General

  • Target

    71a7182fc4face8c7cd7c3f4078cc902_JaffaCakes118

  • Size

    2.3MB

  • Sample

    240525-mh535sde5y

  • MD5

    71a7182fc4face8c7cd7c3f4078cc902

  • SHA1

    a2131db714d023074572c34ebe8b1b05d440d561

  • SHA256

    21b3722d2f032733df6ae8d682c0b5108f17c242705d3fff9730c89a6a6df7f0

  • SHA512

    157a6c89995de88dc2d197b14ad48d3a6dcdb818da2acc975a80cbaa9eac452c8bf0c8fe922a4b5657453a56765ce97befde00389eeabe170f551c0a0f917fa0

  • SSDEEP

    49152:/WZKsGm6GS3PYnMZ/KYsmW+uqQSot/j6XPtZhAcl0OSE0:uZb6GCYost+Xicl0W0

Malware Config

Targets

    • Target

      71a7182fc4face8c7cd7c3f4078cc902_JaffaCakes118

    • Size

      2.3MB

    • MD5

      71a7182fc4face8c7cd7c3f4078cc902

    • SHA1

      a2131db714d023074572c34ebe8b1b05d440d561

    • SHA256

      21b3722d2f032733df6ae8d682c0b5108f17c242705d3fff9730c89a6a6df7f0

    • SHA512

      157a6c89995de88dc2d197b14ad48d3a6dcdb818da2acc975a80cbaa9eac452c8bf0c8fe922a4b5657453a56765ce97befde00389eeabe170f551c0a0f917fa0

    • SSDEEP

      49152:/WZKsGm6GS3PYnMZ/KYsmW+uqQSot/j6XPtZhAcl0OSE0:uZb6GCYost+Xicl0W0

    Score
    7/10
    • Loads dropped DLL

    • Target

      $PLUGINSDIR/InstallOptions.dll

    • Size

      15KB

    • MD5

      06aa4cc3fbf7836bc5819bb1b1cc5680

    • SHA1

      7a074e5b667a0de81d07243fd9e3eb3d569fcc30

    • SHA256

      abd14ae3648f6964d33ad5fbc4164f2beace7c3ecd5a261156fe728755cdc3c1

    • SHA512

      370c7d19d9789c8f32ea6b69a30cdaf331296f55f14e39d2917b46f43bee087d1a286374fe3dc6cc64d0ffdbaf8a0f7ecf638c69c25a8c7f54b17ef555f4a80a

    • SSDEEP

      192:eMHGr8JZYGO9QQr5aQbf1QuQVOmDsjcdOISYKoTt11929WtshLAzuy:eMHu8Jy1ai5aZBptdYYKCt/Yos

    Score
    3/10
    • Target

      $PLUGINSDIR/System.dll

    • Size

      11KB

    • MD5

      7399323923e3946fe9140132ac388132

    • SHA1

      728257d06c452449b1241769b459f091aabcffc5

    • SHA256

      5a1c20a3e2e2eb182976977669f2c5d9f3104477e98f74d69d2434e79b92fdc3

    • SHA512

      d6f28ba761351f374ae007c780be27758aea7b9f998e2a88a542eede459d18700adffe71abcb52b8a8c00695efb7ccc280175b5eeb57ca9a645542edfabb64f1

    • SSDEEP

      192:eF2HS5ih/7i00dWz9T7PH6lOFcQMI5+Vw+bPFomi7dJWsP:rSUmlw9T7DmnI5+N273FP

    Score
    3/10
    • Target

      $PLUGINSDIR/nsDialogs.dll

    • Size

      156KB

    • MD5

      a09afd758d38cb1a9cbf7ffef8e4fce8

    • SHA1

      8f6bab1b16a2de485ee2f7755005ac9a23e7436e

    • SHA256

      59f148eedabc7b0f2c7de5c666b25075eebca54569c1ab6f77cd68fae1993979

    • SHA512

      cffee48c681baab3f5a8c5cd09e8c9aa4dfca2b6aebac80d582a3c477d977fe86e8c0bc8fb6871ec14945c8796d0f42afb6ee48ab6ebb0d8fd25ceb85223f8be

