e67777b181a1ca1f21890bd0da9b177bcd850498375af8f1b0d3d61c7a54c9d0

Sharing

Copy URL

Twitter E-mail

General

Target

088a5597c25de7da7946d6475c41c42b_JaffaCakes118
Size

9.6MB
Sample

240624-pslhlascnh
MD5

088a5597c25de7da7946d6475c41c42b
SHA1

13f7ddd4906ec5a8b0df28ce352a50d07f721f23
SHA256

e67777b181a1ca1f21890bd0da9b177bcd850498375af8f1b0d3d61c7a54c9d0
SHA512

fd202e54338b8c7b15901d4e43fb8d15a76c4bc4145fd742c3a9161371a696eebe7974b6523326a78d99d395a5a79274749b187ab44ac3d508d1a2bc08cbccba
SSDEEP

196608:ymW+JpzqHHQRgJvfFU4NdHj00YY0e8XIt6YTJNie3iTBfAGk+fAJK/JxdcqNatBM:3GHHQRgXdH40YY05XIpTJseyNM+YI/6y

Score

7^/10

Malware Config

Targets

- Target
  
  088a5597c25de7da7946d6475c41c42b_JaffaCakes118
- Size
  
  9.6MB
- MD5
  
  088a5597c25de7da7946d6475c41c42b
- SHA1
  
  13f7ddd4906ec5a8b0df28ce352a50d07f721f23
- SHA256
  
  e67777b181a1ca1f21890bd0da9b177bcd850498375af8f1b0d3d61c7a54c9d0
- SHA512
  
  fd202e54338b8c7b15901d4e43fb8d15a76c4bc4145fd742c3a9161371a696eebe7974b6523326a78d99d395a5a79274749b187ab44ac3d508d1a2bc08cbccba
- SSDEEP
  
  196608:ymW+JpzqHHQRgJvfFU4NdHj00YY0e8XIt6YTJNie3iTBfAGk+fAJK/JxdcqNatBM:3GHHQRgXdH40YY05XIpTJseyNM+YI/6y
Score

7^/10

bootkit discovery persistence
- Executes dropped EXE
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/CommonFuncDll.dll
- Size
  
  37KB
- MD5
  
  00de58cb2a798857a6c0cab3f4e9ea3c
- SHA1
  
  c7b0491b1b71d24ce47f04c4ea731ae5b92e8fef
- SHA256
  
  23c9523fe7802d7e48b15725a2f509ccc0ab674f10be75635412f21975a13a94
- SHA512
  
  0c77b158f16746aa36d84fd83b171781ad9362c03a4fb746bc3b6d9b4cc6a2b7c642dc1236ac4ae325e243ef8836e1057c723b95c1cd5ef2d80566f83110a8b0
- SSDEEP
  
  384:U45MU/fe1XNzPGLPP9LEKV/8yuzm3eZ8OP/LsYJLu18TbCyQq:b5MUXe1XlPGD+Kexzm3eZ8s1LWQbCdq
Score

3^/10
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/CoreAAC.ax
- Size
  
  312KB
- MD5
  
  b0ffac757be8d6cc41e1131eb2b0d959
- SHA1
  
  0e41733a050bc2ed53fda6337d6501b9942317c2
- SHA256
  
  04bf38bbd9cb8287582f9a2fb8b06e0ab30f06f676a93f4a56656b576f10e597
- SHA512
  
  356ecf4902f767f74670e5fcd57f26fb8a43710d0a2b3a995877e6f265119b2f091c6e5e3457dfa1767c6e4043afc470cc7090f43dd997b27c0e94c7e102bee3
- SSDEEP
  
  6144:+yTbEUUmDAh189YEqbBpkJzJTba96sZTiaJfOMBfcESToVk:bxUmDAn4C9GBJba96sZTf9Oy+Wk
Score

1^/10
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/CoreAVC.2.0.0.0.ax
- Size
  
