cfb49823492b5a70e435b9092061f8e363fc6048de48dba68115b982e8174e48

Sharing

Copy URL

Twitter E-mail

General

Target

b4aafc9db5fed80265985e9796829267_JaffaCakes118
Size

1.6MB
Sample

240616-xh3m5awhkj
MD5

b4aafc9db5fed80265985e9796829267
SHA1

13a6aa62ed851d677cc16918dd4f6fba944ce814
SHA256

cfb49823492b5a70e435b9092061f8e363fc6048de48dba68115b982e8174e48
SHA512

40c72188a3c08009147ae4e8d9d9e34c5e34be882a5fc97fef8e59177633ee1cd6891bafa2774bf56cb36cdf11d44d2ce8603fce34e1297d314374329fede900
SSDEEP

24576:5ZVwNvjRNbYB3KvEMCsNgmlCY9uN+fGQzU67vAlQvJNSp7cXhBEPX5PLxWX8Tj+N:JmLRNG38Cs1P++fpfvjFQJjsX8I

Score

7^/10

execution upx

Malware Config

Targets

- Target
  
  b4aafc9db5fed80265985e9796829267_JaffaCakes118
- Size
  
  1.6MB
- MD5
  
  b4aafc9db5fed80265985e9796829267
- SHA1
  
  13a6aa62ed851d677cc16918dd4f6fba944ce814
- SHA256
  
  cfb49823492b5a70e435b9092061f8e363fc6048de48dba68115b982e8174e48
- SHA512
  
  40c72188a3c08009147ae4e8d9d9e34c5e34be882a5fc97fef8e59177633ee1cd6891bafa2774bf56cb36cdf11d44d2ce8603fce34e1297d314374329fede900
- SSDEEP
  
  24576:5ZVwNvjRNbYB3KvEMCsNgmlCY9uN+fGQzU67vAlQvJNSp7cXhBEPX5PLxWX8Tj+N:JmLRNG38Cs1P++fpfvjFQJjsX8I
Score

7^/10

upx
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/Aero.dll
- Size
  
  6KB
- MD5
  
  5c7408c25f1076eb96908e5bba521bb5
- SHA1
  
  46df8dfd93593360b9b6d2e4ab1892843246228d
- SHA256
  
  ab864a3c247e9016414a4a8b26155942b7c3814cc99be6a59b86c456bd22c061
- SHA512
  
  9eebf8378a0eab0ab66e70f20aea185392ce0de36e63a37c07ccd93a5d1d8fe95a2ed8c428c63d6aa8c0a5b424e53e412fdeb0e5be2ee57f9eceafa19e03062c
- SSDEEP
  
  96:+k+RX2Fg54iQrKWX09fODXCPbnV767ZJG:8X2FA4iyXNm7Ve7ZJ
Score

7^/10

upx
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/Delay.dll
- Size
  
  7KB
- MD5
  
  4602d9a9ed82d646522ead08a58536a9
- SHA1
  
  b070bad90e13e85c97bd4e530ca7958c22e36a5a
- SHA256
  
  b6691bf37f13e37bfc07d45990092fd9398f7eff8cb1bbad05e528def0307c4a
- SHA512
  
  5ebad4e83d411799a25b1e462ac3c7683dd0c973f131eed29131af7a240f92f55e6c60b78f96388bf7c4134941353794d79ef6c91476e8def7e5c803544afec9
- SSDEEP
  
  96:fkcYhKlqWFeJ9DekCN3jPpP4DyGE3qLNf:cXKMJRC5BfGE3qLN
Score

3^/10
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  11KB
- MD5
  
  c17103ae9072a06da581dec998343fc1
- SHA1
  
  b72148c6bdfaada8b8c3f950e610ee7cf1da1f8d
- SHA256
  
  dc58d8ad81cacb0c1ed72e33bff8f23ea40b5252b5bb55d393a0903e6819ae2f
- SHA512
  
  d32a71aaef18e993f28096d536e41c4d016850721b31171513ce28bbd805a54fd290b7c3e9d935f72e676a1acfb4f0dcc89d95040a0dd29f2b6975855c18986f
- SSDEEP
  
