General

  • Target

    025738643df8f114d2146e8735b49d23_JaffaCakes118

  • Size

    1.3MB

  • Sample

    240622-qlfjfazbqe

  • MD5

    025738643df8f114d2146e8735b49d23

  • SHA1

    77215471901f0f7e325a91e82ef6b755350750c1

  • SHA256

    0e01ea2c54fe331fbfb39992df7834cba58d464852ac3c2673022ee3820fb760

  • SHA512

    fc9c935040126941064f6dbb92809bf9dbe270288d707488d036fb0b45f0521095236046bc347bacc48375f7206b771710f2488fb6adc37a559f9d1f6b4fb686

  • SSDEEP

    24576:Qb2OLkPAu1EYg/9/BqY5/V850VqMWyQCsQqyZECuxNbqXb6X:G2pPv2Yg/9/hk0VNWy9lqNb8b6X

Malware Config

Targets

    • Target

      025738643df8f114d2146e8735b49d23_JaffaCakes118

    • Size

      1.3MB

    • MD5

      025738643df8f114d2146e8735b49d23

    • SHA1

      77215471901f0f7e325a91e82ef6b755350750c1

    • SHA256

      0e01ea2c54fe331fbfb39992df7834cba58d464852ac3c2673022ee3820fb760

    • SHA512

      fc9c935040126941064f6dbb92809bf9dbe270288d707488d036fb0b45f0521095236046bc347bacc48375f7206b771710f2488fb6adc37a559f9d1f6b4fb686

    • SSDEEP

      24576:Qb2OLkPAu1EYg/9/BqY5/V850VqMWyQCsQqyZECuxNbqXb6X:G2pPv2Yg/9/hk0VNWy9lqNb8b6X

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

    • Target

      $PLUGINSDIR/InstallOptions.dll

    • Size

      14KB

    • MD5

      325b008aec81e5aaa57096f05d4212b5

    • SHA1

      27a2d89747a20305b6518438eff5b9f57f7df5c3

    • SHA256

      c9cd5c9609e70005926ae5171726a4142ffbcccc771d307efcd195dafc1e6b4b

    • SHA512

      18362b3aee529a27e85cc087627ecf6e2d21196d725f499c4a185cb3a380999f43ff1833a8ebec3f5ba1d3a113ef83185770e663854121f2d8b885790115afdf

    • SSDEEP

      192:86d+dHXLHQOPiY53uiUdigyU+WsPdc/A1A+2jwK72dwF7dBEnbok:86UdHXcIiY535zBt2jw+BEnbo

    Score
    3/10
    • Target

      findtop_setup_09.exe

    • Size

      1.3MB

    • MD5

      582f2e8f7307c44f3ce3f0e4189cebb3

    • SHA1

      d1e02afffe899bc8d55dcf5acc2a8b1a38790d0d

    • SHA256

      e00b01670253c987ff1761257cb9967d677acdef711dde43347a6242c4518fc8

    • SHA512

      89c49664611a8d7aecd98eebd3d1a814a420b603d93ca39614bd8d35f656d6956c1ea3206e359c3c6dbf6df06a13ff9a5841e2f257662fd37d9df6b38c8a2fc6

    • SSDEEP

      24576:QnvzXWRAGDcNZxW9/BzY0hzi082AZqrWebiJyZugux2TrhbICLX:QvSA/NZxW9/S0o0AZUWepvq2TdbICD

    Score
    7/10
    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks