40d4bc677804c8b7cbd4f13942682658546aee56746fecbd59e5eeef7da46c5f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2420c5ca974624ab51e5849c6b749d14_JaffaCakes118
Size

116KB
Sample

240704-bl45gawerp
MD5

2420c5ca974624ab51e5849c6b749d14
SHA1

41b159bbcbd6c1fb2a1218025ce059c81f3d9a51
SHA256

40d4bc677804c8b7cbd4f13942682658546aee56746fecbd59e5eeef7da46c5f
SHA512

5a22a7cbec6aad34c3e3fbda3ab4f3484d2d1f6039c4c41aca3f4351a849260965f5c29f26ab26acd0211d55a77ced4439d013dbaf8eb37c46d157c2a619f333
SSDEEP

3072:INhR6b5yBSW45oXLqJXRiLdDnqTTs1MgWZvTGHSgc:ITCyxBXuJXRi5ne4anTGHbc

Score

7^/10

upx

Malware Config

Targets

- Target
  
  2420c5ca974624ab51e5849c6b749d14_JaffaCakes118
- Size
  
  116KB
- MD5
  
  2420c5ca974624ab51e5849c6b749d14
- SHA1
  
  41b159bbcbd6c1fb2a1218025ce059c81f3d9a51
- SHA256
  
  40d4bc677804c8b7cbd4f13942682658546aee56746fecbd59e5eeef7da46c5f
- SHA512
  
  5a22a7cbec6aad34c3e3fbda3ab4f3484d2d1f6039c4c41aca3f4351a849260965f5c29f26ab26acd0211d55a77ced4439d013dbaf8eb37c46d157c2a619f333
- SSDEEP
  
  3072:INhR6b5yBSW45oXLqJXRiLdDnqTTs1MgWZvTGHSgc:ITCyxBXuJXRi5ne4anTGHbc
Score

7^/10
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  14KB
- MD5
  
  5ae04445948261c85670059119df3dad
- SHA1
  
  f13313f7f3e465ea0bfb1190073bee4c5d10e56a
- SHA256
  
  5b604ab18f9b758c8d63faf682ca24789edce2cc8eec11d66dbc4adc5a50d5de
- SHA512
  
  e2e011dae67dc12088f2b92d048c6b5668027f82982a7191a12f3d875830e9b205f8dd49fc6ffb3ee452f0db4bb92d9497bdffdd324068923efcd038de81a3ab
- SSDEEP
  
  192:HhzELJEVgDGUzG0U1YeyPdSA9QYm2f+ypnEz+OsweLo7CnfXkCjKSsHt2:Hhz88US0J1PdSqjmUuzLswV7CfUClk
Score

3^/10
behavioral3 behavioral4
- Target
  
  Languages/French.dll
- Size
  
  42KB
- MD5
  
  82e6695938aba9196aa9a08fbdcc42e4
- SHA1
  
  dc2bc2ce61e99e7addd6dbd329122c3b33435d44
- SHA256
  
  95df6ef844ffd9e7b6f616c781c25ca1cbdd63d448e8dafea106b61f31869331
- SHA512
  
  089f3caecd7e7a20ce4758d092367dbcd4235f0d2c1691e96a7369a55128ad47dc4144ce96bf7fe4981bd8c761a6ac84713852f8bab45b42649b5f7c1e5f805e
- SSDEEP
  
  768:9d+bx579V7p+5yAlVXxv9j2WeRVl7/36YS4urxHD77XDhgRSxZvDj4Vykv:9YPJ7s/lcvp7iYNutj77XYqZP4Vyk
Score

7^/10

upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral5 behavioral6
- Target
  
  htmlfr/frame.html
- Size
  
  536B
- MD5
  
  baa1fdecd06b3f726cd8f3e9849c011b
- SHA1
  
  e794d46f0e79e8d5debe6e64f0e42490ad5a1d74
- SHA256
  
  3c8c0f548cf05163fac45b826b827e0f0f1e05f59d2088a2b666cd084ed20d3d
- SHA512
  
  ef979351f532895778432e7305961a0eaecca206e6e9e962e3bf9c895bb7c668c227b5c245165fcf0a038db188d1b4ed4dc0f80c5a8962f0ff58b7ab7de0c49e
Score

1^/10
behavioral7 behavioral8
- Target
  
  htmlfr/slideshow.html
- Size
  
  1KB
- MD5
  
  6656787135e64f08bd6ca30c05c05b5c
- SHA1
  
  bbd9bf4cabaf2229834fbf66d657693f189b96ca
- SHA256
  
  830faf8ad66597c38ef138d5f44d0dd596c66e598c695587d71dfff847e453f4
- SHA512
  
  2fd9c6ca31b2991da5e867b0942afd3ebf10dc87dae2b5113a0ba6a43ce4057a378113355e448ac69b0457effd5b373842cfaad15a083c1785cc0478e0c8c699
Score

1^/10
behavioral10 behavioral9
- Target
  
  htmlfr/thumbnails.html
- Size
  
  940B
- MD5
  
  e3a5ef7f6c810f605ad1cce3fcfab880
- SHA1
  
  eea288dff1bb48496e98961dfd952405c5e9f360
- SHA256
  
  4578405439e4e8a8b90125d8e48f4e0cff3683d20eb9ff26d1442f9861ddcdb2
- SHA512
  
  6daa9053cd1d7f97ff0b721fe6886f911764b5c6a5f82222b327688c00db228ea7d58f79d03f5566e0f9f005d2245b68d0ff751bddc233bc0435992e87d85cda
Score

1^/10
behavioral11 behavioral12
- Target
  
  uninst.exe
- Size
  
  50KB
- MD5
  
  fd3ec22bcae0c13d439994f48c910c1a
- SHA1
  
  b90e502adf0876228a83a7577f199d958c329349
- SHA256
  
  73e47b8fdfed1985cc68b270607202e07546b9f116331cd54daa36c5c5cd4403
- SHA512
  
  94dea7aa5bea5053970618cecba25665f17f69f0c1d350b706d30b7edb95525c82b1c955a0b97b22a571cef5760c30f5f08c10001ed9ac96356d714dc70a2fc2
- SSDEEP
  
  1536:6p51heoR6vzsS3v2PggBSqgdLeAyNJkcU:INhR6b5yBSqceAuU
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral13 behavioral14

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14