15855eb71ab14975030f8556e6f375d0dc1119d3c577f960d9cf74b8994a0ea1

Sharing

Copy URL Twitter E-mail

General

Target

b4916e72b4576716a85df0e68f1ce674_JaffaCakes118
Size

4.7MB
Sample

240616-w4j78swbqn
MD5

b4916e72b4576716a85df0e68f1ce674
SHA1

954092d5e6a0a79146756433ff6522f7327a0a3a
SHA256

15855eb71ab14975030f8556e6f375d0dc1119d3c577f960d9cf74b8994a0ea1
SHA512

8b563791ff77bd7d60587b0b1354efff4a250cadddfd2f6e227c4e7bad66514416ee0b27014a5dce94e942d9fdc0add48da1d54996d17634b3935eaa097dc6ee
SSDEEP

98304:/eaW6gzbg4hUmOJTn0hpv86EFptzmihHip72w8zQB9jeH:/evzbhhUFOhpk6EPtzphYPeH

Score

7^/10

Malware Config

Targets

- Target
  
  b4916e72b4576716a85df0e68f1ce674_JaffaCakes118
- Size
  
  4.7MB
- MD5
  
  b4916e72b4576716a85df0e68f1ce674
- SHA1
  
  954092d5e6a0a79146756433ff6522f7327a0a3a
- SHA256
  
  15855eb71ab14975030f8556e6f375d0dc1119d3c577f960d9cf74b8994a0ea1
- SHA512
  
  8b563791ff77bd7d60587b0b1354efff4a250cadddfd2f6e227c4e7bad66514416ee0b27014a5dce94e942d9fdc0add48da1d54996d17634b3935eaa097dc6ee
- SSDEEP
  
  98304:/eaW6gzbg4hUmOJTn0hpv86EFptzmihHip72w8zQB9jeH:/evzbhhUFOhpk6EPtzphYPeH
Score

7^/10
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/KWGameBox.dll
- Size
  
  183KB
- MD5
  
  8e0735b36577544675bd2508e9c4b62f
- SHA1
  
  17da8421f07cefb3ea39e90f499a62fe6925cab2
- SHA256
  
  271fe57637b2bee081bdedafe01c8030ccceecd727b6f0495c71f575a00da939
- SHA512
  
  aae985be67fa9521b79c3efc6841d7de9cdc018e80eac61771ce34181975a992944249b03366b79614b13ff77a760679d918193b15263d0846d2412564e9223d
- SSDEEP
  
  3072:01ocJejMQ0+pOr3VCWtqWqRXE/EbtCimxn+GS8ioP5f72d:OEjjE0TWqOeCimx+78Ht7
Score

3^/10
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/KillProcDLL.dll
- Size
  
  4KB
- MD5
  
  99f345cf51b6c3c317d20a81acb11012
- SHA1
  
  b3d0355f527c536ea14a8ff51741c8739d66f727
- SHA256
  
  c2689ba1f66066afce85ca6457ecd36370be0fe351c58422e45efd0948655c93
- SHA512
  
  937aa75be84a74f2be3b54dc80fac02c17dad1915d924ef82ab354d2a49bc773ee6d801203c52686113783a7c7ea0e8ed8e673ba696d6d3212f7006e291ed2ef
Score

3^/10
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/KuWoNsis_new.dll
- Size
  
  131KB
- MD5
  
  7aff208a344394104f171d8e7d5f0a47
- SHA1
  
  2a4366b88365f93a281b9288de040fa84e3d0c78
- SHA256
  
  d7b3aaad152cc2f782fec2ed2b9f123ce7a624551f7f3e3aac9384bf6d123b58
- SHA512
  
  0398b91d2be430d03be0b622ac19c5153c9bbbb74127fe1a20f4424d02d031ad574cb56c5c7ce8b93ac0b9ec70638be7a36e9d364a5732c47743c0b392f4d26a
- SSDEEP
  
  1536:XcUsV87Fox3kbAxTuOaK7xXH/PulnwPXQ9vCgzxQaNmLLmA5PBUyVc:M5G7uqbAf0cYCaNmL/5pUy6
Score

3^/10
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/NsisCrypt.dll
- Size
  
  15KB
- MD5
  
  a3e9024e53c55893b1e4f62a2bd93ca8
- SHA1
  
  aa289e93d68bd15bfcdec3bb00cf1ef930074a1e
- SHA256
  
  7183cf34924885dbadb7f3af7f1b788f23b337144ab69cd0d89a5134a74263ad
- SHA512
  
  a124cf63e9db33de10fda6ba0c78cbb366d9cc7ef26f90031dba03c111dfdcd4a9bd378e1075211fd12e63da2beffa973f8c3f5b283be5debb06e820aa02750b
- SSDEEP
  
