2acfa669dce5852ee979edae56d7d6cef2a8027ba9083f6145ec7d63cd5e61f4

Sharing

Copy URL

Twitter E-mail

General

Target

a713bfbfbe7e8b1d8d4ee67370167c4f_JaffaCakes118
Size

1.5MB
Sample

240613-3a6ygaydnr
MD5

a713bfbfbe7e8b1d8d4ee67370167c4f
SHA1

ed7e1c1404e75dea51d05571fa0d3fa7a961b35f
SHA256

2acfa669dce5852ee979edae56d7d6cef2a8027ba9083f6145ec7d63cd5e61f4
SHA512

20c544363d532fee030adff568631343251e9e0ef1676d5f4b08932cfcd6642226bffb950955ea675b46e9ed7ce7df404c9ba68413d26f9e184248cb190b233d
SSDEEP

24576:bciaZC+jrVnbz53x9vy8X3gyUbJMUe2QnB1CSO3IWeLz1pLC8jDagz6P2L9FN9:KZC0BBnvyc329ReB1ClmLCmJI2p5

Score

8^/10

discovery upx

Malware Config

Targets

- Target
  
  a713bfbfbe7e8b1d8d4ee67370167c4f_JaffaCakes118
- Size
  
  1.5MB
- MD5
  
  a713bfbfbe7e8b1d8d4ee67370167c4f
- SHA1
  
  ed7e1c1404e75dea51d05571fa0d3fa7a961b35f
- SHA256
  
  2acfa669dce5852ee979edae56d7d6cef2a8027ba9083f6145ec7d63cd5e61f4
- SHA512
  
  20c544363d532fee030adff568631343251e9e0ef1676d5f4b08932cfcd6642226bffb950955ea675b46e9ed7ce7df404c9ba68413d26f9e184248cb190b233d
- SSDEEP
  
  24576:bciaZC+jrVnbz53x9vy8X3gyUbJMUe2QnB1CSO3IWeLz1pLC8jDagz6P2L9FN9:KZC0BBnvyc329ReB1ClmLCmJI2p5
Score

8^/10

discovery upx
- Drops file in Drivers directory
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  11KB
- MD5
  
  c17103ae9072a06da581dec998343fc1
- SHA1
  
  b72148c6bdfaada8b8c3f950e610ee7cf1da1f8d
- SHA256
  
  dc58d8ad81cacb0c1ed72e33bff8f23ea40b5252b5bb55d393a0903e6819ae2f
- SHA512
  
  d32a71aaef18e993f28096d536e41c4d016850721b31171513ce28bbd805a54fd290b7c3e9d935f72e676a1acfb4f0dcc89d95040a0dd29f2b6975855c18986f
- SSDEEP
  
  192:7DKnJZCv6VmbJQC+tFiUdK7ckD4gRXKQx+LQ2CSF:7ViJrtFRdbmXK8+PCw
Score

3^/10
behavioral3 behavioral4
- Target
  
  ProtocolFilters.dll
- Size
  
  360KB
- MD5
  
  fab8104ced422c551bcf2dda631e5930
- SHA1
  
  ccdb59de36d3ca7fe080f173bf437a98701a367b
- SHA256
  
  34fd513f254f3491a314b64f8883b289ab96a2b975ce6fa357c0ae11ed12d3df
- SHA512
  
  52608279186f108284bef7cf5e6031d67ae1d700121a22ef7da00a8ef81ae2430e64adabd2fa9c186ebf7d7d5c9df8bd0183d35071d4c1e594e8118a0f576870
- SSDEEP
  
  6144:D3mkK2/KEhmtBzDz11hqnhOvMZWZc0Nytv8TBzMIkEZ:bmkK2/KEhmf11hq0MkVNytv8TBBkEZ
Score

3^/10
behavioral5 behavioral6
- Target
  
  WNet.exe
- Size
  
  426KB
- MD5
  
  45571677457a9bfd49aadada0fd91ca8
- SHA1
  
  15bb2446b1b6a54c03963c02dcffbe6886d09a56
- SHA256
  
  4dad1b7a2398c2d770d1d5d519c8a9b1877c430017cf1f17d414b926d6056ad3
- SHA512
  
  27d78e775cf275e1f068bb72056f8e9694006c75f674449ef2696791edb504e54aacea702152f9947b369b3c93488a91d54b15175a81b544e4ffacfd1eb45cbd
- SSDEEP
  
