Overview

overview

7

Static

static

3

9b4f0c5647...18.exe

windows7-x64

7

9b4f0c5647...18.exe

windows10-2004-x64

7

$PLUGINSDI...ok.dll

windows7-x64

1

$PLUGINSDI...ok.dll

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    9b4f0c56470dacbe051c37ae22398359_JaffaCakes118

  • Size

    5.5MB

  • Sample

    240610-typjnatana

  • MD5

    9b4f0c56470dacbe051c37ae22398359

  • SHA1

    70ae3a7f9885331a64e4598573a5afd514b423ab

  • SHA256

    bc351ea4ae1757986027da606f9c5392c02473c99953db6d56e03149f674bd24

  • SHA512

    0dc837478b9bfe75a025909cef8c699f58e096a301668cd9a3b4cef2f1f681f7501b1e9fb08ec48bffa6a482ed03c58f8cd3111fab988ea843ca59150223762a

  • SSDEEP

    98304:VivKGvcf3MI9AOKrdBeyYtLnJeMyYVnakeAz21FF+Ua4cVchAA2S1Nl:z9May2rtLgeAsWF8UncVG2Yl

Score
7/10
discoveryspywarestealerupx

Malware Config

Targets

    • Target

      9b4f0c56470dacbe051c37ae22398359_JaffaCakes118

    • Size

      5.5MB

    • MD5

      9b4f0c56470dacbe051c37ae22398359

    • SHA1

      70ae3a7f9885331a64e4598573a5afd514b423ab

    • SHA256

      bc351ea4ae1757986027da606f9c5392c02473c99953db6d56e03149f674bd24

    • SHA512

      0dc837478b9bfe75a025909cef8c699f58e096a301668cd9a3b4cef2f1f681f7501b1e9fb08ec48bffa6a482ed03c58f8cd3111fab988ea843ca59150223762a

    • SSDEEP

      98304:VivKGvcf3MI9AOKrdBeyYtLnJeMyYVnakeAz21FF+Ua4cVchAA2S1Nl:z9May2rtLgeAsWF8UncVG2Yl

    Score
    7/10
    upxdiscoveryspywarestealer

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Drops file in System32 directory

    behavioral1behavioral2

    • Target

      $PLUGINSDIR/bfGBOxZPok.dll

    • Size

      585KB

    • MD5

      f8dfcabcf5e273e7b8790c4dac32c9e2

    • SHA1

      0885f6ec636f07c06751ad8deb6c89b7b997eef7

    • SHA256

      f23fca4b0260115a33c2637e5975fbdef3c80af6b961c0fdd31d37dc227c0a8a

    • SHA512

      de7ab9639538913372e28e7ae1138b58e0b8649a56f6225fe7d1f3a3f8804962532e7436c01903e36af637490bab87204355993256c99b84a7388b4b807236bf

    • SSDEEP

      12288:VKUk7Ij8b4KhGVKfe+UkdFtCm/Jy+thpFxZZzop7DI5WKnQqxmONo9Y:VB8EQU0RTJy+NFxZZzop7TimOW9Y

    Score
    1/10
    behavioral3behavioral4

MITRE ATT&CK Enterprise v15

Tasks