a67841ce6c21b1e48913310654d1501e691052a92369dfcefa1f24690e834ed4

Sharing

Copy URL

Twitter E-mail

General

Target

002dc324480f36090c970df4c49febfa_JaffaCakes118
Size

1.9MB
Sample

240619-yc3llsshmk
MD5

002dc324480f36090c970df4c49febfa
SHA1

7078d5722d71cafbd28ac04180d5f40e91bf7d28
SHA256

a67841ce6c21b1e48913310654d1501e691052a92369dfcefa1f24690e834ed4
SHA512

f93466390e3567d6325cf6dc08d77f259ce06434b755cb0f54bd874736ca41c0377f5f717a410810fac10b22a6ab2ba6b6f13c5aeec873283b54b4ab130f1f01
SSDEEP

49152:+IFOzvc+UBRS2ctBhYy/LCAJTZTJMQ9E9thxYQr7bTUA7:+IFkSRKBhYy/mAJh3EthxdrfwA7

Score

7^/10

Malware Config

Targets

- Target
  
  PP2008/CMUpnp.dll
- Size
  
  80KB
- MD5
  
  8cb8322b8690b383fa74a4603e745e6d
- SHA1
  
  693640170675e5552dbeb873c456f23c9a5ef9c3
- SHA256
  
  98b8baccc7c5442e08bebefc1ae7d1b8c5fb3fa899b96addd687f049bf6432b0
- SHA512
  
  4c18dc34668bded85b70f8fa7993e90ac2f12e06811ca44ed5ed08d899051889b46c40a0db0d358c27a981c570453062a5fba3d01219956b206e295a92f7bd6d
- SSDEEP
  
  1536:Ol4F0ybIvCENPfyXJG98t66AwJ8krv7CsGYPl3:OG0ybOCysH6gN+1YPl3
Score

1^/10
behavioral1 behavioral2
- Target
  
  PP2008/CoreDll.dll
- Size
  
  223KB
- MD5
  
  93fcfe9c444f0443d703ba6f13461d25
- SHA1
  
  91f12af131f98fb0f035246dc49397fba3256206
- SHA256
  
  e95f8395b9fa3c1b25119c619c06142073078187a1bb437745984b940ffe8751
- SHA512
  
  1d0f09c9ea2eb54193ffd596b5e0e4d374bd60caed40177b6029bdebe25d646516a40b683c3c08a51b2cad6055de7945f2c3ec70ba05447173763442d43e1fa9
- SSDEEP
  
  6144:kZGzzOV0SEVgqdflTc9ogj9AzVZfWTBlnIsf:/zOIVRlTc9fjyPfWT3nIE
Score

1^/10
behavioral3 behavioral4
- Target
  
  PP2008/FtpGoper.exe
- Size
  
  196KB
- MD5
  
  69c557dcb76c8c6c3d2bc61540b3bf42
- SHA1
  
  6c88466bec645139ea6998d74e46e8753f701ca8
- SHA256
  
  b63669dc92ea50e53d210824256299d587da322dcba06a8781be86f92fe915ac
- SHA512
  
  9a6cdfe23ef133c0f81bed644ebd06a7c19a48504de22ca13f861180768d1637aa7a25cb2574f7b61ddf9e4aeba15a6ccdfc725c81d4845d87bf230d14f29995
- SSDEEP
  
  3072:zvNbcJRDci+GnAeL4wmOPcBkyjImZH6/gc9Chw2yacpPSBc2W5Ol8e9l09FN:z5cJRDcDGA+OHBkyjImZH6/0wacpTz
Score

1^/10
behavioral5 behavioral6
- Target
  
  PP2008/Local.dll
- Size
  
  714KB
- MD5
  
  f6e6a4680a578ad8c5ef7bd671372900
- SHA1
  
  7636fc6e4810a946b43263fa5de03daeeb0a088d
- SHA256
  
  6115cb290e4fe203e20aeb7e522553da8b9d67b3a1d96e7feed932653a7d0463
- SHA512
  
  0c35142e4aa12be403ea6a1051dfaed8b692bd7ffa98a10265a0561fe9e789995b97ad3370742bcf3d7456771550deab56ee096a2841517638b0d0ebc470c082
- SSDEEP
  
  12288:7YpvuB+683YxvBdJ2r0YDM6kKhHa4fiSvC2Ykwutm3Xo4xHqxsT:c5vgxvrYBDa46SjYrxKG
Score

1^/10
behavioral7 behavioral8
- Target
  
  PP2008/PP2008.exe
- Size
  
  508KB
- MD5
  
  1d96062c1ccd8587049c1778ded172e1
- SHA1
  
  280b9370e696258f44d92a531d58b45d74fc09d8
- SHA256
  
  593d333d4d78f442488d2fa0504f01775b9b6b0eea4d33aee4695de3fa3ee0a5
- SHA512
  
  f7ccc15d114409972d67dfdc5c8f68548e13ff206099198879302596bb58b59127b8a043ff9452dd0336842db81df03c63ae673ac9ee0b81e7b5999c2cc196fb
- SSDEEP
  
