d88e7a747d4889013c3b2eea2a99d28f4a559d8801296906476d8475a1967fda

Sharing

Copy URL

Twitter E-mail

General

Target

17759829236db1127ff2c0c1edcd6147_JaffaCakes118
Size

6.3MB
Sample

240627-zjjyhsscqr
MD5

17759829236db1127ff2c0c1edcd6147
SHA1

cbf6dadfb862ac0c0424cbf635ee6cce790fd8db
SHA256

d88e7a747d4889013c3b2eea2a99d28f4a559d8801296906476d8475a1967fda
SHA512

ddccf9be59860caa7a5984f8bedde3b7cb641b9ca226369ca686e72432bf76d96cff136320a69006f4eba2f2a1eb053de03803ba07e35c8922b58fb8f7272b15
SSDEEP

196608:7Zjcf6xKyjz26WOjztAcOvLmcwXMJ8R2YakT8t:7Zw8z26W+tWjLwX8vYfTy

Score

7^/10

evasion trojan

Malware Config

Targets

- Target
  
  17759829236db1127ff2c0c1edcd6147_JaffaCakes118
- Size
  
  6.3MB
- MD5
  
  17759829236db1127ff2c0c1edcd6147
- SHA1
  
  cbf6dadfb862ac0c0424cbf635ee6cce790fd8db
- SHA256
  
  d88e7a747d4889013c3b2eea2a99d28f4a559d8801296906476d8475a1967fda
- SHA512
  
  ddccf9be59860caa7a5984f8bedde3b7cb641b9ca226369ca686e72432bf76d96cff136320a69006f4eba2f2a1eb053de03803ba07e35c8922b58fb8f7272b15
- SSDEEP
  
  196608:7Zjcf6xKyjz26WOjztAcOvLmcwXMJ8R2YakT8t:7Zw8z26W+tWjLwX8vYfTy
Score

7^/10
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  14KB
- MD5
  
  0dc0cc7a6d9db685bf05a7e5f3ea4781
- SHA1
  
  5d8b6268eeec9d8d904bc9d988a4b588b392213f
- SHA256
  
  8e287326f1cdd5ef2dcd7a72537c68cbe4299ceb1f820707c5820f3aa6d8206c
- SHA512
  
  814dd17ebb434f4a3356f716c783ab7f569f9ee34ce5274fa50392526925f044798f8006198ac7afe3d1c2ca83a2ca8c472ca53fec5f12bbfbbe0707abacd6b0
- SSDEEP
  
  192:n6d+dHXLHQOPiY53uiUdigyU+WsPdc/A1A+2jPK72dwF7dBEnbok:n6UdHXcIiY535zBt2jP+BEnbo
Score

3^/10
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  11KB
- MD5
  
  00a0194c20ee912257df53bfe258ee4a
- SHA1
  
  d7b4e319bc5119024690dc8230b9cc919b1b86b2
- SHA256
  
  dc4da2ccadb11099076926b02764b2b44ad8f97cd32337421a4cc21a3f5448f3
- SHA512
  
  3b38a2c17996c3b77ebf7b858a6c37415615e756792132878d8eddbd13cb06710b7da0e8b58104768f8e475fc93e8b44b3b1ab6f70ddf52edee111aaf5ef5667
- SSDEEP
  
  192:7DKnJZCv6VmbJQC+tFiUdK7ckD4gRXKQx+LQ2CSF:7ViJrtFRdbmXK8+PCw
Score

3^/10
behavioral5 behavioral6
- Target
  
  Lang/__init__.py
- Size
  
  1B
- MD5
  
  68b329da9893e34099c7d8ad5cb9c940
- SHA1
  
  adc83b19e793491b1c6ea0fd8b46cd9f32e592fc
- SHA256
  
  01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
- SHA512
  
  be688838ca8686e5c90689bf2ab585cef1137c999b48c70b92f67a5c34dc15697b5d11c982ed6d71be1e1e7f7b4e0733884aa97c3f7a339a8ed03577cf74be09
Score

3^/10
behavioral7 behavioral8
- Target
  
  Lang/__init__.pyc
- Size
  
  186B
- MD5
  
  65f1b311732bc18af14f4bb40909da32
- SHA1
  
  894038430aca538ca8ee1bdc74d6639031924ce9
- SHA256
  
  e932050476764402a2c3357de56b31d1561b23c608e8495891004044e8e3de72
- SHA512
  
  3dfdabdd2534b395a70dcb9109f4b6edeb6d4b52ff93ea914e1ea7b140eba15f2c9c0d258bde154b58a55152d6ad9e103b2ab49a0b7404827ab3bb66038dbd68
Score

