d34bb6bf1ccc0ce74188aeac4527392967f130f03b77d1e8767dee02106fa235

Sharing

Copy URL

Twitter E-mail

General

Target

3bf205072839f778ba5681724a17ca7e_JaffaCakes118
Size

3.6MB
Sample

240712-esttvsyajm
MD5

3bf205072839f778ba5681724a17ca7e
SHA1

0d911c1a8310b8733e9ef950b05400bfa1ec5f17
SHA256

d34bb6bf1ccc0ce74188aeac4527392967f130f03b77d1e8767dee02106fa235
SHA512

c0506c5ca70cf0a24c19bc6c8d2934d96e8c9f44b3693938f28126dd7344b76837ae9e77003a6d4a572977ad68de494782b31597ca33d0f15c435623eed8c3fb
SSDEEP

98304:suFw+M2jxvAZ8UyYndpqJ361qnj/awJgZsVe56My:suFw+PtYmYndcpi6ZVA6h

Score

7^/10

adware stealer

Malware Config

Targets

- Target
  
  3bf205072839f778ba5681724a17ca7e_JaffaCakes118
- Size
  
  3.6MB
- MD5
  
  3bf205072839f778ba5681724a17ca7e
- SHA1
  
  0d911c1a8310b8733e9ef950b05400bfa1ec5f17
- SHA256
  
  d34bb6bf1ccc0ce74188aeac4527392967f130f03b77d1e8767dee02106fa235
- SHA512
  
  c0506c5ca70cf0a24c19bc6c8d2934d96e8c9f44b3693938f28126dd7344b76837ae9e77003a6d4a572977ad68de494782b31597ca33d0f15c435623eed8c3fb
- SSDEEP
  
  98304:suFw+M2jxvAZ8UyYndpqJ361qnj/awJgZsVe56My:suFw+PtYmYndcpi6ZVA6h
Score

7^/10
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  14KB
- MD5
  
  3809b1424d53ccb427c88cabab8b5f94
- SHA1
  
  bc74d911216f32a9ca05c0d9b61a2aecfc0d1c0e
- SHA256
  
  426efd56da4014f12ec8ee2e268f86b848bbca776333d55482cb3eb71c744088
- SHA512
  
  626a1c5edd86a71579e42bac8df479184515e6796fa21cb4fad6731bb775641d25f8eb8e86b939b9db9099453e85c572c9ea7897339a3879a1b672bc9226fcee
- SSDEEP
  
  192:i6JaVGQ+xI5EeuyvMmGpeWH2J5xprN+AxT7K72dwF7dBdcQOz:i6JaVh4I5rpPbT7+BdhO
Score

3^/10
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/LangDLL.dll
- Size
  
  5KB
- MD5
  
  8c909780802ac2097ea4132e6375acd2
- SHA1
  
  b35fbda0725d7c66281d5c340b53eb5d54922583
- SHA256
  
  c66b568cd675806a499273e3e8aeda350425aac17fc24342ed54e477417cdc0f
- SHA512
  
  e94a37c586e55de8b61b427c14a385dcc57f3602d3dace90ad4663609da14a922cb78f76a58ed211549e987ba6f130cf2581eb48bcad2c9c25c6dc93a7ff6d08
- SSDEEP
  
  48:SnTGmVN7ZTPUptxEwvBqAKxwLJXyTpXieN2JVGLalmQ2lUmiwag/nDGkaEJlof6P:+7ZDGEQ9LJX6weN2TuXQ2lBiwag/np/
Score

3^/10
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/QvodInit.exe
- Size
  
  109KB
- MD5
  
  81a014e8161d8c736603e8a8184c6fcb
- SHA1
  
  af03a7bca6826d89c8f0d71c9ea204b294451682
- SHA256
  
  decc094e4469459bd86d00eb2bbc1483e071e544aaecfa50008cffd9c3dbb698
- SHA512
  
  c7b96bd840fdce3f35fd6f8e978dd143d69d02ffcbf19b9755b7b70f81596b2517a3aadd2d82a6c01f3a13aee43d5cc10f5fbb11e107e6e7790fee7996a90f52
- SSDEEP
  
  1536:rMBfKFgpr2N6FcGpmN/xjETJJl+Vz0ijKSHTNf2Xh9PRUGVASsu2VNaLCKG7:gR4nNJ4TJJl+50iuSzNOrRUm2V4y
Score

1^/10
behavioral7 behavioral8
- Target
  
  $SYSDIR/pncrt.dll.new
- Size
  
  272KB
- MD5
  
  13001eb0a58b4de96126b16ab15fd8cc
- SHA1
  
  4dfe6d2d02e9fa194f4af3d054b458b5a4bafbe6
- SHA256
  
  e983aa97fe1ce6af92f06433a71e03f54d3fc78392e26691cace927094bab8d7
- SHA512
  
  1a7c052bc1e7c824a3aff5e27c5cbd0720893e341dfb93062021b82c3a6d940c4ea23cbcdfaaeb174d90f51c36f0d8c62f693766f42172f894b6b689d26f49b2
- SSDEEP
  