  12288:sUkbk4MwH7VZBBfofvuO/Lwr8baS5zXdVR4m:sDk4MI5CDaSb4
Score

3^/10
behavioral10 behavioral9
- Target
  
  PP2008/SkinRes.dll
- Size
  
  1.0MB
- MD5
  
  44a891078362a1bd59f389b3e0da3cf7
- SHA1
  
  6a800b9683f531f703afe4906d0cd3e67a2aab46
- SHA256
  
  3e28d71789c7f063c8aacaa2e1f93baadd1b0fd2dda039b77f15a521f80aca1d
- SHA512
  
  e0eb66fe39a3ba0cd3f0a326999b28422977f081935534ab81008d84d6711d666035a9b7722ae792da16ca948a58ce8853f58b4416a5f3ca208adafde92c62a0
- SSDEEP
  
  3072:GtCDYjy/juNH20j0rzEasNsE208sEy8c6EE0EEayn/cs7XPSmgERIk4QrzD000SG:kSjMMQlE5RfYqQE/gK5H5US
Score

1^/10
behavioral11 behavioral12
- Target
  
  PP2008/Updater.exe
- Size
  
  93KB
- MD5
  
  2935aa3250ef6c4f4a0ec0ffb3e65c3d
- SHA1
  
  feff7d66a1f9b335e108137bcd7153b94ec61262
- SHA256
  
  a719e5dfef5caeeb00e5c41f56f989eb8b85177e2b70315cb82bcda51b0edea1
- SHA512
  
  5ef9f6dc66f3dd02c8aa96776bf0de1724cb19b31fa8242b7097085cccd21584ebd246b6135207df9f52470120377e96fdaf00c9e278d40411947f37cf71b08f
- SSDEEP
  
  1536:ozttHNy3XCoE4rfQuyxzJh9mf4PwSItc3O7wDT62I3trT+Wpubk5EqlY:oz/HNyAuyzJbmGv/HI55puI6qlY
Score

1^/10
behavioral13 behavioral14
- Target
  
  PP2008/UsrLogin.dll
- Size
  
  600KB
- MD5
  
  38fa777b718aaa635dc33a2b0994813c
- SHA1
  
  a4736c09dcaa4a2ef40a9c468db2ed93230c3e8c
- SHA256
  
  e0e819cc4e4f2f0084780d11b9f303a1a553b9da0d35889ba64130b104384564
- SHA512
  
  1e27c78c58123606a8d59d05a4fc40a5b813e4865961f8e491ae92a95f473d9e104e7f01b77680aec876cea59f5e60aec766c1f35a7aa2ec2f3996681de62450
- SSDEEP
  
  12288:XkRxjOZ6S1ghczf1xX0tF+BxvwYrGBvJ5wxMS8HWnjECplI:WSmcz9xXu0trGBvJed
Score

3^/10
behavioral15 behavioral16
- Target
  
  PP2008/funcmod/Bt.mod
- Size
  
  200KB
- MD5
  
  71f419079bbb6058e09f0bc8f948d2ab
- SHA1
  
  caead1b9652958138059836863efd4a959679bba
- SHA256
  
  ab3b345d80ae29c09f311a904c2e7c6f3fd89238f07f42eada4b32fc472faf31
- SHA512
  
  ae7432525e884753f9e60b1413e2cf2c511f20b64afc0cba24266818c2797ab17df6d22fa4e4cf57a23872dbde323f1b069358943ce16290378b4170be27c636
- SSDEEP
  
  3072:B+EcUS2exfraOvesVLu3MlfBYWY5SSajJ0H6jg4zmu/sI3W9lGSy6Moz:xxek43VCclfBYUHz3/+uSy6J
Score

3^/10
behavioral17 behavioral18
- Target
  
  PP2008/funcmod/Cs.mod
- Size
  
  204KB
- MD5
  
  17a4bc65471be7a0e6a1105023e531d6
- SHA1
  
  acb67b8380c595eb915987e2d9b4745fe6e449b5
- SHA256
  
  da2ad1cc13cd341751c79e332e27dfbe0008ad3d0597256d17003992d3b03b97
- SHA512
  
  322462f7c0a7baee6c617bb82519608deabe606d34a715366dc72eb26c602db1d9977cd1de8123cdf124f577162f705f8e13d68c2905610b0dac0ca0199ec5d4
- SSDEEP
  
  3072:1Thi5U93wY0mdtDdUnUTDTrQRNHwZL2mK+9LbI86BV15sZKlJz:9ceSAt5UnUPrEly2mH9LUBb1QW
Score

