019c7c4a5bebfef8ee7661f65117797f4c75b32eb4025b5574929899ff0ce5d9

Sharing

Copy URL

Twitter E-mail

General

Target

add6eafe509b13254a85cd10cb5bdbae_JaffaCakes118
Size

337KB
Sample

240615-lr2lmszbpp
MD5

add6eafe509b13254a85cd10cb5bdbae
SHA1

2c23ff983fc53a095533459c661bc591b3691a14
SHA256

019c7c4a5bebfef8ee7661f65117797f4c75b32eb4025b5574929899ff0ce5d9
SHA512

f7b27b41f4f939a04b3f85569b7d4522399d8c7f6f9c12b905b3400e8378ddd2dd2661ae12574415660458c3d75665143fe79e58088e0be5590fa669bfc3c8b7
SSDEEP

6144:gc63Az3BkCI6euLBvfpvATS9zXQgfU41Rns01ZLAwzuZl9VIpdiw2dNaHyYtCi:+GRMCtnpvAWRFrzUw6ZOl24Ci

Score

7^/10

Malware Config

Targets

- Target
  
  add6eafe509b13254a85cd10cb5bdbae_JaffaCakes118
- Size
  
  337KB
- MD5
  
  add6eafe509b13254a85cd10cb5bdbae
- SHA1
  
  2c23ff983fc53a095533459c661bc591b3691a14
- SHA256
  
  019c7c4a5bebfef8ee7661f65117797f4c75b32eb4025b5574929899ff0ce5d9
- SHA512
  
  f7b27b41f4f939a04b3f85569b7d4522399d8c7f6f9c12b905b3400e8378ddd2dd2661ae12574415660458c3d75665143fe79e58088e0be5590fa669bfc3c8b7
- SSDEEP
  
  6144:gc63Az3BkCI6euLBvfpvATS9zXQgfU41Rns01ZLAwzuZl9VIpdiw2dNaHyYtCi:+GRMCtnpvAWRFrzUw6ZOl24Ci
Score

7^/10
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/GetVersion.dll
- Size
  
  9KB
- MD5
  
  225f776172f1baccd2721a6e5d512b36
- SHA1
  
  2dbbc86f7b0285682880a627b56a75de09f4bed6
- SHA256
  
  ecfcbe30f5b248673f9cbebb734b9981ed14b06380ea787c563d67b30e2d069e
- SHA512
  
  4b99a5ac68122501a5913cf54bd3ae99d851d57656b0e136980122739cceef739fa2d5ea097f2442068b9489a4c25ea0884653c41d85f27f25996792bf6c21bb
- SSDEEP
  
  192:MMr/9XGqK7s/AlHdJZBi46AQ5VuNxHA8/:MsXGqM93Bi46AQ5Vujg8/
Score

3^/10
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/NSISdl.dll
- Size
  
  82KB
- MD5
  
  cb1facc94ddb9f50fcfc176444d01063
- SHA1
  
  3ddd287a0aa1e376b9b200ee546c3b68f1e48ec7
- SHA256
  
  740889b170366dd60b93e0f381bc885be2a0591ea8905e48f9bd9830cb266436
- SHA512
  
  5bd93e8e45b35c8d89040d01756a71890c1e8bd60b71e9945e8ccdd55e327816b596c03ea2222acee9c5f5edef85e5167403f4735e9303bfed8bfa739831d464
- SSDEEP
  
  1536:nKHghY8sc+h3f3A9yBZgqCZMEeVDaDUg566Xo:KHghnsb7uCVGUg5jo
Score

3^/10
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/Processes.dll
- Size
  
  35KB
- MD5
  
  2cfba79d485cf441c646dd40d82490fc
- SHA1
  
  83e51ac1115a50986ed456bd18729653018b9619
- SHA256
  
  86b302fa9c85dfa0c1c03ba000864a928365dab571f3355347dba02da22949b7
- SHA512
  
  cca186a7f9c5cff3f4eca410fbe8cc13dad2514a7e36aec9b1addfbcb239ace9b9b2d8427771858e3fd11783abce7e24d43c286f98da9f8b17562ca095a4c043
- SSDEEP
  
  768:uxEiycFoaj/+WSiJfmjvab7L/cUf7IIlMLRF:uxEm7sgfmjy//cgdlM/
Score

3^/10
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/nsExec.dll
- Size
  
  9KB
- MD5
  
  dad21928213e804133c6eed2b5402dbc
- SHA1
  
  82fa0fe67dc55e22e2289800b2fca34bf59762d6
- SHA256
  
  5f80c7ba031f546b69bd57071bdb5334760cde5afc43fe8271b9e6a3204ef390
- SHA512
  
  8e8428f1bd5a81a447f8b892215d09d5695b1fcc9eb5bf0d9771a6989750feaa5957966fb444a24d78cf51ebb783d615348337e44b884c2e5d5f63d80551c9f3
- SSDEEP
  
