d24d1726864be6bf4458f9c23ab89c03506bbb7d662cb68c27dff4c97e560e91

Sharing

Copy URL

Twitter E-mail

General

Target

27afd8876ff116298e774e1972a80510_JaffaCakes118
Size

2.5MB
Sample

240706-h16eeasflg
MD5

27afd8876ff116298e774e1972a80510
SHA1

5d7ea02a6c39d0688f1e66bbc2582cd3a7fb4121
SHA256

d24d1726864be6bf4458f9c23ab89c03506bbb7d662cb68c27dff4c97e560e91
SHA512

a67b4592fa9accd0e9ca20487cb7cdc519ff12cc9518d72540ae34807fadf14b95bb74d6d1ead4bd2a67af92560e5c4712b660e72928b61685d38edf408362e1
SSDEEP

49152:dpkqQU8lEQjAqwheqPmlghAnv9DMeRipoUnFEc8KX/E9dfSiye5L62rK:DCUsEQE3e4Arv70powKjjfS+bK

Score

7^/10

Malware Config

Targets

- Target
  
  27afd8876ff116298e774e1972a80510_JaffaCakes118
- Size
  
  2.5MB
- MD5
  
  27afd8876ff116298e774e1972a80510
- SHA1
  
  5d7ea02a6c39d0688f1e66bbc2582cd3a7fb4121
- SHA256
  
  d24d1726864be6bf4458f9c23ab89c03506bbb7d662cb68c27dff4c97e560e91
- SHA512
  
  a67b4592fa9accd0e9ca20487cb7cdc519ff12cc9518d72540ae34807fadf14b95bb74d6d1ead4bd2a67af92560e5c4712b660e72928b61685d38edf408362e1
- SSDEEP
  
  49152:dpkqQU8lEQjAqwheqPmlghAnv9DMeRipoUnFEc8KX/E9dfSiye5L62rK:DCUsEQE3e4Arv70powKjjfS+bK
Score

3^/10
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/AnimGif.dll
- Size
  
  9KB
- MD5
  
  11e94fedb34f46458f9dc773a91f2770
- SHA1
  
  791cf30880c74df9d6f7c1e637e4fdf5fa88b38a
- SHA256
  
  54ccdcb42fb3e63b7a55e8c0e7d12182a0338ea38b106b793ca048000a189ab5
- SHA512
  
  57dd38bebdd7d8fbc4b3daeecabc5c2617d4f5b2f6ad2396a702f1da362bc72deacfea2dd1550b0e00269188676324e1b7dd6ed372211c8bf664af824ac8d950
- SSDEEP
  
  96:kVh/i//UrWWXMAb+6aNqRjTwUWo5zFyRH0aTyZekTIVCAEHZNKNy0p:uh/Bl8AIQR/bWSMRH00yQBEH
Score

3^/10
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  12KB
- MD5
  
  1d5c649dde35003a618b9679d5d71b92
- SHA1
  
  0409bbab3ab34f8c01289cdd847b4d1a32d05b18
- SHA256
  
  0f4d3cee24e3f310fa804983c931d3628613988a24f0be7854f63a9309b8e45f
- SHA512
  
  b432ebcc52905662d61a3f17e08e209a3f9d836a9071b3b5e80070af7ebcf34cf66c44426dda041c2a258fda4787e5692e2b35acbcd73288fb84fe3c977bbfd9
- SSDEEP
  
  384:pKlm7i+c3QW6ckPhyDEaLnA2bbBBIXwZ:8qi8BcyhEhLBbbTI
Score

3^/10
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/KillProcDLL.dll
- Size
  
  32KB
- MD5
  
  83142eac84475f4ca889c73f10d9c179
- SHA1
  
  dbe43c0de8ef881466bd74861b2e5b17598b5ce8
- SHA256
  
  ae2f1658656e554f37e6eac896475a3862841a18ffc6fad2754e2d3525770729
- SHA512
  
  1c66eab21f0c9e0b99ecc3844516a6978f52e0c7f489405a427532ecbe78947c37dac5b4c8b722cc8bc1edfb74ba4824519d56099e587e754e5c668701e83bd1
- SSDEEP
  
  384:3rYz6grZodORNWATt4TBmlk5ooyzFh7BukAUdJoUtSOSR:3QggDWATWNCFh7BNddJoxO+
Score

3^/10
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/KuWoNsis_new.dll
- Size
  
  97KB
- MD5
  
  86991f180010ceafd3d79fcbcbbf793d
- SHA1
  
  36078ae4127cac5f4e850a2d081424a0f5e1c679
- SHA256
  
  e50922c5f9c5c077f1f526b35bce86d326d0ee9da64563fc3b6316097b4d95e9
- SHA512
  
  2e711fd3b0196eda085876d5d05192ee15ba20677d6e1f6ea74cd8a7e8166d8cf4ff52682d92635eb560d7eb84a56a71ad26326a09118e8709f1600d2bc89782
- SSDEEP
  
