General

  • Target

    a42fdb487c23bf03be12625440274e2e_JaffaCakes118

  • Size

    3.1MB

  • Sample

    240613-g586esxcqd

  • MD5

    a42fdb487c23bf03be12625440274e2e

  • SHA1

    321b906fa6d6af58a36fe1f2ea33bd6f0d3fcc66

  • SHA256

    46e5084d576eff3dc3215cf0568acf665b65169492b4450e9fc2e439934967be

  • SHA512

    1971d216002d274a1ca751dbc1510de81f605d4eee499dea12fa60db6434836f1331c95f489416a0aa320b04ae538bc9acd6c7e3211809803fb82427f56128a4

  • SSDEEP

    98304:fbM+txnqQwcSs738OZlzI7avzSNmdX/5v4Z:fbvtKsDHbzWoSNmBxv

Score
7/10

Malware Config

Targets

    • Target

      a42fdb487c23bf03be12625440274e2e_JaffaCakes118

    • Size

      3.1MB

    • MD5

      a42fdb487c23bf03be12625440274e2e

    • SHA1

      321b906fa6d6af58a36fe1f2ea33bd6f0d3fcc66

    • SHA256

      46e5084d576eff3dc3215cf0568acf665b65169492b4450e9fc2e439934967be

    • SHA512

      1971d216002d274a1ca751dbc1510de81f605d4eee499dea12fa60db6434836f1331c95f489416a0aa320b04ae538bc9acd6c7e3211809803fb82427f56128a4

    • SSDEEP

      98304:fbM+txnqQwcSs738OZlzI7avzSNmdX/5v4Z:fbvtKsDHbzWoSNmBxv

    Score
    7/10
    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Target

      $PLUGINSDIR/INetC.dll

    • Size

      38KB

    • MD5

      48480c6a0a2de397f7af72ae719cef2e

    • SHA1

      77d1ffab3d180c3eea49a43af05cc33bfdd507f5

    • SHA256

      02395503380774991895d2b21a9df8b6224fbe44844b66c42c6be9a748d83215

    • SHA512

      357df1ba4eb6ab29431f4a91d720c8694f54317b6d0c5d026a3dd9aaa40cb045844bf8bb46b1f3c29866d6b1685ba0f41c6bf150b77ae7e445c89e304c193552

    • SSDEEP

      384:gICPY5u3YhNky7BNiM0eeTvkGrHlZis+2YG9utZeNFKTg/YDjPZYOu07bbThjFA:z11HwICZNFK/ggbwQ/k+ogNNX8

    Score
    3/10
    • Target

      $PLUGINSDIR/LogEx.dll

    • Size

      44KB

    • MD5

      0f96d9eb959ad4e8fd205e6d58cf01b8

    • SHA1

      7c45512cbdb24216afd23a9e8cdce0cfeaa7660f

    • SHA256

      57ede354532937e38c4ae9da3710ee295705ea9770c402dfb3a5c56a32fd4314

    • SHA512

      9f3afb61d75ac7b7dc84abcbf1b04f759b7055992d46140dc5dcc269aed22268d044ee8030f5ea260bbb912774e5bbb751560c16e54efa99c700b9fc7d48832c

    • SSDEEP

      384:w4NSXFjXCATBAQR4F1Y5u6I3wa4W7KNP66BjLjyXB0JyuDchv8EnohgSil2X:woaF+ATCQye/I3KWmxj00Jyb8Enov

    Score
    3/10
    • Target

      $PLUGINSDIR/System.dll

    • Size

      25KB

    • MD5

      8f883aead7ed5a4efc29c7c39a692657

    • SHA1

      4396eed07e01952d45cc175a9d6acec936103a97

    • SHA256

      6cb2ac8ace1d8b2d7fd052498897d6a0060bfbf158a0a9bfa60b66543adae1d5

    • SHA512

      f7f46cc8acec8a51da06f36173517353a8bd2d1933c86846c8d91c281f17bb86d243eadd52ad57261bdf27bd3e1a8831bdc1b88453d4586999e31a0511b4cda8

    • SSDEEP

      768:zbUzmursDLF5vHDf+VsCPAUz33ZZZZZZZZZZZZZZZZZZZZZZ5xE:PUHyFFTux

    Score
    3/10
    • Target

      $PLUGINSDIR/botva3.dll

    • Size

      91KB

    • MD5

      918dd71651933f1b0ef90a6b4b332939

    • SHA1

      405d3ae4bad64214662e6084ba073c045c0bc993

    • SHA256

      103dc199509c5ba8b96ceb2a26fd063e6953aaa192c37d8a429aaf2e305fbb5c

    • SHA512

      3d16e80484443eb785b458be05fd8c0ffae2c1805210294b6c316c4da2f657f3179592f0752ee57f8d315f6541ea26fe27a3fa2ee77619b30d8854aae5c0591e