  265KB
- MD5
  
  a45cfb1f058297ae981f8afeef056b8d
- SHA1
  
  e454ed585a0f19d3119cef725958ea19c93cd7cf
- SHA256
  
  779768aa0bf2270422e1686547ae622238e7b7cf37ce212a1d75caf8628c1508
- SHA512
  
  efa87c97e4f76d5fbd73d2e0c5c580c719518d4e3e7e16efdb1355b659c9584956bc7df944f0d637f069f359a046fe65bfd178e4cbaf97fbb5921ebd29e09aa0
- SSDEEP
  
  6144:/+x+B++xX1f3uZINBKD5wlA9amB38sDFe9E23XbFDZ:Wi+A1fJ2wlhmKsg22nbNZ
Score

1^/10
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/CoreAVC.ax
- Size
  
  181KB
- MD5
  
  c264fed121afd44bda8bf0ff8f4e4269
- SHA1
  
  7480a3b26b81045a1504e68e15225682bcc6f440
- SHA256
  
  cb8d9d80dcd48d9a9e3d87c847c47125f7201a98fb5abb4bd6c443322071b951
- SHA512
  
  99ed4b723b2b7a90fce8e9bf9ee8d5a1440c4d569638ff6a1aa59354c8bca91618a13c440f754fad3ae22c306709da35b4c53b8a00a09753027eaed0d238052b
- SSDEEP
  
  3072:eFX0fCcmjZvyTdndzMryzKdvYQ/5c0q3ARsK/l74obxK7Dtp0XRHSOg9lX9cWR82:GEKpZY2r3VYQ/c0d7Hbw7pp0X8hlX6WB
Score

1^/10
behavioral10 behavioral9
- Target
  
  $PLUGINSDIR/FWUpnp.dll
- Size
  
  140KB
- MD5
  
  be2d4b56d5d40afca9c804d0776a25c6
- SHA1
  
  7ea48cf0e980fe999f14338f44ad4c57c9b714de
- SHA256
  
  e54031818e6449897e3a81f0637b0af7618f6aa9e1530c3bf4989d2fabe4a2d4
- SHA512
  
  f32b8e1d27acb7c9021dcc6cd426599374f61a78fd38a0f9d0bf5bf63c424ca816e3859387d98b3060592ea86d1743c5ff149099bcab4da9e31ff7abc81fd627
- SSDEEP
  
  3072:HE0D5eN3rsEkHJGYM+y/DV7u4hNesdd56PeAWK5:HRQ3rshhMn/DVj3dc2LK5
Score

3^/10
behavioral11 behavioral12
- Target
  
  $PLUGINSDIR/FindProcDLL.dll
- Size
  
  20KB
- MD5
  
  943ccc923be093185c04e893245e55c4
- SHA1
  
  5d48cfcbe7a659e8c1da7127aced2cffb8e6d125
- SHA256
  
  893607cef43f3dbe210b301c6b91d426a4eca11694d8feb5104edd329365f57d
- SHA512
  
  5006e7b312a3182b4d638a38579ff1bbbaecf288995d23135d201745b4d2b999357ce8ca051decd51c55620fc144e536d51846f73e42d76c5cd058a00c5661f6
- SSDEEP
  
  48:KR9SLgW+/BpWXrBHHC6p5/NR2WIOo6R9NBxIA9NAyUXXfbXW+gN0VbgAa4QYAB4:t+/Bp89C6p5u1OoQkA8yUXPb60Vb+4
Score

3^/10
behavioral13 behavioral14
- Target
  
  $PLUGINSDIR/GdiPlus.dll
- Size
  
  1.7MB
- MD5
  
  0c38476c6e51c95144f648b78fb579d8
- SHA1
  
  1a85ebc7203e7f0dc5297e6c5a056d52d45c447c
- SHA256
  
  04495ada069d6d176f14115738782cc8660c575e90046919a02792c274260f02
- SHA512
  
  5800fd07a1ab41a14aa1d413d0d2e54583e61086937bbc6b9b8901726f6944fb75fabc45ef1ae44ca9a0b00240c5df50a8a826ce7f2a33581ec21f9fd47be8d1
- SSDEEP
  
