d43d793529aa53d452cc85badf97e5aa04fe09f61d99046c655a51b31709b624

Sharing

Copy URL

Twitter E-mail

General

Target

65d50932ef0863e793ed0124848ba30f_JaffaCakes118
Size

5.6MB
Sample

240522-dvr8daae46
MD5

65d50932ef0863e793ed0124848ba30f
SHA1

8afa285550770c5223ac28c468d9a21b8e94c158
SHA256

d43d793529aa53d452cc85badf97e5aa04fe09f61d99046c655a51b31709b624
SHA512

e51c1f45b6e0e305bfb7a6ae3f88dbfeb7cc2904d607231dc407d7f4b82f35993d484491321045f62c01539a2ba4c8cc438893191c03151964291fe17528e766
SSDEEP

98304:joRCa7CllxDZigg4keNaKvE2CqDOOp87/Q4XGVicOd1+tlFLGa:j7qClIPV2C4p8bQudk

Score

7^/10

discovery upx

Malware Config

Targets

- Target
  
  65d50932ef0863e793ed0124848ba30f_JaffaCakes118
- Size
  
  5.6MB
- MD5
  
  65d50932ef0863e793ed0124848ba30f
- SHA1
  
  8afa285550770c5223ac28c468d9a21b8e94c158
- SHA256
  
  d43d793529aa53d452cc85badf97e5aa04fe09f61d99046c655a51b31709b624
- SHA512
  
  e51c1f45b6e0e305bfb7a6ae3f88dbfeb7cc2904d607231dc407d7f4b82f35993d484491321045f62c01539a2ba4c8cc438893191c03151964291fe17528e766
- SSDEEP
  
  98304:joRCa7CllxDZigg4keNaKvE2CqDOOp87/Q4XGVicOd1+tlFLGa:j7qClIPV2C4p8bQudk
Score

7^/10

upx
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/Banner.dll
- Size
  
  3KB
- MD5
  
  e264d0f91103758bc5b088e8547e0ec1
- SHA1
  
  24a94ff59668d18b908c78afd2a9563de2819680
- SHA256
  
  501b5935fe8e17516b324e3c1da89773e689359c12263e9782f95836dbab8b63
- SHA512
  
  a533278355defd265ef713d4169f06066be41dd60b0e7ed5340454c40aabc47afa47c5ce4c0dbcd6cb8380e2b25dbb1762c3c996d11ac9f70ab9763182850205
Score

1^/10
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  15KB
- MD5
  
  89351a0a6a89519c86c5531e20dab9ea
- SHA1
  
  9e801aaaae9e70d8f7fc52f6f12cedc55e4c8a00
- SHA256
  
  f530069ef87a1c163c4fd63a3d5b053420ce3d7a98739c70211b4a99f90d6277
- SHA512
  
  13168fa828b581383e5f64d3b54be357e98d2eb9362b45685e7426ffc2f0696ab432cc8a3f374ce8abd03c096f1662d954877afa886fc4aa74709e6044b75c08
- SSDEEP
  
  384:/MnT0MKT/Xwr2izZQ86mpAT8F9lN8Ov0J:EQMKzwTFnVX8i0
Score

3^/10
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/Math.dll
- Size
  
  144KB
- MD5
  
  889e8fe8a034acb4d4a33349e34907a9
- SHA1
  
  e439458df040ec14002c67f0a863bb714a6241aa
- SHA256
  
  d9b253e80eca58d3e2c5882359b5aa3257bd0b4bec5d02a7874004466ef77c57
- SHA512
  
  a604e3f8c385af9b2f29e82fa411b220a71bc234521d1194de1a2a09cca567f31c33c887a1f69ffb33fb2db91519a99e84ef064d507af16646db6919dd712d94
- SSDEEP
  
  3072:NIBcyvQSAxCfyWAj2Ag0FuTz/eBNABNWXhw4L:SQNCqZj2AOT7yysq0
Score

3^/10
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/SimpleFC.dll
- Size
  
  175KB
- MD5
  
  d38543fc9ae37d188a23e06ee11d3504
- SHA1
  
  174fe778f66db4a527fddf21b1c23e1bc1ceceeb
- SHA256
  
  72f33da081b8d579f437e7aa2ba8d9cb9602270b88093ff9411ac6316b52fc6e
- SHA512
  
  43d1874e5821d8e5530eaa34d42b76aa867528368779fadcfd2691825297accf04e94bd34867442a76c25d4729edefba9469de6500acfe6f665949f11878c54b
- SSDEEP
  
  3072:l2sd6EP05etg+rKTTmYjcnPMdsRrdU+/mbM/AuaNoNglzppVn5O4z6ULfLb6Cu:Us4zIg+rKTTmnhfAoSxZ5OVu/
Score

