68b729d1c7e6b424b230931dc74db2c90c08d4923130582c80a295e144dba43f

Sharing

Copy URL Twitter E-mail

General

Target

7294e29167cf8ea40ec76fd33a174a43_JaffaCakes118
Size

18.4MB
Sample

240525-t33bbaaf6w
MD5

7294e29167cf8ea40ec76fd33a174a43
SHA1

69a651688b79a79edee75f6bec495372d0896f49
SHA256

68b729d1c7e6b424b230931dc74db2c90c08d4923130582c80a295e144dba43f
SHA512

6968f2fae0a6a4117f7b38be499ce4666da39c1c914a846679418e1d25817fe6d869a404dc9934cbee3f0f831ae8c15298de77630089b69bb5d1920c6fb49241
SSDEEP

393216:mJTKHH8wh67fJQ61DjbR//rXefAzPnqQtuCUoy+0teV0C2bqw43:vc1C61NHUATn50jdUV0CQF4

Score

7^/10

upx

Malware Config

Targets

- Target
  
  7294e29167cf8ea40ec76fd33a174a43_JaffaCakes118
- Size
  
  18.4MB
- MD5
  
  7294e29167cf8ea40ec76fd33a174a43
- SHA1
  
  69a651688b79a79edee75f6bec495372d0896f49
- SHA256
  
  68b729d1c7e6b424b230931dc74db2c90c08d4923130582c80a295e144dba43f
- SHA512
  
  6968f2fae0a6a4117f7b38be499ce4666da39c1c914a846679418e1d25817fe6d869a404dc9934cbee3f0f831ae8c15298de77630089b69bb5d1920c6fb49241
- SSDEEP
  
  393216:mJTKHH8wh67fJQ61DjbR//rXefAzPnqQtuCUoy+0teV0C2bqw43:vc1C61NHUATn50jdUV0CQF4
Score

7^/10

upx
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2
- Target
  
  $COMMONFILES/nProtect Shared/Engine/BWT.dll
- Size
  
  271KB
- MD5
  
  cc297ee191c1791d7bef21df2c428c61
- SHA1
  
  e0c19c618a75d70703fa4b0cf3f7a28aac12ad0a
- SHA256
  
  1046903f83799ffae1e6b603935d0124bb7d0099baddc567985295f0eff20252
- SHA512
  
  abc27ecf5514ea035bd861da8dab91cf35e0e7c851129e5b70ab82f854cdd82a1c54533f94bd1144edef04d6866cc717fdb02a4806a43c9338994b8a22d6b200
- SSDEEP
  
  3072:R5XLlWuBXXfYq8Dm3pdoRPWiowapKCEbujXXqQzQfrZkAPYNs4eU5n:KFaXGPXbujHVorhPB4eUN
Score

1^/10
behavioral3 behavioral4
- Target
  
  $COMMONFILES/nProtect Shared/Engine/BwtTrust.dll
- Size
  
  242KB
- MD5
  
  8b3af122113b59638a53d6282c63edc9
- SHA1
  
  1edcf820fbbf20c8d8d8ecddbdce7dc061816204
- SHA256
  
  a15d9feb308b69d923e1c612d05101eeb035bf336e261f258e1555ad4a62679e
- SHA512
  
  838cbce1fb2fdfd12d34f4de40cc011fae010dcd9cf3469862438327b6d07313d94908834bedc67e06bd2427b4e92447800d5f8365fbd81955e3c7e1c1311299
- SSDEEP
  
  3072:I0q+kbXLiCiKw8aLlpFF77XDUuuGDHmIQ7y/Svwq:3q+cqhhXQG6PB4q
Score

3^/10
behavioral5 behavioral6
- Target
  
  $COMMONFILES/nProtect Shared/Engine/NpBWT.dll
- Size
  
  210KB
- MD5
  
  d6166637f37a4bc6feabbcbe33cf6998
- SHA1
  
  12099809dcb7344a11bf717a4ddeefec779c805f
- SHA256
  
  caf01c6662775f5a7703e5d2a7aa65308c9067d572bce44bc08ee4ee623fe6ef
- SHA512
  
  6e940b433782489ad5ab24ebbcfca1cc8e21bc361f2f35a2356298d35aa94c6bc902710903d6fc11cd02aff9a73d812a5eeee9d460e99cd7fa82c24b5527b888
- SSDEEP
  
  3072:IETUFEWHVvVBlzzRsttNKECfjRvWmBRfrvTG3/CRkne+K84zmtR:IVaWlVBpzolCf9e8VvTjRkeA4zeR
Score

1^/10
behavioral7 behavioral8
- Target
  
  $COMMONFILES/nProtect Shared/Engine/NpHttpsLib.dll
- Size
  
  1.5MB
- MD5
  
  fc8d75c83f99992a55d304c64eb36d53
- SHA1
  
  4d5f0a1df98e0bf57bf7124d3ccc7d985334b674
- SHA256
  
  84425d71e4e88b6aa9d00566420491419e7bc6cffa1c28f7e22dacdc9949afe9
- SHA512
  
  de210ed6c57d8847ec53230670a54abadb5d11fc28e07044ebe6d7992d1f81eafd0ae0e1bfda03596c8d7140d02c43a8c3a8b369eec137a05ba266c0e402a407
- SSDEEP
  
