13f67aa513316d0623743c173d567049f9e05c9d0dd5b1def66c243744d19955

Sharing

Copy URL

Twitter E-mail

General

Target

2a47bd5e203efa9c2bc930c57b3c4338_JaffaCakes118
Size

945KB
Sample

240708-ad3q1asgmp
MD5

2a47bd5e203efa9c2bc930c57b3c4338
SHA1

68958ccc67aab09aee4d9f6aa9fc14fc5dedcfee
SHA256

13f67aa513316d0623743c173d567049f9e05c9d0dd5b1def66c243744d19955
SHA512

8cd540595c91db47cfeea7d22de39f0dbbeaee64ca1741a6e3bd6469959b73197e102a92d4e05f8b3781b2edaaa02e8d1a10bb1774f470a985070fe9be42a23f
SSDEEP

24576:2mSHHHHHJ9BOBecbTeWG/gBw1Xmp9ONWzivFiEtTrTs:0HHHHHPBOkceWGYBw1XFNWzcs

Score

7^/10

Malware Config

Targets

- Target
  
  2a47bd5e203efa9c2bc930c57b3c4338_JaffaCakes118
- Size
  
  945KB
- MD5
  
  2a47bd5e203efa9c2bc930c57b3c4338
- SHA1
  
  68958ccc67aab09aee4d9f6aa9fc14fc5dedcfee
- SHA256
  
  13f67aa513316d0623743c173d567049f9e05c9d0dd5b1def66c243744d19955
- SHA512
  
  8cd540595c91db47cfeea7d22de39f0dbbeaee64ca1741a6e3bd6469959b73197e102a92d4e05f8b3781b2edaaa02e8d1a10bb1774f470a985070fe9be42a23f
- SSDEEP
  
  24576:2mSHHHHHJ9BOBecbTeWG/gBw1Xmp9ONWzivFiEtTrTs:0HHHHHPBOkceWGYBw1XFNWzcs
Score

7^/10
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/InetLoad.dll
- Size
  
  18KB
- MD5
  
  994669c5737b25c26642c94180e92fa2
- SHA1
  
  d8a1836914a446b0e06881ce1be8631554adafde
- SHA256
  
  bf01a1f272e0daf82df3407690b646e0ff6b2c562e36e47cf177eda71ccb6f6c
- SHA512
  
  d0ab7ca7f890ef9e59015c33e6b400a0a4d1ce0d24599537e09e845f4b953e3ecd44bf3e3cbe584f57c2948743e689ed67d2d40e6caf923bd630886e89c38563
- SSDEEP
  
  384:nUOPTbiJmdztwwKq8W1cyMjPzV0Ac9k+LMkIX1+Gn+XHdjf:nTikliwKq8W1rMjPzz+f
Score

3^/10
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/LockedList.dll
- Size
  
  31KB
- MD5
  
  d6c18c9cdb750d7b23d5c9806b204a62
- SHA1
  
  b41a65ca3115ca14102dccdf0818ac229af9461e
- SHA256
  
  ee9201059695cde4aa728d9b0fd1a06278cdd6a6803c934e9d9d20fd420909e5
- SHA512
  
  fc44d28a75d07e51222027dfe1b06f3bfe5454f3db3ab47d880cee0be96df31c3c82fd7c8e45b073eead741101a6eb6306bef53f4cf99e6279049f748cccc692
- SSDEEP
  
  768:2XWgM6PuH9DvjM4pmTkoELZYtHhzOJQJA:2GlH9DvQ4pmYhLZUHhzKQJA
Score

3^/10
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  11KB
- MD5
  
  c17103ae9072a06da581dec998343fc1
- SHA1
  
  b72148c6bdfaada8b8c3f950e610ee7cf1da1f8d
- SHA256
  
  dc58d8ad81cacb0c1ed72e33bff8f23ea40b5252b5bb55d393a0903e6819ae2f
- SHA512
  
  d32a71aaef18e993f28096d536e41c4d016850721b31171513ce28bbd805a54fd290b7c3e9d935f72e676a1acfb4f0dcc89d95040a0dd29f2b6975855c18986f
- SSDEEP
  
  192:7DKnJZCv6VmbJQC+tFiUdK7ckD4gRXKQx+LQ2CSF:7ViJrtFRdbmXK8+PCw
Score

3^/10
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/nsDialogs.dll
- Size
  
  9KB
- MD5
  
  c10e04dd4ad4277d5adc951bb331c777
- SHA1
  
  b1e30808198a3ae6d6d1cca62df8893dc2a7ad43
- SHA256
  
  e31ad6c6e82e603378cb6b80e67d0e0dcd9cf384e1199ac5a65cb4935680021a
- SHA512
  
  853a5564bf751d40484ea482444c6958457cb4a17fb973cf870f03f201b8b2643be41bccde00f6b2026dc0c3d113e6481b0dc4c7b0f3ae7966d38c92c6b5862e
- SSDEEP
  