  12288:e/G5VlcQR5XtXjrFJMYEFN9lZ/k4aYUV6Z/:I+sq/jrFJfaBYrV
Score

1^/10
behavioral7 behavioral8
- Target
  
  libeay32.dll
- Size
  
  1.4MB
- MD5
  
  47a9d585dbf59f54574d978c4200a520
- SHA1
  
  ee99ab151751ee720833efb0c3a031d09bd13833
- SHA256
  
  421454bccf67fe6def1c13ff6314fd3fb69d667a421a1c1461209164bc9ad780
- SHA512
  
  d23516719ff06134c8614d27813b828b7815298404824623ae25a35dafde6515ebf80476405235933faad9bc70acfe5e295e8fabe5af091f544a23f3e2a0b565
- SSDEEP
  
  24576:mWjg+KpPcIQ7Wx3/BBO/xHZhq7itAyzNQiAUpo0e2u4jJGh90/+SQ:EUq7OJHZhqiZAUpo0e2uKJi0/+SQ
Score

1^/10
behavioral10 behavioral9
- Target
  
  nfapi.dll
- Size
  
  124KB
- MD5
  
  04a835251535006c85473a604fba8bdc
- SHA1
  
  4bed678d9836e20d1f48792a8f4ba1d41e94f629
- SHA256
  
  e99db65a51db72018f0469b6d5096a2d469b790efdeec50a955b8ac4e19f16e8
- SHA512
  
  e47c5072fd8b581e8312148ca48490a86d4f51d58e6acef90d3d3de8bca5660d62a1b935357f9307c6f89cc35d1d332b0f42f402abf87a8959d4c29af8e5ee67
- SSDEEP
  
  1536:sr+PkxJ8MsJvDT4cOApaeaTJ8lxu5lAdzliDofmcpoBzAwI6U/VIWpVDSUt/aup:sr+5MstDTHOApXTZmBIF/aWpVDDtSu
Score

1^/10
behavioral11 behavioral12
- Target
  
  ssfilterdrv.sys
- Size
  
  60KB
- MD5
  
  2a293444b9cdf2343b791924d3304878
- SHA1
  
  49e913aabb63d624de9fb55554a78e8c2ac7bef8
- SHA256
  
  0a9bc6f53e79b3d8c1f0f4d445de9e4d56c83d3b8291f20a2776540ff096a254
- SHA512
  
  9a39d7512c1d9225998e4f716e761c6a6a10786f1a32489be50840dc1865c1dd2bec6dfc92485ed241403c7d4c98a699ed91ae0ac8c8b265b400db4f6978ad18
- SSDEEP
  
  1536:eVNKHJ963QUTqRJ6EUY2yE3C93u2Ha1YkDAZZsOxnE:5HJ963Xk9IS93u915DAZZsOlE
Score

1^/10
behavioral13 behavioral14
- Target
  
  ssleay32.dll
- Size
  
  368KB
- MD5
  
  2da6e9df4979ca65a01c4df6eb5600d2
- SHA1
  
  8bb90aca4e3387629e76d5c8cb53743990d891ec
- SHA256
  
  bfb7a9a4d5501d21cd575ec6f65b10ec3d43e6bc137d7b6469daf24ee0b65d14
- SHA512
  
  e146c42fee06702b80ca46d7a281a8c0600b9a35213accac29dc3c505d9d1f0405c4a69f22258042fbe4d35278c2c47ba878b1f2bfaa739eb1501428ea5f90af
- SSDEEP
  
  6144:tS4YNV1eN5+tEmD24Y3m5staz+5UGhB5v7gwOmnpRt+i0QKYU6PuCv7CNbA2WQzY:1YNV1eN5+tEmD24Y3m5stazIUGhB5jgm
Score

1^/10
behavioral15 behavioral16

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Drops file in Drivers directory

ACProtect 1.3x - 1.4x DLL software

Deletes itself

Executes dropped EXE

Loads dropped DLL

UPX packed file

Checks installed software on the system

Drops file in System32 directory

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16