  24576:se0A8T2/GbzGWvBCHFf9xkbz8LCl82iVgioEB0zX8EKD0JnpJFENBpf2Zu7:seR8TK/ibwi82airTJnpJFWpf2Zu7
Score

3^/10
behavioral10 behavioral9
- Target
  
  $COMMONFILES/nProtect Shared/Engine/TeCtrl.dll
- Size
  
  490KB
- MD5
  
  8d3ae4c2855e284729e8d9be16a3639f
- SHA1
  
  60c7d9c4f3132d27bade1546001dff285a26811f
- SHA256
  
  793b526351ccacc0757f4dec8015c2dd3fc608bd14765ab191f067e17106c96a
- SHA512
  
  c818d1d2184c7980ec74ec6c3aa72e555b43d08c0d628c81145bb4272719594eae34a367a8a2943de1d9562824d45afd56262e1ad7d6cc098a12fb92e3de7358
- SSDEEP
  
  6144:4R1Ca5NhWtNE9jTpla9UftFwYxg1u+kNwJdWKYcxkzNqJPEYny:81Ca5NhWUE9fYxgwQx8Nany
Score

3^/10
behavioral11 behavioral12
- Target
  
  $COMMONFILES/nProtect Shared/Engine/TeCtrlu.dll
- Size
  
  612KB
- MD5
  
  011e06592f5db69ca87e81d3fa7cb87d
- SHA1
  
  16eea985ef42f73d05d6a2521af359c74d2fa2bb
- SHA256
  
  fe76994ac78ae51d76c7bd3c418941a90f1651875cba264d69af22865624b501
- SHA512
  
  fd79d669a4225a1321dd560b3eca31fc4c204961837dbb7b7dddfe4507b4a5b5041545cb6b861bd3fec24f266536e143d6620292721ecc3a818fac572237b167
- SSDEEP
  
  12288:KG/VV2ubBYzGTiWe4mk5SViBoUgOaxStyYf8MWyw+64Jb:OCTNKyogaxSkjlyw+6Ob
Score

1^/10
behavioral13 behavioral14
- Target
  
  $COMMONFILES/nProtect Shared/Engine/TySUtilu.dll
- Size
  
  92KB
- MD5
  
  bf3f51fc64b629619d1e31dd3767c221
- SHA1
  
  1e65ebb205758f44a1d5a55a1cb48ff24f778f7e
- SHA256
  
  4ad8578210178436e19cb6965fce96c4c669faf2cca21bf1c56f18c88b812b49
- SHA512
  
  fdfda1bdde79ca8d703f7e0c337a30ab5392080655cca5b6369e05f2b0d3fc48f7272f07b929674e761b2ddfc85e36f607b945ffdd205626f71a9c4aa3e21ff8
- SSDEEP
  
  1536:EirWEX5NWE66IH3kxGxnWHU6Z2mfjvEOYcZl+UyN634oe:UEg6IH0xGxWhnlZl+UyB
Score

3^/10
behavioral15 behavioral16
- Target
  
  $COMMONFILES/nProtect Shared/Engine/tyav32u.dll
- Size
  
  981KB
- MD5
  
  16a4711cae83a30cd2a93d3af0188ef9
- SHA1
  
  a385856f1c49a3f3f2b6ecdca65377b0cece0d81
- SHA256
  
  e536c6d79e7e80d9b5e0a7a1a06edb97f79010a741f324ea82e472e99e56e4de
- SHA512
  
  22310c8371c338b364e33c2e6f69618ad6a26ab6a5c449c3567f6c4e32650fdb04cae087956bfa4758457f0d358e3f58939cc679917acd27d32cbf4070eb91cf
- SSDEEP
  
  24576:2vb+yowbljDmoEoaY+UR9XUmMjJJfUHThoRujiW:ejz1iJMHTqNW
Score

1^/10
behavioral17 behavioral18
- Target
  
  $COMMONFILES/nProtect Shared/Engine/tyavexcept.bin
- Size
  
  175KB
- MD5
  
  86861b904a06ad6f245afd107d7d74ee
- SHA1
  
  cd11cb1560d3475dcb8c7444f85512766c7e4dce
- SHA256
  
  cd68b8f038a18ce6d5e414a9e81d01e6b2af55e50fcfbe7e50840f50ebc89d70
- SHA512
  
  e6425495eb1b2d29f317ca989453c13bc4a3544785cc8ab022db19f7c055d474372d6b9701daca3cb83e5dc5b934ddd0dc56e1bffdc603862f0d9a6e6da1bb0d
- SSDEEP
  
  3072:8tuZcFhtET4DgGyxP3qi9tsg7gy4Jr0JFaTqWrcOEr6zkWtnrc46Wfr/q2dSt+:8tMLTWgPHqx
Score

