29b732557cb9e5f15b0c92ce6efb0c2c5ef22bd59068f3a87d40c4560ebaa2b5

Sharing

Copy URL

Twitter E-mail

General

Target

07a3273b9918b7ecbd2a22b3a8e61bc1_JaffaCakes118
Size

101KB
Sample

240624-k6nsnayakr
MD5

07a3273b9918b7ecbd2a22b3a8e61bc1
SHA1

c3a101466578a60b4a15c508983d6cb4cf48da8e
SHA256

29b732557cb9e5f15b0c92ce6efb0c2c5ef22bd59068f3a87d40c4560ebaa2b5
SHA512

3f1dd243cc8bd80113498781eba2c8b99c6ad765dcd3ef45380519f0705f4fdabb332aa7532a910a0d8e7039817d7d15412477355fd79a2888a96119bd9d960e
SSDEEP

1536:ApgpHzb9dZVX9fHMvG0D3XJdgaGtB1V/bax8isQzxX/8b+qJSaLEYdVN25+Q/:WgXdZt9P6D3XJW3z/+Dzx0b+qJSsNzQ/

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  07a3273b9918b7ecbd2a22b3a8e61bc1_JaffaCakes118
- Size
  
  101KB
- MD5
  
  07a3273b9918b7ecbd2a22b3a8e61bc1
- SHA1
  
  c3a101466578a60b4a15c508983d6cb4cf48da8e
- SHA256
  
  29b732557cb9e5f15b0c92ce6efb0c2c5ef22bd59068f3a87d40c4560ebaa2b5
- SHA512
  
  3f1dd243cc8bd80113498781eba2c8b99c6ad765dcd3ef45380519f0705f4fdabb332aa7532a910a0d8e7039817d7d15412477355fd79a2888a96119bd9d960e
- SSDEEP
  
  1536:ApgpHzb9dZVX9fHMvG0D3XJdgaGtB1V/bax8isQzxX/8b+qJSaLEYdVN25+Q/:WgXdZt9P6D3XJW3z/+Dzx0b+qJSsNzQ/
Score

7^/10

discovery
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Drops file in System32 directory
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  14KB
- MD5
  
  325b008aec81e5aaa57096f05d4212b5
- SHA1
  
  27a2d89747a20305b6518438eff5b9f57f7df5c3
- SHA256
  
  c9cd5c9609e70005926ae5171726a4142ffbcccc771d307efcd195dafc1e6b4b
- SHA512
  
  18362b3aee529a27e85cc087627ecf6e2d21196d725f499c4a185cb3a380999f43ff1833a8ebec3f5ba1d3a113ef83185770e663854121f2d8b885790115afdf
- SSDEEP
  
  192:86d+dHXLHQOPiY53uiUdigyU+WsPdc/A1A+2jwK72dwF7dBEnbok:86UdHXcIiY535zBt2jw+BEnbo
Score

3^/10
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/SelfDelete.dll
- Size
  
  24KB
- MD5
  
  7bf1bd7661385621c7908e36958f582e
- SHA1
  
  43242d7731c097e95fb96753c8262609ff929410
- SHA256
  
  c0ad2c13d48c9fe62f898da822a5f08be3bf6c4e2c1c7ffdf7634f2ca4a8859e
- SHA512
  
  8317af5cc3ac802eb095f3fa8cc71daa1265ca58fead031c07872f3d4bb07663a7002ae734fad392a7617f0923fe0caf1f54ed55afdf8516a6a08e202d86fa7f
- SSDEEP
  
  96:1dIrJYYrzPpqAAZ9sNIaI2y9WulXEGNRrG:nuYATpq/viyYuEYRr
Score

1^/10
behavioral5 behavioral6
- Target
  
  EBcds.exe
- Size
  
  220KB
- MD5
  
  f5309c8b31a83bcbcb340cf0b951c016
- SHA1
  
  323a5eba82629c6734bda2f91469ac51d8c31c99
- SHA256
  
  321dec38ad670d6440467cc1c851d4e7a8ad16e3ba43a2d8e427922dfd177bb7
- SHA512
  
  f986323b9b21fc4e4a0d379c1eae0328d92fca82f3de8a425bee1361b0856c8e03ceafe2c863812e432e004da4566215b79b9f9aba38896fe2c2d1ab9c1f7a1b
- SSDEEP
  
  768:9q8N6lf3Zlzs9Mn6b2AtBw5bcm7sVd4d88x4vUO0BvaIBCfBENKOCG:c8U5HsgPYV8Xx4MbBCIBCfB/OCG
Score

1^/10
behavioral7 behavioral8
- Target
  
  EBcdssvc.exe
- Size
  
  20KB
- MD5
  
  134454ccda9649c659682fa0b1d5d687
- SHA1
  
  1db5be866ccf1f677ae54196489e4abbbc1b1c29
- SHA256
  
  3c3d9f236f4b70f2bdc48a61953b5f72696628e86c3f53f8070df66e70d5e347
- SHA512
  
  77ada47a7bb607224db3ace6274b6e27a497389c8573046decad6409beba1392e53a95bf4971ee0c212611145ed48003de3f72d8534b9fa7f520ca0ebe56107c
- SSDEEP
  
  192:zN71oEkRd/1FB0dFjXqCZX19xK9C6a0BuCBWLSTU8Ru01oy7l:unFB0dFj6Cp1+s6xBW+Tz1b
Score

5^/10
- Drops file in System32 directory
behavioral10 behavioral9
- Target
  
  uninstall.exe
- Size
  
  52KB
- MD5
  
  3d17a6e8d6e11feb3af9d05f5f198a54
- SHA1
  
  f04819e1107659307af42a7a8de26212773d5386
- SHA256
  
  add2f9fd39dbd2524494bcee7746cea84e45d600ea0c40b86bf2793718a73103
- SHA512
  
  98fcac43cdb259e8afb061bc1d96f535c15aab61dd51cdcd12b90615e6210c5a2a8b49c1983da5ad80d74db31d3ff675fd977c17acfdb00221166e2763134338
- SSDEEP
  
  1536:ApgpHzb9dZVX9fHMvG0D3XJkpSaLEYdVN25+Ql:WgXdZt9P6D3XJ6SsNzQl
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral11 behavioral12
- Target
  
  $PLUGINSDIR/KillProcDLL.dll
- Size
  
  32KB
- MD5
  
  83142eac84475f4ca889c73f10d9c179
- SHA1
  
  dbe43c0de8ef881466bd74861b2e5b17598b5ce8
- SHA256
  
  ae2f1658656e554f37e6eac896475a3862841a18ffc6fad2754e2d3525770729
- SHA512
  
  1c66eab21f0c9e0b99ecc3844516a6978f52e0c7f489405a427532ecbe78947c37dac5b4c8b722cc8bc1edfb74ba4824519d56099e587e754e5c668701e83bd1
- SSDEEP
  
  384:3rYz6grZodORNWATt4TBmlk5ooyzFh7BukAUdJoUtSOSR:3QggDWATWNCFh7BNddJoxO+
Score

3^/10
behavioral13 behavioral14

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Deletes itself

Executes dropped EXE

Loads dropped DLL

Checks installed software on the system

Drops file in System32 directory

Drops file in System32 directory

Deletes itself

Executes dropped EXE

Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14