3^/10
behavioral19 behavioral20
- Target
  
  PP2008/funcmod/PPPT.mod
- Size
  
  256KB
- MD5
  
  3d76bc9c75649f55cd2981d2455e48d1
- SHA1
  
  a6a3a6f85854570ffab5b2472d44318500e5854e
- SHA256
  
  03b6d50ed063398ffd1c4c65fea187ebd0d91e33cfc989e35ef1634c712bbc63
- SHA512
  
  d06d1b11e5274e5b30fa7b60ce73a4b90d0714e8bcfce113d7e2925dd6e5fc4a887e2d8634e02f224bc71217b7c0344a88ab7127a395e60edc42cab260c5e6ed
- SSDEEP
  
  3072:KeC1a2nlXcU/8zkG5JzM+UVoD6/OSbxmFQZXrH4kzcjFzcr8XC1Hll6ksA1ssh35:vE95cUyn4omfx6EYkzkZcYX0xZ7
Score

3^/10
behavioral21 behavioral22
- Target
  
  PP2008/funcmod/xed2k.mod
- Size
  
  476KB
- MD5
  
  b3cdb72219fe08da71419e29f5bdced7
- SHA1
  
  5dea7f38f8c7089bf8a36865ff990aacabf86e3d
- SHA256
  
  583dcd9ef9bfe898028ba2e32fe431bdb9350e41d5b03bba1f771884fb3da942
- SHA512
  
  01d2538ff872c1737720ca39a59811f448428e5c561390246542ea413e59b3930909e4f21e006d3b611d40acdafaca728349962df096cf2bcb7f9278b0d7ae74
- SSDEEP
  
  6144:YugPGhIE+ZkcpnVaTxttHadx4Qz/U7S99hM9u2T2COru6cWXKNoqJLb4e:YuguhIE+h41HoTh99h/2fTQKNjb4e
Score

5^/10
- Drops file in System32 directory
behavioral23 behavioral24
- Target
  
  PP2008/localver.dll
- Size
  
  5B
- MD5
  
  f702defbc67edb455949f46babab0c18
- SHA1
  
  a9b4daaa58292bac4bad5c1c3cf56398f25112f8
- SHA256
  
  17eb8859aab835857555cd9450004f4896a6958ced1d34615bbb295a75e22ed8
- SHA512
  
  d3b2783097ea6bc302bf94b695b02388147257bbb7521dfcbf8ef343bdc82588f2c5f062556e67f8a981b7ae15017f65a0612d219c7da16ee818fad9ecfb0c6e
Score

1^/10
behavioral25 behavioral26
- Target
  
  PP2008/plugins/DownAgent.dll
- Size
  
  52KB
- MD5
  
  dba6de61aef1903513bb711264df9b53
- SHA1
  
  01a4d6d3c2c4cfd3e456ba3753a1727c198ec38e
- SHA256
  
  381e39b52fc17e7995f26b70e7f10c0b98f7caeb4c3c69797e34667b49ecd448
- SHA512
  
  6e074f08e2c84ee82e9306fe2721ad6cdc155e31c33e74de84f4ecd631a43873ea6c0ac955a7653d140e2ba21d4f786e9f2dc316aaf11a8858397a37b64a9374
- SSDEEP
  
  768:M344ZYymNbC9JlzBc2rIMiNVGdYyIps2HMLE5:M34UgbCFBFsMiVyYyUMLm
Score

1^/10
behavioral27 behavioral28
- Target
  
  PP2008/plugins/DownSpy.dll
- Size
  
  72KB
- MD5
  
  2cf0ced949604e68328894261126902d
- SHA1
  
  f7985b4a302f098e5943300f9c0bf409d293f6f4
- SHA256
  
  66a27c655df97ad84f0971a00a3d8f9ce753fc1558de8f76e993cea519351ad6
- SHA512
  
  63c173aa7d52ccc42895123c4c7341de9262a438c82989f6ad7a04719acaa59dc7cf970cfe67497dde489eda5f89c9a64f864c680e7f63245c49bc1d069cf97e
- SSDEEP
  
  1536:emlmMWm4al/vk1lHhr5yD6uFLTVcQX2tel3dzB:em8MkpS1VXdl3L
Score

6^/10

adware stealer
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
behavioral29 behavioral30
- Target
  
  PP2008/pndx5016.dll
- Size
  
  6KB
- MD5
  
  33833b3eda1b07ebd367fa9b38b23e60
- SHA1
  
  d4693566e54f53fcf72bbe0a00477b3fece0b496
- SHA256
  
  ac0e3c3b7337096a08a133365630ade3a5cadb391dced904d016eb3740c903f2
- SHA512
  
  d936f77a2b4be300a75ca0d323120cf24c00a426605434f30c8c9c99c9e525df629146cf93e1477786ca6c51893ed7c0e2db6129f32bca892f853697bec9ea16
- SSDEEP
  
  96:0BngvLWo04uNwrdXG3oJe59n9jNtzW9uaX8ACaNczh:3ipz4cRrzW3rG
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Browser Extensions

T1176

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Drops file in System32 directory

Installs/modifies Browser Helper Object

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32