1c3669d375ddc4dbb85d8c98959ccebc65173009779b19ce8256e6d971baebe7

Sharing

Copy URL

Twitter E-mail

General

Target

1a5709a9fa14ec04f92422407f5f246e_JaffaCakes118
Size

125KB
Sample

240628-qz2zlasekd
MD5

1a5709a9fa14ec04f92422407f5f246e
SHA1

fe7e13edfdd092a11f21489de845eb4f6c1ac0b5
SHA256

1c3669d375ddc4dbb85d8c98959ccebc65173009779b19ce8256e6d971baebe7
SHA512

5c599af9790d5567576dce554dc77004d7d2ac4297318224e15062745c83382d7d15f3d7c90a7e642cc9f56d8bae1fa497bab91c9af059ba76ad8fb81762867f
SSDEEP

3072:AQIURTXJwVp5lL8RDRBXUlSdW9cpK4vwbxrG:Asml45PXUlSdWOpfWxrG

Score

8^/10

Malware Config

Targets

- Target
  
  1a5709a9fa14ec04f92422407f5f246e_JaffaCakes118
- Size
  
  125KB
- MD5
  
  1a5709a9fa14ec04f92422407f5f246e
- SHA1
  
  fe7e13edfdd092a11f21489de845eb4f6c1ac0b5
- SHA256
  
  1c3669d375ddc4dbb85d8c98959ccebc65173009779b19ce8256e6d971baebe7
- SHA512
  
  5c599af9790d5567576dce554dc77004d7d2ac4297318224e15062745c83382d7d15f3d7c90a7e642cc9f56d8bae1fa497bab91c9af059ba76ad8fb81762867f
- SSDEEP
  
  3072:AQIURTXJwVp5lL8RDRBXUlSdW9cpK4vwbxrG:Asml45PXUlSdWOpfWxrG
Score

8^/10
- Drops file in Drivers directory
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/inetc.dll
- Size
  
  20KB
- MD5
  
  f02155fa3e59a8fc48a74a236b2bb42e
- SHA1
  
  6d76ee8f86fb29f3352c9546250d940f1a476fb8
- SHA256
  
  096a4dc5150f631b4d4d10cae07ef0974dda205b174399f46209265e89c2c999
- SHA512
  
  8be78e88c5ef2cd01713f7b5154cfdeea65605cc5d110522375884eeec6bad68616a4058356726cbbd15d28b42914864045f0587e1e49a4e18336f06c1c73399
- SSDEEP
  
  384:voJLJVqG5WLJgu/Emx1Ywxd2ZmX66vwUhU7ya4LC0Ac9khYLMkIX0+Gv8gcLom7:AJVkN8mHYwxdWmX3wUhUua4LeT7
Score

3^/10
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/nsExec.dll
- Size
  
  6KB
- MD5
  
  acc2b699edfea5bf5aae45aba3a41e96
- SHA1
  
  d2accf4d494e43ceb2cff69abe4dd17147d29cc2
- SHA256
  
  168a974eaa3f588d759db3f47c1a9fdc3494ba1fa1a73a84e5e3b2a4d58abd7e
- SHA512
  
  e29ea10ada98c71a18273b04f44f385b120d4e8473e441ce5748cfa44a23648814f2656f429b85440157988c88de776c6ac008dc38bf09cbb746c230a46c69fe
- SSDEEP
  
  96:M7GUb+YNfwgcr8zyKwZ5S4JxN8BS0ef9/3VI9d0qqyVgNk32E:eKgfwgcr8zylsB49Ud0qJVgNX
Score

3^/10
behavioral5 behavioral6
- Target
  
  C:/windows/bch.exe
- Size
  
  64KB
- MD5
  
  db97f5aeb22c6248190ee3197389d959
- SHA1
  
  09ead7dc95108c3ccfa3b98fd2415b0f75b3948b
- SHA256
  
  91a97ab32cbb2159c60c0cd6b481d1f6d9897d868870c1424419b31e1b6a61a9
- SHA512
  
  1d0e3ecbc5a90c3544b625468ebe86478a831a8ca45e5831cc74ab8ca5f6656b1ddd03cc742c81bf4053360101c833925c8fb73aa2b0933e17214a70c57471fc
- SSDEEP
  