  6144:3m7wHLiH0k6OgfjvQ0mvlxZ/PeT8Ah8EoHiIKaGo5RpTufufVvtr+dj7GcuT1JOy:3m7KLiHl6OgfjvQ0m93/5q+iIKaGo5Rr
Score

3^/10
behavioral10 behavioral9
- Target
  
  AddIn/VisLrc.dll
- Size
  
  157KB
- MD5
  
  2c3166ed03d35761549457ca1ed5fcdf
- SHA1
  
  cd5120872f95ab8b08b1a6d8a74fecb898a3d728
- SHA256
  
  fc49a13d94f4da894209f6503ba56ddaee21af92224e4a6260bc9a9dbe3813db
- SHA512
  
  8d54325d1957fd966be0db2bf7f92193bcf3528da394faa8f195752b03fe7df972cf01080ea3713daf7ce91b999eb2e4782aeb00d438685a6fb00cda15d0fad9
- SSDEEP
  
  3072:RJPHHXjS7Ip81RLIfPE9hYRYCkLzf8l/JHss4H:RJhpUXYzkL4QH
Score

3^/10
behavioral11 behavioral12
- Target
  
  Baidu-ASBar.exe
- Size
  
  449KB
- MD5
  
  b3329f052a8b60266b9bfbcdb9082d58
- SHA1
  
  0856e6f3e1d7f23ba6d323c1836845e833a9fab2
- SHA256
  
  1acb302343da26a4d764de4db15cd78d5d2e1214a70fdd83a24a03162061e150
- SHA512
  
  162225a2ed7058225579d6440f820d5c31713de396497894d6bf14deb42166f83c324175ccfe0c847e4264c2ef39e7a436d91e4fac52ea1dca82a8924438b996
- SSDEEP
  
  6144:Sv9WDVkN8PoehLmmMSa2qWIlAYB4ys/OdURKjX1WQYQWa6sx5OUG9P4Tb8bqyXtc:FJhL4dWuCJgvPjG9P4HIXyrWY
Score

3^/10
behavioral13 behavioral14
- Target
  
  $PROGRAM_FILES/Baidu/AddressBar/AddressBar_Tmp/AddressBar.dll
- Size
  
  1.0MB
- MD5
  
  a8e461b119cd3356cb7be15611e74255
- SHA1
  
  f5fd59175a2ff79d7a4a2095cff444087c6faf14
- SHA256
  
  603e75820b4b04d7ffb1374c091d649432ab29a432d8bd614b8735d055eafd6f
- SHA512
  
  fcb23082051820f4e18351f443e54ee48c982a9e51ead1d02866308088ebec1ec14f6579d2a7c480d070a2f2b191f670925c12a22735397dfc85b58398d2bd42
- SSDEEP
  
  24576:tVEpLF//Gc9JwUCp0PSUxqJ4BjQDVLtTpx6W1t76qOY:tVER5UVBTr6ot76qOY
Score

7^/10

adware stealer
- Executes dropped EXE
- Loads dropped DLL
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
behavioral15 behavioral16
- Target
  
  Baidu-Toolbar-utf8kb_cb.exe
- Size
  
  842KB
- MD5
  
  b98c05fa8d1effbcdb9f720c50aa6f40
- SHA1
  
  28c0fd0b8edfe264e431b199ea611e7833b979dd
- SHA256
  
  c2c9430894258735f487ed9f75f9da4a8246eca5285be76afd0830f77f4fcc92
- SHA512
  
  77d20d9c12adb4ae543f5bc2d41a24367d92491a295c5dc75ab2b778dc92e11e9f11a31895dfafd7cb0994bbe594d88a16584532cdb27d86ea630f7b928dd2ee
- SSDEEP
  
  24576:PWe0JIIC6Nuo9iEmlW/7aFbYUXXXozK0H:P50JWm34W/GFbY6XYrH
Score

3^/10
behavioral17 behavioral18
- Target
  
  $PROGRAM_FILES/Baidu/Toolbar/BaiduBarX_Tmp/BaiduBarX.dll
- Size
  
  2.3MB
- MD5
  
  8c70775e64828cf1bc974aa850862620
- SHA1
  
  77fcbd8f8a9d2f5ea9051f26da104bef50195881
- SHA256
  
  7216f4e16b6ca0c2b3b9f6c28bd1618802e0963c72c26a7285fefaf0fe95aa9c
- SHA512
  
  2c5d699a5d80222b1b310f1f059643186b9d4755da502b840b5a2c6daff3fbfa836e45d3d98150c72a76b47077637400a2c2856e07ee9628e07017b93877bbaf
- SSDEEP
  
  49152:9VVPl8AlDw6JPul9zjJ+rEC0KaTda845t20Tu1IA2Nvvf:9VLPlD1BufPJ+h3vj
Score

7^/10

adware stealer
- Executes dropped EXE
- Loads dropped DLL
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
behavioral19 behavioral20
- Target
  
