996cd6c529fd6fcb1150408728edf123b8cb7903200b3a0d7751bcc7f344b526 | Triage

Sharing

General

Target

26d967df87656e595072c2ed36f8897e_JaffaCakes118
Size

312KB
Sample

240705-md65msygnh
MD5

26d967df87656e595072c2ed36f8897e
SHA1

03c2489f3b4fad50c3686627cd51c232ca4c436e
SHA256

996cd6c529fd6fcb1150408728edf123b8cb7903200b3a0d7751bcc7f344b526
SHA512

cc5d879080e8a65066bf471574b39d3e6f5b26454f438678658d6044fe78496955bd1d2a94556b1efc9d062cb0f9d7ec8437bf4fd30baaf7d622dea40bfc963e
SSDEEP

6144:qe34pOw0wpdmtuuRL7ZM/0KCjHpGy9jBZ0XmBy5hRJGy9jB6:Y7pstv17+TCjLxBC2By5PxB6

Score

7^/10

adware stealer upx

Malware Config

Targets

- Target
  
  26d967df87656e595072c2ed36f8897e_JaffaCakes118
- Size
  
  312KB
- MD5
  
  26d967df87656e595072c2ed36f8897e
- SHA1
  
  03c2489f3b4fad50c3686627cd51c232ca4c436e
- SHA256
  
  996cd6c529fd6fcb1150408728edf123b8cb7903200b3a0d7751bcc7f344b526
- SHA512
  
  cc5d879080e8a65066bf471574b39d3e6f5b26454f438678658d6044fe78496955bd1d2a94556b1efc9d062cb0f9d7ec8437bf4fd30baaf7d622dea40bfc963e
- SSDEEP
  
  6144:qe34pOw0wpdmtuuRL7ZM/0KCjHpGy9jBZ0XmBy5hRJGy9jB6:Y7pstv17+TCjLxBC2By5PxB6
Score

7^/10

upx
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  14KB
- MD5
  
  325b008aec81e5aaa57096f05d4212b5
- SHA1
  
  27a2d89747a20305b6518438eff5b9f57f7df5c3
- SHA256
  
  c9cd5c9609e70005926ae5171726a4142ffbcccc771d307efcd195dafc1e6b4b
- SHA512
  
  18362b3aee529a27e85cc087627ecf6e2d21196d725f499c4a185cb3a380999f43ff1833a8ebec3f5ba1d3a113ef83185770e663854121f2d8b885790115afdf
- SSDEEP
  
  192:86d+dHXLHQOPiY53uiUdigyU+WsPdc/A1A+2jwK72dwF7dBEnbok:86UdHXcIiY535zBt2jw+BEnbo
Score

3^/10
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/KillProc.dll
- Size
  
  24KB
- MD5
  
  f2223ee8d3b5a26d9386dd90fd6326cd
- SHA1
  
  edf24705bba2a459637722af3b7a8b7bac23d2ed
- SHA256
  
  488aa34c7d2da0ab4a6b50463d5bb7fb402493602d3164bd1d56a2e93d97237e
- SHA512
  
  59bdc5368c9dbcee3f7807a653618becac2c36ac4b4c5b3e8906f32e55ddb0620af30e1c771bd9e3145b7caf996c1cc439066e1ce17cbe6f3ed9248c2e6e4428
- SSDEEP
  
  768:p13K3oHsFZLEQOkfb5CtRvBFj3d6dLMk:p43oGgQzotRZFRsH
Score

7^/10

upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  11KB
- MD5
  
  c17103ae9072a06da581dec998343fc1
- SHA1
  
  b72148c6bdfaada8b8c3f950e610ee7cf1da1f8d
- SHA256
  
  dc58d8ad81cacb0c1ed72e33bff8f23ea40b5252b5bb55d393a0903e6819ae2f
- SHA512
  
  d32a71aaef18e993f28096d536e41c4d016850721b31171513ce28bbd805a54fd290b7c3e9d935f72e676a1acfb4f0dcc89d95040a0dd29f2b6975855c18986f
- SSDEEP
  
