Overview

overview

7

Static

static

3

2d0e064e29...18.exe

windows7-x64

7

2d0e064e29...18.exe

windows10-2004-x64

7

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

$PROGRAMFI...4_.dll

windows7-x64

1

$PROGRAMFI...4_.dll

windows10-2004-x64

1

$_60_/$_53_.exe

windows7-x64

7

$_60_/$_53_.exe

windows10-2004-x64

7

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$_50_/Cond...ll.exe

windows7-x64

1

$_50_/Cond...ll.exe

windows10-2004-x64

1

$_60_/$_63_.exe

windows7-x64

1

$_60_/$_63_.exe

windows10-2004-x64

1

$_61_.dll

windows7-x64

1

$_61_.dll

windows10-2004-x64

1

$_67_.dll

windows7-x64

1

$_67_.dll

windows10-2004-x64

1

$_71_.dll

windows7-x64

1

$_71_.dll

windows10-2004-x64

1

$_72_.exe

windows7-x64

1

$_72_.exe

windows10-2004-x64

1

$_95_/$_95...0_.dll

windows7-x64

1

$_95_/$_95...0_.dll

windows10-2004-x64

1

uninstall.exe

windows7-x64

1

uninstall.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2d0e064e2960afffc780d170c2393670_JaffaCakes118

  • Size

    2.1MB

  • Sample

    240708-t4391a1akh

  • MD5

    2d0e064e2960afffc780d170c2393670

  • SHA1

    be74bb65bfec01ea2fced240fb7c9598c04c294f

  • SHA256

    7d7ee0e33727d9db6fe70aaf56f3e4ecea1a7a01e4880586384e25ab07e3927d

  • SHA512

    34a3ac0b090bbd22dee9710b61b5ffe2e50a0931a3fea96b7124c11692f114c0045b74956dbf23c6823bc25c1093632ee3d1dc1a798d8c2df0ac3bb2dbf38b14

  • SSDEEP

    49152:s0A5GJt3ehoIBWARgXIqUDHKZNFpO6Lo1e1+5hN5xRpaKm1eo7oLvtn:s0/SK7Mg4tDHOPM6Ly++5vRETxoLvt

Score
7/10

Malware Config

Targets

    • Target

      2d0e064e2960afffc780d170c2393670_JaffaCakes118

    • Size

      2.1MB

    • MD5

      2d0e064e2960afffc780d170c2393670

    • SHA1

      be74bb65bfec01ea2fced240fb7c9598c04c294f

    • SHA256

      7d7ee0e33727d9db6fe70aaf56f3e4ecea1a7a01e4880586384e25ab07e3927d

    • SHA512

      34a3ac0b090bbd22dee9710b61b5ffe2e50a0931a3fea96b7124c11692f114c0045b74956dbf23c6823bc25c1093632ee3d1dc1a798d8c2df0ac3bb2dbf38b14

    • SSDEEP

      49152:s0A5GJt3ehoIBWARgXIqUDHKZNFpO6Lo1e1+5hN5xRpaKm1eo7oLvtn:s0/SK7Mg4tDHOPM6Ly++5vRETxoLvt

    Score
    7/10

    • Loads dropped DLL

    behavioral1behavioral2

    • Target

      $PLUGINSDIR/System.dll

    • Size

      11KB

    • MD5

      301a9c8739ed3ed955a1bdc472d26f32

    • SHA1

      a830ab9ae6e8d046b7ab2611bea7a0a681f29a43

    • SHA256

      6ec9fde89f067b1807325b05089c3ae4822ce7640d78e6f32dbe52f582de1d92

    • SHA512

      41d88489ecb5ec64191493a1ed2ed7095678955d9fa72cccea2ae76dd794e62e7b5bd3aa2c313fb4bdf41c2f89f29e4cafe43d564ecad80fce1bf0a240b1e094

    • SSDEEP

      192:hCPej3uzvJwqJMQKN4GbeWZksMI4ETWcEbcBZ8ep2Kra7yAG:hCQ2HgN4GbeWmbI4Eybogia7yA

    Score
    3/10
    behavioral3behavioral4

    • Target

      $PLUGINSDIR/nsDialogs.dll

    • Size

      9KB

    • MD5

      b0165587c54350b6c9910e765f16ad9e

    • SHA1

      fd81de9f3b1dd8d6cfa8621fddf9f93c29b4710f

    • SHA256

      26006c739057373f948b11892f40b0cc686c6c97c448f79447856421f9a15563

    • SHA512

      2f69354fd433eec277a804124f5c476fd645270b89af3db22ed45b599cdf251cfccdc3c642b8893078748a0a674676ea28c5fe5b471a633de7301c6a6646295b