  96:hBABCcnl5TKhkfLxSslykcxM2DjDf3GE+Xv8Xav+Yx4VndY7ndS27gA:h6n+0SAfRE+/8ZYxMdqn420
Score

3^/10
behavioral10 behavioral9
- Target
  
  $PLUGINSDIR/nsExec.dll
- Size
  
  6KB
- MD5
  
  acc2b699edfea5bf5aae45aba3a41e96
- SHA1
  
  d2accf4d494e43ceb2cff69abe4dd17147d29cc2
- SHA256
  
  168a974eaa3f588d759db3f47c1a9fdc3494ba1fa1a73a84e5e3b2a4d58abd7e
- SHA512
  
  e29ea10ada98c71a18273b04f44f385b120d4e8473e441ce5748cfa44a23648814f2656f429b85440157988c88de776c6ac008dc38bf09cbb746c230a46c69fe
- SSDEEP
  
  96:M7GUb+YNfwgcr8zyKwZ5S4JxN8BS0ef9/3VI9d0qqyVgNk32E:eKgfwgcr8zylsB49Ud0qJVgNX
Score

3^/10
behavioral11 behavioral12
- Target
  
  $PLUGINSDIR/nsisunz.dll
- Size
  
  40KB
- MD5
  
  5f13dbc378792f23e598079fc1e4422b
- SHA1
  
  5813c05802f15930aa860b8363af2b58426c8adf
- SHA256
  
  6e87ecb7f62039fbb6e7676422d1a5e75a32b90dde6865dcb68ee658ba8df61d
- SHA512
  
  9270635a5294482f49e0292e26d45dd103b85fe27dc163d44531b095c5f9dbde6b904adaf1a888ba3c112a094380394713c796f5195b2566a20f00b42b6578e5
- SSDEEP
  
  384:KExN66Yf2xL5Q4IsjuUjUZfqRDpImexpf88FwHxXvjX3hwlHt6oIfESxSHoOO8n9:O2x64GcVpI3xC8ynToIf1SIOhW4
Score

3^/10
behavioral13 behavioral14
- Target
  
  GetDislike.dll
- Size
  
  9KB
- MD5
  
  fb020f16716b5223ea2b780ea325e8ce
- SHA1
  
  baa32b97a9a8fc28a27cfcb687817f941ada1e20
- SHA256
  
  6fff1326a24e62f51c365bd5ec673f7e96a0eac3fdb4162f71b66c2883b5f07a
- SHA512
  
  54d67050f9abbf395f0354111f4dd799e8e03ba5d49db295b5e29ff429e4cd73ef45af857b47a196bcb241be396e427303d42dd2c8335b9ddb8c357ca26dd2c4
- SSDEEP
  
  96:RSuSJdMF8bkz4gJzPSLOT76mWmFjK6DVC+j41gwzgrf9RSrjLR7JZpWMxz:BSJdk1zx6DqjKq1s1rkuDRNZpWsz
Score

1^/10
behavioral15 behavioral16
- Target
  
  chrome/content/bootstrap.js
- Size
  
  1KB
- MD5
  
  ff4fda0160b37a6eb40a8d1b77a70c9e
- SHA1
  
  ba89f4836c157126a0fd5b7c8df4ef5a1c97761c
- SHA256
  
  40e0ef9fcf79ea2b95fe669280eb663102b6923deb1c9f3afa519440686c08ef
- SHA512
  
  0eaa30b3610c0afd3ddd54e6a082af040b8742d22786ffeab6578f99ce248765fe456e0357ba8a7ad6d01f13365e5a376e1a0d4631ec99f62bb6f8b0f206a2a8
Score

3^/10

execution
behavioral17 behavioral18
- Target
  
  defaults/preferences/prefs.js
- Size
  
  338B
- MD5
  
  cd51152446fb28611e3ae12ac5676bfb
- SHA1
  
  5e3c813bef66e2c9b9b09081467f526349e1d433
- SHA256
  
  7bf9666077d4a9e7212d30a5905183d89f336c17bc9e6e1d593ac367f66d6b00
- SHA512
  
  808939d04b6fb0e0f027302434f106d66a022a1ee4977996f1777a6d1f70818951e50b5433964fa5070fcb35cb7436513de2ddc150fc489b60434034468773e9
Score

3^/10

execution
behavioral19 behavioral20
- Target
  
  Interop.MSHTML.dll
- Size
  
  9.2MB
- MD5
  
  18480506cc267e23f7ebcc6cc17cbe2f
- SHA1
  
  a2babdf6d1a627fa5a9d26b23894d9eed80609ac
- SHA256
  
  47df63818035f3487e687597ee5c891b70732a1bdd5c0a1185851f5c792f8aed
- SHA512
  
  7f3b743aee558ccf4f87df86c40eefe50b558f848fa2f9c0c9a92f1d6750950e7bc27952803e92090cea41c50beac9236f56a429f47e05e05b912ff04185b981
- SSDEEP
  