    • SSDEEP

      3072:qA3K1FSVKhaXphsr2a5sZGmwcSol0BaGZS5xGCd6ADUE1cm7vg0s2jn:hy2ZGmPCZZS59d6ADUE1FMm

    Score
    3/10
    • Target

      $_21_/65Plugin.dll

    • Size

      79KB

    • MD5

      00e41a2167e8b0141f589ae139ea32e9

    • SHA1

      519676357ce491ba464998681b1e9339e4fe4026

    • SHA256

      4c57826ed13640499929107639101195574a1d2640d562e81f7827b8e722f3a5

    • SHA512

      cf9b6238de5ea599887a308990b4e1efae0b94d90e3ff7f1a40c0be0a54099864576e6b33ac08151bf6838f4f5cd8ef734417f89040f1ee960b06c65de640ba9

    • SSDEEP

      768:6W/9vpNxktwTSG1MmuRLV5E1HESkW5qMC9dkpQhm2/lhyxtn2SEDj3m9u8PCVvlI:zxktdwuH2mw5ik+Rl0PU3jVvlvnBq

    Score
    1/10
    • Target

      $_21_/65SrcAs.dll

    • Size

      141KB

    • MD5

      3a955d1c9574eae2a83215dc5e460f13

    • SHA1

      f1e678c0174db1b17640ad53ca886053db8a020a

    • SHA256

      ba32c3b69a15a00280bb613a70ea4d02f60749e247f9779bfb4dfb5f39156c61

    • SHA512

      446aa5b8147bd77cb15ad5d2db216180555868931288286dc3b77fa06d8632de41c814c2784069c8ce3c51ba4aab96d6baee7f82fe125340508aed6954d1e4b7

    • SSDEEP

      3072:S4BRu9XjwkfImqyZPzjiIqO/JFEcr1dksoH7xXRPDF2y:PeLhPzjdqMJFEcrjMH7F2y

    • Registers COM server for autorun

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

    • Target

      $_21_/65bar.dll

    • Size

      1015KB

    • MD5

      11ad6129099e771d53c0ff441f7ac5a2

    • SHA1

      f557f663571d6e5bfc9c2c41b99ad04e47c324d4

    • SHA256

      0693dbb08858f497ed7a68eb43d9bce4ad500e1117bb8e35b7c697694596686f

    • SHA512

      ab622474dbafa30ddd8daad799999d2a4b1e447d2f91bbde510771d78e51348a48ad6875b4e0a4de44b643124243b386fd2dffba93176d303c40356a70987df3

    • SSDEEP

      12288:VhL5JrxYQ+Q/pKDe9YaHZoqQv7zk78645W8o8weliA:jF1xYQ+QBKDe9TKqmPd64M8o8wW

    Score
    7/10
    • Target

      $_21_/65barsvc.exe

    • Size

      87KB

    • MD5

      a2f64f6c1697386773938ba5bcabc166

    • SHA1

      e71c600effd0e62406e286c84ab1ff7054bcb6dc

    • SHA256

      24b6d8a2f497a193ed73ae2e8568ee98c1006b2952d1556fd62d651b91c11e6e

    • SHA512

      103cd85784d2c16dd5dd557d4aaec6013b06e546568dfb65d9d04f4f7353fa316c4162baf84ad3e10a6162b03dcf47257fa5a3cb4281336113ff32d8a00fab03