  384:GxjVNXmh6bg9Q8K+/QCJ/qYAgqA/A/mh:GRbg9Q8K+/tyYdqAA+h
Score

3^/10
behavioral10 behavioral9
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  10KB
- MD5
  
  0ae9c427fe7bbbbf1368c1c6d3933ae7
- SHA1
  
  c8e5131613302531c88512dada29a18886259268
- SHA256
  
  49437f4b9fd38007f3b2735f0a8a12830b995305c75118b440202980183d5c6a
- SHA512
  
  59b76b00f2b0d6242dc5bc3cb36d3ff78867445f502e34cea890c6f493c2adf9b97cec539963204ddd1c641e1a77139f46fc33dec4dc636f4b06d2edffffec6d
- SSDEEP
  
  96:vCCshwlpqUsYghN/9uvZ7CLWNCSiiVTQYBGVXRvuBDlSriklbuba1iLc+cEyzo7e:BzqUuh/uLCXIkYBGV9uVlSblbubbwtl
Score

3^/10
behavioral11 behavioral12
- Target
  
  $PLUGINSDIR/inetc.dll
- Size
  
  20KB
- MD5
  
  c498ae64b4971132bba676873978de1e
- SHA1
  
  92e4009cd776b6c8616d8bffade7668ef3cb3c27
- SHA256
  
  5552bdde7e4113393f683ef501e4cc84dccc071bdc51391ea7fa3e7c1d49e4e8
- SHA512
  
  8e5ca35493f749a39ceae6796d2658ba10f7d8d9ceca45bb4365b338fabd1dfa9b9f92e33f50c91b0273e66adfbce4b98b09c15fd2473f8b214ed797462333d7
- SSDEEP
  
  384:EVJOXQZkjhm+Np3aWgzxljzbbEUhU7ya4LtU0Ac9khYLMkIX0+GBty3S:EeXQcm+NpqWgzxljzfEUhUua4LtG
Score

3^/10
behavioral13 behavioral14
- Target
  
  $PLUGINSDIR/nsDialogs.dll
- Size
  
  8KB
- MD5
  
  ea9831bdfaa5639bf54de71c6b2d828f
- SHA1
  
  2e54592709bdc071d67fbf798681daf58f748e28
- SHA256
  
  790a2137bef55443c1b11526cd76110a9d9a352956356b4b254a37ec4d252bbc
- SHA512
  
  1adcfcd3fad5e3280175362e9ce8197f7c9a59c5cf9ecd2b526f077eccb623c58e1639c0c520e380944e6913db5b8d23936d5cf76932c6475c1533e4506a9876
- SSDEEP
  
  96:N5uaX19Pld1xvNBFzvLnLbCxQPXX56lHpYkU6:NDDjNnzvLn356lJxU6
Score

3^/10
behavioral15 behavioral16
- Target
  
  DuiLib.dll
- Size
  
  1.1MB
- MD5
  
  4ebc1a32d16e84323e73f1f941bc2676
- SHA1
  
  c824b7b52de4b225242cf55e8f28920548e04eac
- SHA256
  
  62ee1df95103ad2530b165202fa14fbbccc799fa1ee42825a7df8e26b5b08d4f
- SHA512
  
  893764f9c5f3f4d12e15a22de765a19f4437606bcdcc310fbcc5cc5aed837eecba3d67162518e08b72f92d7cdffe6347c68cc7b5ffe512bfbe8ae1d950418b08
- SSDEEP
  
  24576:C/WRi0+taI/FlLzfoBTzUeMiof2CgxfTqGuFEEK3h9VsIxDPbszirQt:GWRi0+taI/FlHfa9Miof2CgxfTqGuFEw
Score

5^/10
- Drops file in System32 directory
behavioral17 behavioral18
- Target
  
  DumpReport.exe
- Size
  
  99KB
- MD5
  
  c29f344a7c5d407333b52277f1ddfa54
- SHA1
  
  c3d737ec29dddae76cff5158e860499e2d644517
- SHA256
  
  71250869e8fe6789d0f00235572ec5dcb9bd8ca5655be4a5325722fbdb568237
- SHA512
  
  fcdadd1c4c00b913f9fe9e44eaca2156f188270ca06cf300e9810475e1098858c9bc22d326e47008bf2bbdc826771f0cfeb19fa5adb9e762e1c3f8d16d774719
- SSDEEP
  
  1536:oAVnSHMcWrdr5Lh0O6PbNpls/WgiYhCy0XSwXSTlRFOYfaMeaj:oAVn3dtLhV6Ll7PM307UlXOEaMea
Score

1^/10
behavioral19 behavioral20
- Target
  
  IEProxy.dll
- Size
  
  59KB
- MD5
  
  1f91003a711aee0a02b6ec0899190d42
- SHA1
  
  bb8de9527b2bed1cf10dbf6a748d80e331f52f3e
- SHA256
  
  1953d90f41f36a411dd419656cf40196803c2007c3b5e3f2ecb8d102218c7f14
- SHA512
  
  fc747640028f0e0ca50c722881265d86ed62d55ae91a48c0415c4944ec2ee6b2767433f45b41fad5ebb26c3b82db586ba3a80c7e4428d47cbee4324262eba850
- SSDEEP
  
