a800e519e6989f9500ef24e47cdafe7e9c3aad6f0e808799ca5e86d6c0945a43

Sharing

Copy URL

Twitter E-mail

General

Target

38756ece952ccc136c5a3c94162b343f_JaffaCakes118
Size

649KB
Sample

240711-kshdqa1flh
MD5

38756ece952ccc136c5a3c94162b343f
SHA1

2162118d07092c8f772524d58cf8965c3778bb68
SHA256

a800e519e6989f9500ef24e47cdafe7e9c3aad6f0e808799ca5e86d6c0945a43
SHA512

a3c6eba859741ef446215214b4c43a2a08d0397ecb6e974f275ba1db5d6d4cde0d4452ebe3cbee81df7532e0df03f02c2f56cb23b1aa01fac7b1677662ec9755
SSDEEP

12288:4uWfUfKDXrC01g4REutdFANihZ87gOQmmKZ9ydhTE3W6h45WW6WS:4uOU8Ch4RdFAgQ7VnZyY3WKWS

Score

7^/10

Malware Config

Targets

- Target
  
  38756ece952ccc136c5a3c94162b343f_JaffaCakes118
- Size
  
  649KB
- MD5
  
  38756ece952ccc136c5a3c94162b343f
- SHA1
  
  2162118d07092c8f772524d58cf8965c3778bb68
- SHA256
  
  a800e519e6989f9500ef24e47cdafe7e9c3aad6f0e808799ca5e86d6c0945a43
- SHA512
  
  a3c6eba859741ef446215214b4c43a2a08d0397ecb6e974f275ba1db5d6d4cde0d4452ebe3cbee81df7532e0df03f02c2f56cb23b1aa01fac7b1677662ec9755
- SSDEEP
  
  12288:4uWfUfKDXrC01g4REutdFANihZ87gOQmmKZ9ydhTE3W6h45WW6WS:4uOU8Ch4RdFAgQ7VnZyY3WKWS
Score

7^/10
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  $LOCALAPPDATA/RavenBleuSA/bin/1.0.13.0/$OUTDIR/RavenBleuUninstaller.exe
- Size
  
  139KB
- MD5
  
  8158d8c4808cbb76e5e3f219df862297
- SHA1
  
  9614fc01763dab8cbb9cd93fb551343e52fcee2f
- SHA256
  
  d7a703bdc04486fef208e19880d4a5437d2e7dd983d3d722e897ac0e42a5ba4d
- SHA512
  
  b103e53f465d365c3cf17fdc395b3bc5c9173703dc40862c873f0081f2e422b72f5e7301b596145483d09ddeb13a855c415e5a1d45ebbe38cc08e1cd7d88e1dd
- SSDEEP
  
  3072:nQIURTXJHgueJef7JtOafRypSf3DKr8TStq8duqTe1rXrQX:nsCPG7J34pS2riStq1TxrQX
Score

7^/10
- Executes dropped EXE
- Loads dropped DLL
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/Install.dll
- Size
  
  258KB
- MD5
  
  7b915d6227d9f4dfe30b9f979f5976e7
- SHA1
  
  6157749d1e4432227d226457b247472f0b9697a8
- SHA256
  
  4b74e01dc6fbdf0fad39e6e68a498dfa7708098a87d945ae0da1b8a20fb272cb
- SHA512
  
  8f6b3e14a0f505eaf3be21dd1d0ca022e9006bf599d03f0d7cd54c61514b79236f2b3b7333107902b3d72c9ad2a7255b184137c9836b2d0d5ce3ef4459461a88
- SSDEEP
  
  3072:QrszqM+KaRtkXTQKiW5pSMTIY2RayNTOZ8tFNF5Rao1iv3/PmBGUr8ak4WYOMnV1:RzqzXEftTgRayNyZO5rA3/+ludMnL
Score

