General

  • Target

    7b3491e0028d443f11989efaeb0fbec2_JaffaCakes118

  • Size

    809KB

  • Sample

    240528-bmax1sac83

  • MD5

    7b3491e0028d443f11989efaeb0fbec2

  • SHA1

    e2efe60cb8bd67840f9a8bf92b57ade97e406a88

  • SHA256

    f9c67313230bfc45ba8ffe5e6abeb8b7dc2eddc99c9cebc111fcd7c50d11dc80

  • SHA512

    d9aa8ca4b073b8cfcd64993f63154e38bd0e7f29158c9b152cca9810f957ac2aba7092ee3ccbe2bdfeef3ebed20c30c476d7c6cca6f672bf3ceec103b13f5f3f

  • SSDEEP

    24576:6j5M2MNQTkxLYHdDPO/p5gzBs+nTgn0fZKscuEfao:S5tMNQqY9DPUussTgnwVcRfao

Score
7/10

Malware Config

Targets

    • Target

      7b3491e0028d443f11989efaeb0fbec2_JaffaCakes118

    • Size

      809KB

    • MD5

      7b3491e0028d443f11989efaeb0fbec2

    • SHA1

      e2efe60cb8bd67840f9a8bf92b57ade97e406a88

    • SHA256

      f9c67313230bfc45ba8ffe5e6abeb8b7dc2eddc99c9cebc111fcd7c50d11dc80

    • SHA512

      d9aa8ca4b073b8cfcd64993f63154e38bd0e7f29158c9b152cca9810f957ac2aba7092ee3ccbe2bdfeef3ebed20c30c476d7c6cca6f672bf3ceec103b13f5f3f

    • SSDEEP

      24576:6j5M2MNQTkxLYHdDPO/p5gzBs+nTgn0fZKscuEfao:S5tMNQqY9DPUussTgnwVcRfao

    Score
    6/10
    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Target

      $PLUGINSDIR/System.dll

    • Size

      11KB

    • MD5

      3f176d1ee13b0d7d6bd92e1c7a0b9bae

    • SHA1

      fe582246792774c2c9dd15639ffa0aca90d6fd0b

    • SHA256

      fa4ab1d6f79fd677433a31ada7806373a789d34328da46ccb0449bbf347bd73e

    • SHA512

      0a69124819b7568d0dea4e9e85ce8fe61c7ba697c934e3a95e2dcfb9f252b1d9da7faf8774b6e8efd614885507acc94987733eba09a2f5e7098b774dfc8524b6

    • SSDEEP

      192:OPtkumJX7zB22kGwfy0mtVgkCPOsX1un:/702k5qpdsXQn

    Score
    3/10
    • Target

      $TEMP/petronel.dll

    • Size

      10KB

    • MD5

      437b11c6cce872c4c7e94b30e5812997

    • SHA1

      219f7dcf754dba48c53cf3cde5637cc4adceb3cc

    • SHA256

      4a5164acce1c631285a09353b11e318426800801cac515bde8e76a10bac6130f

    • SHA512

      11ea28de7d274a58eda40e2eda176de898558cea2cff4045b27f4282baa5d0cfed1cc1c4f49abb7bbcf79fa70585424e9ce5dd642fe5f98a7db948a21b2442c2

    • SSDEEP

      192:oy0X5kKzSZAwVFhSv4gZRnRH6rfDkjkky:ot5kK+ZAwVFhkZxRHeQy

    Score
    3/10
    • Target

      WindNinja-2.0.1/Uninstall.exe

    • Size

      49KB

    • MD5

      ed04f76422a68aa282da0adf017f1a96

    • SHA1

      63862b6d935ac184b4faef4649ac5be14ddf8505

    • SHA256

      9f652f774eaeaa769f245bfc7e3a6d11b04068cc1618f49dc760eea3518b2bb6

    • SHA512

      59f3f8d7fbda57ee7f735014c4a7c2ddbb97a35c48725392fe1528998db9cdb8d2a69fbb068bd20cfaf58b5b3ce79af34c270f9a2bcd6e89e7ee21afe3aa8255

    • SSDEEP

      1536:WwJOoN1oYaoZ5iV685XJPChgdLeAyNJzF:WwJ52Y7ZoH5XJahceAUF

    Score
    7/10
    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks