General

  • Target

    958b53c49483769260603cac186dcce1_JaffaCakes118

  • Size

    6.6MB

  • Sample

    240604-t4jklach61

  • MD5

    958b53c49483769260603cac186dcce1

  • SHA1

    37d3dda6c0535fda70491bbf425f2fa2e809ccf6

  • SHA256

    1d1d05ac7e20bc213fc86ebf59393694f74efa59f7f61465db20d6c20c49c6fa

  • SHA512

    2b76a1077b1a2fe1e8c9e67bad15f57f3365494db174129de1ff5361ebeea7199917fa5faa74704d5dcbf49a84308477a7002ef6bb366417253c9a1471fc7619

  • SSDEEP

    196608:ogToP118Z4xo+m+b8b56PLdeiJYyCeTE1FE5j:ogToP1e1Bb5yLdf5CeTeg

Score
6/10

Malware Config

Targets

    • Target

      APlayer.dll

    • Size

      1.8MB

    • MD5

      5015634ba3b9d6535bac2ea730a6bbbf

    • SHA1

      da5888eb6d81edee0c25effd857813f2d15f67b6

    • SHA256

      313477db6985e3043af15b31c74b192d67270aa838cd0af660f0fe357d7bf963

    • SHA512

      237e3351949899d3aa67542e3db919f91c620ff63a9718f053047fb03516a7682952f3859fa985d4fd1458cc868b66184d61f16f711b9a937d192214e56c8741

    • SSDEEP

      24576:m5Ue0U9rm5wjnvvG3bY7sdY1Tz8OxV5B8cwF8a0GLoM59oN3VgjUkxYB3hV1byJc:miJev6bY7s1+R8c6iQjUr3hVM2Wq

    Score
    4/10
    • Target

      AssociateHelper.exe

    • Size

      349KB

    • MD5

      7b9e4d28ba2d534221d8116818376a5a

    • SHA1

      50363cff9b16f7a948283c42c8f7789d8c068564

    • SHA256

      86a8b894d02fb75215aa7254fc60e40d11e50aedfd33b6c6a12456039dffdd05

    • SHA512

      a8ccbedf49d087acd4bcec6876d398fee4c7669803d1c86aa3394b089020d5bc84ee3e89d02cad9b058397fc5390ca590e92b95d8b6d0702154f710fa7e50f58

    • SSDEEP

      6144:kXZA0dXwwBx0v2TWh4suie6313oPOCgzy:kXvXwSGiWhnezAz

    Score
    1/10
    • Target

      XLFSIO.dll

    • Size

      209KB

    • MD5

      e7793d25c0a6aa25e58ed050f4a470c1

    • SHA1

      cceb56e9b5e61be3d2e7ec0575303758f7f81b3c

    • SHA256

      0c88755f9ee078099fadc6f91ca0bb67e3542ff0be8a222e7cb6585805eb1593

    • SHA512

      b93c74e92ac4cb6513931c5ffbe0c1f91b1b60cf311e482cfc941b0af450a94562a2164a156694bf158bc7f834ff8bff4bfbe6c31d2875ba2d9a854f0a9f25b4

    • SSDEEP

      6144:6Gx1XQVx0mcFRq3uOFyXsTBqxQmsOy7YPAE:6aXQVx0mwA3uEQsTsxHrAE

    Score
    3/10
    • Target

      XLGraphic.dll

    • Size

      730KB

    • MD5

      4837f3e55d976f2fd9b28bf0962f5704

    • SHA1

      1a8e59d643e831ef6a4b0eeb008292716d7f4e6d

    • SHA256

      7221e9f658de48a3b7c4937ccdf15df2e65d9d73e0fc903c64dcdd41365119dc

    • SHA512

      5c475196837f22a35483c3dc4d57f20b739e6c392e58571fa3308bdaad1ce714cf020ecf3da8ede2fbf2536a53a09f9a5e7ab2d4ff671dce197373b2dc515166

    • SSDEEP

      12288:ztFRL0ChvivVwOE5wOn2ML0TngpwBZuU2XvRAQfEWmd5et8n:ztFRL0ChvivVwOE5w20TnTuU2XvRABZb

    Score
    1/10
    • Target

      XLGraphicPlus.dll

    • Size

      282KB

    • MD5

      1769f5dd9562cd11930e5f148b96005c

    • SHA1

      f5341d554234743f239438f3acd2e12cbead47a7

    • SHA256

      5ce032d30c8f534a02d35077fc9bb6666b4cf1601045bbcea0006d14d328763e

    • SHA512

      e05c96d4b7aa8cb20ebac072984b7acd1ad7af628af56358041ead6820b4f0d85a94f37e2ac549bb83525941c4318ddd8ef5db94382b249f45b871fd643f649b

    • SSDEEP

      6144:j9kVjbKcv/K1DnB8Z+L6A7/lOdW1AYI+Dr/OySLoTX:xkVi/nB8Z+L6A7/lOdWGl+Dr+A

    Score
    3/10
    • Target

      XLLuaRuntime.dll

    • Size

      249KB

    • MD5

      f3178f7941ca599af6d0ad4d6b1af888

    • SHA1

      40cadb4cdad59f7abddbcd14dccef259ecced033

    • SHA256

      40f00a97e797a8ffe159da3d0e749b387eba309847d000ddc3505cbe8280f37f

    • SHA512

      d7f5e61d994dceadcfc225d69083131da3d2175e648d0c359c854ecd3e56d3cff94d802fa2b91ad508b366bdfb46e2a9c7b014084c1871cb18a3c4bf90c96619

    • SSDEEP

      6144:+o/eYYpwVt0D0ihbv+52I5bwf3vXOboZRLkhGK4dhrrOyMp7K:+YeYYpMt0DZb25SvPRLYGvdpi7K

    Score
    3/10
    • Target

      XLUE.dll

    • Size

      2.4MB

    • MD5

      42b7b87e13e9d10be753f32ea9d6323b

    • SHA1

      2fb96af4fec44c06a039de15d7f49858128deedd

    • SHA256

      1a6221f1c30ee6b7579158066076a8deb1d06adc65bffdb851c82d858f02cb99

    • SHA512

      61dab983f2c75c5c94661d55d84bcf5cd7bf2bca9c22f167de333d40f60afdd95495c349e8136596fd861bccdcde12c6c12bc28e8cfd3dd63d1b5ecda71d8e54

    • SSDEEP

      24576:8EaZQmfa1YLPVtw8zDhpau3PhP3jYs8XmUHX9vYPiVoy/Dnxjhvtu3:8ZuqPTXzDF/JMs8dHX9/VoyLnxjhv8

    Score
    1/10
    • Target

      XLUEIPC.dll

    • Size

      174KB

    • MD5

      adb131e958a33e7d9d94db67e6699433

    • SHA1

      3208c6a70b3dd63a5d5274cf3d57f8a741ad35c5

    • SHA256

      f608b91446e5d19452ac54b432111817aebbe0045c14278f70bb84cb0ff85fb9

    • SHA512

      357d7c1671b7a0a334308727b104700a0c4dbc27fa263421195a842a18f7af499b0098c517b2c735e18e821aa2956a20b1ecb17ecd09d7da0224fd981608b8da

    • SSDEEP

      3072:njotlEz+rf/r2jsdR5w0CXhZZa7QCk4hO1XD6I3FBpnBQ0g:nWA+rfy2U0CXDp4hO1Xr/nK

    Score
    3/10
    • Target

      XLUEOPC.dll

    • Size

      132KB

    • MD5

      9a70d2da3dedca14e3748575fd58f1d0

    • SHA1

      f311052f500a5e96c8c91d19311964b9cbff93ed

    • SHA256

      5f3f6dd914eeec6e4bce9e0901448b3fcd90b81e860325bab3a56530fe31addc

    • SHA512

      808bec19cfd21bd86b63532075e456a65ae28e671880e6d5a9ba2f5c8e51459a9abaffe5bc210bd47ceced192a331fd52ec139171b3f852a4d8370b45bc16816

    • SSDEEP

      3072:E9HGh6D/KToRNQEEWMCZa7En0mAoOtWslvj2I:IC6zKEROEEW9ZK2OoOtWgi

    Score
    1/10
    • Target

      XMP.exe

    • Size

      243KB

    • MD5

      969bf290f70c202bf9280ef18c8f2b4a

    • SHA1

      04bedb2b78987432c7cf80860eee1e9cbcdb5f3c

    • SHA256

      b398a1082ac8f36991f7e694b85bae355a851f6434bf65f69fb5be92a53e4768

    • SHA512

      cfdd088bda7f5137518c8b808a1661924b2ce306403538c77b08f3e3fdeaf629f46e4b1cda89031938ca91debc97025e1c6d1f7264cd1d8abbfbb7bddfb61081

    • SSDEEP

      6144:SdCS3D/Fj30DrgsCiP0J3v2v2O41fLazF0IpxIpueDLEDBO3T:yCSTNjEAskAYfLeF0IpxknEtOD

    Score
    6/10
    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

    • Target

      XmpPlayer.dll

    • Size

      5.1MB

    • MD5

      a5cdd00acd6875499a0f69e56bd3f4bc

    • SHA1

      cf441aeefd50e2b7561596c29bfb67b65edb4065

    • SHA256

      6eaa8cf0e7b1380e0daa6226e8dadfe64023f584facc5a1c8e36975fdb20d748

    • SHA512

      61f1d34d320a77c1e59c48f8b76ab92b69611b592e79a3d6097170ce6056e0d7b9754cd153ce7feeb70e87803d6d1a52f6e64ed9ba6b0027e9e95c4386b2a2ce

    • SSDEEP

      98304:LJIPEAn3FEi6tI8lpNEDL5IBPmkj9YRt0TLnDd1ulFBabhueu:VWnT6tBlpGLqmkuRin7ul2c

    Score
    1/10
    • Target

      atl71.dll

    • Size

      88KB

    • MD5

      4edd8d74ea48f58d3eca7e9297f19221

    • SHA1

      c874f24787c7e487f16113080a80d8241297d5b0

    • SHA256

      d422497febaa2fbb83a8a2ec342e08884c5a77fbddabde7bec4e21884f56d0ce

    • SHA512

      6816c9d43aa3f78bec77d0e9be5e4e549a86f5ca2afaa19167d01763dd15fc7c18db609249e70271b88162460929d7cba13354e38eab0c9b03769fc0b498c32c

    • SSDEEP

      1536:nrikoNDxHopwlej/A+KZtI+nG+efsCPJOnb/lDwT/XvTjZoxzvN4Zwm7aI5Y:u8pwBI+tefsnb/lDY/X/KVv6Zwm/

    Score
    1/10
    • Target

      atl90.dll

    • Size

      155KB

    • MD5

      338f1f7137860d3bf6094941ac2a9ba2

    • SHA1

      ee174fc0f8cffa3b5717eaf17c97713099d69ad7

    • SHA256

      5122e4a2e48e34326b6267d48bd007da76a15243b90550ea565f1654ccc64877

    • SHA512

      da9dd23ba13928f1623566d10ca155d2a06112844cd7ae8ff0ddb5b31624e7e7e59289aa2b7b7568da4cec0070cddc925dade8312501415ade0f4cd411b554b2

    • SSDEEP

      3072:5HJXmwllbA995vqNRoom9OSft0osAZT/NX+cZSyh53Pa63CLZ/V:5pXmwzA99hsaN9Jt0osARB+cEybyV

    Score
    1/10
    • Target

      libexpat.dll

    • Size

      668KB

    • MD5

      430c0f9ae8dee52aafa950e05b7bd9ea

    • SHA1

      88adf0368cc2d174328fbf041b284d630957b1d3

    • SHA256

      f325cc0f3c0c878fcc0f0d1c97943af64d55f64e989e0e16a5527d63e80afd80

    • SHA512

      c52f6fe2a49684cb748a55495d7bd8ef49c1a0bdcb7bb0d12d832dc5b43df8264c501a08cc9cd8ce14458b564eb5d9ac9081258f61b6b8f9734bce48bed6ab0b

    • SSDEEP

      12288:iQb3PSTroic4EaZ1R0PJcZmMsCTFvA8GMDTW7:iQaoic4EOw+Zmg

    Score
    3/10
    • Target

      libpng13.dll

    • Size

      158KB

    • MD5

      a8794d6f82a210376d00139f389f65bf

    • SHA1

      fdee801459bcebc72814f96ae39b961d3f2090d3

    • SHA256

      6a4c59183c8ee23a51fc75a80caa28147899e5b17cd7c64aedf5f93db8958528

    • SHA512

      a6d01e3bffce264d4338452f3ebc28d6ec2394372edb56d2e09e60d8bb097852c57d5187cebb3aea1d5c85f7143e32e6426c20c0cfc6dbf5a4ecfd295596f293

    • SSDEEP

      1536:nXa65bRbflXQIW+jiyqmYqcVtF6GpMCHN2itcJmvoPLEOYUnKHZVOpPe3tCjEiig:XLBRZXQIQyyZMCH5tymQPLdneb1iim/

    Score
    1/10
    • Target

      libuv.dll

    • Size

      157KB

    • MD5

      1ff774d1fa19a521b6830ca4346e60d3

    • SHA1

      12637dda711a4a81bd79e5528d2d9d9c996ebacc

    • SHA256

      54c0567f644c3fccf3742e0cb819e6801d555ff931af59c01c0c186be48bec66

    • SHA512

      2958213f7a71a478136e05f52279a4d570402091e2740630e0b46eaed75a4a3c7fead23f089ad29f9b27a8a52bbafe96be5740d4964125edaafb3ad2f9cedf6d

    • SSDEEP

      3072:oqRvhznkO33d94H6rTQvm+yOINN00jYwpYpaWCQxKobHteYZKztN2BWCdsClXv01:zDnkO3vmcQew2NYwpYpaJZXZtz

    Score
    3/10

MITRE ATT&CK Enterprise v15

Tasks

static1

Score
3/10

behavioral1

Score
4/10

behavioral2

Score
4/10

behavioral3

Score
1/10

behavioral4

Score
1/10

behavioral5

Score
1/10

behavioral6

Score
3/10

behavioral7

Score
1/10

behavioral8

Score
1/10

behavioral9

Score
1/10

behavioral10

Score
3/10

behavioral11

Score
1/10

behavioral12

Score
3/10

behavioral13

Score
1/10

behavioral14

Score
1/10

behavioral15

Score
3/10

behavioral16

Score
3/10

behavioral17

Score
1/10

behavioral18

Score
1/10

behavioral19

bootkitpersistence
Score
6/10

behavioral20

bootkitpersistence
Score
6/10

behavioral21

Score
1/10

behavioral22

Score
1/10

behavioral23

Score
1/10

behavioral24

Score
1/10

behavioral25

Score
1/10

behavioral26

Score
1/10

behavioral27

Score
1/10

behavioral28

Score
3/10

behavioral29

Score
1/10

behavioral30

Score
1/10

behavioral31

Score
1/10

behavioral32

Score
3/10