    • SSDEEP

      192:bzQhZDqlJcKISw99ioU3MSfwLF/+nhHUOFsdz:bzoZDGKYw9goWyFGBUVz

    Score
    3/10
    behavioral5behavioral6

    • Target

      $PROGRAMFILES/$_34_/$_44_

    • Size

      4.0MB

    • MD5

      e56349da176df943885053367da2e539

    • SHA1

      1b279991969dfb1db2b039900503446d0e2cb13f

    • SHA256

      845dd0a0bcbe7b5bd58371c183621ca3bd558ce5798d87e5bb7a56e70300a310

    • SHA512

      70b2633b9afca366c4c2ab5377b9441ad6c23637090599ebe86de6d11d849f1daf5c7c0c6c182c7568654c01a36ba6d32899d36191a42df476b220d12e190537

    • SSDEEP

      49152:KWBQmJdIadQGz+ueYT6zPo7RtwGdSLHaQ2gzVQMrd/yBSaB921QuKHvR:KWBHJdxVCJYT6zPCRtwGd2yBRZ

    Score
    1/10
    behavioral7behavioral8

    • Target

      $_60_/$_53_

    • Size

      223KB

    • MD5

      9a454152a45bf27b34227d0b39718733

    • SHA1

      364587690a3a641d7a126e4e5cc8b973c7b8a44c

    • SHA256

      d178e5558a5dfa78d1031ca2841feb925fea52f32c61e9787c3f9f9e5056b5b8

    • SHA512

      263c0144c5deb480748bb56b41b5b7053bd2c61579f09b8d69bb9f2fd714dba3fc84c9709656df35db229b6cc35a316b1b9e07431fc1bab57736dea423b94e8d

    • SSDEEP

      3072:juszWOITsEL50jl7ylMmRxnFm9y7uiR80ogveIlKdP5ilMn4PsWV:RzZZRe5Fm9y7lRi0eId21WV

    Score
    7/10

    • Loads dropped DLL

    behavioral10behavioral9

    • Target

      $PLUGINSDIR/System.dll

    • Size

      11KB

    • MD5

      959ea64598b9a3e494c00e8fa793be7e

    • SHA1

      40f284a3b92c2f04b1038def79579d4b3d066ee0

    • SHA256

      03cd57ab00236c753e7ddeee8ee1c10839ace7c426769982365531042e1f6f8b

    • SHA512

      5e765e090f712beffce40c5264674f430b08719940d66e3a4d4a516fd4ade859f7853f614d9d6bbb602780de54e11110d66dbb0f9ca20ef6096ede531f9f6d64

    • SSDEEP

      192:sRer7uivwq1XpKs4FVWSjMd8tIg2cREbyCsZ8q2R4Sy+Xe:s67Xws4FVWig86/5eCBqSy+Xe

    Score
    3/10
    behavioral11behavioral12

    • Target

      $_50_/ConduitEngineUninstall.exe

    • Size

      91KB

    • MD5

      b7754d6963c1ae4fa66f60605618fd7a

    • SHA1

      0ed4c25e4292e37e4177c5c6aaaa36f481414315

    • SHA256

      6abdb58c8a6d7655ac92c930f9ea089d46711aca52bae03e6be5c2b4d518c591

    • SHA512

      ff939e122abb7da11b7fdd73f2104afff8a46d164fce58f3d9946c287d1aec891ae46ce2d730990644ab5679d526177a8b01d848caa0250f3f035befb7700370

    • SSDEEP

      1536:SB90U1UiR5bLnjirz8M0oVjyfMIeIlKdP5iV1lMnC9T7KCg/:S7uiR80ogveIlKdP5ilMn4Ps

    Score
    1/10
    behavioral13behavioral14

    • Target

      $_60_/$_63_

    • Size

      64KB

    • MD5

      da11d78d765e4b8fa4cfa5a37e8a94ff

    • SHA1

      e5ad99ce7c7362ca566156033ecb0f04f9437ca7

    • SHA256

      e152f6b71f0ea5825e243910d2f12f7493cb358833aa3be83c8502f1f17a9b30

    • SHA512

      c6f531881fb6b24321cedf2b61a28d36708fa551954084c130a7d22e00175922fcc04f3ea89e4dd8435be8ac07d22f0c71ac4183cfb9c920cb3d2011e784cde8

    • SSDEEP

      768:MFlitnd/W0NhQPQVbv+zBe8Tcr+BR2xSS4Tf9GwTryQunOQS5wOROLh6bCg/ib:8i37VbvT8Tcr3VwSnOQSqOROgCg/ib

    Score
    1/10
    behavioral15behavioral16

    • Target

      $_61_

    • Size

      172KB

    • MD5

      d344cc84609a807ce92187c9662d392b

    • SHA1

      8531c2fb7d1e749a90a2b940bf53a40d089ed421

    • SHA256

      3b2c33bacfe50cb378daf5d06f84de603ab5569232224ecc942f2e779702eef5

    • SHA512

      a722e757a75ded6359c4e31b4aa21be0d60289a97eb401c58db9cf8ff9a4402e068fbf15ad068597f44f751fa6a502b4493ad2ec4b5a60111c7a7d09bf2cbd3c

