c67452f65d0c7187312499a53670b1e82895518b487328026b2957ee77a274a1

Sharing

Copy URL

Twitter E-mail

General

Target

6fc1d0d67bf66fb05a56b13aa59fe590_JaffaCakes118
Size

10.3MB
Sample

240524-zaw7gsaa8z
MD5

6fc1d0d67bf66fb05a56b13aa59fe590
SHA1

142da6da98d861e29b077dcea4caf93941194f6f
SHA256

c67452f65d0c7187312499a53670b1e82895518b487328026b2957ee77a274a1
SHA512

e9e69a0dfe9f777e0a4c320dd0c8261cf0680f0a1bc70fbe88cd344a137b382341c62da7bf95f03632023796180b620ad6d3cf30b38ad276c4746bead6cd0d27
SSDEEP

196608:NFFkWfFYkWn862GHPz/+chisFwmR0qz6SNz0SXBmdZDopmQRSVvD5Rp4WvQs:O4FYiMKenR027z0sEzspmQR07eUQs

Score

7^/10

Malware Config

Targets

- Target
  
  PowerISO-7.5/PowerISO-7.5.exe
- Size
  
  10.4MB
- MD5
  
  a38ed85a50faa3362bb343ebb6624750
- SHA1
  
  abd0c444b8206e436615ae03a7da62fc5017d9e8
- SHA256
  
  102db7fd10d527ed4195f411cb4a4172dc29a4597bd45f194ea242cac13163ba
- SHA512
  
  637e0acbe02441c453f4724d2387b263abf608d8d1011914726c1489a4f1eb9c14f79a2c2c11e94bc2135fbfc34dd55510e0b030191071a4af55e4e4c9305f94
- SSDEEP
  
  196608:xqmHbnYDuh+4K0aTsg8kOW1kBxK7XeErBaIDR7aJv4QRSwfnV3A4ffP/9:Guh+maTt8kXhrel2Ifn+G9
Score

7^/10

upx
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/Aero.dll
- Size
  
  6KB
- MD5
  
  243bf44688b131c3171f2827a93e39dc
- SHA1
  
  07e9c7bd16ae47953e42c06ae2606de188386f35
- SHA256
  
  04a577df50431eb0ff6fb103566402bf66c50415bcc1f8a86b9c235053131455
- SHA512
  
  a1a8c21d38c54a43d1c6c394f481dfbddcb359c617e9928ecca8f84d47354616a78d20735a1fe7bebd21626c21cf96d0e1a69e3e98f6b35f2a774cc0244f9516
- SSDEEP
  
  96:Mh1Wh+rTUNfwRtoqLOk+UVud5Wa7U2ZG:MTWh+cZG2qLOkjud5Waw2Z
Score

7^/10

upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/BrandingURL.dll
- Size
  
  4KB
- MD5
  
  71c46b663baa92ad941388d082af97e7
- SHA1
  
  5a9fcce065366a526d75cc5ded9aade7cadd6421
- SHA256
  
  bb2b9c272b8b66bc1b414675c2acba7afad03fff66a63babee3ee57ed163d19e
- SHA512
  
  5965bd3f5369b9a1ed641c479f7b8a14af27700d0c27d482aa8eb62acc42f7b702b5947d82f9791b29bcba4d46e1409244f0a8ddce4ec75022b5e27f6d671bce
Score

3^/10
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/LangDLL.dll
- Size
  
  5KB
- MD5
  
  9384f4007c492d4fa040924f31c00166
- SHA1
  
  aba37faef30d7c445584c688a0b5638f5db31c7b
- SHA256
  
  60a964095af1be79f6a99b22212fefe2d16f5a0afd7e707d14394e4143e3f4f5
- SHA512
  
  68f158887e24302673227adffc688fd3edabf097d7f5410f983e06c6b9c7344ca1d8a45c7fa05553adcc5987993df3a298763477168d4842e554c4eb93b9aaaf
- SSDEEP
  
  48:iV6pAvmNC6iMPUptxEZK65x/AmvycNSmwVsOYJyvrpXptp/JvR0Jlof5d2:2811GED5ZTvycNSmwVsTJuftpZR0Sd2
Score

3^/10
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  11KB
- MD5
  
  c17103ae9072a06da581dec998343fc1
- SHA1
  
  b72148c6bdfaada8b8c3f950e610ee7cf1da1f8d
- SHA256
  
  dc58d8ad81cacb0c1ed72e33bff8f23ea40b5252b5bb55d393a0903e6819ae2f
- SHA512
  
  d32a71aaef18e993f28096d536e41c4d016850721b31171513ce28bbd805a54fd290b7c3e9d935f72e676a1acfb4f0dcc89d95040a0dd29f2b6975855c18986f
- SSDEEP
  