    • SSDEEP

      1536:2M9fMc/KNZF+9W99p0k4krDfSM0k8dgVuu2VS6gh:1FKNZU9W9LHeMYGVB2VS6A

    Score
    1/10
    • Target

      $_21_/65bprtct.dll

    • Size

      117KB

    • MD5

      52656c06c979da68e46bcb558aa45419

    • SHA1

      7b4fdbaf1e0e561f5da1477ab233fdd9d1eba44f

    • SHA256

      b4c4e656d21405fcf475df974ed327aa4325c800d6ce31921f144d6de07715fa

    • SHA512

      3b3eb1a9433dc19c34d4d051582cb80ca0a30447f812b4b1b594d398a6e01e3ba911ecc5d2a4424921dbfdce3108e6e68b6c055e6427b12c3377d4a0bb73efef

    • SSDEEP

      3072:sKDiELVQsAeapEGTvtpv7NPX9GjByYftiVUgw/F/:sKDi5eaSKpv7Nv9QIYF5gm/

    Score
    1/10
    • Target

      $_21_/65datact.dll

    • Size

      166KB

    • MD5

      2201f7f60400685ed2cbb31977a6f847

    • SHA1

      7f73fbaa7e35f583020fbafe7e2a8170cb6d25d8

    • SHA256

      bf3e041eeb57cee48ad59887dcf5addfa03cd52a814d49cc1898c6bccfe5e292

    • SHA512

      bdbe6cada57fbd600ce392b45cce4a2811b100d50f2aee10892112efe853efa140ff83a7f32c82760de29e7229827b9d9c8890f8b39de8e67a3de069144e48ec

    • SSDEEP

      3072:rAiuk81z8oa3TT/dlpGcM5UY2xwbyTxcCGkvd0eWL7VBldRwHxwXaZ:sUw8oajT/d7G9UP2byVcCxvQ/ldRwyaZ

    Score
    1/10
    • Target

      $_21_/65dlghk.dll

    • Size

      117KB

    • MD5

      c7a5515b30550ea67a1d7fd71a222dfe

    • SHA1

      93be7832c7bb5052f16853ed281f6015755c34d2

    • SHA256

      3462add1f63a07e3a4d600f9d81c1946bf384bb9157df1cdc7784f74a2db7e1e

    • SHA512

      51f30c7541234c6fbf8719de1ff6d018214927018546a55e6f09a6eda950175a708dc113fb027ccddd76f2f2d69e80c689528534503b0c8a313b825c661dcfa5

    • SSDEEP

      1536:6yxr7fd6mGGbhTEMY5WNPX9vSVS28SMIwM7RkuJCll04NU5SptgQ1V9lCYv:bx/frxs5OPXtGS2ldIlpN5gQ1V9lCO

    Score
    1/10
    • Target

      $_21_/65dlghk64.dll

    • Size

      142KB

    • MD5

      19f5b771490beb2f6c9ea8208a0c50ac

    • SHA1

      c00fc169dda07ef44b31f5232a32a46c8349547a

    • SHA256

      3bddbc22900343e8c752562c0327631eb0116d21f38745d88d8395dd96ae9172

    • SHA512

      c2075601e2c90cd1cdf13ff6ffa5c942f71bc7a846418dd497e704ca1711d1cd0a61124fd570d182d879981e5be3cd0dbfe4e2058eb68fc4991d9ec72677b6a2

    • SSDEEP

      3072:L4X4vWv6QfKaQcWDzW619dT1EJgmPmSPpFgPVzcZO62J:L4ooR0DnvdT1EJgmVpFg1cMR

    Score
    7/10
    • Target

      $_21_/65feedmg.dll

    • Size

      141KB

    • MD5

      4944e66619b29fcbbfa85415f2653f02

    • SHA1

      b98ad0e879c717aadf77231bf99bfe522dace1f4

    • SHA256

      1497b0273e1508c980354ee077511fae3d49e3ab3eabe887df940d1f4a170eac

    • SHA512

      508cca236f29abe244a76afcb839ecd93f497ac7819b948d55bef6a7f00d4be22c6ae969e8313f4bcf033dcfaca7253a238d983a2ff99e5d4ab1cfac7c157ac0

