cea7363391261d442007ab58250a6598018e1359b624f21192c6de78dfbf85
- SSDEEP
  
  1536:ZRhLlzgIY2+hzqs+esigOKe6ROn2P73Abw6VXqelbaxc9Yju:ZD5zglOOKe6RO2zAbbXpbaxc9cu
Score

3^/10
behavioral7 behavioral8
- Target
  
  FisheyeCtrl.dll
- Size
  
  72KB
- MD5
  
  2c9b2188cac2406034ed41671c9e76ba
- SHA1
  
  428b051ab03bccb9fa24153a251da4b8f287db84
- SHA256
  
  572841ac1ee7332ee457d1126a2b4fea4affb463574dfd8f95a6fe75806be7ec
- SHA512
  
  55e41af2e2feb6a947dd0cd7ae3de336288984fb738b4e11ac88991f58fe7c77b4a806f3a1b7ba9cf8641bf66fdfab2e891d551758c33f56f2e2e9656cf4f338
- SSDEEP
  
  768:FQVefkqOwAQ67JwA+eKNavkeUX2wLjeTAecKEebJYDCHeL4zsb9L/sqMB3Cx3Fz:GkcqOwAt7JwMvIe/sxLkqMB3Cx35
Score

3^/10
behavioral10 behavioral9
- Target
  
  IVSJsonSdk.dll
- Size
  
  172KB
- MD5
  
  0d64cf34ed496608d26cdd5925909859
- SHA1
  
  9d808dd3e1a77a1d2829fcf01eecb88e23921964
- SHA256
  
  1153be6221c91642384d3e4240efcc85cc9a8ceb976ea5ab8a083f17c09911b9
- SHA512
  
  a35600749029ff2be0df34f1b01d4d577476b03a800e0b4a3aae9c69654b7b99b095d54e3c73a0904b61459d2f6ceeec47a53877331c7290e93385e58ebb677a
- SSDEEP
  
  3072:UipEN4AwgGSOSj0dFgePrpIXWl+Jtp4pH6/4EBZXqs9iscTQZggZ+:UipUHb5OSjjCQSQv//9iXAggZ+
Score

3^/10
behavioral11 behavioral12
- Target
  
  IvsDrawer.dll
- Size
  
  120KB
- MD5
  
  8378c11d8ceaebc3fd22e4ddaa07c0bf
- SHA1
  
  882532c86c99f32a9a7b64da8789e80681ac32a6
- SHA256
  
  ad9702a9bea5a4cbb20997c872fb2b40dba0f11eabdfab49882271ed37bec001
- SHA512
  
  0d2aad077736b2da16ab205b77dc50b4fecace4f60a13cc489cfa29857540e05a2aa45216b84f720a7f78f0d258aadc61e64a83aba4fd3ffcc4da98c10507b36
- SSDEEP
  
  3072:7Illc7xPBIbStYdNMfGupHf8xXJ4u07Lc6TGXENBDaiNy:cTGOGBkf+/TG0Daqy
Score

1^/10
behavioral13 behavioral14
- Target
  
  IvsLogic.dll
- Size
  
  140KB
- MD5
  
  a14c1df2b2e3cb64b6b71cc8cdc7c573
- SHA1
  
  7daf0532eeee66ba7f3e27f05b57f557ceae1712
- SHA256
  
  f161b838d4439f1a565f49b8f0d7627c33ebea4fbf4466a7dcc51a191d63b847
- SHA512
  
  0f9c8f8913f3763dad7ddb26992861bedd31671e6117f92c1917a67c12e310125a08199d42660ea514938f71934c66d4c4b943f6cdd5e5a194a59a05d9aaa986
- SSDEEP
  
  1536:5ifKWy92s4V6x3WHrrJXzY8J3DCVsEZuS0qyLd3KHvOqD2NF3gEkDeYMRITTxlcm:oyD0TXzrDSPunqE3KHvcDkD2CD
Score

1^/10
behavioral15 behavioral16
- Target
  
  MCL_FPTZ.dll
- Size
  
  131KB
- MD5
  
  845ad8f36ee751315e148ccb4ffad4b7
- SHA1
  
  6e0ffd681541db282dfff684a2d4a6657b6b2567
- SHA256
  
  ab8434c64eedeb34994617d113fffae7b2f28b16be387488e2168a7fa64222c2
- SHA512
  
  290f022a2924f5db1b383f2313bd1d681b514d30ee4832c2eb9eb04febfc36e26bdad6f3429c3ef25810ddb5376daac174d3f9b594b53e946147827ba2658ac0
- SSDEEP
  
  1536:bIW4gFXt7zL4INElaQv+1eIARg+FjOcOjuWXfnywRxOPsGMBNSnt7QukRPcw4i:9l4INEyengJCCh3jBNStX0cw4i
Score

3^/10
behavioral17 behavioral18
- Target
  
  TimeGridEXE.exe
- Size
  
  52KB
- MD5
  
  af50127a954067653a489b703e19eec0
- SHA1
  
  3664f6855dcb2ad142e2025e3b803fccf25f0113
- SHA256
  
  e3315101016dac8499cd41342ad82d50acda5f832256a439391908e509082103
- SHA512
  
  071dd32f257194b35d912d35ea1421282b5962fe9985aef5a6b7380ce5e2d71310fc78f75e9c1c374078871b2e1c6f4a47a5ec2e90de684f7d06cd47bd9e6719
- SSDEEP
  