3^/10
behavioral10 behavioral9
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  11KB
- MD5
  
  bf712f32249029466fa86756f5546950
- SHA1
  
  75ac4dc4808ac148ddd78f6b89a51afbd4091c2e
- SHA256
  
  7851cb12fa4131f1fee5de390d650ef65cac561279f1cfe70ad16cc9780210af
- SHA512
  
  13f69959b28416e0b8811c962a49309dca3f048a165457051a28a3eb51377dcaf99a15e86d7eee8f867a9e25ecf8c44da370ac8f530eeae7b5252eaba64b96f4
- SSDEEP
  
  192:0N2gQuUwXzioj4KALV2upWzVd7q1QDXEbBZ8KxHdGzyS/Kx:rJoiO8V2upW7vQjS/
Score

3^/10
behavioral11 behavioral12
- Target
  
  $PLUGINSDIR/inetc.dll
- Size
  
  24KB
- MD5
  
  1fc1fbb2c7a14b7901fc9abbd6dbef10
- SHA1
  
  4d9ed86f31075a3d3f674ff78f39c190a4098126
- SHA256
  
  4f26394c93f1acb315c42c351983dafc7f094b2d05db6d7a1ba7dcb39a3a599e
- SHA512
  
  76d8ff7fc301cc5ff966ad8be17f0f3f2d869ef797c5a2c55a062305c02133a842906448741bf9818ec369bbb2932b9a9c2193ebc59835b50e8703db0090fdb2
- SSDEEP
  
  384:ya3Bj/GAqvdXP4P4IVlht8zNHxKNSJvor9e9dQTIHzOZwceyeZwd6TJdpq:yRtqLhtqKNS5sAvQTIB86T0
Score

3^/10
behavioral13 behavioral14
- Target
  
  $PLUGINSDIR/md5dll.dll
- Size
  
  6KB
- MD5
  
  7059f133ea2316b9e7e39094a52a8c34
- SHA1
  
  ee9f1487c8152d8c42fecf2efb8ed1db68395802
- SHA256
  
  32c3d36f38e7e8a8bafd4a53663203ef24a10431bda16af9e353c7d5d108610f
- SHA512
  
  9115986754a74d3084dd18018e757d3b281a2c2fde48c73b71dba882e13bd9b2ded0e6e7f45dc5b019e6d53d086090ccb06e18e6efeec091f655a128510cbe51
- SSDEEP
  
  96:5mArJv6F3TqDmgK4ghEin1US36eHQZDUDgGogZcko5Nt4AMP:5XJ63LhR6inZ6dsgZkKQT
Score

7^/10

upx
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral15 behavioral16
- Target
  
  $PLUGINSDIR/nsDialogs.dll
- Size
  
  9KB
- MD5
  
  4ccc4a742d4423f2f0ed744fd9c81f63
- SHA1
  
  704f00a1acc327fd879cf75fc90d0b8f927c36bc
- SHA256
  
  416133dd86c0dff6b0fcaf1f46dfe97fdc85b37f90effb2d369164a8f7e13ae6
- SHA512
  
  790c5eb1f8b297e45054c855b66dfc18e9f3f1b1870559014dbefa3b9d5b6d33a993a9e089202e70f51a55d859b74e8605c6f633386fd9189b6f78941bf1bfdb
- SSDEEP
  
  192:SbEunjqjIcESwFlioU3M0LLF/t8t9pKSfOi:SbESjFCw6oWPFl8jfOi
Score

3^/10
behavioral17 behavioral18
- Target
  
  $PLUGINSDIR/xml.dll
- Size
  
  118KB
- MD5
  
  42df1fbaa87567adf2b4050805a1a545
- SHA1
  
  b892a6efbb39b7144248e0c0d79e53da474a9373
- SHA256
  
  e900fcb9d598643eb0ee3e4005da925e73e70dbaa010edc4473e99ea0638b845
- SHA512
  
  4537d408e2f54d07b018907c787da6c7340f909a1789416de33d090055eda8918f338d8571bc3b438dd89e5e03e0ded70c86702666f12adb98523a91cbb1de1d
- SSDEEP
  
  1536:U2A8OSGjylgkara+70LICin9zgtg2LxowhtJu6MqSNicNEtIfF42q2KC:OzjLkarn7O+n9z2L6whFtGF42bK
Score

3^/10
behavioral19 behavioral20
- Target
  
  GenericWindowsUtils.dll
- Size
  
  11KB
- MD5
  
  896edf2c096265549fd8bb9ee23efc2c
- SHA1
  
  3c7a1dbb68afaeff2f132ca738d5cf2818b8ab13
- SHA256
  
  a3a03e816a12db0e7e4288eb00c3426a71ca7b402f623c77ad7b7f84e82b64ec
- SHA512
  
  3149931140eb9fed0d28528ce048250392897ac61f890d176ac45a4c5464b9744cebc0c0f0b69945f742835612211c059d7ebb29f8d779e0bb99cd2d8cbea56b
- SSDEEP
  
