General

  • Target

    a5fde8e07093f846f45684f97ea3d1e7_JaffaCakes118

  • Size

    4.5MB

  • Sample

    240613-rn459aseje

  • MD5

    a5fde8e07093f846f45684f97ea3d1e7

  • SHA1

    19586079a8fb109f9717d1d9e6e79744cad05276

  • SHA256

    e9662c3fd38d0cb02c47b7c1003e65ea925d3649e95ce15e584fb038ef88bf47

  • SHA512

    fce48e1e500200bbb6d6676b31ceecc2dab977c6a552cc9bd8c6df45ce8d92d2afacc0d686872617990f45267f927a2935d17c7c0105013ca9662fc873cf91a0

  • SSDEEP

    98304:cTagynTETU5lOTuSpOSJ+5mh40kmYSKN6Qwzbyujz+kn2nOlMTb:saBnOUhetJiH7mYSKBgbCkn/y

Malware Config

Targets

    • Target

      a5fde8e07093f846f45684f97ea3d1e7_JaffaCakes118

    • Size

      4.5MB

    • MD5

      a5fde8e07093f846f45684f97ea3d1e7

    • SHA1

      19586079a8fb109f9717d1d9e6e79744cad05276

    • SHA256

      e9662c3fd38d0cb02c47b7c1003e65ea925d3649e95ce15e584fb038ef88bf47

    • SHA512

      fce48e1e500200bbb6d6676b31ceecc2dab977c6a552cc9bd8c6df45ce8d92d2afacc0d686872617990f45267f927a2935d17c7c0105013ca9662fc873cf91a0

    • SSDEEP

      98304:cTagynTETU5lOTuSpOSJ+5mh40kmYSKN6Qwzbyujz+kn2nOlMTb:saBnOUhetJiH7mYSKBgbCkn/y

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Registers COM server for autorun

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Target

      $APPDATA/Tencent/QQMicroGameBox/1.0.8.7/Control.dll

    • Size

      283KB

    • MD5

      42a956f63027412fa5847c83eb2d0ff0

    • SHA1

      b6048c3ffc21851b2bc27e8d4793b059e0ab9b50

    • SHA256

      2d5a8f0dabb8d9a3ac2f016007b7ef2a5618c3fe53c5826db25c16f6fff1a67e

    • SHA512

      ddbd7b29df746a426a76e825b2b2c9598f41a55459edcc8d3784e60f028c1a1ffd307bc4cc8dd1ab739d4bb5096de2ca12cde4319d2a8dcaa5e70b58bc9de134

    • SSDEEP

      3072:naPwAxAFvnD0FczPjlZFmxsDau98JPaiFGTJfmmctXCGHNMsREDLx1W8QaqBRFF4:naoAwvD0MJmy98PHz4ygfOt0LbD

    Score
    3/10
    • Target

      $APPDATA/Tencent/QQMicroGameBox/1.0.8.7/DuiLib.dll

    • Size

      340KB

    • MD5

      5eab6935527b89555ec556fd65c4c092

    • SHA1

      604df3faa212b4474cc279b26e2213f0210d4240

    • SHA256

      201032351afa68f293944b41795def684a83e87c31970c2828c80c48f9db5ba3

    • SHA512

      b5e15ae1c4a00022d285e70d10072f4e4034dbe07ced3a4ff2656c22a8c09615f93a3b4494c2beea2e19662cb83df81ff752ace4131dc4adcd313f8a729cced9

    • SSDEEP

      6144:rnFarxjJIP5QWQnbxIAgrOKsJZS6Hk4u:rMrA5gnVKj4u

    Score
    1/10
    • Target

      $APPDATA/Tencent/QQMicroGameBox/1.0.8.7/InstallHelper.dll

    • Size

      16KB

    • MD5

      e619678068a4d7475386cabe2d218be6

    • SHA1

      213cdfc0dd7aedf34328d54aa7e0d45037602a1d

    • SHA256

      e3955d96a1b7a9dd78ae4a69d840f6b2b932e1ce615abc9aad529c91d3cc4ae9

    • SHA512

      9c75e10f14ebb1af0fec92f1ef44de6d1824da3d3ecf8787380764589b8e1468a28bb51c3361031bd8c8f7cc17d17e1926a0ba3e0b5c135ec40e0e18658062ab