  192:7DKnJZCv6VmbJQC+tFiUdK7ckD4gRXKQx+LQ2CSF:7ViJrtFRdbmXK8+PCw
Score

3^/10
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/WebCtrl.dll
- Size
  
  5KB
- MD5
  
  f134448c6531c16271d776cdc930cff8
- SHA1
  
  6fa6ae69ee46486b33b41f08719319aca5d0382f
- SHA256
  
  f7e1e03c140cc86bb7b259f1882b4b461128d70213e7f030360a9c76d6c51884
- SHA512
  
  c83db0d30e51d5dba4fe4abab562fde9358f9970b32aef729f326f394e744698b936b134e8718afd9a2ac970daf287278b2685b77566c50f733f58897fd0c16d
- SSDEEP
  
  96:EPR9lrwXckwd7NLLd8e1+A39Lji7juoxiApV3ii:EPR99tZd8e133xjkuri
Score

3^/10
behavioral10 behavioral9
- Target
  
  $PLUGINSDIR/newadvsplash.dll
- Size
  
  8KB
- MD5
  
  7ee14dff57fb6e6c644b318d16768f4c
- SHA1
  
  9a5d5b31ab56ab01e9b0bd76c51b8b4605a8ccce
- SHA256
  
  53377d0710f551182edbab4150935425948535d11b92bf08a1c2dcf989723bd7
- SHA512
  
  0565ff2bdbdf044c5f90bd45475d478b48cdbd5e19569976291b1bdd703e61355410c65f29f2c9213faf56251beb16d342c8625288dad6afc670717b9636d51f
- SSDEEP
  
  96:qD5UDaGxZH52QhtZafDP9BTS9nPg83UniV/zRzGEl1DMl1zN6LmeYt4dO:W5UDaGxZH5T0j+9nl3BzG0IZ6LqN
Score

1^/10
behavioral11 behavioral12
- Target
  
  $PLUGINSDIR/nsDialogs.dll
- Size
  
  9KB
- MD5
  
  c10e04dd4ad4277d5adc951bb331c777
- SHA1
  
  b1e30808198a3ae6d6d1cca62df8893dc2a7ad43
- SHA256
  
  e31ad6c6e82e603378cb6b80e67d0e0dcd9cf384e1199ac5a65cb4935680021a
- SHA512
  
  853a5564bf751d40484ea482444c6958457cb4a17fb973cf870f03f201b8b2643be41bccde00f6b2026dc0c3d113e6481b0dc4c7b0f3ae7966d38c92c6b5862e
- SSDEEP
  
  96:hBABCcnl5TKhkfLxSslykcxM2DjDf3GE+Xv8Xav+Yx4VndY7ndS27gA:h6n+0SAfRE+/8ZYxMdqn420
Score

3^/10
behavioral13 behavioral14
- Target
  
  $PLUGINSDIR/scroll.html
- Size
  
  39KB
- MD5
  
  de08ea1df52585430e3a829b10e91ac2
- SHA1
  
  27f3d04c9ba7d9a2c2ae8f69f6a8bd47b792afcc
- SHA256
  
  d34eecf9347a906bd0a52e2a3d1503f98dda677e6f914bec53bde4202f3781e5
- SHA512
  
  413171d2b1ff6a9b47df4bba5d597bd01fc264c9bce31589621eefb2aa038a8d0bb4aa154e20a5b98c62adfe51f2e95e15039a8cbf49b501c3973ab2f816c904
- SSDEEP
  
  192:h78T5eH8IniRcLGPUvm1ETK5o50NSZE+D4r43YnRY5zgkkS+UGYNs9o/QzHL6Svb:h78TvXSjY5OAVFT3
Score

1^/10
behavioral15 behavioral16
- Target
  
  $PLUGINSDIR/tr_data/cred.html
- Size
  
  68KB
- MD5
  
  aea605b2dc0f65cb825f896e69190ea9
- SHA1
  
  514d86db9ea72a14fd628097478855172e91d619
- SHA256
  
  e622ab392c4cf06df46972333d7f30a5a4c99f046ee2abff4addab0be53c7b58
- SHA512
  
  abd77a272856193147e5347ba54a4d43c18e83ed2335a32067ee208f6757b47fc9f6a75d201c3a0453c20842514e70930e8fbca15e1acba4e8f7ee78f67feffb
- SSDEEP
  