  768:4yb1hoxnyuySU5dGRCzX4JCmAUBNFo920lg1yOz6dBxNmV:4egxyDosmNWU0lvs6dB
Score

1^/10
behavioral19 behavioral20
- Target
  
  VideoWindow.dll
- Size
  
  236KB
- MD5
  
  2ee9f1a91ed55c38d58c1e00e8fb0639
- SHA1
  
  807fe69406f1aa57cab47c220d5403ab0f7be7d5
- SHA256
  
  35d3306841d5ac8cea916ffb0f0b7cae3976608344e8780a43cc35f698f4f2ca
- SHA512
  
  3409d11055b3e2b00b24e159d8ab6653aa76ada6e87c54db7a2cf8061fa38d861495af5f4a14b769a8c558bb7bb5f6879646ad99c67a0b91a0cb9df87cd2183d
- SSDEEP
  
  3072:IoeFeneYLIiesvQEq6A7F6hL4m+VnS5dDg261uhXa04YD:IDke39oq6A7Q+VIdDiyXa4
Score

1^/10
behavioral21 behavioral22
- Target
  
  WebActiveEXE.exe
- Size
  
  144KB
- MD5
  
  19734330434bd0ff9a79299abaeee6e1
- SHA1
  
  1dc0cf02842fdbae933bed05f9e12441ba66ab87
- SHA256
  
  782d58dc5c604d3f63b1c07dd3a436f9d5390849dc42a852c22ab6b623c69758
- SHA512
  
  ff631ada408a7a89642380262cb3337226acce50386e226e723e01b47d7bffbf16a234fec94d7329a26be50ffd1677924009b8192d236bdeb103f1c6bb23f93b
- SSDEEP
  
  3072:IH94SRbl1qjqAB2Pja28VX5P8z3Vs744cy4s5GqjGI:QJKgjKVXl44cKlGI
Score

1^/10
behavioral23 behavioral24
- Target
  
  aacdec.dll
- Size
  
  88KB
- MD5
  
  47b44dfb02c26615e7ba763b61f7a831
- SHA1
  
  0295bc07aad6e3bb568a976ca03faa1f5644bf7e
- SHA256
  
  3d513795508b9b9ef2ef9d768bcb12f3cd78be811221dd70332dc249b660b4d1
- SHA512
  
  c548a90f4214aa6d8640e7c01b820edda71d5aa5f08fc9581f68fdfdeaaab25bded6ea22da1ebcd8e1b8dafea4e8557758db032a57dbae8be69e2fc3b4caab94
- SSDEEP
  
  1536:6sTOMcxf7jORaXLfK/lpbn/qVDbPSKTwKfCSGitiBYMEjhwrZDRZ9A:pTOMcxTCRaby///IPSfutt0YMEUDRzA
Score

3^/10
behavioral25 behavioral26
- Target
  
  dhnetsdk.dll
- Size
  
  876KB
- MD5
  
  db2886ed534f69b78fc52935cc02ffdd
- SHA1
  
  63fc5a9c8c418c9634f7fa532868315076113401
- SHA256
  
  4727813be01de388afac72d75ace3ff77df1524e79348c69ac170516bfbb43ab
- SHA512
  
  63e838465a389d8bd21b541940d67d3e87eac29eecb3bca137bbca9352723f19d2c1f5484e89474ae017129377e2a32d2166097fe06b60ebe363d50f52c4a81c
- SSDEEP
  
  12288:+7CQeSGhqsem3nWocWi/pFSj3IsIJepD1cb3W2qAph/NcxuITu2j:+G7SQD3nWWcgjFIJeN2W2Np9iXu
Score

5^/10
- Drops file in System32 directory
behavioral27 behavioral28
- Target
  
  dhplay.dll
- Size
  
  368KB
- MD5
  
  1241168449249747315fec232edfd70a
- SHA1
  
  e51b3ae55a067b31f0c4c453ac04a8d3d6aa5ea6
- SHA256
  
  c0b3c4463a09d4d22f8ef812005a0b44774b758e774e64f71729c2624bdcee20
- SHA512
  
  6cb905fbeb6a4c4da5c4b240275a8d677c6ea3a039b128fd2fecbafbbad297445c71871c1b8e80dd1115fccc0f875bda3e9a279978f4d86edd0c711bad3a7dbb
- SSDEEP
  
  6144:0M2aWhVxQZKvInGSz3eogngODTjgD3e1Iqfeb5et:LQ6zGSzqndgD3Lq3
Score

1^/10
behavioral29 behavioral30
- Target
  
  fisheye.dll
- Size
  
  416KB
- MD5
  
  a14f8e9ca1e141978083e865507ac032
- SHA1
  
  006af7a039a14493f85f0215fa2a714cdc6c94a2
- SHA256
  
  169e3f109085a5a94e5d3aec008469ea4a38be242714af01351eb299e69c3c7b
- SHA512
  
  abab824ae0e308085e2582d39416d232cab4f6b7d9b801b9075fd38fed6036418ac2ff3f958d23677c6012020a873e2fffd9024cd6d3fb81255bf177da5f99fe
- SSDEEP
  
  6144:ctqB/w7rEYVAD8JJXig0F5NAvWekLf//Fm0ynl8oNlznl8nFxwc:ccSfEZD8JND0F5NAvWekf/oN72k
Score

3^/10
behavioral31 behavioral32

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

Sharing

General

Malware Config

Targets

Executes dropped EXE

Loads dropped DLL

Drops file in System32 directory

MITRE ATT&CK Matrix ATT&CK v13

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32