Overview

overview

7

Static

static

3

6e561bb4a4...18.exe

windows7-x64

7

6e561bb4a4...18.exe

windows10-2004-x64

7

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...hl.dll

windows7-x64

3

$PLUGINSDI...hl.dll

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    6e561bb4a45b7513d7745a70a1c63969_JaffaCakes118

  • Size

    686KB

  • Sample

    240524-ngjn7afa97

  • MD5

    6e561bb4a45b7513d7745a70a1c63969

  • SHA1

    cda245b016e099128390d621ab2d47220b8343b4

  • SHA256

    115e71444a3736c147001657d8dfe3ebdcad5fc4e213204669cf584d3b655574

  • SHA512

    4a60b426bbf19e788e2c18a804f437ab467718273990c8c5ed24251a885e12e569ea68d2015161b1f250ee584eeb21796b3b47b4b2efe5a5ee409b7dcd447828

  • SSDEEP

    12288:wNQdw/+KNiG88LKoQrUcXe7ApI49zBXGWmO0857MARrHfc8vy4hl:w6dxEj8ShB7qIOWq0w77C86m

Score
7/10

Malware Config

Targets

    • Target

      6e561bb4a45b7513d7745a70a1c63969_JaffaCakes118

    • Size

      686KB

    • MD5

      6e561bb4a45b7513d7745a70a1c63969

    • SHA1

      cda245b016e099128390d621ab2d47220b8343b4

    • SHA256

      115e71444a3736c147001657d8dfe3ebdcad5fc4e213204669cf584d3b655574

    • SHA512

      4a60b426bbf19e788e2c18a804f437ab467718273990c8c5ed24251a885e12e569ea68d2015161b1f250ee584eeb21796b3b47b4b2efe5a5ee409b7dcd447828

    • SSDEEP

      12288:wNQdw/+KNiG88LKoQrUcXe7ApI49zBXGWmO0857MARrHfc8vy4hl:w6dxEj8ShB7qIOWq0w77C86m

    Score
    7/10

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

    • Target

      $PLUGINSDIR/ZipDLL.dll

    • Size

      163KB

    • MD5

      2dc35ddcabcb2b24919b9afae4ec3091

    • SHA1

      9eeed33c3abc656353a7ebd1c66af38cccadd939

    • SHA256

      6bbeb39747f1526752980d4dbec2fe2c7347f3cc983a79c92561b92fe472e7a1

    • SHA512

      0ccac336924f684da1f73db2dd230a0c932c5b4115ae1fa0e708b9db5e39d2a07dc54dac8d95881a42069cbb2c2886e880cdad715deda83c0de38757a0f6a901

    • SSDEEP

      3072:8CkSJJ30k1pn2T4ISnUGN+E8KnCOxA17jxLmRtWHyPDQFllOdJiSg:tkSJy+c30UxbKnA1hLKWSVdk

    Score
    3/10
    behavioral3behavioral4

    • Target

      $PLUGINSDIR/nrfqphl.dll

    • Size

      161KB

    • MD5

      3147cd9631345681e0ef79c8b4f7e9d5

    • SHA1

      050c474be0469a34ec055512c5147a9f9bcad3c2

    • SHA256

      f1628bb75d7e7063b6bb438596f5c0f3a244de02ad3d0b60aefb2b5a5d2ad9cd

    • SHA512

      da885d1ec83f2b56bc9038cfdf220c63b0bff1955103265c8e6edf0f09f7fa0fae4a073d5c0df9f20c326a74c6437bad761d64e2579867dce4c836167dade42b

    • SSDEEP

      1536:GtjMGDbcCR5vJuJa0/rzsu0aV+2eGilOQhQLrRLDMLuEXQvpwpLVSYTjgY+6cowF:GtjXgCRimR0RquEAv+jPz+gV9QRZBFH

    Score
    3/10
    behavioral5behavioral6

MITRE ATT&CK Enterprise v15

Tasks