  192:lkhF3tTTxsMRRuWDxvsiwDc4veSQ4b95Q4huV+:lqFh9LRR7Z/oPX5QIuV+
Score

3^/10
behavioral10 behavioral9
- Target
  
  $TEMP/add297e6e75d2fb414b44784df8382b4/downloaderDDLR.exe
- Size
  
  58KB
- MD5
  
  c7f6ed56312c8fbb58ae6ed445c38df4
- SHA1
  
  e2dba94ef052db774478b9f7198c1a2298b334e5
- SHA256
  
  fdb8452173a4f116f6e362ab5466c3c16bf6697502fe3d01db0d82f0e339de24
- SHA512
  
  ac43e5bb31c3c0876a7768553916cce76d92088e62594e8463b128a0d6e587c48152a5efcf0b2a5e8fb43028d46913df114ae3c3750b7e6c4212c7044518ba43
- SSDEEP
  
  1536:tLXB65939tY6HBg4sXJhweErCi/S8qcy4PLv:tLk395hYXJh0C6jy4z
Score

7^/10
- Loads dropped DLL
behavioral11 behavioral12
- Target
  
  $PLUGINSDIR/NSISdl.dll
- Size
  
  14KB
- MD5
  
  a5f8399a743ab7f9c88c645c35b1ebb5
- SHA1
  
  168f3c158913b0367bf79fa413357fbe97018191
- SHA256
  
  dacc88a12d3ba438fdae3535dc7a5a1d389bce13adc993706424874a782e51c9
- SHA512
  
  824e567f5211bf09c7912537c7836d761b0934207612808e9a191f980375c6a97383dbc6b4a7121c6b5f508cbfd7542a781d6b6b196ca24841f73892eec5e977
- SSDEEP
  
  192:tUZTobBDJ68r67wmsvJI5ad9cXzFOVu+mZ/P3p+57CvpVqDxVp01Dwn2GRPgsfA:6Bo/680dCI5adOjFOg9//p27uNw2Go
Score

3^/10
behavioral13 behavioral14
- Target
  
  $TEMP/add297e6e75d2fb414b44784df8382b4/downloaderOFFER0.exe
- Size
  
  58KB
- MD5
  
  c7f6ed56312c8fbb58ae6ed445c38df4
- SHA1
  
  e2dba94ef052db774478b9f7198c1a2298b334e5
- SHA256
  
  fdb8452173a4f116f6e362ab5466c3c16bf6697502fe3d01db0d82f0e339de24
- SHA512
  
  ac43e5bb31c3c0876a7768553916cce76d92088e62594e8463b128a0d6e587c48152a5efcf0b2a5e8fb43028d46913df114ae3c3750b7e6c4212c7044518ba43
- SSDEEP
  
  1536:tLXB65939tY6HBg4sXJhweErCi/S8qcy4PLv:tLk395hYXJh0C6jy4z
Score

7^/10
- Loads dropped DLL
behavioral15 behavioral16
- Target
  
  $PLUGINSDIR/NSISdl.dll
- Size
  
  14KB
- MD5
  
  a5f8399a743ab7f9c88c645c35b1ebb5
- SHA1
  
  168f3c158913b0367bf79fa413357fbe97018191
- SHA256
  
  dacc88a12d3ba438fdae3535dc7a5a1d389bce13adc993706424874a782e51c9
- SHA512
  
  824e567f5211bf09c7912537c7836d761b0934207612808e9a191f980375c6a97383dbc6b4a7121c6b5f508cbfd7542a781d6b6b196ca24841f73892eec5e977
- SSDEEP
  
  192:tUZTobBDJ68r67wmsvJI5ad9cXzFOVu+mZ/P3p+57CvpVqDxVp01Dwn2GRPgsfA:6Bo/680dCI5adOjFOg9//p27uNw2Go
Score

3^/10
behavioral17 behavioral18
- Target
  
  $TEMP/add297e6e75d2fb414b44784df8382b4/downloaderOFFER1.exe
- Size
  
  58KB
- MD5
  
  c7f6ed56312c8fbb58ae6ed445c38df4
- SHA1
  
  e2dba94ef052db774478b9f7198c1a2298b334e5
- SHA256
  
  fdb8452173a4f116f6e362ab5466c3c16bf6697502fe3d01db0d82f0e339de24
- SHA512
  
  ac43e5bb31c3c0876a7768553916cce76d92088e62594e8463b128a0d6e587c48152a5efcf0b2a5e8fb43028d46913df114ae3c3750b7e6c4212c7044518ba43
- SSDEEP
  
  1536:tLXB65939tY6HBg4sXJhweErCi/S8qcy4PLv:tLk395hYXJh0C6jy4z
Score

7^/10
- Loads dropped DLL
behavioral19 behavioral20
- Target
  
  $PLUGINSDIR/NSISdl.dll
- Size
  
  14KB
- MD5
  
  a5f8399a743ab7f9c88c645c35b1ebb5
- SHA1
  
  168f3c158913b0367bf79fa413357fbe97018191
- SHA256
  
  dacc88a12d3ba438fdae3535dc7a5a1d389bce13adc993706424874a782e51c9
- SHA512
  
  824e567f5211bf09c7912537c7836d761b0934207612808e9a191f980375c6a97383dbc6b4a7121c6b5f508cbfd7542a781d6b6b196ca24841f73892eec5e977
- SSDEEP
  