3^/10
behavioral10 behavioral9
- Target
  
  Lang/lang.py
- Size
  
  7KB
- MD5
  
  0d6eb5982e1284fc4c78a6e74af508b3
- SHA1
  
  39734a0b785801afe7dab44e9619f5e75c55bad3
- SHA256
  
  af1dba2252276d6b8cf33047782d02025fa05a10e3ce0642a2f70512be3a7f66
- SHA512
  
  be6f30b3475e741fd8afd032dc2759b0b8c82936078fddab45418564366cb468d9b0d8924347251ed5929dc67b7b28daa0e7f6d9030e6b92a72acf7f2faae812
- SSDEEP
  
  192:tG89DMH5GFq/3CUVd6JwS+nW/Ot/2QcZ/V/w/Ze:tlBMH5GFyCUH+X+pAQcce
Score

3^/10
behavioral11 behavioral12
- Target
  
  Lang/lang.pyc
- Size
  
  6KB
- MD5
  
  fb242dab0024ff34cebfb6872e9923d3
- SHA1
  
  38c4229b353caf5512b19bb11be6dbda3292ce25
- SHA256
  
  214fb17d533c40c4db3a7243ccd21c50eb996e809b1f599d50bbbea9e48dcd4a
- SHA512
  
  79f60c8fe50df9fc69c4e63bd4927cdd0fbdd7085e420d427553458b38b4e913e0ace15f9c63c2e1eb74961cd49643a4a2b6a6ba85f9b33b81a12d9e57650067
- SSDEEP
  
  96:2B9IXGukOAK8VHGdP+Aik141eMLvBNO1dsJbga0V9HPDcOr:sIX5kRhCP+Aik61jHaab+Htr
Score

3^/10
behavioral13 behavioral14
- Target
  
  MSVCR71.dll
- Size
  
  340KB
- MD5
  
  ca2f560921b7b8be1cf555a5a18d54c3
- SHA1
  
  432dbcf54b6f1142058b413a9d52668a2bde011d
- SHA256
  
  c4d4339df314a27ff75a38967b7569d9962337b8d4cd4b0db3aba5ff72b2bfbb
- SHA512
  
  23e0bdd9458a5a8e0f9bbcb7f6ce4f87fcc9e47c1ee15f964c17ff9fe8d0f82dd3a0f90263daaf1ee87fad4a238aa0ee92a16b3e2c67f47c84d575768edba43e
- SSDEEP
  
  6144:cPlV59g81QWguohIP/siMbo8Crn2zzwRFMciFMNrb3YgxS3bCAO5kkG:OlVvN1QWguohInJDrn8zwNF7eCr
Score

3^/10
behavioral15 behavioral16
- Target
  
  MyTorrentDownloader.exe
- Size
  
  31KB
- MD5
  
  b92a3f8563aaca32e238108a5bddbda9
- SHA1
  
  1a04837f1ec0c9169d79fe45cf18ca805e9a606c
- SHA256
  
  2f8ac557b92f57687abe45c12a3ff5e566fecd66b89e94267c7a188b9ba7f92c
- SHA512
  
  36724caab543ec4a829ed4eb6bbb3a5ffecd208b22f8d16f172eac526395b34e3d0188b82c4f8aa46abdf74d042ac1d4cb8f23336f847b4f32e001b67bcd24bd
- SSDEEP
  
  768:YNLp+5e3MBe7svlHc7mDeVikNaI78nqTAAhdfkOLqn:SLp+A70Hc7KPkNx7ZTAAhdfkOL8
Score

1^/10
behavioral17 behavioral18
- Target
  
  MyTorrentDownloader.url
- Size
  
  60B
- MD5
  
  0da88e17dc0bf5d3098df87ef3fd7ace
- SHA1
  
  524251ae4d33813330d07f6e7013743eff9f3bce
- SHA256
  
  a16adc8994c02a971320605c28088ce5b24d0426b80a7e085af13ed9a6d3a190
- SHA512
  
  88f811b0911e9714cc4679fd5f5383e046cae0f8f3a8b4e84306c8ebf68575a63a5453e9aad27a4f24f119e221e94e97409e7a5b574819a4f245c237e18c409e
Score

6^/10

evasion trojan
- Checks whether UAC is enabled
  evasion trojan
behavioral19 behavioral20
- Target
  
  Uninst.exe
- Size
  
  64KB
- MD5
  
  a1e93c9da52a01233f8459b155085f71
- SHA1
  
  f86ec9d4d33f4be172d8d7508476b5e5dcad2dee
- SHA256
  
  5c50613ff2f0bdfda5c829eca69717fc5b9ac7a77dd1bbaa5d46c6ac13820046
- SHA512
  
  9906f18a92d59dda40391fc541b3745f025d299be3ae8798cee18633664c2b5c79539b29ce5014904dc96898e115e7335aaa20bdb15e95a5656a0d64c91e72cc
- SSDEEP
  