1^/10
behavioral19 behavioral20
- Target
  
  $PLUGINSDIR/GetVersion.dll
- Size
  
  6KB
- MD5
  
  989672c2df6ab3bba092d5cb796c45e0
- SHA1
  
  97f043740bbc7bd79dabf3e314b3aee0213fe89a
- SHA256
  
  23e71ac3e977eb1ab8d365e8a66776d002dd81afb492a8b41120f48bbe0f1c3d
- SHA512
  
  801d6d1e867fe1ebe45d433d759c5e6e7dd27e81cca027c2e92c33be25e513155c10a02a5d21ef35e11ca1f3f3c9f92345bc5c205a44d5c70f36788d813311bd
- SSDEEP
  
  192:1RkDmVsiW+Wa2PSVKiXKH66UZbHC7gBi46AQ5Vu:7aiW+WOKL66GFBi46AQ5Vu
Score

7^/10

upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral21 behavioral22
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  11KB
- MD5
  
  bf712f32249029466fa86756f5546950
- SHA1
  
  75ac4dc4808ac148ddd78f6b89a51afbd4091c2e
- SHA256
  
  7851cb12fa4131f1fee5de390d650ef65cac561279f1cfe70ad16cc9780210af
- SHA512
  
  13f69959b28416e0b8811c962a49309dca3f048a165457051a28a3eb51377dcaf99a15e86d7eee8f867a9e25ecf8c44da370ac8f530eeae7b5252eaba64b96f4
- SSDEEP
  
  192:0N2gQuUwXzioj4KALV2upWzVd7q1QDXEbBZ8KxHdGzyS/Kx:rJoiO8V2upW7vQjS/
Score

3^/10
behavioral23 behavioral24
- Target
  
  $PLUGINSDIR/UserInfo.dll
- Size
  
  4KB
- MD5
  
  c7ce0e47c83525983fd2c4c9566b4aad
- SHA1
  
  38b7ad7bb32ffae35540fce373b8a671878dc54e
- SHA256
  
  6293408a5fa6d0f55f0a4d01528eb5b807ee9447a75a28b5986267475ebcd3ae
- SHA512
  
  ee9f23ea5210f418d4c559628bbfb3a0f892440bcd5dc4c1901cb8e510078e4481ea8353b262795076a19055e70b88e08fee5fb7e8f35a6f49022096408df20e
Score

3^/10
behavioral25 behavioral26
- Target
  
  $PLUGINSDIR/npeNSISUtil.dll
- Size
  
  289KB
- MD5
  
  e207be5269902adf36bb328174b41985
- SHA1
  
  b2db8406290b7d89320e660e9b07c3de444cdede
- SHA256
  
  c60d65fbfab309f8dbbbdef8735f52e77166394ed919302f537f4406073428fd
- SHA512
  
  359f9741f62294b175d2261e34b581a522b59dc4b28470d2dc7351ce16af54f02a5069eca2b9f15f4f79c3fcdf3f3fff9231cbaa00eb935a1ebc6d10bbe2c151
- SSDEEP
  
  3072:fScXRqUMRrNsD29MXew44JYjIU3rKixkJO/pjaS7odPrBxUBnhfxf2uKfsbGuJgn:f83Mm4IaxOhwuKnuJgS6IUxXY+jKat
Score

3^/10
behavioral27 behavioral28
- Target
  
  $PLUGINSDIR/nsDialogs.dll
- Size
  
  9KB
- MD5
  
  4ccc4a742d4423f2f0ed744fd9c81f63
- SHA1
  
  704f00a1acc327fd879cf75fc90d0b8f927c36bc
- SHA256
  
  416133dd86c0dff6b0fcaf1f46dfe97fdc85b37f90effb2d369164a8f7e13ae6
- SHA512
  
  790c5eb1f8b297e45054c855b66dfc18e9f3f1b1870559014dbefa3b9d5b6d33a993a9e089202e70f51a55d859b74e8605c6f633386fd9189b6f78941bf1bfdb
- SSDEEP
  
  192:SbEunjqjIcESwFlioU3M0LLF/t8t9pKSfOi:SbESjFCw6oWPFl8jfOi
Score

3^/10
behavioral29 behavioral30
- Target
  
  $PLUGINSDIR/nsExec.dll
- Size
  
  6KB
- MD5
  
  132e6153717a7f9710dcea4536f364cd
- SHA1
  
  e39bc82c7602e6dd0797115c2bd12e872a5fb2ab
- SHA256
  
  d29afce2588d8dd7bb94c00ca91cac0e85b80ffa6b221f5ffcb83a2497228eb2
- SHA512
  
  9aeb0b3051ce07fb9f03dfee7cea4a5e423425e48cb538173bd2a167817f867a30bd4d27d07875f27ca00031745b24547030b7f146660b049fa717590f1c77e1
- SSDEEP
  
  96:M/SspqrIYxLPEQhThvov3TE4/2Sa5P9QFFYzOx4uF3sbSEI5LP39sQvM:M/QUG7lhvov36S5FcUjliSEI5LuQ
Score

3^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

ACProtect 1.3x - 1.4x DLL software

UPX packed file

UPX packed file

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32