  24576:uxnzzlD7ReVXjqvyigpv71+h3A6DZq0PCFUm1zfvDf73zJAMd5fUzDHyZ201pKK5:uBzpD700KVwh3TA0PCUuz73aknXKKjN
Score

3^/10
behavioral15 behavioral16
- Target
  
  $PLUGINSDIR/HTTP_ASF_SOURCE.ax
- Size
  
  511KB
- MD5
  
  2ca0666cb7eebc4f31d1b1cd5567defa
- SHA1
  
  57937bc69d62e8405742137b94172b129274c77d
- SHA256
  
  5ccfce12fdeb592955cd14154446374a547864a6b5ef1a5a5d9cd801121a0128
- SHA512
  
  bac83324d390f961aec228ddee702a0709e9e59501500592e8fc5f30e0236719836b86c880e9cc90af3747c2b23dcce7ce1b7b29121740c82a0b9fb8fc086e41
- SSDEEP
  
  6144:xEBjCmsazwA6exhQWHb7Do9b2GRPKT1E9o5H4G/VmKEYTzKKAmKCetU0ub7lqE:w+m3P6exhQW77TiSECrYKfTmSrVqE
Score

1^/10
behavioral17 behavioral18
- Target
  
  $PLUGINSDIR/Hookkernel.dll
- Size
  
  275KB
- MD5
  
  65c2129a5c0cabd657022cf49a1a96a3
- SHA1
  
  03c529e0226eb5b41cd91708512dbd58edecd600
- SHA256
  
  0aa0271fc27552af57fd171c3288b00b600c912a60d8752bf70f90b997f5d67c
- SHA512
  
  b9900c3f6c93cf30c55cf718d96743728535bcb820ffaf4efa3c1ab874c684903a8fb30c2e88babdd468c2badc49306186df95f32d86bfb1a84d8d182bc8143c
- SSDEEP
  
  3072:VOGElO2Vtd2LW5ukXA8l7xLsx1BuAYzPWMYCWyRQzaniwlXs5Yo4qD1icgE:FEzrd2LWDXA8lVsNczPWtCW/zO3XtooE
Score

1^/10
behavioral19 behavioral20
- Target
  
  $PLUGINSDIR/KillProcDLL.dll
- Size
  
  20KB
- MD5
  
  acc5bb97897cbc7d49d89d6ed5ba79bc
- SHA1
  
  9ec453aa48a25851a65900aab09a534a67875491
- SHA256
  
  6d43d9d45c52273ea9b3dd16af030a6221df78fcf0f07238f6aa92b4cda660a4
- SHA512
  
  c38a5bdf14d1bc1e1214ef0b2693a919629350cd0b159486f180307013df83c22e95c8209dcecede07afb47422ccca72efa7c6ed53642017eabe6bcb341d1a06
- SSDEEP
  
  96:aUGda5TnpKPmDq+Fmq1wu++wto/kQAQyU7YCHb+4SqTh:xGdappPmtqCDtob/64pTh
Score

3^/10
behavioral21 behavioral22
- Target
  
  $PLUGINSDIR/Live.dll
- Size
  
  205KB
- MD5
  
  ec03fa69a025dc807314b9dcb5498986
- SHA1
  
  a0f5abfa07ce548f10b806922eff748d2652f0e9
- SHA256
  
  c3c5091dad0c0be701f6da2ae41a07f3614d6f567031dda823e5a320483c2243
- SHA512
  
  78c30b0616686454be4c2eff375c91445270effb8d7bcbca372692ed86ce9dc383f91512fc65a937cd7c478c0c5cbd840e301aceabbf7d3c58cb92a80671cabb
- SSDEEP
  
  6144:juVS50/4IMjqndIM7NpiLgqe4tQ+PAHWgaWSJKR82+gS45y69z6gm61xdO:jg82+gS4J9+gO
Score

