46aa6ab37446729db4539b16deffd407db35627861ecadb0e4a3f052a0195c13 | Triage

Sharing

General

Target

1c90bba83da7efb6fafb55e02fbaa833_JaffaCakes118
Size

647KB
Sample

240701-1cvbcavcpq
MD5

1c90bba83da7efb6fafb55e02fbaa833
SHA1

abdb6cbc2ee911382dcf7093087f18c90901260b
SHA256

46aa6ab37446729db4539b16deffd407db35627861ecadb0e4a3f052a0195c13
SHA512

aba7646eb777f3e0531b511f792c2550005b8a9c56e2d92c443bc6db0d074d1ee8e35c217ef4556b411baa962744922a62d00d451214c21e173b016ce27a7a8c
SSDEEP

12288:ndqHsGlpIjHQRXL0qoel8Tiofzm+GlAPdY/ZVWC+i9YuVgJus2zK:dU7KkNoel8Tis/PdsZVMi9iJh/

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  upgrade.exe
- Size
  
  656KB
- MD5
  
  9072c7ab788ae840d16e5d1669029a97
- SHA1
  
  7672619eb461756a7e1353e350ec57e9bdafce7c
- SHA256
  
  3f62c010d1806625a8e2e099d76143ff8d0ef6a09fc02034a022e0ef3b336148
- SHA512
  
  0fb2b4011759e575831e356d13a6f1208d901c971f04e0e5b8ad99b3a58935784cda18ed7fd03ca9c49dfd59437d7ac960578d03a0da2575236a75017d1b6c4a
- SSDEEP
  
  12288:5qHsGleIjHQIXLRqomJ8JioWzmNG2APCYSZVrC1iHYuVgVus2zYtZ:5UwKf8omJ8JiPNPCjZVKiHiVhhZ
Score

7^/10

discovery
- Executes dropped EXE
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Drops file in System32 directory
behavioral1 behavioral2
- Target
  
  $0/browserseek.dll
- Size
  
  560KB
- MD5
  
  ee708e10aa6654f1ecf78b7b04f2389d
- SHA1
  
  bcad2ec58edf14f6307779afbee8faec26b312ab
- SHA256
  
  9731f71c53be3696a98129d8c378ba06258e02f6461437f901b8967deafea4c3
- SHA512
  
  135058be700add8db6af42f11488fb92d38e2cb9115585a265abf1003feb00b8addd6e17fab5e91446b4c303469c4e78e6eb0f1327845e88e073f73255c0082a
- SSDEEP
  
  12288:fj2TCZo1j8pH5Aiw5rn4lWlu90LjDTX0JfZXwzPg+I6clLGF:fj2QoKfA1nE9I6fZgzYflLGF
Score

1^/10
behavioral3 behavioral4
- Target
  
  $0/browserseek.exe
- Size
  
  48KB
- MD5
  
  e6f88bb87363c318c22c44d9be58a49d
- SHA1
  
  fcfb85dec82ccb50d021a5d1f7db04344d9dacbd
- SHA256
  
  59d9c9197b20786d7ac363ea2dc02c4072ffcc2903fed9ce522149b384fbb890
- SHA512
  
  d6bc1821c8222304b1a398d7ce514b22a160f4a66cd013dcedd3e0a05cb445b87e883f7115be442e55dd0cba1579cec6413e2c853d6748fbdc17d0b6f3f0b75f
- SSDEEP
  
  768:SipF3uteJZRsJmdwRD0HnJxjom7UD6kaK6mFiYw8jY/hjRQGpH4uNqV1lA:SY3TbKD0HnJxjomgD6ka7m1jYp9VpYFq
Score

1^/10
behavioral5 behavioral6
- Target
  
  $0/uninstall.exe
- Size
  
  82KB
- MD5
  
  3f0967dccc27c0b022dd6be6a98fa390
- SHA1
  
  c57846d9800a9cf8c6a39170a6a045dc80d8dd29
- SHA256
  
  9834d7bfea7dc27409d0cebd59175c00a0ee51b64b558abb26c66fed50bc9825
- SHA512
  
  1d0bebf9a484ba7727c288156420be9f853537ceebb8d17450646f5e501f2f44d533f31df83c574c0bc8f13c0fe77980d95188a5f5a920cecaf24df8579887f0
- SSDEEP
  
  1536:xEkjY1zy214Qay0DGkJ7qAELVigJFBcp6hLeh8a+gZuNCtO2/D7J:+kjAJ4dDGkJ+AI0V4hChIg97/5
Score

7^/10
- Executes dropped EXE
- Loads dropped DLL
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  13KB
- MD5
  
  d765c492c21689e3d9d61634371fd861
- SHA1
  
  ac200933671ae52c9d5544d0e2e8e9144d286c83
- SHA256
  
  551e6042dd494ea01549555ffc194ab9729da09058ec714eb368dd06642c9bbc
- SHA512
  
  9919a9e848c8f1e26c75d0d29207571e4b86a4140bd554743d2c1f8bd7f386fe4919345b163d89a5d907fb165e435ba0ac5f6b1101713636141f156a420e2e0f
- SSDEEP
  
  192:9B6RvrfvOuJQDghBy/X7QKq3TLGciZJf0EzWzMnz6WoF1dBs:v6RrviWaX7eiZJ7nz6bB
Score

3^/10
behavioral10 behavioral9
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  10KB
- MD5
  
  fe24766ba314f620d57d0cf7339103c0
- SHA1
  
  8641545f03f03ff07485d6ec4d7b41cbb898c269
- SHA256
  
  802ef71440f662f456bed6283a5ff78066af016897fe6bfd29cac6edc2967bbd
- SHA512
  
  60d36959895cebf29c4e7713e6d414980139c7aa4ed1c8c96fefb672c1263af0ce909fb409534355895649c0e8056635112efb0da2ba05694446aec2ca77e2e3
- SSDEEP
  
  192:rO6dJA/ruAFEiUdWWE6hE5RYUdJfbub1aMBgMO:yKAFERdlxhGRYUzqZaMB
Score

3^/10
behavioral11 behavioral12

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12