  196608:gpt+gp+NShkvCS8V6IgGjBEaG666z1kG/pNeTQ+/yoQ1olIYC5yGDdoA6V8MTbMR:gpt+gp+NShkvCS8V6IgGjBEaG666z1kS
Score

1^/10
behavioral21 behavioral22
- Target
  
  Interop.SHDocVw.dll
- Size
  
  136KB
- MD5
  
  8cd665ae51dc38932cddfd65c16675bb
- SHA1
  
  263e0883bcf28e1cd6d9079e1184487c464facd3
- SHA256
  
  473250d7b42980feda0405055cc701af1e586bc8b19fe661a785f4436e47a240
- SHA512
  
  c39057bc2bc9a1f9f7d7708e1c5a17ddd3119fb169d5f95a77fc633418e542381f0a514c5fea90a836695a32fa94c4f369459d2ade6bd77f90607218f46aba2c
- SSDEEP
  
  3072:sPMOxlaVHMhGjIdCf05e7w16BuIJyzEVefgBarctG345ij0FOPQxKbMd2nopSTkc:sMOxlaVHMhGjIdCf05e7w16UIJyzEVeH
Score

1^/10
behavioral23 behavioral24
- Target
  
  bootstrap.js
- Size
  
  311B
- MD5
  
  7b096748c83de271c0b070652ddfe63f
- SHA1
  
  9fabcdb5635d37554516a802beb1476caea2e3b3
- SHA256
  
  aa020cf9bf2ab693bda411efe3540c8e4aad0bcb9015468b9ab1d3edd57bca9a
- SHA512
  
  62fe96ef690509297eb848b92d4c2e3f5416ad137a898c69e3620da5f1447c9b33f946bc18882d69153455dc1086cdc084657d255345c85fa6bf16de7ccf6bec
Score

3^/10

execution
behavioral25 behavioral26
- Target
  
  uninstall.exe
- Size
  
  143KB
- MD5
  
  ab328f909c24657ae5b8b07b43da2796
- SHA1
  
  17116882abbe138a7a92f8a638a14d7571d755d3
- SHA256
  
  719a1cf17c965049d3ed032a3dc206127ec1f256d116d8d361bbd6456064a276
- SHA512
  
  50f0c90690c036377d32b50dadd792b26edc0e41c4f631b1188b3bc15255730f3f4dfe6e7a6eca6cd14e0fa2a9346792434cc87d2d778d862bb4720000b73769
- SSDEEP
  
  3072:ZQIURTXJyK6bSHHHHHJsiZzf7925zQQKK+vI:ZssK6bSHHHHHJsYDBsh+g
Score

7^/10

spyware stealer
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral27 behavioral28
- Target
  
  $PLUGINSDIR/InetLoad.dll
- Size
  
  18KB
- MD5
  
  994669c5737b25c26642c94180e92fa2
- SHA1
  
  d8a1836914a446b0e06881ce1be8631554adafde
- SHA256
  
  bf01a1f272e0daf82df3407690b646e0ff6b2c562e36e47cf177eda71ccb6f6c
- SHA512
  
  d0ab7ca7f890ef9e59015c33e6b400a0a4d1ce0d24599537e09e845f4b953e3ecd44bf3e3cbe584f57c2948743e689ed67d2d40e6caf923bd630886e89c38563
- SSDEEP
  
  384:nUOPTbiJmdztwwKq8W1cyMjPzV0Ac9k+LMkIX1+Gn+XHdjf:nTikliwKq8W1rMjPzz+f
Score

3^/10
behavioral29 behavioral30
- Target
  
  $PLUGINSDIR/nsExec.dll
- Size
  
  6KB
- MD5
  
  acc2b699edfea5bf5aae45aba3a41e96
- SHA1
  
  d2accf4d494e43ceb2cff69abe4dd17147d29cc2
- SHA256
  
  168a974eaa3f588d759db3f47c1a9fdc3494ba1fa1a73a84e5e3b2a4d58abd7e
- SHA512
  
  e29ea10ada98c71a18273b04f44f385b120d4e8473e441ce5748cfa44a23648814f2656f429b85440157988c88de776c6ac008dc38bf09cbb746c230a46c69fe
- SSDEEP
  
  96:M7GUb+YNfwgcr8zyKwZ5S4JxN8BS0ef9/3VI9d0qqyVgNk32E:eKgfwgcr8zylsB49Ud0qJVgNX
Score

3^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

T1059

JavaScript

T1059.007

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

T1552

Credentials In Files

T1552.001

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Data from Local System

T1005

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Loads dropped DLL

Deletes itself

Executes dropped EXE

Loads dropped DLL

Reads user/profile data of web browsers

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32