295967ac71f014113a7e7c10737ff8b1b3fbe65bd037995ee7a998f16b94144a

Sharing

Copy URL

Twitter E-mail

General

Target

0001ffbe1e17d3d118b1103064a2a6a4_JaffaCakes118
Size

960KB
Sample

240619-xbanrs1cmj
MD5

0001ffbe1e17d3d118b1103064a2a6a4
SHA1

82cfa29c31b4608c279f04cadc861656643a0233
SHA256

295967ac71f014113a7e7c10737ff8b1b3fbe65bd037995ee7a998f16b94144a
SHA512

f13b763d8802a0db807710cf642d8f0209e0356f7e50b4b5bc4720ce0887c88104b0d640cdedb1ccc1a3a0b53b1088234897dc62cd9a919b93eef68867733aea
SSDEEP

12288:l8n/v5n3XQ3E9LFZetKVsSEkaPYfQMlgZWjpeS3Pl4SAVAAumREYbDAtInAVFJRK:O/x0E9G6nbaPYd4WteS3PCXVAiEOiYH

Score

7^/10

upx

Malware Config

Targets

- Target
  
  0001ffbe1e17d3d118b1103064a2a6a4_JaffaCakes118
- Size
  
  960KB
- MD5
  
  0001ffbe1e17d3d118b1103064a2a6a4
- SHA1
  
  82cfa29c31b4608c279f04cadc861656643a0233
- SHA256
  
  295967ac71f014113a7e7c10737ff8b1b3fbe65bd037995ee7a998f16b94144a
- SHA512
  
  f13b763d8802a0db807710cf642d8f0209e0356f7e50b4b5bc4720ce0887c88104b0d640cdedb1ccc1a3a0b53b1088234897dc62cd9a919b93eef68867733aea
- SSDEEP
  
  12288:l8n/v5n3XQ3E9LFZetKVsSEkaPYfQMlgZWjpeS3Pl4SAVAAumREYbDAtInAVFJRK:O/x0E9G6nbaPYd4WteS3PCXVAiEOiYH
Score

7^/10
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  14KB
- MD5
  
  325b008aec81e5aaa57096f05d4212b5
- SHA1
  
  27a2d89747a20305b6518438eff5b9f57f7df5c3
- SHA256
  
  c9cd5c9609e70005926ae5171726a4142ffbcccc771d307efcd195dafc1e6b4b
- SHA512
  
  18362b3aee529a27e85cc087627ecf6e2d21196d725f499c4a185cb3a380999f43ff1833a8ebec3f5ba1d3a113ef83185770e663854121f2d8b885790115afdf
- SSDEEP
  
  192:86d+dHXLHQOPiY53uiUdigyU+WsPdc/A1A+2jwK72dwF7dBEnbok:86UdHXcIiY535zBt2jw+BEnbo
Score

3^/10
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/NSISdl.dll
- Size
  
  14KB
- MD5
  
  a5f8399a743ab7f9c88c645c35b1ebb5
- SHA1
  
  168f3c158913b0367bf79fa413357fbe97018191
- SHA256
  
  dacc88a12d3ba438fdae3535dc7a5a1d389bce13adc993706424874a782e51c9
- SHA512
  
  824e567f5211bf09c7912537c7836d761b0934207612808e9a191f980375c6a97383dbc6b4a7121c6b5f508cbfd7542a781d6b6b196ca24841f73892eec5e977
- SSDEEP
  
  192:tUZTobBDJ68r67wmsvJI5ad9cXzFOVu+mZ/P3p+57CvpVqDxVp01Dwn2GRPgsfA:6Bo/680dCI5adOjFOg9//p27uNw2Go
Score

3^/10
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/nsis.exe
- Size
  
  449KB
- MD5
  
  68870fb83ad7de49f367d4859880d75d
- SHA1
  
  e3bec33886fa8eda218e91afd4e88938b03edd1c
- SHA256
  
  c063ae51c33f73275bd5d643aa760d4994175f377fc23ea8e0bd68ee77fba616
- SHA512
  
  a55d7cce60b882dd476dc1192e8fa957c7a5c42d393f08eba2959b4f9a7778da7e49cdf2d4da403e98669911e82924d3017d669d4983f3db6b06f06f881e1420
- SSDEEP
  
