863fc4876d07f9645cdca20416cf497e05f80065676bd1fea4f22ef8e8b25b83

Sharing

Copy URL Twitter E-mail

General

Target

7c59a3ca4bab62a5c11887ca07d75cec_JaffaCakes118
Size

3.6MB
Sample

240528-kkemvsdh75
MD5

7c59a3ca4bab62a5c11887ca07d75cec
SHA1

e2199ae33b1c1a7a4c7bab5e7ca9c211f43e7ddb
SHA256

863fc4876d07f9645cdca20416cf497e05f80065676bd1fea4f22ef8e8b25b83
SHA512

2e37459fe08284c6952f7f000e0fdd37baf3bbcc43a9636821bef3f557cd1a5369a4782e1888c97b3af7f6ce719ebfc569a8052caf5a0a15fc1261a8094f266a
SSDEEP

98304:bHU70yafj0WeSSQmh4AnPI1Z6Db5qsXrUho:rU7k5eN+WS6/Usmo

Score

7^/10

Malware Config

Targets

- Target
  
  7c59a3ca4bab62a5c11887ca07d75cec_JaffaCakes118
- Size
  
  3.6MB
- MD5
  
  7c59a3ca4bab62a5c11887ca07d75cec
- SHA1
  
  e2199ae33b1c1a7a4c7bab5e7ca9c211f43e7ddb
- SHA256
  
  863fc4876d07f9645cdca20416cf497e05f80065676bd1fea4f22ef8e8b25b83
- SHA512
  
  2e37459fe08284c6952f7f000e0fdd37baf3bbcc43a9636821bef3f557cd1a5369a4782e1888c97b3af7f6ce719ebfc569a8052caf5a0a15fc1261a8094f266a
- SSDEEP
  
  98304:bHU70yafj0WeSSQmh4AnPI1Z6Db5qsXrUho:rU7k5eN+WS6/Usmo
Score

7^/10
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/CheckInstall.exe
- Size
  
  1.5MB
- MD5
  
  99eae10da4986df6b5e63244468b6e1d
- SHA1
  
  84f260486b9a7f80e55b3190a363eccbfbfcd998
- SHA256
  
  b7c5e8dc04e178e54cc54c975a0eed217b6972aa7ded5ab365cfd9738e9849d2
- SHA512
  
  f658f4ec40009bab4bf5bc2456c4461ff8836dca8b38a652c446cb5bc3cd7fdee2e5d836af6fa6b16bf2541ae8c646630169a8f500f38a1a2151475ee75338b1
- SSDEEP
  
  49152:46STbmuBmiyMvsA5IcgDrEgDlq95LPTQ403AYHR:/uB1sA5IcgDrEgDp3AYHR
Score

1^/10
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  14KB
- MD5
  
  ec48a8204e1aed3d9a951cd92158cbe3
- SHA1
  
  0db29522e15448553b697b88b31a3d8392efd933
- SHA256
  
  3166399ed2ee296749aa412a4ec70807373b6349e9b94a7fcd97c3418f744f0f
- SHA512
  
  9b0ab63fbe4bf89ddf93e5fc6922cc95c0586e21dea945ce04065afd7957bd2472e34c909d356123346f62dee4c6d6077a0072810c91b61ad3df4c168cdb79d5
- SSDEEP
  
  384:u6lFg78XxXRKk9u2d58KzdlXj9m2AaCbqsb2+:9lFgmBKSukWmXjs2Avbqs
Score

3^/10
behavioral5 behavioral6
- Target
  
  AutoShutdown.exe
- Size
  
  2.0MB
- MD5
  
  f4564a2cba69fb412d73874d79c54390
- SHA1
  
  6056cab8a16f2db581099fc3db8a28d2722f05d5
- SHA256
  
  cba67f5c9881e6057a67542c13a0538f2b6dbded9cc2d37f55b2473deed3b5a6
- SHA512
  
  a1b760b1914d265dcc39751f5748ec92a87b9f78384913cced2ee17e6b4d95d6944e50273461ab38be643cd9fd5688186f3fca38de02d15533c0e81d763d0f69
- SSDEEP
  
  49152:iGT5M+S/Rv767u5SG6+pYhG1zF/sMC+L2N0uibTG0wi:iD67/G6+pYhG1zF/epN0Ki
Score

1^/10
behavioral7 behavioral8
- Target
  
  ClonedFileCleaner.exe
- Size
  
  2.3MB
- MD5
  
  733e1a8eb998104bc03c01c24f27adc4
- SHA1
  
  04866dd5197017a73b19b07dc53bd8916628f030
- SHA256
  
  4d1aac2b881c6170f7020c3c0354bdab6ea7fc08588ee649cd1e0eca3ea3a471
- SHA512
  
  aa53e8d4e8dd5ae8d2407ccdd0686b2fec80eb05b04230300986aa9dae4b90a4b400e5ed6718641f45de7851ba69090e3b89431882b9e1782727ca8d327a3db8
- SSDEEP
  
  49152:WhcSLm39y6v4Hrep7L1DsCelrm7AHTGgrUMg647pXkT:Wkc6v4ip7L1DsCelrmarg6c
Score

1^/10
behavioral10 behavioral9
- Target
  
  FilePulverizer.exe
- Size
  
  2.0MB
- MD5
  
  e1877d005b9016bf861d61838d22654e
- SHA1
  
  201e79e0327a5ae58b20b3d0a26d3a2e6d3adbaf
- SHA256
  
  3cb629e20e13192cbb012fa02626c7537bac86516f9e40badd9b4fcfebc1f4c3
- SHA512
  
  2d7800030d5fd93b7bff23eedfcbe3c85b0bd340e30e34cbe4cd34f5270025e8c0b02cbf52dc80f99982c113fe171d0a07018feaeff6129c275048af518bfdac
- SSDEEP
  
