93bc6d23db7e7e352ffdfcd1e0a05061e0cda36085704b93e90936de1da0bccc

Sharing

Copy URL

Twitter E-mail

General

Target

18b2c9f1c8d5b803a596fea995b15b4d_JaffaCakes118
Size

888KB
Sample

240628-ejmzyszend
MD5

18b2c9f1c8d5b803a596fea995b15b4d
SHA1

b983968217d13aefb8b5cf6334a69d5380178402
SHA256

93bc6d23db7e7e352ffdfcd1e0a05061e0cda36085704b93e90936de1da0bccc
SHA512

d2c59a38bf1b560ac05f86589efa0478fb3665e3a8fa2c644762f6686a72d72b2ddd0e0c86f249be4ff86f9adc669c8445d8045c8073f80a517b83dc554fc2c1
SSDEEP

24576:4I6NGC/K2/UPteMOZYu/sRfyrXvZ+x6Dy:nA7w1HOZZsRqdTDy

Score

7^/10

Malware Config

Targets

- Target
  
  18b2c9f1c8d5b803a596fea995b15b4d_JaffaCakes118
- Size
  
  888KB
- MD5
  
  18b2c9f1c8d5b803a596fea995b15b4d
- SHA1
  
  b983968217d13aefb8b5cf6334a69d5380178402
- SHA256
  
  93bc6d23db7e7e352ffdfcd1e0a05061e0cda36085704b93e90936de1da0bccc
- SHA512
  
  d2c59a38bf1b560ac05f86589efa0478fb3665e3a8fa2c644762f6686a72d72b2ddd0e0c86f249be4ff86f9adc669c8445d8045c8073f80a517b83dc554fc2c1
- SSDEEP
  
  24576:4I6NGC/K2/UPteMOZYu/sRfyrXvZ+x6Dy:nA7w1HOZZsRqdTDy
Score

7^/10
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  14KB
- MD5
  
  325b008aec81e5aaa57096f05d4212b5
- SHA1
  
  27a2d89747a20305b6518438eff5b9f57f7df5c3
- SHA256
  
  c9cd5c9609e70005926ae5171726a4142ffbcccc771d307efcd195dafc1e6b4b
- SHA512
  
  18362b3aee529a27e85cc087627ecf6e2d21196d725f499c4a185cb3a380999f43ff1833a8ebec3f5ba1d3a113ef83185770e663854121f2d8b885790115afdf
- SSDEEP
  
  192:86d+dHXLHQOPiY53uiUdigyU+WsPdc/A1A+2jwK72dwF7dBEnbok:86UdHXcIiY535zBt2jw+BEnbo
Score

3^/10
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/NSISdl.dll
- Size
  
  14KB
- MD5
  
  a5f8399a743ab7f9c88c645c35b1ebb5
- SHA1
  
  168f3c158913b0367bf79fa413357fbe97018191
- SHA256
  
  dacc88a12d3ba438fdae3535dc7a5a1d389bce13adc993706424874a782e51c9
- SHA512
  
  824e567f5211bf09c7912537c7836d761b0934207612808e9a191f980375c6a97383dbc6b4a7121c6b5f508cbfd7542a781d6b6b196ca24841f73892eec5e977
- SSDEEP
  
  192:tUZTobBDJ68r67wmsvJI5ad9cXzFOVu+mZ/P3p+57CvpVqDxVp01Dwn2GRPgsfA:6Bo/680dCI5adOjFOg9//p27uNw2Go
Score

3^/10
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  11KB
- MD5
  
  c17103ae9072a06da581dec998343fc1
- SHA1
  
  b72148c6bdfaada8b8c3f950e610ee7cf1da1f8d
- SHA256
  
  dc58d8ad81cacb0c1ed72e33bff8f23ea40b5252b5bb55d393a0903e6819ae2f
- SHA512
  
  d32a71aaef18e993f28096d536e41c4d016850721b31171513ce28bbd805a54fd290b7c3e9d935f72e676a1acfb4f0dcc89d95040a0dd29f2b6975855c18986f
- SSDEEP
  