  192:7DKnJZCv6VmbJQC+tFiUdK7ckD4gRXKQx+LQ2CSF:7ViJrtFRdbmXK8+PCw
Score

3^/10
behavioral10 behavioral9
- Target
  
  $PLUGINSDIR/nsDialogs.dll
- Size
  
  9KB
- MD5
  
  c10e04dd4ad4277d5adc951bb331c777
- SHA1
  
  b1e30808198a3ae6d6d1cca62df8893dc2a7ad43
- SHA256
  
  e31ad6c6e82e603378cb6b80e67d0e0dcd9cf384e1199ac5a65cb4935680021a
- SHA512
  
  853a5564bf751d40484ea482444c6958457cb4a17fb973cf870f03f201b8b2643be41bccde00f6b2026dc0c3d113e6481b0dc4c7b0f3ae7966d38c92c6b5862e
- SSDEEP
  
  96:hBABCcnl5TKhkfLxSslykcxM2DjDf3GE+Xv8Xav+Yx4VndY7ndS27gA:h6n+0SAfRE+/8ZYxMdqn420
Score

3^/10
behavioral11 behavioral12
- Target
  
  $TEMP/PowerISO/packeg.exe
- Size
  
  5.0MB
- MD5
  
  725c335d5fd5305e5b5db2c84cf90abd
- SHA1
  
  36daa31b318051f5cf8b9038e46e977cd18af57e
- SHA256
  
  5e9274f4940ab3a90f48715c82149ab209ed4b585347c9a91fbe23534834e268
- SHA512
  
  f4962fcd3481380fca17f0cc7483f7dabc5c06488bd30acc836c8312e30c1a5195ddd98c00a5a132affc20d17575ec43b83e802f80d025b3891f67e5eb82ea53
- SSDEEP
  
  98304:gEjZ7eMAM5Aw3ZQtpy6GV5T6nn3F6xnCXWM1VCRTovs1xiKpp0qfcu8:LkVAAFsV5T63FC6VUovw1pCqfcf
Score

7^/10

spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral13 behavioral14
- Target
  
  $PLUGINSDIR/Math.dll
- Size
  
  144KB
- MD5
  
  889e8fe8a034acb4d4a33349e34907a9
- SHA1
  
  e439458df040ec14002c67f0a863bb714a6241aa
- SHA256
  
  d9b253e80eca58d3e2c5882359b5aa3257bd0b4bec5d02a7874004466ef77c57
- SHA512
  
  a604e3f8c385af9b2f29e82fa411b220a71bc234521d1194de1a2a09cca567f31c33c887a1f69ffb33fb2db91519a99e84ef064d507af16646db6919dd712d94
- SSDEEP
  
  3072:NIBcyvQSAxCfyWAj2Ag0FuTz/eBNABNWXhw4L:SQNCqZj2AOT7yysq0
Score

3^/10
behavioral15 behavioral16
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  11KB
- MD5
  
  bf712f32249029466fa86756f5546950
- SHA1
  
  75ac4dc4808ac148ddd78f6b89a51afbd4091c2e
- SHA256
  
  7851cb12fa4131f1fee5de390d650ef65cac561279f1cfe70ad16cc9780210af
- SHA512
  
  13f69959b28416e0b8811c962a49309dca3f048a165457051a28a3eb51377dcaf99a15e86d7eee8f867a9e25ecf8c44da370ac8f530eeae7b5252eaba64b96f4
- SSDEEP
  
  192:0N2gQuUwXzioj4KALV2upWzVd7q1QDXEbBZ8KxHdGzyS/Kx:rJoiO8V2upW7vQjS/
Score

3^/10
behavioral17 behavioral18
- Target
  
  $PLUGINSDIR/nsDialogs.dll
- Size
  
  9KB
- MD5
  
  4ccc4a742d4423f2f0ed744fd9c81f63
- SHA1
  
  704f00a1acc327fd879cf75fc90d0b8f927c36bc
- SHA256
  
  416133dd86c0dff6b0fcaf1f46dfe97fdc85b37f90effb2d369164a8f7e13ae6
- SHA512
  
  790c5eb1f8b297e45054c855b66dfc18e9f3f1b1870559014dbefa3b9d5b6d33a993a9e089202e70f51a55d859b74e8605c6f633386fd9189b6f78941bf1bfdb
- SSDEEP
  
  192:SbEunjqjIcESwFlioU3M0LLF/t8t9pKSfOi:SbESjFCw6oWPFl8jfOi
Score

3^/10
behavioral19 behavioral20
- Target
  
  $PLUGINSDIR/qzoxzhphgp.dll
- Size
  
  1002KB
- MD5
  
  4bb0f84995346c5f73a3dfbd8d8cf26b
- SHA1
  
  17c011f920bd74c37c86488832fd95270429478b
- SHA256
  
  5f9e2a5ef08cd02bcac2d2045f7b149b11f4daed2a253bbcc38cdfe8b1850600
- SHA512
  
  bf9e042405df6af8eb54c78ee8fd0ac00b997171bf0a88ffb36588d2f9247667b9c03a73fc97b7e58e3ed8cf5c37e0fbe4f2033c1ebe78b91121c92adecf1369
- SSDEEP
  