  192:7DKnJZCv6VmbJQC+tFiUdK7ckD4gRXKQx+LQ2CSF:7ViJrtFRdbmXK8+PCw
Score

3^/10
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/UAC.dll
- Size
  
  17KB
- MD5
  
  88ad3fd90fc52ac3ee0441a38400a384
- SHA1
  
  08bc9e1f5951b54126b5c3c769e3eaed42f3d10b
- SHA256
  
  e58884695378cf02715373928bb8ade270baf03144369463f505c3b3808cbc42
- SHA512
  
  359496f571e6fa2ec4c5ab5bd1d35d1330586f624228713ae55c65a69e07d8623022ef54337c22c3aab558a9b74d9977c8436f5fea4194899d9ef3ffd74e7dbb
- SSDEEP
  
  384:59TzaeW+WyB8c7LX+OGkrwWvVrkUiEMAWm5nskAvXkq:5ZaB+W62Mr5vGUiEum5sk
Score

3^/10
behavioral10 behavioral9
- Target
  
  SearchToolbar.dll
- Size
  
  261KB
- MD5
  
  b7f8477f182afe6005555aecb436fba9
- SHA1
  
  e5ad1101b3660999e80f39ff7cedf818a92791bc
- SHA256
  
  99d8af63e2ec7df484fbce48bfc85c5b88ff125cc8a09bfd4572471513cb83a7
- SHA512
  
  698539fdde4ca761a9d0927922ccdbd0b4d12b9a943112bc4aa3db26871800659287d7de838dd364af8b5fd53dc763e8f800b48dc47f9e7cb556545433ef9a8c
- SSDEEP
  
  6144:0vnUrHmPKMSx/MslaxV6aB7Qrn0dm/VtzCkkkkkkkkkkkFCkkkkkkkkkkkWCkkkZ:GUblr+V6aB7Qrw9kkkkkkkkkkkskkkkR
Score

6^/10

adware stealer
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
behavioral11 behavioral12
- Target
  
  SearchToolbarUpdater.exe
- Size
  
  41KB
- MD5
  
  c9b95e7b0cecc6466c2c57e0960f179f
- SHA1
  
  fc032fe4d4fa7f7c81166a217693df482e81b4a0
- SHA256
  
  b8635332df9e907c99bdb41d2b3ca7bcbb4e23eabc066cc632fae0e6754c9e39
- SHA512
  
  8e846b26e97192870643b1315661969602f277bc538bf80b1f3c1bffa9b53e72489ce82327c4d4d4d5a02e3c7ffcb2a0046853ac02c6fb8089587a961ec5f539
- SSDEEP
  
  768:IE9rAyLoAUrDlDk4+Q/nbpoEd0g6FFjJC6RUxqK4I:IE9LLClw4rbpohdRUxN
Score

1^/10
behavioral13 behavioral14
- Target
  
  uninstall.exe
- Size
  
  93KB
- MD5
  
  d7b14dc620c62c8188e397a4ceaa454c
- SHA1
  
  65e97d80e10a4e9fc98f50b6ada9f80f4da19706
- SHA256
  
  c1da9ea0f4ece3592bed21e44068cfb1754ebee98be4ae31192a0dc4af0efca0
- SHA512
  
  240f0aa333379c5124718c2bc954421c33ae3262e24d2ff2aee92fcadd3844eb58c9d8a424de0d4726b0146f4c6cf2c49550b6fad578c4b69ccb27ba41986b56
- SSDEEP
  
  1536:cpgpHzb9dZVX9fHMvG0D3XJRgKzLidAsK6y6ahbdJf2PFWWw9fuYaiZN:qgXdZt9P6D3XJRJidAA7ahRJOPpw92YF
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral15 behavioral16
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  11KB
- MD5
  
  c17103ae9072a06da581dec998343fc1
- SHA1
  
  b72148c6bdfaada8b8c3f950e610ee7cf1da1f8d
- SHA256
  
  dc58d8ad81cacb0c1ed72e33bff8f23ea40b5252b5bb55d393a0903e6819ae2f
- SHA512
  
  d32a71aaef18e993f28096d536e41c4d016850721b31171513ce28bbd805a54fd290b7c3e9d935f72e676a1acfb4f0dcc89d95040a0dd29f2b6975855c18986f
- SSDEEP
  
  192:7DKnJZCv6VmbJQC+tFiUdK7ckD4gRXKQx+LQ2CSF:7ViJrtFRdbmXK8+PCw
Score

3^/10
behavioral17 behavioral18

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Browser Extensions

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18