9d6ed95597857927f0e7e6eb1495c4ec10fa74aced7efbc9199c4392be7585a6

Sharing

Copy URL

Twitter E-mail

General

Target

65c5ea1ebbf5cb6b2df90edf4e220099_JaffaCakes118
Size

13.7MB
Sample

240522-dfkjzsac6t
MD5

65c5ea1ebbf5cb6b2df90edf4e220099
SHA1

951e2b02a242676160550a28c8c1b4e709b48f4c
SHA256

9d6ed95597857927f0e7e6eb1495c4ec10fa74aced7efbc9199c4392be7585a6
SHA512

a79d36b437d20e7bd5ecdc65dd77a00513277276e52d72651999e18f4e1d537a2e921d738a40efee9869acb2f056df4b7e591541b5401354dbdcc52f2e48401a
SSDEEP

393216:q9n5iYmtRNVb1jwYN7QQ04yZDb8n53MGWq/u:q95i/tRNVb9wyQ7zoebH

Score

7^/10

Malware Config

Targets

- Target
  
  65c5ea1ebbf5cb6b2df90edf4e220099_JaffaCakes118
- Size
  
  13.7MB
- MD5
  
  65c5ea1ebbf5cb6b2df90edf4e220099
- SHA1
  
  951e2b02a242676160550a28c8c1b4e709b48f4c
- SHA256
  
  9d6ed95597857927f0e7e6eb1495c4ec10fa74aced7efbc9199c4392be7585a6
- SHA512
  
  a79d36b437d20e7bd5ecdc65dd77a00513277276e52d72651999e18f4e1d537a2e921d738a40efee9869acb2f056df4b7e591541b5401354dbdcc52f2e48401a
- SSDEEP
  
  393216:q9n5iYmtRNVb1jwYN7QQ04yZDb8n53MGWq/u:q95i/tRNVb9wyQ7zoebH
Score

7^/10
- Loads dropped DLL
- Checks for any installed AV software in registry
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/EstUrl.dll
- Size
  
  181KB
- MD5
  
  ab6fc99aec69b6caa3566eaa1dbab451
- SHA1
  
  1f6aad7e7ad4469707a873a3d549f44eceacc516
- SHA256
  
  d924b3f323cbb9c81292c84b1e8e768ae9e25f1cc35f3aa775b0c5100eabb39b
- SHA512
  
  b126e18f8738c5b6379818e79ac46b359e6afad60c4ae530d5d01649ab09e93b38574c46b4cfc33813a6723b6a257aececadcc07dd62382532037e65e1539aad
- SSDEEP
  
  3072:hB+veiBP1HaqoGjjLiuTAzaejI7YvnLu3ScsHASI5dOHo:qve0oGjJ/tsHfI
Score

3^/10
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  14KB
- MD5
  
  21e61a7557b0e57ff9586cf91ef13662
- SHA1
  
  536b62d9ded30b12fbee1868ec7d595ca06bd0a9
- SHA256
  
  1e88a9c5dfe8a1ef6d3f2cd6c749228fba284425a6c7a777a9524aff54d85fed
- SHA512
  
  a78db414522b12884c8d2ae3b86814980f9f157cfe75f2375434f1208678d9ce6301fa7cfd5ad8ab7420818dd3cc4fe975e6d985e27f0232341a8768e26d417f
- SSDEEP
  
  384:aOz0RcZG+IWorTemIi6COLcvoFZCfzLZkWi:wcZ7YbHROU0Mf0
Score

3^/10
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/StartMenu.dll
- Size
  
  7KB
- MD5
  
  a22f252c71eb36627fdb4cb0ef72eadf
- SHA1
  
  ddd8e4f52ebd6b72d03699dc612100bc8b9f5e19
- SHA256
  
  45f3afdf22da380bee78de92740e1e08050d03c74566ef886856a2266395fd6f
- SHA512
  
  00ff3ad2fcdaba9919b63d1252421f3d4077669f74a1629e816682fb5b460e14e2ededc6b6aefbc980f1133b2b01dfa172bc356aea4a98d966e5da9c423bb595
- SSDEEP
  