  192:7DKnJZCv6VmbJQC+tFiUdK7ckD4gRXKQx+LQ2CSF:7ViJrtFRdbmXK8+PCw
Score

3^/10
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/nsProcess.dll
- Size
  
  4KB
- MD5
  
  05450face243b3a7472407b999b03a72
- SHA1
  
  ffd88af2e338ae606c444390f7eaaf5f4aef2cd9
- SHA256
  
  95fe9d92512ff2318cc2520311ef9145b2cee01209ab0e1b6e45c7ce1d4d0e89
- SHA512
  
  f4cbe30166aff20a226a7150d93a876873ba699d80d7e9f46f32a9b4753fa7966c3113a3124340b39ca67a13205463a413e740e541e742903e3f89af5a53ad3b
Score

3^/10
behavioral10 behavioral9
- Target
  
  114la.exe
- Size
  
  38KB
- MD5
  
  2251c41b4c035d36fc0d877c729ce376
- SHA1
  
  aa45870e5215d1691abe49dc9151ab73feb54ade
- SHA256
  
  a091926732d18d12fd9ba63501f405d5aef8401550d5b3c2aec777a1251d8da1
- SHA512
  
  af914970ce1d2486e782e3ce13fd77f9e9d83ac5d7fd0c3d552bca62fef3db888ecd49270606edd15c65a4ec3ea3461c4e825ed4df07e522d2f9b6bca0af580e
- SSDEEP
  
  384:yZ6jD/JFTS38LMykeOTNTGGGG2GGGG9/GGGGXGjkJBaF6qCGGGdGGGItfZTLkCt2:zv+3ckXTWve6W1kCyGB+eTL3EC2
Score

3^/10
behavioral11 behavioral12
- Target
  
  115br.exe
- Size
  
  1.6MB
- MD5
  
  4cd4cfb9ad069a18d834803ef4d36ceb
- SHA1
  
  61c29a5e4d201e8ff9539404d3005e5581fe6bff
- SHA256
  
  2f220204af41b0556a327887c7b66ce3f560de81ce2aed84f132408a50274095
- SHA512
  
  6e1e079b9941dc7beba5cba2ce92a7689862b0a548170ca31e9b961d7119ae1d2f409163e709551a61201174244dbde7119441d58befde09e403bcb1e773209b
- SSDEEP
  
  24576:waZEBO/8Iv+slDbDPbrhIBoldgOJaEGHTchNGgU3Oycyz9O8VFuuzgfCAHZ:wXk8I9hOE4QNGgU3Oyc29Oy7zgfCA5
Score

6^/10

bootkit persistence
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral13 behavioral14
- Target
  
  html/404error.html
- Size
  
  3KB
- MD5
  
  2c717bfeb2e16959193e32fde8f60b02
- SHA1
  
  6045a453919961805d08a5b7d702954260eebbfb
- SHA256
  
  fa2ae6d19945dfd4f206f6104a08f5909f4246799abf3fdf3652a1e85bd9eef3
- SHA512
  
  fc5c4c5a731264bbe32a3338db3799bcc5b468f999c190ffa34945147acfb9489e7a8c40f128e2f7a20af943e05bedfce999b9fd3f0dd6c67d73b266ee9ca84f
Score

1^/10
behavioral15 behavioral16
- Target
  
  html/config.html
- Size
  
  21KB
- MD5
  
  d94ac9d5174972efa1dd8ba84fdc3602
- SHA1
  
  29c7f474b3fa1332256caa70b0b0efc047f796c3
- SHA256
  
  3ba63c4784d9256bb03594720360daef4c65d0dc61584c66d4f6e3f5cf0674a0
- SHA512
  
  07dc46a2f1b999d9938c6bc398c7dc782d113f16ceb2c784db91f8baa417e9bd7ccfb5cb2ad77ea5de40d205c5379e614a547993c785985612466a89d2d66db0
- SSDEEP
  