    • SSDEEP

      1536:O1YpKnz56cJZRjJmdZwWWQpDa26NSSWx9Tq:O1YpKnzQvU1QpFSWx9Tq

    Score
    3/10
    • Target

      $PLUGINSDIR/chac_nsis_wrap.dll

    • Size

      42KB

    • MD5

      c726ba8dbf5bda67361f87d4f7d97421

    • SHA1

      0a5a580aa8ee449ee789a44f97c5af382a6918d5

    • SHA256

      f77c707da2a5a32af6a6112425e137c814fd4bde2d0f97a126d937e02b56961c

    • SHA512

      ce522dc894219b1c915b0fef4117140aff72e43c21d3b1cd4c09b044a9067724d4617c5549d9597b17f8bc0dc1d5f530a2f9785058c141b5ea4f7edf2349d020

    • SSDEEP

      384:fSgUaF6Zck7ujUCY2W026rN0CxYkQNhJu0Wb7bQTxOCpLrT9O9tkXZwkjO6OAbcE:KPaF6Bu280CxYPOz7dCpHTQ/ktb+39K

    Score
    3/10
    • Target

      $PLUGINSDIR/downloader.exe

    • Size

      183KB

    • MD5

      7df933c48f70841613a9f0092b5e4a31

    • SHA1

      2c64c8627fc179cb76b0533552ca6ae74a6234cb

    • SHA256

      8e553e9aa721db167bdeaf7748bb09d4f497e3a469fd09b6a995ea25d378f1fb

    • SHA512

      33d6a428ee974be9ef1f51ae4a9980fe61e75a5a63e9b5810419eeb7eb5a53da4fcc6028503d766a266b7a2420fe0be6cd96c8a3329bfdd423e78df71c011ab2

    • SSDEEP

      3072:S5E+dvekDIzKs71X1hzfe0gVqq+JgkdGnucerMQe0fnknlSb:S5lJc1Be+3LIonknlSb

    Score
    1/10
    • Target

      $PLUGINSDIR/nsDialogs.dll

    • Size

      12KB

    • MD5

      ef6f4e1e713809e854d0d3caa3b4576e

    • SHA1

      f5e70aa82107ed2f5ddb45419d8d9f5555c64db4

    • SHA256

      cc568b5b7d98906c18bf0603b8f2b30d69e5c6a023316b9591048a650e34b17d

    • SHA512

      37c83e4cbc2bcb0edd354f250af259daf221f10697ed887f657cec1048fd3edf57f1677da6b71800eee709954ad725550e29d6fc36857456a829e5e1217d85aa

    • SSDEEP

      192:vxOdn3UWGd3ILZkc5ouEaD/SX9q2bQMN8o1+jy3bilzZZZZmqO1OHvx66X4B:ZOdn37LZkSo4D/SX9zUMNZSjlzZZZZmT

    Score
    3/10
    • Target

      $PLUGINSDIR/nsExec.dll

    • Size

      10KB

    • MD5

      0c89a682de6166dc1057695dc2504a65

    • SHA1

      8f976f59bc29529b5ed8a2e5a9fb12ff502fdd47

    • SHA256

      23df16f070ee7de7c4931b0d01a5c888bdcda9c033c680a0d0a4b84856999cd5

    • SHA512

      3bbbbc8d7c3371359c78220c95f51a3f1d53f31f1bd92a25726c09149431db77bea8d0788de502a4fc8b07fd43b892ab96ae25927ff492734f97f126764c02cc

    • SSDEEP

      192:JyYCGibOud8m6wDZGZ7Xjy3SZVyLDC1pT1qFbH:u+vv9JZVyLDC1Ab

    Score
    3/10
    • Target

      $PLUGINSDIR/uidcreator.exe

    • Size

      214KB

    • MD5

      5c61d297ff7d48ad2b01e17527142633

    • SHA1

      d37fc7714ed29d9b8591613083d1f47bd438b391

    • SHA256

      fc909bdd4af5ef9831714d8d527e86475300d72d4a1853f955f254b3948fb40e

    • SHA512

      463eca51b9c8d87e946af760d482bdebdb09f50524a8994c5ef0b4dbdefda04b802eaedfbb2969ef2780cf0062137cedf2aca0b895b050de7c5cbb7d67903a69

    • SSDEEP

      3072:iAPBoJ5KG456dw26qvyKA5Vk8ZKdV9fBqJJdel1H/jv+1zOAg0Fujo0CE6ARsK+S:ivJZ+QPvyrc8c9UJsAOh6GstS

    Score
    1/10
    • Target

      $_26_/$_26_/Чистилка.exe

    • Size

      3.0MB

    • MD5

      d5f66329a37af45e8fb63430df7ce661

    • SHA1

      fc83e71d191b702f44254a51a35a8be3260bba7c

    • SHA256

      0898146db2f04f684d319a75db71936d66c4c0c605e388cff855a235fbc5614d

    • SHA512

      e559c6e3093d7ee0b5c50ff467b5c63b3ae149f215cb72e33cc907545bfaeecf0011221293f68c546f8f07e9200b14a6830123a9384f9b776388378c05fcc0b7

    • SSDEEP

      49152:aqSh5zRZwYeMQc+2niI043PsU6Zq3y5x43TaOpvPhc/pqYL6zSHh0znQvbvIGXs:aqSh5zRZwYeMMIV3PsU6Z8y6TaOphYL9

    Score
    1/10

MITRE ATT&CK Enterprise v15

Tasks