  1536:gWl57mtSU0DVOlpv4gQuHCB+EuOuB+Guzouq0uH+6uaufu5M+6ukupuWu0u1u0uB:gzHCE13EvzB+erLG5HrV4fFMFvJpObEf
Score

1^/10
behavioral17 behavioral18
- Target
  
  $PLUGINSDIR/tr_data/legal.html
- Size
  
  26KB
- MD5
  
  2e524a71ac033c0619db0594856ba6d5
- SHA1
  
  450941553b685e48d6fab7b601b4d940ec73337d
- SHA256
  
  228cd4bbb92734f1ee76daf0cded20902fb9b7d3ebff857f21ba60a798f3a511
- SHA512
  
  444a7bd0d4a2e11675a7b43accda32932b16b727ff31daff56293014d37f0f081480c32034db9603999e7d3223c4407f67b05af577a66e17e3a3ee0df1c32ead
- SSDEEP
  
  192:e78T5+KHxCHoN+TEMBSX4dOjUNOKi7KRd6ITKzLHxvXtX5GtAPCJza2Aq0Faemkd:e78TsujY5c5zJAWoJxly59V
Score

1^/10
behavioral19 behavioral20
- Target
  
  $PLUGINSDIR/tr_files/scroll.dflt.js
- Size
  
  171B
- MD5
  
  46903025390c7274e546ddcf50526cfa
- SHA1
  
  c8cf17d978275fbeb42e040bb0538d212ce28654
- SHA256
  
  fb295cf92b819f9e7d95b62495aeb15e12cd3291add18093c946184127411984
- SHA512
  
  94230f5826b8ce67e0b914687224387fe31187c59ecb20e6f1ad8189e6d3bea76de3c7f505b0c2373b2b5c37257e89a3db6d9c544b5b19cfd2c67995968f3ba2
Score

3^/10

execution
behavioral21 behavioral22
- Target
  
  $PLUGINSDIR/tr_files/scroll.html
- Size
  
  4KB
- MD5
  
  fa5e9eb978e1acd9cb8e6cbe2ba76510
- SHA1
  
  a08920b5c81bd559a859757f6555863b1b0b804d
- SHA256
  
  1d55105e632396f76b046513f1805f8144b8d2dc2a0d75dd78b37cb771be705c
- SHA512
  
  8a156d805f20029ce06e9a78922f21410c0a2b99ec6b9f7d8c26bbc69efefa221c8c9c3c7264a544405eaccac54c259ddeb77384b9ac826720d60ee5a3ef1757
- SSDEEP
  
  96:QD9KskjS+e0nOJOJ3nctYcoUV1FzTOKKInCBsHSM4imf2fy:89LkjS90nmm3U3PFPOCnHmf2fy
Score

1^/10
behavioral23 behavioral24
- Target
  
  $PLUGINSDIR/tr_files/scroll.js
- Size
  
  641B
- MD5
  
  451adb9f6bed8859cee8ffe17a356dc6
- SHA1
  
  7606b460525934d666b19c6159167016bfa4ecfa
- SHA256
  
  83c74fe20d8cd134c900bc18231311a307fe9d40508bb0a4a3c008333f4755bb
- SHA512
  
  db4fde5819bef93f4c7709aaeee6ae79c87ae6d8283f408fd420847495ef618da5313b71e2da4afd6e3239b9d6e184856a8694ef201b3cc2d9de08074a6cfb2f
Score

3^/10

execution
behavioral25 behavioral26
- Target
  
  $PLUGINSDIR/tr_files/scroll.tpl0.js
- Size
  
  1KB
- MD5
  
  39133e190f144254ac4a3ba40d8863a6
- SHA1
  
  adb69965c2f4b76b10d029761e5eaa60dee10a5f
- SHA256
  
  d61df469c5484d3c20ad027e741321dd1921285142cc8acf73cf363d7798e310
- SHA512
  
  1c877ed7c7d76d858f79e1058181b4e77ccede55f782118f1c189dfd9d1a45e6c610154270f026c7c83fbbcd79e3fd96d3d12a3890508e9e420475a38157f36d
Score

3^/10

execution
behavioral27 behavioral28

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

T1059

JavaScript

T1059.007

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

ACProtect 1.3x - 1.4x DLL software

Loads dropped DLL

UPX packed file

ACProtect 1.3x - 1.4x DLL software

UPX packed file

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28