f59a0825984ea11cd97e57308e28430b669e6ee88b0583cdb3a350ac9f585f26 | Triage

Sharing

General

Target

33d616c316b8845c6ea9023d6a6c36fe_JaffaCakes118
Size

2.4MB
Sample

240710-jkl69svenn
MD5

33d616c316b8845c6ea9023d6a6c36fe
SHA1

625bcf804685490081349fba6b70694fc185ec61
SHA256

f59a0825984ea11cd97e57308e28430b669e6ee88b0583cdb3a350ac9f585f26
SHA512

3f14a3ac3051025afc0c508cb4fb3d6c45d3bac7663210c0918fc6758e1f9d489a06c1cbbb95bb940f83bc12c34c1d818666b61a7c8d9bc067a0e9630bbd03b7
SSDEEP

49152:TQhCtq9WaBOTBMR5U+NmqB/vnxE8bt38Q/kckQhvHe77+Q1QOie8dBtn+G2DdiL4:MhCtqz9vlBnxEaGQuCkbliekb+G2iPwB

Score

7^/10

upx

Malware Config

Targets

- Target
  
  33d616c316b8845c6ea9023d6a6c36fe_JaffaCakes118
- Size
  
  2.4MB
- MD5
  
  33d616c316b8845c6ea9023d6a6c36fe
- SHA1
  
  625bcf804685490081349fba6b70694fc185ec61
- SHA256
  
  f59a0825984ea11cd97e57308e28430b669e6ee88b0583cdb3a350ac9f585f26
- SHA512
  
  3f14a3ac3051025afc0c508cb4fb3d6c45d3bac7663210c0918fc6758e1f9d489a06c1cbbb95bb940f83bc12c34c1d818666b61a7c8d9bc067a0e9630bbd03b7
- SSDEEP
  
  49152:TQhCtq9WaBOTBMR5U+NmqB/vnxE8bt38Q/kckQhvHe77+Q1QOie8dBtn+G2DdiL4:MhCtqz9vlBnxEaGQuCkbliekb+G2iPwB
Score

1^/10
behavioral1 behavioral2
- Target
  
  AudioEditor2.dll
- Size
  
  273KB
- MD5
  
  783664a19808a023fb8ec6cc4e868ef6
- SHA1
  
  a8ed9a1fe4eee29fe2fdbf57b1ac7feea2742e2d
- SHA256
  
  7a4b6227beb14a71aa00de0c40532a496efcbd97741f086ea4716ebaa8987949
- SHA512
  
  45bfbb34667677899184c49a073a000a3b947b03e6af363d56532f31372198a48f232b80147e4802397c3256ee8da248560670ac307d3ddaf63a60b330bf6a24
- SSDEEP
  
  6144:IhTKfAOgaHGNLLMFLyie/mhjefg0oFrPG9vHZp4uuGKJ:IhTKfAOTGNEFL0O95FrPG9P
Score

7^/10

upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral3 behavioral4
- Target
  
  AudioFile2.dll
- Size
  
  522KB
- MD5
  
  93e0daf8e258f6f344b37d680f67e46d
- SHA1
  
  42721b5e89c2b587e1a9079fd720164dce1d3963
- SHA256
  
  c54b016478e035d5b4fce090fd20ea416436bda9d58b1e95b58e044c73d1d21d
- SHA512
  
  a04d0370c86462edbe7f772f3322e26c429b93ec0be697f1fcfd2abbfe82331afc4f66eda86ebc71384bf4e6264e76e7c9612e7bcd2c8006949cfef40eefc1ff
- SSDEEP
  
  12288:Z7CPu8W0QlOMcq2sfo5QmhPFHmbNOtoCCVels+NCWfU/FgLX:Z7CPBolOhqV+MbNOor4lb+gLX
Score

7^/10

upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral5 behavioral6
- Target
  
  AudioInformation2.dll
- Size
  
  243KB
- MD5
  
  9eb124ee7c07d9f3cfe36eb9da315f9b
- SHA1
  
  f0b0f1d7c73a1ece091dcf9fbe5a5464417bf48e
- SHA256
  
  0ebefd011a2e859145a96eaaac4a1293d42165d535e017c9047401d467679ce3
- SHA512
  
  3373c3e64cbfef2c1c9c9cde0754e85730f8ae94e9d6a4346c2031b2382c531b122177e4f52c2ba517c2a1d09b82cb87fd6815cc6af2fdfa75611ee047e5b621
- SSDEEP
  