  12288:vmz9UIKoZfP5AgTM9L1Vu7KBWA10zRQVcYQrRT0:bgPTTM9xC/20zucbG
Score

7^/10

upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral7 behavioral8
- Target
  
  GinoPlayer.exe
- Size
  
  230KB
- MD5
  
  c82bba9c6fb9d1bf2ec4e114d8456844
- SHA1
  
  f1d9856b01626ef8b84a70f50df13be6b2ce4823
- SHA256
  
  69a75ecbd4db1dde170e23e4c227d62269346244c1861bdfb41b9da358d89ef1
- SHA512
  
  ee49770382d0b2ee9647fd8d4e91dfc98bf69522bca08cbc9c1a6e0a4900ca24f29111bb3a220895c07cccbe80b9a871a2bcbcc0e5ea72502dd28c37ffeaf1ef
- SSDEEP
  
  3072:ZX3Bhg694tjSg694tdHoPgR4PKmAsFTmIeBOtYAVoHhDL0ad/dl+rozWlyf/tVzV:c5+PU4JjyONVoHhDL0ad/dl+Tyf/n4
Score

6^/10
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral10 behavioral9
- Target
  
  Interop.WMPLib.dll
- Size
  
  284KB
- MD5
  
  d92527eaf9868a78a3153242d3b6098d
- SHA1
  
  0a63e538fededd292e05364d62dfeab278eac413
- SHA256
  
  5d36a9c572a309d3cc632ac8c7a1e4ea6fc3969b31dc6d1a9284dea44a213d80
- SHA512
  
  27422787764863547331144a26fdb233f859a98c5fe15e1b1dcffa9c295da1535ca049e980e4a29d6068cd0fa54f947bfbda76e851c524a711611d6949d5a3ea
- SSDEEP
  
  6144:UMfmxYbidUn+MCdW85I6hI3uFc7y5g/md0Dqx4HeVMriJQPWtkzaBoXOl8bSZAfl:UMfmxYbidUn+MCdW85I6hI3uFc7y5g/j
Score

1^/10
behavioral11 behavioral12
- Target
  
  Uninstall.exe
- Size
  
  77KB
- MD5
  
  ff11f586d42a888469164063c399d917
- SHA1
  
  b3feded2344ea9a22035f628a441883c6216bf3e
- SHA256
  
  869c31354b5c3f1c7586fec5c51270a606ca5210d4ea9df4a078a1d7bc62112e
- SHA512
  
  573c35c9f066a2fbfba29d1cee5157b0d518d62210beb088d8c5380d43da4ee749a215ff76531e9ff59161a6449bdb44e3e0ee2ec4b18e03e0d36cbb131cbc86
- SSDEEP
  
  1536:7iZU91Rzv4f/+LHgmpoM4sXJKTmdxQi5jaQkaB72/v97+N:7iezvrL9oMXJKatjIg639KN
Score

7^/10
- Executes dropped EXE
- Loads dropped DLL
behavioral13 behavioral14
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  14KB
- MD5
  
  325b008aec81e5aaa57096f05d4212b5
- SHA1
  
  27a2d89747a20305b6518438eff5b9f57f7df5c3
- SHA256
  
  c9cd5c9609e70005926ae5171726a4142ffbcccc771d307efcd195dafc1e6b4b
- SHA512
  
  18362b3aee529a27e85cc087627ecf6e2d21196d725f499c4a185cb3a380999f43ff1833a8ebec3f5ba1d3a113ef83185770e663854121f2d8b885790115afdf
- SSDEEP
  
  192:86d+dHXLHQOPiY53uiUdigyU+WsPdc/A1A+2jwK72dwF7dBEnbok:86UdHXcIiY535zBt2jw+BEnbo
Score

3^/10
behavioral15 behavioral16
- Target
  
  launcher.exe
- Size
  
  550KB
- MD5
  
  9b83990fce13716ad79131772b15c915
- SHA1
  
  989dfc018c35a0242523c722da6fa881aa9f2678
- SHA256
  
  5b2338071972a864622a36a4452d218d70f1c80024c6f7d84e1c5aa590efd5d1
- SHA512
  
  e3ae253c7f9c3bdefe0965af1a788f26025c0994c2bcf76ed7c4048dad648b383bf245bd2854c90c40dd6f453868f9dec2b86cce8414dcfd00c61c898ace1c38
- SSDEEP
  
  12288:een6U3av8FtwV5qgsD8v3MJdogR7eKObvc5hAe:e03av8Ft45/3FSFOTc
Score

1^/10
behavioral17 behavioral18

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Query Registry

T1012

Peripheral Device Discovery

T1120

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

Sharing

General

Malware Config

Targets

Loads dropped DLL

UPX packed file

Enumerates connected drives

Executes dropped EXE

Loads dropped DLL

MITRE ATT&CK Matrix ATT&CK v13

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18