  1536:UY9Fs5msanhmlskC4eW2EdPznZqk/g6dzglSpt9jafCj:UY9F4mKlO4eW2E1Hg6dzglS9GE
Score

3^/10
behavioral10 behavioral9
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  10KB
- MD5
  
  4eff5fafd746f5decb93a44e3a3d570c
- SHA1
  
  a11aa7681b7e2df1c7f7492a127d332d1495ea8a
- SHA256
  
  cf61ddd15d63c25a12caee70f51ea736cfc02195c42e56ee01b33f689d3754c5
- SHA512
  
  cde82d2a1f28506e4c2264f6b82017a00af32f138ebcdbaf4cc58463870fa626f708aa57465294c5a6f096c886841e7b9112b85bf3ea2f1d8f2da816b51b2d72
- SSDEEP
  
  192:0OycJo/rJVCmIDNLU0dq5RD00lspbub76yL:6/QQ0d0RD0USq/6y
Score

3^/10
behavioral11 behavioral12
- Target
  
  360Inst-kuwo.exe
- Size
  
  645KB
- MD5
  
  4d8edc50c5bf1dd49b73950b597cc8e8
- SHA1
  
  189306c5825e14167f4c1f8e5cb202ed723db597
- SHA256
  
  c4785d7e60dced9422f47c7450b836fca7af4de178edd5d1511fed8da077e421
- SHA512
  
  17193529f825f497f09ea1a171fe185a8cf0e20524f14badfc76340eaecb44af112613e668da4469f9998ebe2cd90b370d69a1913e35b0edaac3e22013766939
- SSDEEP
  
  12288:7et32YRyg++CFiNO5eqgea+/SmOjH3YMInPgssd1lWeIY9JUeOXgjXyXfBgQgR:72Xtfd1D3YMyP41lDImJUeGsXMfBAR
Score

7^/10
- Loads dropped DLL
behavioral13 behavioral14
- Target
  
  EncodeBnd.exe
- Size
  
  77KB
- MD5
  
  5648a95211379eb97c350caf23a4d8c8
- SHA1
  
  19cceb41b15f0f4a2d62d096efd76c968acee862
- SHA256
  
  d16aebfd3de281f37f2cad8a134eb692d8b84024658c8f6299db39a1d4095173
- SHA512
  
  13f0a7068737d166fb296eaf573d5d97251c145761b355353c38b0bdebad0a23c282d2a62f1a48891ec5135a3638c9ce3e9ce6841b22cb2e24c852971edd4512
- SSDEEP
  
  1536:SDpQn6sDNFZmIgdQ66/cExOv7IXSUppdnVjaZFlWrl2x6afCg:SDpQ6uPmXYcExCIbViel2db
Score

1^/10
behavioral15 behavioral16
- Target
  
  Install360AV.exe
- Size
  
  93KB
- MD5
  
  92a49fc5a639b2caf7dd7284895e0f1f
- SHA1
  
  6ac02aaca62604964fcfe20ea775ce3125532b23
- SHA256
  
  aa1be104b673c704f979c04bd0e5aac9cfdd41412675f091d5005864201d40cd
- SHA512
  
  98944cee26745f287ae1a3806e738ac6d01ed3a28a9e7714d6b4bb64a9b5aa4289e1106837e34c313ca81990f41422618f54422357fcd8c296e532d7dbd53a6f
- SSDEEP
  
  768:0yCtJb11w0K5dRrGiYELMNMNY5DFlI9ZU9QZU9ZLWjbCF:0rtdXwBl7bGMol6ziafCF
Score

1^/10
behavioral17 behavioral18
- Target
  
  bin/CKuwoPlayer.dll
- Size
  
  165KB
- MD5
  
  c9b2114962bbac06146f1b372cea5e8f
- SHA1
  
  a231b63a62650250dadbfab9a241a64fe1c1f29e
- SHA256
  
  9e31fbe41bc962f91aecdbb823a3ec313013b1e7e5f3acb71d17ea91d5e46c34
- SHA512
  
  bbc3baa330ec79616eb7ee38d9cd298e69be5bf8bb3f46192c3e38121231838953f62caaa89f4996c147fcad98cc6cd16cb25da46b9e3c66ade36f2d844a27e7
- SSDEEP
  
  3072:2v5P+NCopsu3+tEbzNfyva2YriUW1q/lMwjAn5IonjOXkGPOyPQNoO:ZF4Ev2Yrio/25IUKNPOyPyoO
Score

5^/10
- Drops file in System32 directory
behavioral19 behavioral20
- Target
  
  bin/CWmpPlayer.dll
- Size
  
  35KB
- MD5
  
  b39b4b792cae177d61235dbc14ab2719
- SHA1
  
  9dd1dda0b7e22063eaa860a9d79a0489a5bca647
- SHA256
  
  08653575e5c67159bead27b775ff7e7521cdbaad6ba4255d06f4435d33a74df3
- SHA512
  
  d6f742a704bf3d731a9f28e8b3e4e501b3941dc29c56dce4ed136da4f971b5a09ae0c2733966b2476cc2e936223926da099504cc16b7040ae65b167242bfd791
- SSDEEP
  