  6144:gROqw+3Qk4BZQeGMSny19gvbKBzqpRR9u57:p4kZQOSnU9gvdR9w
Score

7^/10

upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral7 behavioral8
- Target
  
  AudioPlayer2.dll
- Size
  
  134KB
- MD5
  
  4a96caf10634139a52003bef4a5e7d8f
- SHA1
  
  f482a6fc430c31c130b44f48eaca393a2bebdae6
- SHA256
  
  8b8cd5eb7bc69b1a6b19be4624c0395bd6e84d15befa8c3df988f0ebcdf1f890
- SHA512
  
  a6171b786682257eee477e5512cd61657feb410516c318e781e675de27f18de02ed990abb5811ab0f1d53a82d4884a2d56b8162657844d96e0eba170da67fa47
- SSDEEP
  
  3072:ssXnKlcGv08rvbcKr2N81YTYmqRDz5Mk9G1JAo:PnKWGHrDlrH+T0JC1i
Score

7^/10

upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral10 behavioral9
- Target
  
  AudioRecord2.dll
- Size
  
  135KB
- MD5
  
  b18997a40c684f14618380c4349ed7e7
- SHA1
  
  054d59d22806ef5d660e41bf7fe3a8e4f7095de4
- SHA256
  
  d39bb6e1ab02cd97753fa919fe0be4c46a43eaeede44a16ad70337ffd94f3a9e
- SHA512
  
  170e941192641ee54799b9f347d70d18dd62655ceec83b3051b064440da2d94e27bd9583bb670585f1d0b235ee7df8fb507cd31b6771e3325a40ee6331d41c2b
- SSDEEP
  
  3072:WgRQ11IhJsfPgr99fMDS4SaCHPAJ79Rn3XvfLeJsTx2uU:WgOIhJsi9UD5SdAJ/HvDeJsT2
Score

7^/10

upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral11 behavioral12
- Target
  
  AudioTransform2.dll
- Size
  
  186KB
- MD5
  
  f733edd76577dc862a1cedd1c363cbd7
- SHA1
  
  235f7c275357dc87a0658345043d8c5ca3f0b1fd
- SHA256
  
  8ba4a76b782124122eacf538e10de788db6c6b01e5964f14ae455508aa2482fa
- SHA512
  
  c6264685084b98f189df9fa13025199d8d174235a8284712df98b633d2da7d62f5fc5e39840cf6a6aed2fed5fcce82764cb4d1bd46cb66d6eff72af39a7513a8
- SSDEEP
  
  3072:jNuHndcClwbLJYPhquJSGfc19vJz4QPoEypSRlPod0cqx4JQJ9lCWQp5EddeDxVF:oHndOQhvJSGE19vcoXK8oQJ9lCRDuYlV
Score

7^/10

upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral13 behavioral14
- Target
  
  AudioVisualization2.dll
- Size
  
  142KB
- MD5
  
  0a827a6b17ca3529cd19ac1db3545224
- SHA1
  
  5c69b6a46f2da8210a93b95d4b9e5c28ef83708a
- SHA256
  
  d61180f17243d6af5fbcbae45441093d7c76aeb5fa997199d01e875d2e5ed548
- SHA512
  
  2fcc8713636bee60a47b4b64f0cf6905ce288783ef92d01d37f5334ac55efa4627a538724cedb23a2570a5cca5997a8d17563686e9257c0cc3c1580ab6d8cb38
- SSDEEP
  
  3072:I7uesvAjPjxhJRpWHBpPygR7T+pQztFGxQJ13P1ua88TcG6JVJSCHn:yu9ojfJRpaBUGy+1usToJ6Mn
Score

7^/10

upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral15 behavioral16
- Target
  
  Uninstall.exe
- Size
  
  48KB
- MD5
  
  ddaf91d2382fdf1216f149ef6995218c
- SHA1
  
  613eafb979fe76ef57d4620da3405e3a3ee524a2
- SHA256
  
  e23be80bfa1661020f0b1210c082cb45bbf7908e1c315a09a21540601179ca0d
- SHA512
  
  e26e63c99a9121f6c289271d526726a751528bb2cce91b22ad408f91257c99f6d3dd0b21ad95b7785c57a4a1f5ae1e7a02255df9c8df31f4845f5f5166f2ef91
- SSDEEP
  
  768:k9qrF6FbV5v+rf2C+9ReyFJefClbu9svHtLE8JWj+eJRn5Am6kRRJ2iZ3igvDO:k8rF6Fjs2Buk40uJ8JlqAELVigvC
Score