    • SSDEEP

      3072:oAWJWfVECxUz1dnMiwTjbW8hsXbedmRxVHVTmH3Vfv/Oh2:0JWp0nMiSbkbedOxpJmHdvl

    Score
    1/10
    • Target

      $_21_/65highin.exe

    • Size

      11KB

    • MD5

      5df7ca9651bc391e329d674d827417f5

    • SHA1

      a49a82973d9cd2ede4d6b3e7d393579db157291c

    • SHA256

      3bc0af40baab308bcc4484b543ca761d526b119fc5eae340d74360a83800a7cc

    • SHA512

      5020ef2314299076784d74a1fee49186e3893868ec6d57346bdaa21ca523c39c32d6dca6dfdbb9e3c1cf2bc5d375810c9ea4622d2c20bf3951625d06e1b57c2f

    • SSDEEP

      192:dGxIg8GyRWekEWYnYe+PjPBkrO1tC7d/r9ZCspE+TMArYQ7/uJLs:MCg8GyRWekEWYnYPLB11w6eM7QqJLs

    Score
    1/10
    • Target

      $_21_/65htmlmu.dll

    • Size

      207KB

    • MD5

      c0d683f95200a06bd49b9e394bf130d5

    • SHA1

      471e4478b91cf8a07c8ebb6ede5bc2a38c8462e9

    • SHA256

      3b2e33a35c8db247cb303f54836af6fc6459530eb89ad98bf097d8013790ecec

    • SHA512

      9e8895a2b87a04731dea416806622be7df6eb975f40c78f0ca47b4b7320b7a0e4413a723bf4e870b304408b23713740208976f0aa2fdb58956490556deb83181

    • SSDEEP

      3072:GCHwKsPVxMfJxHNcpygBnTbuXo9duDWhHG8ENTBfATmQRqjxZ6oPfgEYTDjpRB:hLsVxOmNvV90DWhHFCTBIXInVQJ5

    Score
    1/10
    • Target

      $_21_/65httpct.dll

    • Size

      146KB

    • MD5

      87b680b5a45eae068605b2c371da79ce

    • SHA1

      5ee243044dee67fd56a92f117ed8274bb5fccdf9

    • SHA256

      2e9a584b9fb7a10217e5380b6407c535b0561490584d68932d8b748ec56ea410

    • SHA512

      74674e3aaac1069569f8ef8edd4eb02d282c0d4e12926e0128e958c5a3359cbefcb31dc4635096e22e49a41a58d6e5b5d6d4659e3ee25f8a588d86b105440fa0

    • SSDEEP

      3072:qdIkw4NbeSdQKS+Bu7wxZZEkkjCBHVft4iGfcn630wWHR8R:KI0VeSZfBu7uEPCBHVFI0n4WHR8R

    Score
    1/10

MITRE ATT&CK Enterprise v15

Tasks

static1

Score
3/10

behavioral1

Score
7/10

behavioral2

Score
7/10

behavioral3

Score
3/10

behavioral4

Score
3/10

behavioral5

Score
3/10

behavioral6

Score
3/10

behavioral7

Score
3/10

behavioral8

Score
3/10

behavioral9

Score
1/10

behavioral10

Score
1/10

behavioral11

adwarepersistencestealer
Score
7/10

behavioral12

adwarepersistencestealer
Score
7/10

behavioral13

Score
1/10

behavioral14

persistence
Score
7/10

behavioral15

Score
1/10

behavioral16

Score
1/10

behavioral17

Score
1/10

behavioral18

Score
1/10

behavioral19

Score
1/10

behavioral20

Score
1/10

behavioral21

Score
1/10

behavioral22

Score
1/10

behavioral23

persistence
Score
7/10

behavioral24

persistence
Score
7/10

behavioral25

Score
1/10

behavioral26

Score
1/10

behavioral27

Score
1/10

behavioral28

Score
1/10

behavioral29

Score
1/10

behavioral30

Score
1/10

behavioral31

Score
1/10

behavioral32

Score
1/10