  192:tUZTobBDJ68r67wmsvJI5ad9cXzFOVu+mZ/P3p+57CvpVqDxVp01Dwn2GRPgsfA:6Bo/680dCI5adOjFOg9//p27uNw2Go
Score

3^/10
behavioral21 behavioral22
- Target
  
  $TEMP/add297e6e75d2fb414b44784df8382b4/downloaderOFFER2.exe
- Size
  
  58KB
- MD5
  
  c7f6ed56312c8fbb58ae6ed445c38df4
- SHA1
  
  e2dba94ef052db774478b9f7198c1a2298b334e5
- SHA256
  
  fdb8452173a4f116f6e362ab5466c3c16bf6697502fe3d01db0d82f0e339de24
- SHA512
  
  ac43e5bb31c3c0876a7768553916cce76d92088e62594e8463b128a0d6e587c48152a5efcf0b2a5e8fb43028d46913df114ae3c3750b7e6c4212c7044518ba43
- SSDEEP
  
  1536:tLXB65939tY6HBg4sXJhweErCi/S8qcy4PLv:tLk395hYXJh0C6jy4z
Score

7^/10
- Loads dropped DLL
behavioral23 behavioral24
- Target
  
  $PLUGINSDIR/NSISdl.dll
- Size
  
  14KB
- MD5
  
  a5f8399a743ab7f9c88c645c35b1ebb5
- SHA1
  
  168f3c158913b0367bf79fa413357fbe97018191
- SHA256
  
  dacc88a12d3ba438fdae3535dc7a5a1d389bce13adc993706424874a782e51c9
- SHA512
  
  824e567f5211bf09c7912537c7836d761b0934207612808e9a191f980375c6a97383dbc6b4a7121c6b5f508cbfd7542a781d6b6b196ca24841f73892eec5e977
- SSDEEP
  
  192:tUZTobBDJ68r67wmsvJI5ad9cXzFOVu+mZ/P3p+57CvpVqDxVp01Dwn2GRPgsfA:6Bo/680dCI5adOjFOg9//p27uNw2Go
Score

3^/10
behavioral25 behavioral26
- Target
  
  $TEMP/add297e6e75d2fb414b44784df8382b4/downloaderSTUB.exe
- Size
  
  58KB
- MD5
  
  c7f6ed56312c8fbb58ae6ed445c38df4
- SHA1
  
  e2dba94ef052db774478b9f7198c1a2298b334e5
- SHA256
  
  fdb8452173a4f116f6e362ab5466c3c16bf6697502fe3d01db0d82f0e339de24
- SHA512
  
  ac43e5bb31c3c0876a7768553916cce76d92088e62594e8463b128a0d6e587c48152a5efcf0b2a5e8fb43028d46913df114ae3c3750b7e6c4212c7044518ba43
- SSDEEP
  
  1536:tLXB65939tY6HBg4sXJhweErCi/S8qcy4PLv:tLk395hYXJh0C6jy4z
Score

7^/10
- Loads dropped DLL
behavioral27 behavioral28
- Target
  
  $PLUGINSDIR/NSISdl.dll
- Size
  
  14KB
- MD5
  
  a5f8399a743ab7f9c88c645c35b1ebb5
- SHA1
  
  168f3c158913b0367bf79fa413357fbe97018191
- SHA256
  
  dacc88a12d3ba438fdae3535dc7a5a1d389bce13adc993706424874a782e51c9
- SHA512
  
  824e567f5211bf09c7912537c7836d761b0934207612808e9a191f980375c6a97383dbc6b4a7121c6b5f508cbfd7542a781d6b6b196ca24841f73892eec5e977
- SSDEEP
  
  192:tUZTobBDJ68r67wmsvJI5ad9cXzFOVu+mZ/P3p+57CvpVqDxVp01Dwn2GRPgsfA:6Bo/680dCI5adOjFOg9//p27uNw2Go
Score

3^/10
behavioral29 behavioral30
- Target
  
  $TEMP/add297e6e75d2fb414b44784df8382b4/preinstaller.exe
- Size
  
  241KB
- MD5
  
  9d8fe8bcc4c493b2fd1da8d2b07ba57c
- SHA1
  
  aa9366eb9210c8a5398b5e55921c92ce8970df5b
- SHA256
  
  f33b7419880c7c90c999970e4c21febaaf6d39fdb02f9d9deafa8f8d97f3b3eb
- SHA512
  
  3fd58a0d7c870e8b07eb17f8f088d505ad98c7101733972f486a2946d18babfe0e4866ae28a16fe2481e006c26cbdf2d3eb1a2dd71bb44c084bbf14fea475216
- SSDEEP
  
  6144:gLZpiirZUwURUebtBGVBpBwXVUTL7E97IkXQxBRUoz0iYvF:4NYEVjBwXVwM9vylz3YvF
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Executes dropped EXE

Loads dropped DLL

Loads dropped DLL

Loads dropped DLL

Loads dropped DLL

Loads dropped DLL

Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32