  384:pIpQLKOZ+Jr4Ul+QqQI5ED0Fj1GvimHxXlyi0itAlr/5:pMquX1ptA55
Score

1^/10
behavioral17 behavioral18
- Target
  
  html/error.html
- Size
  
  4KB
- MD5
  
  1ce490d4b62679e946ec5a7819af5a19
- SHA1
  
  79be8e18f668d11fb37fca2732e3904b61933f0c
- SHA256
  
  7c632260c327e1d7401e137bfdc9eb2eaa5dd73d77ac69723347d2d12be5c129
- SHA512
  
  9549461357e9712ea48f758758a4e97723587f9dcb16dc9ce9f5b2f8600e599b1e3fc19edd5f7fed6dde9ce495fcfdcc20578ee1406d35ec5670b46290f94b4d
- SSDEEP
  
  48:Im3v6nG7fLz3JcvEirDWOQpm8InppOsdmiBEN4UX+QuhngjJMkyuT9EPbX2wXqCq:xiG7v3JeESDWL+pA1NDOPngtAX1BSZ
Score

1^/10
behavioral19 behavioral20
- Target
  
  html/last.html
- Size
  
  1KB
- MD5
  
  818bd5ddb60968a3c2be79a6f50ad313
- SHA1
  
  9589bfd443304e4c9bcb93b2ac3c005b98781086
- SHA256
  
  05057814feef59bf559be70ec5ac51b6ac75e9423774e47160a99387c877f30e
- SHA512
  
  addae497ddd275fcbc318ee55a9768146f23b94f17f58f958aa26c6360ee3064b1701a0abbd9749da8e6e21200ca61198a774fd0f9ace9cef6cc7e7e6840ecd2
Score

1^/10
behavioral21 behavioral22
- Target
  
  html/start.html
- Size
  
  15KB
- MD5
  
  c7d5b20b5ae4eed31d49ec946a283ccb
- SHA1
  
  61a8de3cf4325325a899a0b3e126719ef6ac82d8
- SHA256
  
  cbeb41f8ec703f496c34ce1ba722b4cbb2c03cafd5b6da8056d015b6c496f186
- SHA512
  
  e125259b6e156a0129ba5329e6ac152657d79967298537f8ddf8bb8090ed090218eddf75b3f8fe8a3805e1a5677d2561f14421364dcc299784a1a168bd3088a5
- SSDEEP
  
  384:SIDjjUvKCrqHbdkkkEQiZiBaGFiEiJiJi+swIGi8bn8DoS0Mc:SqPUvKCm7KkHtgBa95QQ+sF8bn8ESvc
Score

1^/10
behavioral23 behavioral24
- Target
  
  html/static/js/suggest.js
- Size
  
  8KB
- MD5
  
  50e89f71baedff09891730ce58c60c24
- SHA1
  
  ad749ed15fba53f45a96921be910cdce50a90fcd
- SHA256
  
  4e5d5a7c81821dc8dca771e4e353f00f66a1a9073e7726f48d6e0f0c3488f6b5
- SHA512
  
  cc31d6938ab921f3b0342f316305da69a714ee9c7af3b1d3b2532b89d87eb5bcb7f3bc79fe6fc62cf56988eaaa1490e4607cd815a648d7b226b1ea05af8ded08
- SSDEEP
  
  192:Pj2TwJdp5A0O4mNVXkZyoq8B/WOfYPfkL8t3:FdTA0XmNVXkZRqG/WOfOcL81
Score

3^/10

execution
behavioral25 behavioral26

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

T1059

JavaScript

T1059.007

Persistence

Pre-OS Boot

T1542

Bootkit

T1542.003

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Pre-OS Boot

T1542

Bootkit

T1542.003

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Loads dropped DLL

Writes to the Master Boot Record (MBR)

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26