  1536:wZ5UkQnT8r1J0kSF6Tx511xupOtmpehXN:w7OT0IZ6Tx511xYOtm8V
Score

5^/10
- Drops file in System32 directory
behavioral21 behavioral22
- Target
  
  KXShortcuts.exe
- Size
  
  29KB
- MD5
  
  2aff30bc2fb789ae2028d682439a088a
- SHA1
  
  7a945918db64568b5a4d100a8eb1aa656045ce1c
- SHA256
  
  c97d2f71e23b45837deffb172acddf71c8fa5e6cea43ff31ee7858e60c7fef5c
- SHA512
  
  bb59ca67f16f9255f7c96a57252753fbf3a64357aabc37928441a8a23890997d830385a0b1048d500b122d37bc7271e3a9211c6bc4d0e4f0d76f054f9e0d347d
- SSDEEP
  
  384:bhuSIeIA4zR654qJcoiA/519/H9d+gigfonYPLQuLCGeMW:bhuSyA4zQJcteXFdd+gHA7
Score

3^/10
behavioral23 behavioral24
- Target
  
  KwDataDef.dll
- Size
  
  16KB
- MD5
  
  ecc0250062de554de26f89c6e41d1de7
- SHA1
  
  6d30ac30578b5bdaa6f537569affabf22d8a1b7c
- SHA256
  
  20e88e714c34398bd811b70f4c18ca86db7c15bb5a37f7ec18a3373f8fa4ac00
- SHA512
  
  6b88a2a6a37609949236ddfff535069e351b4dd74ebb9bae7b7b74a063c00124d3de20b330b2e0e7984712b29a1f166f34ab180bf0ee4fab9da114addb1a9abf
- SSDEEP
  
  384:QNn8zAHdefJG702OK/hY6mwfMCsukq2eMr:m9eRk02OKi6TUk
Score

3^/10
behavioral25 behavioral26
- Target
  
  KwHttp.dll
- Size
  
  32KB
- MD5
  
  a643deebd7b6b8fbd489c16a8754f748
- SHA1
  
  d5fd8458730383da826d7f045ddd6d4b0b6d5285
- SHA256
  
  156e213bbb69da400098cdd535b9735f8c7484a3c204d961bf0a04e98603ce2a
- SHA512
  
  a13a5c7c78e8eab605b96217718ed550bc81c31874c9e7214c3bd70db55282f73dac3359abcb105f5f19db1d8f2269025d7df1f8c31bc63eb91d6d947d500ab7
- SSDEEP
  
  768:JroyX6reiBZej10mgyjwK0tjOtK9rt1Uk:JL6rlZeJbgyj0tjOtKe
Score

5^/10
- Drops file in System32 directory
behavioral27 behavioral28
- Target
  
  KwHttpRequestMgr.dll
- Size
  
  217KB
- MD5
  
  9d395044330df736fe0bd30465abadb5
- SHA1
  
  a4fd3edb24ec63ba62c0b151858e4b31250b2352
- SHA256
  
  454212312fbd057cc8af08ab7bee15a4f3e9ef465b5e9694149f5bafdd018b44
- SHA512
  
  2d8529dd933503581963d6a5e2a6129282320e041912d10f4ba9f1f091e88d841159b868171d291f61fe9774948afa2b08bc51d2d2c3744c3e7a154163d78001
- SSDEEP
  
  3072:I4Y8Z/y6d+KK7Z41N8QOMLsWC+ycCpBE6vsmNQQwxF8ipEKR3MP5lnGOKmiyA:7Y8ZV9K74Ls92duPfGOKm
Score

1^/10
behavioral29 behavioral30
- Target
  
  KwLib.dll
- Size
  
  534KB
- MD5
  
  3b3037a224ce0e4a6b76f167daba77c1
- SHA1
  
  8abe17602fd45aaa5f7cb570e931820fee352f73
- SHA256
  
  b0d74aa308b8ebf777028bf3099440005f7dea495b3fde2d36a6173f8af6af4e
- SHA512
  
  58bc7134c95031c74d3bd772b4f85839ecc71c49a55d69461db5d39105c137c944fedda840a3326b8658130c1e70affef20073120832087fed74bdf58b9fe4b5
- SSDEEP
  
  12288:HUc/Q1cnuCWGGZTy3XZglJZc5TaFZ803R:x/Q1cnuUiy3XmlbmTCe03
Score

5^/10
- Drops file in System32 directory
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Loads dropped DLL

Drops file in System32 directory

Drops file in System32 directory

Drops file in System32 directory

Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32