  1536:tLXB65939tY6HBg4sXJ0d7EE/1s2SXiMl5Dovxj+h3:tLk395hYXJGEE9s2giM0vxj+h3
Score

7^/10
- Executes dropped EXE
- Loads dropped DLL
behavioral21 behavioral22
- Target
  
  $PLUGINSDIR/Processes.dll
- Size
  
  35KB
- MD5
  
  2cfba79d485cf441c646dd40d82490fc
- SHA1
  
  83e51ac1115a50986ed456bd18729653018b9619
- SHA256
  
  86b302fa9c85dfa0c1c03ba000864a928365dab571f3355347dba02da22949b7
- SHA512
  
  cca186a7f9c5cff3f4eca410fbe8cc13dad2514a7e36aec9b1addfbcb239ace9b9b2d8427771858e3fd11783abce7e24d43c286f98da9f8b17562ca095a4c043
- SSDEEP
  
  768:uxEiycFoaj/+WSiJfmjvab7L/cUf7IIlMLRF:uxEm7sgfmjy//cgdlM/
Score

3^/10
behavioral23 behavioral24
- Target
  
  _controls_.pyd
- Size
  
  888KB
- MD5
  
  1c962401ce16ea2c1688927b4b97ee26
- SHA1
  
  679ee1d219e5d1585b7a015d50e97fb3764d9f28
- SHA256
  
  e7b604fb6535b7e0f88e146e3167c4fb241da3575bd8dd8fa01b828ea580fd86
- SHA512
  
  eeaf2b1fdea57d6ae89d14ce2b07787ac791dad3986230202f9996c165261ed690d54fed795a1e46af63b5e8e352e68ab5ca9d663d73c12018a06c37b1d6bce0
- SSDEEP
  
  6144:X/VTMyE/JbLhZGyp9OqBroB5Zz6HQ0XUXdoHA6mTgxofz6F7e4OqVROhEjsCauet:1MZ/JLznOuc9DhSPIezW/Pfld
Score

1^/10
behavioral25 behavioral26
- Target
  
  _core_.pyd
- Size
  
  936KB
- MD5
  
  f7bcc1ff1d0338923dc7c8bf8912ce8c
- SHA1
  
  def9fc5f090afde14f66d88d8eb5249b6d47da20
- SHA256
  
  f5a68827875980c9baeba59600104c1a44a65892a361d406b9c945819eab3031
- SHA512
  
  a63db36c57b4ba51eb4c9dbd1a8dc97407fbf7201ed134c78e3e80e5c2c4b1ab8ee515b9d2af4f47c4daec440b91aee9bc4102c797a91313396d63ed60d83333
- SSDEEP
  
  12288:Pb6cDSWDiqihIMfI/bWiS04tTAc0+jy13m7fjRLw6nuLSDaWd6B0AK:vSWDiqihIMfIfm7rRLwmLDJa
Score

1^/10
behavioral27 behavioral28
- Target
  
  _gdi_.pyd
- Size
  
  704KB
- MD5
  
  d84d3aa176f2c2da335dec901fa55cbc
- SHA1
  
  946ba1138b5c9f006698d611515cc96c2188834a
- SHA256
  
  acc6701c21b891a86dfbb025d350347c1f6f04411edc99b4b84145f8c6f04286
- SHA512
  
  7f1c626743c58ad93ad3f294d27e329aaae29d4e061a8a751fbb9fdc072c569ca9b8fae2521ec65ced32ec7a886d0e19230cc5086c39defc3b78aa47707888c4
- SSDEEP
  
  12288:XMVrEj7DI/kY4FZvzaUOrNupDzQl1WqMqh11iUQPJdXEaBRAQn:cVrEj7DekY4Ft+EJbqJh18PP1
Score

1^/10
behavioral29 behavioral30
- Target
  
  _hashlib.pyd
- Size
  
  316KB
- MD5
  
  2caaf6cc71463871539c0d37c6bb4a0f
- SHA1
  
  1a3b9b9db79e5e34c7733d773c19a1975b52fe86
- SHA256
  
  dc0e9c390a990fc26407188226b94d8ef729fd56cc358cefdc221d6fce0dab7a
- SHA512
  
  8053f5eeeefc1fc0e3cfccb02f79966ebf0d0f6b24bcc5e29e546b9902eaa97b5cdf7372bb7b73b2e52d88530965c065b631bf43b3474642b03b1a91a3107b03
- SSDEEP
  
  6144:MSFQbtZ1GNaw1ZZeVroyFRP/C2HFCRlkCplz:9QALaRS2XC
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Loads dropped DLL

Checks whether UAC is enabled

Executes dropped EXE

Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32