  Codecs/ColorFilter.ax.new
- Size
  
  141KB
- MD5
  
  fa098ed1394496b2ba53f1773f70d711
- SHA1
  
  6db54dfee27c70e61e3ef1d5374513c16fd602aa
- SHA256
  
  19b84b912d782333cfed1727e69da83846b77d7c90736b5621b438f9f50d107c
- SHA512
  
  74b2704dba6ace3fecca0dd6e790162b961ca9fb9ae6240aefb1f0d52959f58456c626378c745cbc155a8928d850614b8df6804b851e8d017c5ebeca01c17a8c
- SSDEEP
  
  3072:9ymeNWoqvzMcvAXQQ0vlvYKQptcabWQlHs69rDc92:wE1vzM8bvhs7lHs69A2
Score

1^/10
behavioral21 behavioral22
- Target
  
  Codecs/RealMediaSplitter.ax.new
- Size
  
  372KB
- MD5
  
  b91968f4f21d803d2467da89d9cd7275
- SHA1
  
  a0e1a676fe340f6bd211a1b40c0b6d8d1715d82e
- SHA256
  
  4287023170ab52ec3883af9a464d281358ae44225b25b101697c2ae66c82f935
- SHA512
  
  047470fda7ff9cda15cc4baaf0d5031bc8c37a9a7a827601c0e6db149f3af5149860afc45dd92c1a035f537971a70cb0f31372de12c080cecc3d93a89e6b8d65
- SSDEEP
  
  6144:sbH9JP/W0D2hzNqURg44nlHR0urOU48+EQHapawA9MDL:OJP/W0D2Pq/rpR0urOU4lExnn
Score

1^/10
behavioral23 behavioral24
- Target
  
  Codecs/asfsplliter.ax.new
- Size
  
  64KB
- MD5
  
  4a7e26d268c355fb5da19a4400e7770b
- SHA1
  
  ebe3c19a94e12c2a5d39bc816317961797a6c89b
- SHA256
  
  5c44df6b0d4d212271a1ca4c008ea003a2dd1168059333169b3562c51065c3e9
- SHA512
  
  db5f0161d64b27cebc6de443e68cf596725ea1034f20c58f2a019f2d50e67574e33ffe65e8f5a9b21095cd2f309a97b58ee3603e528276aeefa67c9d7b3234f6
- SSDEEP
  
  768:Y9We0OJXnfX2c+AOW8gpukVl5sqiCpl3il7T59bSob4p9Gk0:Y9WEXn/2c+7jlkV4dCpN67t9bSXG5
Score

1^/10
behavioral25 behavioral26
- Target
  
  Codecs/atrc.dll.new
- Size
  
  76KB
- MD5
  
  ed7c402a17a33d428a6d0dad2e7c42d8
- SHA1
  
  93a6dcf0abe28a01403da578d685cc5c0b48bb82
- SHA256
  
  00cb4ae39a6e18c07e12ae53150ee29ece9ef4561a496920f19813aa431daff2
- SHA512
  
  bddc074123d3f144d7903d5f2502f8961ef79e1a06ce05d1769f37314eb276729444647a9f5c9e80fec0512cbd07b5e46be40f6f6015f8b1a255d7daf3ae28f1
- SSDEEP
  
  1536:k7b44Vh7qOxPccMvJY1cnd5unZsQDUhl:k7MuPccEYW3IZhDUhl
Score

1^/10
behavioral27 behavioral28
- Target
  
  Codecs/cook.dll.new
- Size
  
  64KB
- MD5
  
  fa220dae3898b8578c34791648321a38
- SHA1
  
  12bdd5396e996d071368980d36ef6f6c7b39f936
- SHA256
  
  f8b5898569a508e370eb25db27c1cba440c9d559529850c05589e56a93659835
- SHA512
  
  9c2ad73fd43de7ca16a1d75b2974a737dfe1478d094783861ff5e3f994e17bc9e36e31f130296b497bb8955849be31db526018c0621cf5b09496fc6e5c3d6f34
- SSDEEP
  
  768:79rczOVJc8avUhcRxV6Sz+b2G90YnGZosMwCJtVSk7K+t6tj6tVDWVp3Ghv+Xb:7uqc8/aUSz62G9LnOnMK+t6tR
Score

1^/10
behavioral29 behavioral30
- Target
  
  Codecs/drvc.dll.new
- Size
  
  260KB
- MD5
  
  e9ad4c6feede8ce70a1a21ed1dc0e2ad
- SHA1
  
  ec6b32969e43328a177456be63864d004d501fce
- SHA256
  
  ef8d7d81cb460db57f2e737ca0de3e0c6c06f78273e49a47b24f0a1eeaa2909f
- SHA512
  
  ccd0a54e989b882db33e932fd95d29922dcc3e8608f32beef5882182be0534d809f67ce4d54ac894165f51e237ad39402ca97cf05e933fdd3c01c4f6ae50643c
- SSDEEP
  
  6144:hsNg+cXo8ZJI54BxrFPpH5Dtf5DNWoEaeglljEz:hsNg+Qo8ZJPWoEillYz
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Browser Extensions

T1176

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Executes dropped EXE

Loads dropped DLL

Executes dropped EXE

Loads dropped DLL

Installs/modifies Browser Helper Object

Executes dropped EXE

Loads dropped DLL

Installs/modifies Browser Helper Object

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32