  96:DLzRnV/YfgGJ01uBgMkW0Shlif3YhGrPjsF6GjUoZ:DLz5BGJ0KdrifIessGjUo
Score

1^/10
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  10KB
- MD5
  
  b666f31c4c24be1d4d47cfb55dd35f96
- SHA1
  
  fee917ead511a6c14538c72539fa740edc7d82c5
- SHA256
  
  07aefeeea75705edcc3a21ac7dc4b5b837c234c041b725c245b50a73ffabb78a
- SHA512
  
  6dd69a085b6b2a2671ec6545bae27a72151457ccd76c3bc43a4544f4910fd8791251fb08c2f068d54dd91a6093bed50a80afb68875a9ddf29ae43c42a7337bc8
- SSDEEP
  
  192:9zjFtTLkrepielWXsUs5RRvD4feuy9It2h8rGfgv:9PjyGqBfeuyeGYv
Score

3^/10
behavioral10 behavioral9
- Target
  
  $PLUGINSDIR/inetc.dll
- Size
  
  152KB
- MD5
  
  f33493944b33bc82194d64fe4ed4057c
- SHA1
  
  ee1905acdacb31398c5bddb80562e4850b2665a7
- SHA256
  
  09790036c31481a93d0ec9601fbd7a0c70ce70aa020dbeaf4e10e4b12042679d
- SHA512
  
  9e12febf0e66a0a269135fea061386180f251bb767943f8aa3fba8398fd54b3b4de28a1a781daafb2300b61216e2d597756bf403a608f0a37bfd8749a288fad4
- SSDEEP
  
  1536:1Dc5IbWa6UzkT64jD9/Z2gi58LiKJoXdN7EC3/dL7HvteEhxsp+BhQzxcVaevh:hOIiT3j5PLilAq36+BhQzxcoeJ
Score

3^/10
behavioral11 behavioral12
- Target
  
  $PLUGINSDIR/nsWeb2.dll
- Size
  
  199KB
- MD5
  
  c76e67b9aa2f014a24702eb44aa5316e
- SHA1
  
  a7b46b8bc1d379a02fa110cc408dfab22f77961b
- SHA256
  
  68180cbe24f40f983583047cf8a0392307f21ddc0b459ee1654610852aa89504
- SHA512
  
  be4f9b92f702fb0317f716e542d525c809a29880ebf84398d0f96859b77b5eb80704d55b55f0fcb3b2a48cbc416679a9727789ff947551f2e8c5fb3bb06e3d0e
- SSDEEP
  
  3072:XKFoqBrrribYaLisz1gKJAHbUpE7CnoltUs5TMWa/S1T:XKC5d9AnMRS1T
Score

3^/10
behavioral13 behavioral14
- Target
  
  $PLUGINSDIR/workerExtension.dll
- Size
  
  405KB
- MD5
  
  a14794d427c2375166471c93a240dd73
- SHA1
  
  dfe072501fd08496784af62b314cdb10cbe79550
- SHA256
  
  f5b18bb25f67f08fbaf40328791236bca30ab18c642c9a66efc12d074724746b
- SHA512
  
  65e3fabcbda798279bd24a99809363efc407c82209348feb18341f26990680de4de5eff6e746e642e69e9b78fb5308a8b38fca7c52cf584c709520486fc13906
- SSDEEP
  
  6144:rG1SwZ6az959GnJdDEByqjNoJGwtYvhSf5mH4BhPgXhgKS4:rG1Y5cBy+SJrfAH4BhK1
Score

1^/10
behavioral15 behavioral16
- Target
  
  $PLUGINSDIR/zumlib.dll
- Size
  
  85KB
- MD5
  
  3805c8db069993af61fa1a24b434502d
- SHA1
  
  e836b37ea7ba70b3e6b422ece37996d002dd57fe
- SHA256
  
  62e84b770afcc88c9e99a392e9b073998edfc0a6a7f6edc6fe29e6e69f7f2941
- SHA512
  
  a32c1dc16047a6a08769357b12f6ac6ffe59f0781c109ab82db1d8416f0d03ee77e1d2ed369d90374fbb1776635bed586cc9330d4a2eb0098af9eb0fae20dad0
- SSDEEP
  
  1536:Wh9FwX44vMyxnEmlRYE4k9QybwLGluj+P0ooS:WhDwX4ctXUOQ3LGlW+P07S
Score

1^/10
behavioral17 behavioral18
- Target
  
  $PROGRAMFILES/ESTsoft/ALUpdate/$R6
- Size
  
  145KB
- MD5
  
  908ba889b47b30e2142335bfe3411925
- SHA1
  
  3decfd4dbd4198b8a7cfe75aa4d8521255a58fdb
- SHA256
  
  1f17a8c479d53b0934cef3833aa3f5b3bb446e19d95f08a305fa9986cfa669b4
- SHA512
  
  de2a00fc8c1ae9127c790a7499299803fdb7d5be327a35e67ef734b0f6a02c422c239dd38a915aea9f060c234ca1b44c755d6fec012f4bf5d936ef7224ea8567
- SSDEEP
  