1^/10
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  11KB
- MD5
  
  c17103ae9072a06da581dec998343fc1
- SHA1
  
  b72148c6bdfaada8b8c3f950e610ee7cf1da1f8d
- SHA256
  
  dc58d8ad81cacb0c1ed72e33bff8f23ea40b5252b5bb55d393a0903e6819ae2f
- SHA512
  
  d32a71aaef18e993f28096d536e41c4d016850721b31171513ce28bbd805a54fd290b7c3e9d935f72e676a1acfb4f0dcc89d95040a0dd29f2b6975855c18986f
- SSDEEP
  
  192:7DKnJZCv6VmbJQC+tFiUdK7ckD4gRXKQx+LQ2CSF:7ViJrtFRdbmXK8+PCw
Score

3^/10
behavioral7 behavioral8
- Target
  
  $LOCALAPPDATA/RavenBleuSA/bin/1.0.13.0/RavenBleuSA.exe
- Size
  
  764KB
- MD5
  
  995bf4913243264269bdbdf64b51f94b
- SHA1
  
  7900da0497452d6ae674a600d8d4d07eb6aca750
- SHA256
  
  cb87f79e5c9245b6d361ad598996efd2482f0edbc9fb4ebc6ac1217c1be76234
- SHA512
  
  279cdae4bb0adbdc5479f84171077ef7e2a522e84f2c6029c35392c19557844093d49a5f7836a792865ba6a5f6ddad162b521a3fdead5762dd2e5b5e8498dd1d
- SSDEEP
  
  12288:Crwkx1c6HZa3XNGB56PKr3WnQMHb/QPT1emBMuv60QxtXi4TadwdIwT2:Crwkv3D56PKr8Z/mT1LBMuvQxUmadvC2
Score

6^/10
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral10 behavioral9
- Target
  
  $LOCALAPPDATA/RavenBleuSA/bin/1.0.13.0/RavenBleuSACB.exe
- Size
  
  260KB
- MD5
  
  108df2be364ec7c3e9417cb7caf9aadf
- SHA1
  
  cb0703e409bbd28c7041cbc66ad074b34a39a25f
- SHA256
  
  ded374297284ce9a524743d9d9730bfd7a787bebc0cf7acf4dabfd55a8c05d2f
- SHA512
  
  1cb271acfce9e17d39df873fb619f52166c23d4027c7e1e285dcc497e38cd4dfdbf3b5d3847eee8e2c294362f2b9df9b03c62fa130454063364d77f290f1a812
- SSDEEP
  
  6144:tpohDE3wfcDmz/IMXoT6R0gSTic8opzaYvxmI74:ohAgf+mz/IkoT6ROTic8oPJf
Score

1^/10
behavioral11 behavioral12
- Target
  
  $LOCALAPPDATA/RavenBleuSA/bin/1.0.13.0/RavenBleuSAHook.dll
- Size
  
  140KB
- MD5
  
  2cef6cc7b42725191689e9b7ecd69cf3
- SHA1
  
  09047798f121493295dbf9b1c2e51ab95fc52954
- SHA256
  
  34cbaf88ee8bc9d8babf8126016aa78ff35a2cfb637269ddcd66ffd91a39eabf
- SHA512
  
  6e8dcd20be46043ac7a2c5a07564c4116496aa471d0efc45499b34199f83853b7446d2489dcd73c7a41d182e0f1ad5cea6fd3726e66e2481a7a1a41380c5f9e9
- SSDEEP
  
  3072:/dhC5CQk9kEGpfWGCkjiXptD3brxNXlvkH8htRFsmn:Fh4Cl9tG1bpYtTb1N5
Score

1^/10
behavioral13 behavioral14
- Target
  
  $PLUGINSDIR/Install.dll
- Size
  
  258KB
- MD5
  
  7b915d6227d9f4dfe30b9f979f5976e7
- SHA1
  
  6157749d1e4432227d226457b247472f0b9697a8
- SHA256
  
  4b74e01dc6fbdf0fad39e6e68a498dfa7708098a87d945ae0da1b8a20fb272cb
- SHA512
  
  8f6b3e14a0f505eaf3be21dd1d0ca022e9006bf599d03f0d7cd54c61514b79236f2b3b7333107902b3d72c9ad2a7255b184137c9836b2d0d5ce3ef4459461a88
- SSDEEP
  