  24576:MvaVnVw6hrM8zxLcaHr2JGjoEYnJLUTOhXUbVWXjCnr:s8/w87URJcCEUXEr
Score

3^/10
behavioral21 behavioral22
- Target
  
  $R0
- Size
  
  69KB
- MD5
  
  9d199564b65a91a531b23844649459e9
- SHA1
  
  8d84359ced1c51d14e70cb5ed36a6083c8b914cf
- SHA256
  
  8dc2490d1d650e3ffbf70922b81ae9800ddd29a644e4d7d29e9616e22a7d0f42
- SHA512
  
  ae522945d3ddcd7c2d99da14ba62d556928b7e6dfcb07114f13481777878a8ffa448170cebbf76da80d9ae45d0e3a509b0f2a7bd702773c1efcaca26496010d1
- SSDEEP
  
  768:Ubrbmi0iAETVvlXjkQnr65WTHBAtgYSofgevxHs4gZWk:ab70GdXoQr65WDBAtgYSoflxHeW
Score

1^/10
behavioral23 behavioral24
- Target
  
  devcon.exe
- Size
  
  69KB
- MD5
  
  9d199564b65a91a531b23844649459e9
- SHA1
  
  8d84359ced1c51d14e70cb5ed36a6083c8b914cf
- SHA256
  
  8dc2490d1d650e3ffbf70922b81ae9800ddd29a644e4d7d29e9616e22a7d0f42
- SHA512
  
  ae522945d3ddcd7c2d99da14ba62d556928b7e6dfcb07114f13481777878a8ffa448170cebbf76da80d9ae45d0e3a509b0f2a7bd702773c1efcaca26496010d1
- SSDEEP
  
  768:Ubrbmi0iAETVvlXjkQnr65WTHBAtgYSofgevxHs4gZWk:ab70GdXoQr65WDBAtgYSoflxHeW
Score

1^/10
behavioral25 behavioral26
- Target
  
  piso.exe
- Size
  
  17KB
- MD5
  
  33666c1616e7db33f10967b21453d80c
- SHA1
  
  fb2b80c969222e98b97d10548534e1c394036fb8
- SHA256
  
  e25c088c53b1f1e6dc835e26fd99ce0eb0b26f0cfcb36df9ead3535c55059e2a
- SHA512
  
  9ddb38c7c90294891f5ca1338d6eb5789af953a182212b07d8ed45164ff9fccab7e51ff8a56c301a0315bd909a16decbdbb2579923a4e5acdc7f84505b543d53
- SSDEEP
  
  192:J+P/5KEPEvXcq6gP4oynCUzv+OnYe+PjP+rJ/m8Fzr9ZCspE+TMErRxyVcEuw75j:J+P/Q3vXcDW4H5nYPLTeMaQ5gY+nYPL/
Score

1^/10
behavioral27 behavioral28
- Target
  
  setup64.exe
- Size
  
  17KB
- MD5
  
  24bf22b9c94db12b22ea77c79e34aa13
- SHA1
  
  7ea4573cf1e45807e98e74a392faaaf24cf8265e
- SHA256
  
  e40f35e9eaad833e765e833d61ec829e0d0fcc0391348199467f0f5b90a0cd94
- SHA512
  
  0d0e1d607adc6b7d4e9becb533d22c253f08be342f653a1283a3c8b27e1cbcb72ddab6c8c0a9993748fd643f03657d652c11c33650c61b0c9c95e5c91803840e
- SSDEEP
  
  192:qSTwtvHiBYm2HW5wDV7Yyl+BnYe+PjP+rJ/m8Fzr9ZCspE+TMEr2Sq93yVcEuwh9:RTwBHiBYcYV7snYPLTeM5nc+nYPLN
Score

1^/10
behavioral29 behavioral30
- Target
  
  $TEMP/temp/packeg.exe
- Size
  
  268KB
- MD5
  
  89f8d47f229b180a0f12aac549acf326
- SHA1
  
  ce651850df6206b8c5f598ad5751c6d9d2a4869c
- SHA256
  
  9a03ccee5cdc83a3a51d43c78ff093da3d4e1faaa158e4b653e7614a14dd549a
- SHA512
  
  f0f63d0530b6be19427fb3aa311f758c5edf38ce42e4c26706d408abe868b3832d8b3e8b79a6a7fcad44704f7cc1a8e8407f7cc3a2c78269ee1e689e6b767758
- SSDEEP
  
  6144:nnqKQ2Oq3ScuA05A+O4PlDfZIkbaRF30zsmJHyUgbdZF:nqhq3M5A+XfhaD3MFy1BZF
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Unsecured Credentials

T1552

Credentials In Files

T1552.001

Discovery

System Information Discovery

T1082

Query Registry

T1012

Lateral Movement

Collection

Data from Local System

T1005

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

Sharing

General

Malware Config

Targets

ACProtect 1.3x - 1.4x DLL software

Loads dropped DLL

UPX packed file

UPX packed file

Reads user/profile data of web browsers

MITRE ATT&CK Matrix ATT&CK v13

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32