    • SSDEEP

      384:Xm9wJVeRcmtjqvDcANEq8NEAnN7YJLW/NpqbJH:3VeOSANEqFAnNKLXbp

    Score
    3/10
    • Target

      $APPDATA/Tencent/QQMicroGameBox/1.0.8.7/Ipc.dll

    • Size

      34KB

    • MD5

      977f2f877b9c5adf18f812e7eaacc3cb

    • SHA1

      0f8580c4d52cfa367d62a2e424f0ccfdc6934666

    • SHA256

      9f18292543147be3afb24ceeacdfc123e5f6ed74091d11725e8733490112c965

    • SHA512

      1d79a9753a90538b158aceb9bdcc01a3da211082541ac5fab25c1b33006ff04da963c53da13b0ac4dba1cb6b7b1c1cb500fa5e63715d4e12bd0a7da707358bcb

    • SSDEEP

      768:uShNqZ1bWXGRYLNw4MGyP4yf1K2OKq1ai:1Nqby+4MGO4ytK2OKq1a

    Score
    1/10
    • Target

      $APPDATA/Tencent/QQMicroGameBox/1.0.8.7/Login.dll

    • Size

      381KB

    • MD5

      2ab2c4544bade164352f48481fad759f

    • SHA1

      245521d3d39d9c44f5cd8939492afc24a14bf164

    • SHA256

      52fecb1c9334e71a55bfa6c1ed57ad0f38aa66c7940daad3f46fd3561f300864

    • SHA512

      b316c768084b4691a1865a6c4afc9b41e133a50dbdf13fbe6e9d050aaac3060ed8fff8eb96b191b4d928c2246a70ce70a65109d94339dde1844eb964670fe237

    • SSDEEP

      6144:ZCTBnL8a+gZTVAXW7ZmhxkbNWjw27dlmVD/eKkgn1EDS5Shdj0QsEx6Q1xRS6+qg:E98a+gZTVQW7ZmhxX8wDKkgn1YS5ShNu

    Score
    3/10
    • Target

      $APPDATA/Tencent/QQMicroGameBox/1.0.8.7/Main.dll

    • Size

      254KB

    • MD5

      51ae6d73e58fb89e68945bea01111637

    • SHA1

      4147460e942672d1eac54eefe50172dfd7be4267

    • SHA256

      0841e4d588e4e66c234a55bcef62e11c45769af3a663075612c66e66281b346a

    • SHA512

      7c90a82793e68a35ed01ac1026a9dd8ddf37b3a65ea5ff9c7d11da8bc7ed91d6c196198363e64dfc926c5751bd408b7d25252f03f764f2a4b612caab513223b6

    • SSDEEP

      3072:ZLam80MvzR3BwF9ei2ga+xantqUBQ+dQ7C1+qoO16VP+yx:Ud0MvzR3BwF8i2leG1+qoO16s

    Score
    1/10
    • Target

      $APPDATA/Tencent/QQMicroGameBox/1.0.8.7/MemDefrag.dll

    • Size

      87KB

    • MD5

      75cce9c3cab0ffbc6bc051c9bbac1894

    • SHA1

      28ddfe372327ac5566b1ef051f5a2d25e456d68a

    • SHA256

      bec6c1235910fe26809d28292d06e2dafa7276f56cc436f17cad301ba24e2a3e

    • SHA512

      d6b842bf6543506028f63d1f97d8ab4b43f42ff669a5a34a5fc16e012e1cb071b1b4a835ce7bd5b5f2ec6675fc103e4b7c0b38cf756f8cb917c7bc4529c0bdb7