  96:9LQL4h4LJnwSpkCY3QaTVfHdVL8J8+B5o0K+3+X3+H+b+z+T+1Judcu5u+VK+/+i:5QEAZX+CY33vLkdakrSQOV+SLWNg
Score

3^/10
behavioral21 behavioral22
- Target
  
  ProgressTabs.jar
- Size
  
  3KB
- MD5
  
  40002c908163cd461313a676dd82d343
- SHA1
  
  0d31a64697ca79dc32c5f15b996236ff4239cd90
- SHA256
  
  c607953d9db6621d955eeecfdfd02938321f40d507b3a24db35d2b248cada82c
- SHA512
  
  c7c05af8898412bbb5011c163f99022e90d89a63d01caec49702ecdabb761f0696d009070ced3e8fd5d205fb5a591ddd708b25bb4e7760000ae95e164d7ae3e4
Score

7^/10

discovery
- Modifies file permissions
  discovery
behavioral23 behavioral24
- Target
  
  UpdateApp.exe
- Size
  
  327KB
- MD5
  
  dd3f55f51b18813dcadf40b2690bb9fd
- SHA1
  
  81699d1641af3e2218350f9d26feefc8c2dcf991
- SHA256
  
  3012adea80c90e5fabb0dc794d6bd0bd6a8be1076d2a7381c56af952bc750be5
- SHA512
  
  a2de0aca5e53dd15a5e69283bce285d5d36f1e5d0af08965437ab90a0e2cc33e9bdf7d3fa79984f47b925cc963a35156bd232b915b987ee3c2785a8d960df40a
- SSDEEP
  
  3072:DOtBlrzu2WI0OHzHtBlrzu2WI0OHzumg9ytBlrzu2WI0OHz:Dqnzu2WITnzu2WIc30nzu2WI
Score

1^/10
behavioral25 behavioral26
- Target
  
  WindowsV5PlusUtils.dll
- Size
  
  12KB
- MD5
  
  cb46bb1be80485b8b2cb3b3593f1c8e8
- SHA1
  
  cac0f3fe558698b530568fc1be979ae5bb629c2a
- SHA256
  
  f8877af50243458325fa78e0caa3ff8a2190ecc2cc8a916d3583b40a905be038
- SHA512
  
  aa0b5da90ebf5c65d3bd10b3986ed06884ab13d5440fdc90aa55ae48069e03b527b88fc0238abdaeff6d306da93b4bcdc30b9758588c7ac4bf451713c4f72401
- SSDEEP
  
  192:JwaJVWOi064ozOjEoIX8W9itSzzuSLWYt:J7kOi06JzWEoIX8W9it4zu8WYt
Score

1^/10
behavioral27 behavioral28
- Target
  
  WireStack.dll
- Size
  
  60KB
- MD5
  
  9512728a532428d479e4b6ec590e419e
- SHA1
  
  fcb62c541e03e9795f264c62229a6be5757e641f
- SHA256
  
  4416944c5a24b112d49ed58644cf4c2df0c8f70731e6feb0dd8b5473edef0588
- SHA512
  
  57824c96d500fe011e5c1f848d008d1729e55ce0e11d81f98bba16c8f4941ed66e1823fe8bade3d3809d21921b4e0b667659b1d9b8a455f7f7f35fc456d8a54f
- SSDEEP
  
  1536:vtp1+WRFVqiIM3PzwsGoUec5lgbpacgr:vtpYI30uUeilGacy
Score

3^/10
behavioral29 behavioral30
- Target
  
  WireStack.exe
- Size
  
  417KB
- MD5
  
  ff1d3bc36ce06ad6c2c87e97f8b7123f
- SHA1
  
  9b820a32285153ef84f56782ff9739039faffc1b
- SHA256
  
  c859b1af12a296cb65e7c90c9e604509a436bae4c29c0f7f970ddddf3ae69af9
- SHA512
  
  8bcc49d6e0bd2e7ee04508799a73ac2e9eb0241d6280310baff75e57f75240b40c26c0b090e4a7944c5f06eab638285345bfb7e0ca18b435d03ccd78125d3bcf
- SSDEEP
  
  12288:wAqsftlPJjSZCXWEAQLQV+EVUL/kbEIKL1wTNUvpA:lqsftlPJjSEnAQLQV+EqL/GEIKL17vW
Score

7^/10

discovery
- Modifies file permissions
  discovery
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File and Directory Permissions Modification

T1222

Modify Registry

T1112

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

ACProtect 1.3x - 1.4x DLL software

Loads dropped DLL

UPX packed file

ACProtect 1.3x - 1.4x DLL software

UPX packed file

Modifies file permissions

Modifies file permissions

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32