1^/10
behavioral23 behavioral24
- Target
  
  $PLUGINSDIR/MP4Splitter.ax
- Size
  
  509KB
- MD5
  
  bb01bfdc1bfe48cf9c18180bf6539917
- SHA1
  
  25d0a11d31857fef74e9b98dcabd96f24d89c774
- SHA256
  
  050649bb8dc43e68753de7567e17972cbcec1a2dacf243befeb12dc51517f7cc
- SHA512
  
  f4fa00923ee61f0fcb53c8ebfd65b27db54a7663e5d60d8a56f7d08f33e2e1c467aa0b58899fbd62ac2261b185655cc94bac9ce85e2ed3b0c32336daa5346ba5
- SSDEEP
  
  12288:TwQ9eDwtt/jTdrBGg93e19FJdQXajEEWq7uTj6T9:0Q9eDwtZTdr47QXFJ9Tjc9
Score

1^/10
behavioral25 behavioral26
- Target
  
  $PLUGINSDIR/MngModule.dll
- Size
  
  879KB
- MD5
  
  03c1c25a70050b9f7fe35574fd55496c
- SHA1
  
  d54445619e837928514eb0d029d89a8aff06d78d
- SHA256
  
  5a6e0727f0de9a9c507e54c705d7894a110bd07db7a4aab04f33e2701f78671a
- SHA512
  
  1caa89facf88c83c9c49373662d64abad13685d19dff8375e179ca03895dfeb5d997494300fb75d546ce2c45ed7d16c817d27986a1c5c32c6a7dd6bc249c5ce3
- SSDEEP
  
  12288:GkG5zKMfxw5Opn+dCyx8yBaESrHKS22+ugcHKuUKbf9ca45/iNGPEOJV5IV:+PpnDyBi7fkuuKbma45/iNGPEOJV5IV
Score

1^/10
behavioral27 behavioral28
- Target
  
  $PLUGINSDIR/OPlayer.ocx
- Size
  
  1.2MB
- MD5
  
  ca3028a6adee108bb3fd4657e9632355
- SHA1
  
  43be6285c5f7ed07062dce2f23171b7965147f98
- SHA256
  
  57ee68455ef1219b05d8efea12beeba73a1ef03608756e693706b5096c2a558f
- SHA512
  
  47461d1797170e62fcb5170f22b859046dc09541614044a29c8c56377ffa30780dc8e1210b6a2600232f1e3fd68c26493e47d6b90367acf8396b430f7092e601
- SSDEEP
  
  24576:nYwfR3koBM2m5FoxgQ+esJjuGOYI9j7MgjZhm9xHyxrRa/J7I7w8+6aQ20it7:ndkLzJCGOYI9j7Mg9hmz2rRa/FI7w30U
Score

1^/10
behavioral29 behavioral30
- Target
  
  $PLUGINSDIR/PPAP.exe
- Size
  
  185KB
- MD5
  
  235574bd973ec3eac38bbd870e9d5e01
- SHA1
  
  f2ddcde409454618179d0bcbab8560c8b02bb074
- SHA256
  
  5e6d8ecd136ebb7bec3e515e65c1f8b9b234726d5a8a5e87a36213b7c345e694
- SHA512
  
  e462f527bf7c3f995251d0f8e1f77b11675338d4bfdc42f098363c93228a53c89983b6b8a08736fa8eaaf0caa5abf9d379141f1fe017b4899f47c5ba6fb79343
- SSDEEP
  
  3072:owFc1ud2okR12zgeJynpiEIII1IIaVkbAGAdzB3Yt/nGlI+:s13ok72zgPngEIII1IIaVBGM3ZS+
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

T1542

Bootkit

T1542.003

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Pre-OS Boot

T1542

Bootkit

T1542.003

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Executes dropped EXE

Loads dropped DLL

Checks installed software on the system

Writes to the Master Boot Record (MBR)

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32