  1536:6pgpHzb9dZVX9fHMvG0D3XJ+hstEiIVTzCo41ahfR:4gXdZt9P6D3XJqVyo4sz
Score

1^/10
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/inetc.dll
- Size
  
  20KB
- MD5
  
  f02155fa3e59a8fc48a74a236b2bb42e
- SHA1
  
  6d76ee8f86fb29f3352c9546250d940f1a476fb8
- SHA256
  
  096a4dc5150f631b4d4d10cae07ef0974dda205b174399f46209265e89c2c999
- SHA512
  
  8be78e88c5ef2cd01713f7b5154cfdeea65605cc5d110522375884eeec6bad68616a4058356726cbbd15d28b42914864045f0587e1e49a4e18336f06c1c73399
- SSDEEP
  
  384:voJLJVqG5WLJgu/Emx1Ywxd2ZmX66vwUhU7ya4LC0Ac9khYLMkIX0+Gv8gcLom7:AJVkN8mHYwxdWmX3wUhUua4LeT7
Score

3^/10
behavioral10 behavioral9
- Target
  
  C:/windows/cdi.exe
- Size
  
  69KB
- MD5
  
  8ffbbbf0a5ed9456e41d4e325d556095
- SHA1
  
  02424807901a3317069b918b6d143e17b30b7187
- SHA256
  
  452ad497c569eb5242696f1ddff32bd8925af0015cf9b90714a49a5e0b6baec6
- SHA512
  
  4feb9d9209af39bd6022234c66e98fecc0de88c97955c8a39751aa4ea120c0f7cb40801d0d6c26e7cb70dec9da66c48e615b89aed6583c3e7dffa33f7907eaf6
- SSDEEP
  
  1536:8pgpHzb9dZVX9fHMvG0D3XJ8sllllllllllllllkD/wBfy72Io41ahfr:KgXdZt9P6D3XJ2wBfyiIo4sF
Score

1^/10
behavioral11 behavioral12
- Target
  
  $PLUGINSDIR/inetc.dll
- Size
  
  20KB
- MD5
  
  f02155fa3e59a8fc48a74a236b2bb42e
- SHA1
  
  6d76ee8f86fb29f3352c9546250d940f1a476fb8
- SHA256
  
  096a4dc5150f631b4d4d10cae07ef0974dda205b174399f46209265e89c2c999
- SHA512
  
  8be78e88c5ef2cd01713f7b5154cfdeea65605cc5d110522375884eeec6bad68616a4058356726cbbd15d28b42914864045f0587e1e49a4e18336f06c1c73399
- SSDEEP
  
  384:voJLJVqG5WLJgu/Emx1Ywxd2ZmX66vwUhU7ya4LC0Ac9khYLMkIX0+Gv8gcLom7:AJVkN8mHYwxdWmX3wUhUua4LeT7
Score

3^/10
behavioral13 behavioral14
- Target
  
  C:/windows/dss.exe
- Size
  
  69KB
- MD5
  
  9a8557ea69f95352cc83b542ea6db4f1
- SHA1
  
  9a07c35bc670b35bad7e8758c4898e3a95825f5a
- SHA256
  
  63f0c2357a93ef55a6de30303afa084e52812c376126f44852e49d8e901411ec
- SHA512
  
  0c19d3b5ff99cb8f082e4e1999ebd412851e55102f699ac128aa2627b2e8325a9d0088a984fdbebdb2ad89032b225520fd2a69291b975081377c1dcf59c5a7cc
- SSDEEP
  
  1536:8pgpHzb9dZVX9fHMvG0D3XJ84KljySsd2Avhg1Py/o41ahfr:KgXdZt9P6D3XJdKljySsd2AvStCo4sV
Score

1^/10
behavioral15 behavioral16
- Target
  
  $PLUGINSDIR/inetc.dll
- Size
  
  20KB
- MD5
  
  f02155fa3e59a8fc48a74a236b2bb42e
- SHA1
  
  6d76ee8f86fb29f3352c9546250d940f1a476fb8
- SHA256
  
  096a4dc5150f631b4d4d10cae07ef0974dda205b174399f46209265e89c2c999
- SHA512
  
  8be78e88c5ef2cd01713f7b5154cfdeea65605cc5d110522375884eeec6bad68616a4058356726cbbd15d28b42914864045f0587e1e49a4e18336f06c1c73399
- SSDEEP
  