  768:IMDbVZDprHj317bVbeoI5ApDzaOymcgwVwLWjbCUS:fDLJ1/VyfezaOymcgwVwafCUS
Score

1^/10
behavioral21 behavioral22
- Target
  
  bin/CoreAVC0.ax
- Size
  
  186KB
- MD5
  
  75d137762c16c0790ddc2c5c844d788a
- SHA1
  
  7f3bc28c0df5532f13ef8cfa599bd67ba1b5a647
- SHA256
  
  36837a8b77a3241dbf30df4a002a4653555ad7fdadad68311c7a4171b2ede478
- SHA512
  
  18d7eca49e715d3b4af0cf64c8c19dd6993bcb458fff85f0df852b881b6b314f2d2c351812fcfbdfebf95bc7fb7b1adc8a4cefdf40fd29b82076c4629ebe22b3
- SSDEEP
  
  3072:sFX0fCcmjZvyTdndzMryzKdvYQ/5c0q3ARsK/l74obxK7Dtp0XRHSOg9lX9cWR83:sEKpZY2r3VYQ/c0d7Hbw7pp0X8hlX6Wc
Score

1^/10
behavioral23 behavioral24
- Target
  
  bin/DshowPlayer.dll
- Size
  
  72KB
- MD5
  
  62e23d043ae5281f661dd58c1393d94e
- SHA1
  
  048e25c3c3b128e8b5e849f6fe3f4e0cfec38164
- SHA256
  
  f44858ab819f99252ed0d8fc377146205d867d5db1c172e5651befde07b58329
- SHA512
  
  adc811701dfcda3df79b21197b303339fc8876af4dc0b08af0af851faf31a6ea7423d8ccbec44e7bb422137ea2a83f1f591a4d8c5c88a5ffdbdad84894b0bcc9
- SSDEEP
  
  1536:bbs3S8FIH/xwm4BTHEyZarMDTZO1BmZzfTeafCV:bbs3Sxf4RHEy8rMZO1Bm5S
Score

5^/10
- Drops file in System32 directory
behavioral25 behavioral26
- Target
  
  bin/Encode.exe
- Size
  
  70KB
- MD5
  
  78105505dd2b26aea01d0f6fb51ab053
- SHA1
  
  e328b7c590f5755d36ce9d9fe504ab61a3d2ff83
- SHA256
  
  49ebd68bbd440bf2ea29203e2d874626c9848b1edade87ac99559d119c0a1f28
- SHA512
  
  404940ba50d5144f4a3d0f803c558ef2fca10715e89a9bb7da5a34e808024a6e74c44e23752ff983d6f8dcee766f017001d22d75ef2b3929a9bcd98a50857388
- SSDEEP
  
  1536:h7X0ggEy9sCUKmbSeffYqTOFcR3jOWrafCD:h7EREgErEFcR6WO0
Score

1^/10
behavioral27 behavioral28
- Target
  
  bin/KwAni.dll
- Size
  
  639KB
- MD5
  
  c38e58a05b28285d5bf43095cca2092f
- SHA1
  
  c10d36c02985d49ff0d7932d87979fbf31768200
- SHA256
  
  5ccac4d739a0d09c010fb145c421b91c93f69be0078d2232d2f5ea1c841b1dcd
- SHA512
  
  d45c85d5103fa65fc3c923141195ae20b81631faf5b7e22c1ec64504f0f82962ca480f7db339f505f939d9185e483182e3e9e426a3354ff30c76bfedf9465872
- SSDEEP
  
  12288:A0GcUKQGlBkCj29XQJeezWyCYagh2CwS3W0VUUVo1x/EsCdoTeBXmhv:AtBkqXQkwCYagPwa1yXTeAhv
Score

1^/10
behavioral29 behavioral30
- Target
  
  bin/KwCommonUI.dll
- Size
  
  668KB
- MD5
  
  fb5d1d15560efc64692c98194e99492b
- SHA1
  
  de672e72089af85b16eac54650c77c1ba42f1c9c
- SHA256
  
  1f31d37384208ac409acbed501d80aeb0bb139cc51b2926014a5e1c78a5d80e7
- SHA512
  
  1663323226d083b44344064f431fc6827796e20af456feebffc248bd2137602b63e10b8f7c3f301024017f4b69f557967533124ec09de10a0ce41faa2d601f24
- SSDEEP
  
  12288:XhfRlA5ymiD2++z9kjPHC9KmhloBQ0R6G+4D9Zs7iJEprrhv:RH1x+Rk7SuX+4D9ZhurVv
Score

5^/10
- Drops file in System32 directory
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Loads dropped DLL

Drops file in System32 directory

Drops file in System32 directory

Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32