    • SSDEEP

      3072:CdF1aM/cjQATw36OidOmFuZcDhohRrZH4JN75oPaXQaJRK1ZNf:KFKFvRFu6Dhox4O2W7Nf

    Score
    1/10
    behavioral17behavioral18

    • Target

      $_67_

    • Size

      248KB

    • MD5

      0fb57d0f19daa0e52fbdae34bdf7c049

    • SHA1

      37e166e756a9ab25af72b1b3281b9bc189818a47

    • SHA256

      f71234d01a52a8a0a0bc4dd1ec9e4ec72d73fc6ab175c694fe58599f6d5349a7

    • SHA512

      7cb73619a5ac91d04b6ac8f5301f229b4d9deb8080e108b6086fd0776f97bebff3b77bda54de2a86b7ae182531ec75bb084169970ebd1eed531de08a8225dae4

    • SSDEEP

      6144:/SFd1OfS4sZ9buR2Qq2IC3wbrSFOW2cKe:/Sv42IjxIC3wbrSjKe

    Score
    1/10
    behavioral19behavioral20

    • Target

      $_71_

    • Size

      4.0MB

    • MD5

      e56349da176df943885053367da2e539

    • SHA1

      1b279991969dfb1db2b039900503446d0e2cb13f

    • SHA256

      845dd0a0bcbe7b5bd58371c183621ca3bd558ce5798d87e5bb7a56e70300a310

    • SHA512

      70b2633b9afca366c4c2ab5377b9441ad6c23637090599ebe86de6d11d849f1daf5c7c0c6c182c7568654c01a36ba6d32899d36191a42df476b220d12e190537

    • SSDEEP

      49152:KWBQmJdIadQGz+ueYT6zPo7RtwGdSLHaQ2gzVQMrd/yBSaB921QuKHvR:KWBHJdxVCJYT6zPCRtwGd2yBRZ

    Score
    1/10
    behavioral21behavioral22

    • Target

      $_72_

    • Size

      64KB

    • MD5

      da11d78d765e4b8fa4cfa5a37e8a94ff

    • SHA1

      e5ad99ce7c7362ca566156033ecb0f04f9437ca7

    • SHA256

      e152f6b71f0ea5825e243910d2f12f7493cb358833aa3be83c8502f1f17a9b30

    • SHA512

      c6f531881fb6b24321cedf2b61a28d36708fa551954084c130a7d22e00175922fcc04f3ea89e4dd8435be8ac07d22f0c71ac4183cfb9c920cb3d2011e784cde8

    • SSDEEP

      768:MFlitnd/W0NhQPQVbv+zBe8Tcr+BR2xSS4Tf9GwTryQunOQS5wOROLh6bCg/ib:8i37VbvT8Tcr3VwSnOQSqOROgCg/ib

    Score
    1/10
    behavioral23behavioral24

    • Target

      $_95_/$_95_/$_100_

    • Size

      620KB

    • MD5

      775d1655dcef4aa65ebf89e744e511a0

    • SHA1

      664270a860ddb3d6f23f617d0615070330a71a30

    • SHA256

      77534e52f8b0165e1230625fd7b938a88cfa6c965053e88ee47406e7f3e5dfb7

    • SHA512

      ea7c366fc7f7bdbc20059007f0cbe2960be2ac07416488e47ac1b4ea06e130f3ec64377b86c0d5618858eedb32219c17936a2e5a0fa6bcf1683d181803a59c01

    • SSDEEP

      12288:0mS9LkU6RYB/RHdkd+l66dvxcyxgxkSkWtSgFPIxGy9CaRKahB:tS9LkqB5dy+lvdvBdWbFwxGyUaR5hB

    Score
    1/10
    behavioral25behavioral26

    • Target

      uninstall.exe

    • Size

      91KB

    • MD5

      b7754d6963c1ae4fa66f60605618fd7a

    • SHA1

      0ed4c25e4292e37e4177c5c6aaaa36f481414315

    • SHA256

      6abdb58c8a6d7655ac92c930f9ea089d46711aca52bae03e6be5c2b4d518c591

    • SHA512

      ff939e122abb7da11b7fdd73f2104afff8a46d164fce58f3d9946c287d1aec891ae46ce2d730990644ab5679d526177a8b01d848caa0250f3f035befb7700370

    • SSDEEP

      1536:SB90U1UiR5bLnjirz8M0oVjyfMIeIlKdP5iV1lMnC9T7KCg/:S7uiR80ogveIlKdP5ilMn4Ps

    Score
    1/10
    behavioral27behavioral28

MITRE ATT&CK Enterprise v15

Tasks