    • SSDEEP

      1536:LTGnaa7tA8qPy9PoYRIKZxfpTCE4DdySLLU1URveWeX3mN3tXlJ:Lw9tmoFjjX3mhtXl

    Score
    3/10
    • Target

      $APPDATA/Tencent/QQMicroGameBox/1.0.8.7/MouseRecorder.dll

    • Size

      33KB

    • MD5

      84a812a3aba2082b7e4be6494380c52e

    • SHA1

      9db3c5c95d5f4eb9bcefd7c6e7fba4d14390276d

    • SHA256

      29812961d259b128ae2fbae769491694dfae52e6144675c3e203f43e5afb6e1d

    • SHA512

      310676250ffea0e8d85b5aa8fc441ddc892a290ecc96282c96af148d7f8f5502ca30a9b849c05f27c9d05c2204f8cd64d029a11678d2e37babc1d77e12ebdff9

    • SSDEEP

      768:quwqfinaTZlY3CMvi4WlZ9b5C7OkoFjOt4aP8JZzCCd:LNinadlGCMrWlZu+jOt/TC

    Score
    1/10
    • Target

      $APPDATA/Tencent/QQMicroGameBox/1.0.8.7/MouseRecorderUI.dll

    • Size

      171KB

    • MD5

      755feaff7fb53c6c6f505fa30583d809

    • SHA1

      48956834d7d6249593266d32b64e90e18ce652ac

    • SHA256

      5a9133d1efac33cdc49c73326a0038d0c47235fa20531ec03aefc1a354bb4fde

    • SHA512

      3ad5164e94819a27035afdcf8449133119efdf2cbbb39062760382cc8b8f052971643e5de05d26c7d8dbe4120b0e7301d649688260de6d3617cd34cd661124a0

    • SSDEEP

      3072:Uqze8pueCLNdBKmQpIsChuCHqViOHfsw:UN8hCLbBbh5HqViOHUw

    Score
    1/10
    • Target

      $APPDATA/Tencent/QQMicroGameBox/1.0.8.7/PinToTaskbar.exe

    • Size

      59KB

    • MD5

      f462fde662913b7bee2563c3784ba263

    • SHA1

      3cf8b7c73efe13b882965e7b83f3757ce15df306

    • SHA256

      175239a5614fb27c2f914d07930984534b77ffa3c3ed98c3f8954134c92481d6

    • SHA512

      abd61fadba1be03b1ce0c0a3170bbeb03b13407a358072583b3162e141890aa9e1b4b4d5e4b9ef0186a094dfcc6f0031f0f9e6c8a2a48108a2e32a81f553c9d7

    • SSDEEP

      768:uFFO3kMNCUiLliok4g8TanMKb4PwaHbT46rtiJ8P5tY:uFFy9iL3kb8TanMbP7HhP5

    Score
    1/10
    • Target

      $APPDATA/Tencent/QQMicroGameBox/1.0.8.7/Plugin.exe

    • Size

      384KB

    • MD5

      2ced752334d86db514bacfa7ec8620e2

    • SHA1

      953be96eb015a06f037d10d145adc370406142e4

    • SHA256

      2c5ad631ab961b2e89b94f49216b3fde08af727f6814c2688b904747d20aca4e

    • SHA512

      727b33fc2973d5989dcc7f070fada974fbb809a2610aba4c3a4bbc4652a744811f598282a79656df76b92882bbb482ec943abf928c8c24b78a1d1a16334690d3

    • SSDEEP

      6144:9EUXXW9p8wdn8z7092JexonWT1Sjqmj5uPdO7MSt8GQj+wTR:9EgW9pJB83092UonW8jRos7Co2

    Score
    7/10
    • Loads dropped DLL

    • Registers COM server for autorun

    • Target

      $APPDATA/Tencent/WebGamePlugin/1.0.3.9/HttpDownloader.dll

    • Size

      96KB

    • MD5

      5916d371edbc4195bfb1b185156bff46

    • SHA1

      6285c359ef4b1c5c879e80953636fbd09e6c11c8

    • SHA256

      3ec418fa0051083e9dbe6e697b70ac91d56b7528c1dd8c83d33abfbda2e1f63c

    • SHA512

      091f494f72407606a43a2ecb9aed2085d2809c0d71369a5d0c587d00238d9edc8746d794039b96855061f433bb17c76595e7fcce75f896e96c02da199743f542