  49152:BcRJD8MiSKP0ydLSLY8poj09orA/DTbXX6GCp6IfK5CM+gT0h2VlTA:eySLzoj09orA/DTbXHCvfKKyTA
Score

1^/10
behavioral11 behavioral12
- Target
  
  RegistryOptimizerFree.exe
- Size
  
  3.8MB
- MD5
  
  623beb08fd8e5fa6a0889ccfb226ad68
- SHA1
  
  f3b49ff58dc582e518e13b6fa8f208b1be5a134f
- SHA256
  
  dc8b25a78f7e68f47fbff087351ff443ebe2103081ef9af644fbe7946fd73209
- SHA512
  
  09e1c40c92456efe6b4bca13787389f7dabe7db02f050b1698cf7354642370a88b644922cb3376accd5f81d7e7c4f40edd72b4c571102474e71b2be4ce376f32
- SSDEEP
  
  98304:oKcTnANkYB2gnedjJlCfeDBuRpwJTvHTPpw:oVKeDUei
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral13 behavioral14
- Target
  
  StartupManager.exe
- Size
  
  2.2MB
- MD5
  
  77e527a56e22c10dcc2cb09e95c8f51a
- SHA1
  
  d8e98c70903847b9c03887530e1bc911a1aca516
- SHA256
  
  291a437ab9c8bbbfdd609df27ac497056b300367e232053f63a53135cedcee63
- SHA512
  
  aeb3df5e82ad3740666e1c63533b5abc3747f5d975d3aceb160921622f0245abf9e4362815764c5557ef1863b2f03e618a2fc011ddfb2c50e5f068348b3becb0
- SSDEEP
  
  49152:kjJDAK0cIS/5wF8tm+1QWWNUIQJw5p9NpGx6WPaukdHgNt1MTeFLWm:kjiwtmxWWNUIQJw5p9N+6AkdHg7Fam
Score

1^/10
behavioral15 behavioral16
- Target
  
  SweepHelper.exe
- Size
  
  1.1MB
- MD5
  
  4efd702fade11d51eaf299bf0bcd6706
- SHA1
  
  10d082b628ffb846378f885f32f7395d14b462aa
- SHA256
  
  9ce8c01c86072dcc4977f97265d415b5afaba6476f8ce60afc957299553a34cb
- SHA512
  
  adbc8963c6a02578a3cd2ed78bb322a17feb7fa692ae1bb10ae90ad0a1941957e306e742600e85ac42519aa80f809c5155960c242f068104264c6b0a20efb459
- SSDEEP
  
  24576:03wzM9DW5ATuooslnUzEgLqnY52Cjij/jx33rttKA+MMpw:03wAlTeggLqxpFrWA+Ppw
Score

1^/10
behavioral17 behavioral18
- Target
  
  SystemInformation.exe
- Size
  
  1.9MB
- MD5
  
  e18120c58e0ec5f2f14ceafe051a6181
- SHA1
  
  f93f26138eb99c1a509c39c62904cc35f5857da1
- SHA256
  
  97bf9ee4318eac8e44487f6566d9b2422f4b9dc58588710bfa84f497e6903966
- SHA512
  
  ce1dce42dce0a2882cd860b6b7ab914c1e8a6f433e33b396664ec9da222ee2338571c8e244870b45cb6588133968461b802dba998a67e5407702659074c1cc56
- SSDEEP
  
  49152:K0tqSds/m8nHq8GOBbuQ5yX16L9u8DNy/zx3CDTLgw+:K68nmOBbuQ5yX16Lszxsb+
Score

1^/10
behavioral19 behavioral20
- Target
  
  res/info.html
- Size
  
  1KB
- MD5
  
  da20456e53219ee6774f47660cdccbb7
- SHA1
  
  339647959c0bc3fccd7dcfb24c95011e38993434
- SHA256
  
  22486c636589d8b264862fcbb66957e378fbbc7d579a7106424d54612dfa76a9
- SHA512
  
  76bfc965818c045858274654bc2f95ba5bba861016dd886ab53931d9077b76a6e9817d700de21a89c321054e68ec74fdfab34e8c0bb0b5ba0ff937aa20aab086
Score

1^/10
behavioral21 behavioral22
- Target
  
  uninst.exe
- Size
  
  58KB
- MD5
  
  563aef830092016df25a7005aba45eb0
- SHA1
  
  d47a84b46006fc5d9adabb27b0aba10d5e04c830
- SHA256
  
  0843de2d2e818d7b4659f4d5e49c6bdc3d81afe1662bd989712a766d84bfa86a
- SHA512
  
  014c9ad6dd73935777d29d3f941f1dbf7abc5cff3f99816ef8157c801ff520bdb49085a94e162b55ca6d867678fd74c80e05b4bf65630e96acc3432554d5c59a
- SSDEEP
  
  768:H1cVhpQI2EQK0iPDh84nScF15GYbWjXO3XJMcy65HsplKZvcRxOCySiKuIOi8OVr:VQpQ5EP0ijnRTXJt0RyVTIO2C7Km8
Score

7^/10
- Executes dropped EXE
- Loads dropped DLL
behavioral23 behavioral24

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Loads dropped DLL

Checks computer location settings

Executes dropped EXE

Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24