2659bb8557a648174c4543e9ef7c1ec4816f4f1f98d244acc5ee7a4b9c0fc2fb | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bd6cc8aa5eb85f765adfe9f416397b9d_JaffaCakes118
Size

303KB
Sample

240619-vnwewsvbqc
MD5

bd6cc8aa5eb85f765adfe9f416397b9d
SHA1

788de64ecc6bac57b970b0aa2c42830c6478bb58
SHA256

2659bb8557a648174c4543e9ef7c1ec4816f4f1f98d244acc5ee7a4b9c0fc2fb
SHA512

fdf84013754de2c69c849445a68a3d3d4b2a41913d081f37fdc3503c622fca499be7c04a965c2ce56eae2c1983a8f6f6606c7526aaf459b39aabdedfd9af6e18
SSDEEP

6144:q/Ki6UpfQc8k7GjrxX4sqa86dThQsm0jlAuica+Nffcs:hb0qtK6dThQsm8Li/EfT

Score

7^/10

evasion trojan

Malware Config

Targets

- Target
  
  ??????.url
- Size
  
  75B
- MD5
  
  64460f95f0f0cbc47a45f31d72780038
- SHA1
  
  6be2d40887313c6a760cc6d5d30d2d79c58879c4
- SHA256
  
  ab3afe9f268d5eb51dda69a2c09abc88c4a4155933b865876a951c13a4b0f76c
- SHA512
  
  76bb2d76643bc431358413ed7ac2c79a9ae98d63f6cbf013c0d1d3779052b1799102a77b4ac6eae7ccc7bc0760f870ad4ef3b5d978d58df07f0bcc0efb23d3d5
Score

6^/10

evasion trojan
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2
- Target
  
  GarenaPasswordDecryptor/GarenaPasswordDecryptor_Installer.exe
- Size
  
  400KB
- MD5
  
  46f54787d5d6e9eee57cd0c038813176
- SHA1
  
  3619d263eb3eb6f65053cc96a0a2cb281149cb40
- SHA256
  
  df0877ce597a250ec7918c81cfd481d4c756a6bb94b48fbee4d053de20fd280d
- SHA512
  
  e14ce3910fee233bd749415e42ee298c7ce038e883d9f1d1cc957346138796bd6a6063f60574dcc5f84a9f8792ded89f10d653e4b9844008d7380d59d3aa1f9f
- SSDEEP
  
  6144:5e34XKOsyFot2bS/+QbPQwwhdL5HPrH/hmDmFsuiczJJNu:3OkoX+QkhfL/8dc/M
Score

7^/10
- Loads dropped DLL
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/inetc.dll
- Size
  
  20KB
- MD5
  
  7569b23f19a0f5cb4c1d3b30a296c4bb
- SHA1
  
  c5f3546b3c795e46445393960694a2341692ddc7
- SHA256
  
  615bf32e15aaa8d58832df2298f75dd2b29ea5f25bf152c99630315cb618a31a
- SHA512
  
  11663bf180f9540ad247957b6793f8afd1b4e66f3b692b4ad05735f07459dd524571245928c40e26e3de691472508f5632fcd4add1eebad559d504eca32c08a9
- SSDEEP
  
  384:gBCwUYeQ8geEQyhUtXlcgCHe8DSMk8/UhU7ya4Lp0Ac9khYLMkIX0+GvRgbJ1:pwUEpet1cgCHe8DNN/UhUua4L
Score

3^/10
behavioral5 behavioral6
- Target
  
  GarenaPasswordDecryptor/Readme.html
- Size
  
  506B
- MD5
  
  caa8d84c4cfbd03beee97ec8a03d8e92
- SHA1
  
  22fb1fe046d27af529a18f606d9ab071b2df2557
- SHA256
  
  b864776d4fbc44c6fd3c95e4a50912bba1f411d4a1d573add06b66c8a6e4e311
- SHA512
  
  6f7b33786e0104ec412f9f5ea58907680912eac76df3f532712046013d190c95872847acedec66aea9219cf0eb7a723d3c253a90cb654ddfadf2f079d741ac50
Score

1^/10
behavioral7 behavioral8
- Target
  
  GarenaPasswordDecryptor/SecurityXploded_License.rtf
- Size
  
  51KB
- MD5
  
  316cc59fe8fad0ff382de96acdab2894
- SHA1
  
  4754d5059dc52bc612353b6cba28747c71d28f07
- SHA256
  
  4cc7b7dc863da1dfaf197bf4198518c9fbdb088d6de7790793f7715772a8a890
- SHA512
  
  bc1a49d0bfa345db3c02665a51255a21ace566c0205fec4ad169ac272a374b498a057e7d3c53f291af7dc182f4b6ba7028d7c3dd58a7960b44b650557f013d4b
- SSDEEP
  
  384:loeWYQ5Azb7PzybdKkI3Y98eyQ0ZfcNbH1mCcq74apw3Vu+vGA6W1Tzi6rGs2AYg:loee+3YKq4GB9hAkj3E
Score

4^/10
behavioral10 behavioral9

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10