  1536:7iiVo1k2K+Wy16rXsqRs992CoLUUk6qYYkqfhAQ+hapcy4O:7D+1fK6bB1oLU2qYkfhAQ+hapcy4O
Score

1^/10
behavioral19 behavioral20
- Target
  
  $PROGRAMFILES/ESTsoft/Common/ezt.exe
- Size
  
  145KB
- MD5
  
  908ba889b47b30e2142335bfe3411925
- SHA1
  
  3decfd4dbd4198b8a7cfe75aa4d8521255a58fdb
- SHA256
  
  1f17a8c479d53b0934cef3833aa3f5b3bb446e19d95f08a305fa9986cfa669b4
- SHA512
  
  de2a00fc8c1ae9127c790a7499299803fdb7d5be327a35e67ef734b0f6a02c422c239dd38a915aea9f060c234ca1b44c755d6fec012f4bf5d936ef7224ea8567
- SSDEEP
  
  1536:7iiVo1k2K+Wy16rXsqRs992CoLUUk6qYYkqfhAQ+hapcy4O:7D+1fK6bB1oLU2qYkfhAQ+hapcy4O
Score

1^/10
behavioral21 behavioral22
- Target
  
  $R6
- Size
  
  596KB
- MD5
  
  966b1a60441b4bc58085abd704e81171
- SHA1
  
  a7f99c1057884e79d1c50e0e695e5c456606aed9
- SHA256
  
  3fb5ef188c6cff4300f921f632c0331e5f95e782ef67fb487e01c3e791abbb6f
- SHA512
  
  98b4c44ce79a38dfaae4ef0ba0a3e9793055a058fd5bbf8cdb8d6752fc1fa4c10e4cb378cfe885cac2853e4d5478f4bf84a513309ca595f97b0d0f9592d4573a
- SSDEEP
  
  12288:l5smbNLzgFAq8a7o/8E7iFxVdOgv4p/pDIkuTdUNazEaT9/AlYgijm/gUoOAfjFw:rjNMARaE/xi02pAlYgii/gffjZ0C6PBo
Score

1^/10
behavioral23 behavioral24
- Target
  
  ALZip.exe
- Size
  
  4.9MB
- MD5
  
  dc5eca1bf313c85a67bbd9a0ba66c63e
- SHA1
  
  349fbd48420e5b34056e5152161f6aa2a43b9a8a
- SHA256
  
  82ab8376f293c6657220346a3a129736013474bc54abfe91ea2b58c6fb8c3e82
- SHA512
  
  7ca43a2b65336aff1684e09208eec7908d710eaefdc36eb19a2f698d9833f59aa3a244ebdb4274b2fbab604be4d9a1dfba3cb444881d6e8617a83f189002ff44
- SSDEEP
  
  49152:GxrS2otGlMYZa44gqjp9rp4cpeVJIYHW9b1zcTDTa1b2TjH1tsxpkwEIQ18WbRdq:Zol08qjilDI5gfQb20kwabC
Score

1^/10
behavioral25 behavioral26
- Target
  
  ALZipCon.exe
- Size
  
  600KB
- MD5
  
  4c254a6e29073dfd09dd516d54254915
- SHA1
  
  ec68c91bce21ff235d57ad6846956bf468eb6592
- SHA256
  
  f666f7548bee3dd9ee74632548a23e13fd9e0d45436ae089cef361e81acbcf5d
- SHA512
  
  904d966f6c862aae491a989c1ae6829d8d971575d217fb5af005a6b0e7e32640c33f21ac595fc422d67aa47cfa425389b89fd724b3e9959644b7a2eb39880749
- SSDEEP
  
  12288:JIgtJ2c8mEMg9qI4ECqzRbAs8ygqSkjyTRQlK0:JSm3sqiFbpcBkjydg
Score

1^/10
behavioral27 behavioral28

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Software Discovery

T1518

Security Software Discovery

T1518.001

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Loads dropped DLL

Checks for any installed AV software in registry

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28