7^/10
- Executes dropped EXE
- Loads dropped DLL
behavioral17 behavioral18
- Target
  
  WMAFile2.dll
- Size
  
  88KB
- MD5
  
  bb5e6369e45368332e74553795962dcb
- SHA1
  
  febdfbfd8ca294127a796a4b194600cb7c54b6c4
- SHA256
  
  0ff7919184358b6a05a515fa6bb0f3609782db152a8b196733b0f4e1840c234c
- SHA512
  
  86f244c91e2768af13dd42df63d49eb3f81c5252d35dca233509b10d1b1ff6c65b5a6a1c0c9ff8d80925462cff2a64d609def0dd62b4626147575699cd6b2ef2
- SSDEEP
  
  1536:s2v4lpOg99Irm2HHuw1vhh+B2LxlOjujPd/XF98J/TRqbSaAudXIEc4q3:s2wxzyuwXhmbGPd/HATHuGD4A
Score

7^/10

upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral19 behavioral20
- Target
  
  audioeditor.chm
- Size
  
  13KB
- MD5
  
  6d2f20d2d795a36d4610b912387e3711
- SHA1
  
  ae535920e59fd6cab6c47d16a053340e1f3a9365
- SHA256
  
  ca2a78d3b3fcc7746dff6db326e35bb7c9c96c30716daa23beaa03d7d633f3c9
- SHA512
  
  6863e193fba55469ee7f2454a14aeedb236ed7f84e4ea96fabd61d0c1e7b13584b3ac75c21794d77142d1d74c15b2f00b371ce77a1db8342172fc2168f2012cf
- SSDEEP
  
  96:VaMkXITUzfRN6pC7mcJGAVsq/TYdLhBbpTxO67DEy8eSG+nWW55mVbyG1SKHSeKE:VaXCUzfL649c2md26/EJFBU5/KE
Score

1^/10
behavioral21 behavioral22
- Target
  
  audioeditor.exe
- Size
  
  1.1MB
- MD5
  
  786bf9423df05b88e7908b50683b291c
- SHA1
  
  43062acb1e66fbc2891f588c43fe470b200acbab
- SHA256
  
  f4ba1cfd2f746669dc749a1a2966aa9c26fb82d6b7eb0bf48f6121c21c228d9e
- SHA512
  
  eb3454ec9377b33df8b700ce82b0a28f0f899f4c2a4d3202a2eee3ad7a95bd5b1a6ef812836b4dd6d767b7a325f9e1e7460dfaa031645dff880338017b7c92b5
- SSDEEP
  
  12288:uuJXIeYHVAFefiERzyC7lPt3I6InGlqCqQly/8nEZ2QUa9OecNpi:54eYHVAFefrRzyQ9I6IUdEHDUa9Orr
Score

7^/10

upx
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral23 behavioral24
- Target
  
  lame_enc.dll
- Size
  
  232KB
- MD5
  
  aced3cc66b2940055763837783597c81
- SHA1
  
  47c2fd4e5666ec463c3a1b035f44ffe54ed596af
- SHA256
  
  54ec306be159a8626f5b80350a3ef2d950f72b85d068bd1db3abf03a04109de0
- SHA512
  
  6e107bdb6ef20064fc825191db2f96a9434ceeb30d6a4f9bf54308cac28a324752a7a36e9ca2cb520a5615ef0ff7cc15ee49383bc17a48bf0761b4c5097978d3
- SSDEEP
  
  6144:/ntXY/ZE8glYQz0bkDCgdXug4amHUaaZZZZZYRcNj:/ntCZdg2Vb2d/7aXamc
Score

3^/10
behavioral25 behavioral26
- Target
  
  licensencheck.dll
- Size
  
  185KB
- MD5
  
  4a957152663883813687a89356ed5a97
- SHA1
  
  8bf7b08b166480a44b7ef69c1ced49115604920d
- SHA256
  
  31ebcb24d81879023a418fa4e0a213d06ed3b742a3f330d20ec4e6e539f78ca4
- SHA512
  
  baef578257d82e46c7c58742d6d604e4267d60c247d4160692c6a3cc6a0aff05d42ce0de67ebd6305d52af0d858db1d1aa5f367a1e28ba67ab901f01882b381b
- SSDEEP
  
  3072:IO/LLXi+OzHbsmUxqOoTwPHW/7Jsn/P0L/giZglikiHViV10x1XBwOhv4MQyj0:n/LLXipiqF17k/P0F0iwmB6y
Score

7^/10

upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral27 behavioral28

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28