  3072:QrszqM+KaRtkXTQKiW5pSMTIY2RayNTOZ8tFNF5Rao1iv3/PmBGUr8ak4WYOMnV1:RzqzXEftTgRayNyZO5rA3/+ludMnL
Score

1^/10
behavioral15 behavioral16
- Target
  
  $PLUGINSDIR/LaunchHelp.dll
- Size
  
  66KB
- MD5
  
  70dd6708ae72686b372579d82e77ea91
- SHA1
  
  bfd7885d5de6c2f0eeefacd51d902a527ddea06c
- SHA256
  
  73637709cf3011256c85a1663f6ceeac86985575e94a49c0f3667b1603e78fb8
- SHA512
  
  317b842faafc7a45a234074d0c5cd93ce81a6fbb3dacc04842d7d94ced468fd24bd197020203382a2114efc77571e05e34ac635f34b69dc1a0ecf8f269b45d2a
- SSDEEP
  
  768:0AVPzAnhYtIvY/09Xa/k1ZfEkO9QNxhJOfLYwLgEnBC/tkeeX+AiOUEDInqUC3K7:0GzrtIiMjHQfLYwLJnI/tkzWJCS
Score

1^/10
behavioral17 behavioral18
- Target
  
  $PLUGINSDIR/Setup.dll
- Size
  
  70KB
- MD5
  
  cbcc35c932b856814c67c8629295ea1c
- SHA1
  
  79a0b7dd1deec46c99ebde57b015d18c5265e65a
- SHA256
  
  d9efa9e110f991295cf8daff05307b603a82d009143860591e38d9f9755a97ac
- SHA512
  
  4de2d690817f6775168169283f11910f1a4d24aa4c86fe26442f7af7e12e91a6140256f12cec38480d809648a5a13a1d8077075c0e767b12924a90d0c8f95827
- SSDEEP
  
  1536:Y6p+8HGenOtDZinvp2oYeOn+jidvjw5yok3BK7MX:YWvEveOpd80vBK7M
Score

1^/10
behavioral19 behavioral20
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  11KB
- MD5
  
  c17103ae9072a06da581dec998343fc1
- SHA1
  
  b72148c6bdfaada8b8c3f950e610ee7cf1da1f8d
- SHA256
  
  dc58d8ad81cacb0c1ed72e33bff8f23ea40b5252b5bb55d393a0903e6819ae2f
- SHA512
  
  d32a71aaef18e993f28096d536e41c4d016850721b31171513ce28bbd805a54fd290b7c3e9d935f72e676a1acfb4f0dcc89d95040a0dd29f2b6975855c18986f
- SSDEEP
  
  192:7DKnJZCv6VmbJQC+tFiUdK7ckD4gRXKQx+LQ2CSF:7ViJrtFRdbmXK8+PCw
Score

3^/10
behavioral21 behavioral22
- Target
  
  $PLUGINSDIR/inetc.dll
- Size
  
  72KB
- MD5
  
  db6fa5497746c30f657d4f5273d4cf9d
- SHA1
  
  097b939914f2f12f5cfb7648359d0c6d95deb0ae
- SHA256
  
  c7d9989d927b4e0622983bb1fabe26d0c8a45c217b93f837e1855af76edb040a
- SHA512
  
  75d19d6161ac4648855b197ff02e326bd4b751e00e3ebbbb054124af50f89827c0f7676ed7ef6f8613f0027e999720229e2ebac28f156e57993d83bc7f318558
- SSDEEP
  
  768:wMWMshg75NF64QY04Xod0YmS4uYjHIyUg5luHT3W/Ipz6BTpeRpl/i5kUykfIq:washg44k44mnjHIigHTW/Ip0TpMy5/
Score

3^/10
behavioral23 behavioral24

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Peripheral Device Discovery

T1120

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Loads dropped DLL

Executes dropped EXE

Loads dropped DLL

Enumerates connected drives

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24