  384:voJLJVqG5WLJgu/Emx1Ywxd2ZmX66vwUhU7ya4LC0Ac9khYLMkIX0+Gv8gcLom7:AJVkN8mHYwxdWmX3wUhUua4LeT7
Score

3^/10
behavioral17 behavioral18
- Target
  
  C:/windows/hti.exe
- Size
  
  69KB
- MD5
  
  b7603c02e4711a0c2ba60165a07913f7
- SHA1
  
  b604896b3843ae812bac4dd800875d55b710b004
- SHA256
  
  cc3fb2dc03a5bdc7d5019645c9087f437547b16f877503022c65e5b069ac4276
- SHA512
  
  4f4127abb5efcad3a26998206bc062a0d9e591d16ae15bb5e6a2123aadc857e007fb237f64e3d4312e474491c20610cb58ec199f84bd0b8ccb0b7025da9d15be
- SSDEEP
  
  1536:8pgpHzb9dZVX9fHMvG0D3XJ88KUHUhZ9df66wbzAo41ahfn:KgXdZt9P6D3XJpKUHUhZ9h6pb8o4sd
Score

1^/10
behavioral19 behavioral20
- Target
  
  $PLUGINSDIR/inetc.dll
- Size
  
  20KB
- MD5
  
  f02155fa3e59a8fc48a74a236b2bb42e
- SHA1
  
  6d76ee8f86fb29f3352c9546250d940f1a476fb8
- SHA256
  
  096a4dc5150f631b4d4d10cae07ef0974dda205b174399f46209265e89c2c999
- SHA512
  
  8be78e88c5ef2cd01713f7b5154cfdeea65605cc5d110522375884eeec6bad68616a4058356726cbbd15d28b42914864045f0587e1e49a4e18336f06c1c73399
- SSDEEP
  
  384:voJLJVqG5WLJgu/Emx1Ywxd2ZmX66vwUhU7ya4LC0Ac9khYLMkIX0+Gv8gcLom7:AJVkN8mHYwxdWmX3wUhUua4LeT7
Score

3^/10
behavioral21 behavioral22
- Target
  
  C:/windows/xtr.exe
- Size
  
  69KB
- MD5
  
  02c243ec147ce57a2c47ea50d937c744
- SHA1
  
  2f425e620979025a628aee8d6f9588d8786b5620
- SHA256
  
  e539d38b224a19955b0a339d2d2ed5b5a0b4a9b78ad69cbc5b52d06571a1fdb1
- SHA512
  
  e939014ad38727eb8afac7c96c7a770dc0e2cdb33477a86cc3fef7f1346154e605b9fb221ff496152b7097931f3d2c3e13f41dc46d09ac351aa3e61a99ad762e
- SSDEEP
  
  1536:8pgpHzb9dZVX9fHMvG0D3XJ88KUHUhZ9df66wbzRBo41ahfP:KgXdZt9P6D3XJpKUHUhZ9h6pbNBo4sN
Score

1^/10
behavioral23 behavioral24
- Target
  
  $PLUGINSDIR/inetc.dll
- Size
  
  20KB
- MD5
  
  f02155fa3e59a8fc48a74a236b2bb42e
- SHA1
  
  6d76ee8f86fb29f3352c9546250d940f1a476fb8
- SHA256
  
  096a4dc5150f631b4d4d10cae07ef0974dda205b174399f46209265e89c2c999
- SHA512
  
  8be78e88c5ef2cd01713f7b5154cfdeea65605cc5d110522375884eeec6bad68616a4058356726cbbd15d28b42914864045f0587e1e49a4e18336f06c1c73399
- SSDEEP
  
  384:voJLJVqG5WLJgu/Emx1Ywxd2ZmX66vwUhU7ya4LC0Ac9khYLMkIX0+Gv8gcLom7:AJVkN8mHYwxdWmX3wUhUua4LeT7
Score

3^/10
behavioral25 behavioral26

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Subvert Trust Controls

T1553

Install Root Certificate

T1553.004

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Drops file in Drivers directory

Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26