    • SSDEEP

      1536:VybBc/0jR1sRBfkkIRjnwbE2buAz5K7kfnzbEKbh5hgdt:Vybi/FRBHsnAuKbph5hO

    Score
    1/10
    • Target

      $APPDATA/Tencent/WebGamePlugin/1.0.3.9/InstallerToolkit.dll

    • Size

      84KB

    • MD5

      412b08c23bc4e78e9aabb9f2527ab012

    • SHA1

      66e57245b23354f17ea4f1486af9b9f1b5852e3d

    • SHA256

      539cbd9a37643849695a2dad6501c8d8ced660448526eb24e4a9ed2169d1ece6

    • SHA512

      e5f3bd19afd51b4f1549295b70f90729b111368b3a1ba704e2901c707ce1da9e5b2ce91187a924ad0ab879a62c440f7af3887b0f8f4514b9693e98e581b7ca24

    • SSDEEP

      1536:2eJB6up30pOVVkyH2r+w1ezxxnruiGG44wqtNWIfbbQEHw/VEKbg0SAoF/s5v5fi:rJpKpOVU+3nr8abQEHw/VEKbg0SAoF/j

    Score
    1/10
    • Target

      $APPDATA/Tencent/WebGamePlugin/1.0.3.9/Launcher.exe

    • Size

      450KB

    • MD5

      6fdc9b18b092803170da3db0ca5b5762

    • SHA1

      d6405c992a296f4468b1b56c01fc9aeba62638f8

    • SHA256

      1419eb9787459d3e611c36d7fff608865cd6052d9703c0e92d12e037bd12af08

    • SHA512

      1ca2bf6966e9f7671c2dee1c4171c4f2591f3bb587e6a4d44e408ba7de6bf6cec3de082924d65929923210746f02563540d299deefc0362b07eb9603d4479ec9

    • SSDEEP

      12288:TFo6FjmSZ2ylqBlMzYzVIAhM7QeG+HW8K:Ttm62ylEMyVIAK0q

    Score
    1/10
    • Target

      $APPDATA/Tencent/WebGamePlugin/1.0.3.9/PluginManager.dll

    • Size

      82KB

    • MD5

      da6d9b9fe7b876cd516adbd501d8586e

    • SHA1

      63fece81acfb987567174325a9f59584390a66f0

    • SHA256

      dccb12e664c682908e925f424a2182df741e687fc41f95a95f6b53ba4d9d37f3

    • SHA512

      a023416928f77acac78e688f57084ec6b1aa65c75fb3c7d9e93ee6df6ae162f94b9134375d05323baf68b5efd17dd71dfe3c3dbff92e1dc87b5cab1888e6ddeb

    • SSDEEP

      768:0aFAll5NRrPbaeacG69kDPXumR1Yip2LmdX4qJgCv9Y/1F7ChFkKI0PLHPFFvCFs:0fqek6mR1Zp2CdZ2/1F7wk0jXCz5sJW

    Score
    1/10

MITRE ATT&CK Enterprise v15

Tasks

static1

Score
3/10

behavioral1

discoverypersistence
Score
7/10

behavioral2

discoverypersistence
Score
7/10

behavioral3

Score
3/10

behavioral4

Score
3/10

behavioral5

Score
1/10

behavioral6

Score
1/10

behavioral7

Score
1/10

behavioral8

Score
3/10

behavioral9

Score
1/10

behavioral10

Score
1/10

behavioral11

Score
3/10

behavioral12

Score
3/10

behavioral13

Score
1/10

behavioral14

Score
1/10

behavioral15

Score
3/10

behavioral16

Score
3/10

behavioral17

Score
1/10

behavioral18

Score
1/10

behavioral19

Score
1/10

behavioral20

Score
1/10

behavioral21

Score
1/10

behavioral22

Score
1/10

behavioral23

persistence
Score
7/10

behavioral24

persistence
Score
7/10

behavioral25

Score
1/10

behavioral26

Score
1/10

behavioral27

Score
1/10

behavioral28

Score
1/10

behavioral29

Score
1/10

behavioral30

Score
1/10

behavioral31

Score
1/10

behavioral32

Score
1/10