1810e1f501c1c4749719fe99e240e0b0045ff6fba384d448529f4dc0be3633db | Triage

Sharing

General

Target

3bf316a05394b15c3d2d0aa9b8699c3e_JaffaCakes118
Size

662KB
Sample

240712-et6j2s1amd
MD5

3bf316a05394b15c3d2d0aa9b8699c3e
SHA1

6fc1bb02050cfe67c1a55a760563f840eb99194d
SHA256

1810e1f501c1c4749719fe99e240e0b0045ff6fba384d448529f4dc0be3633db
SHA512

f80c633534d32e274fc256a51270bde6d086e7a4282fa7a457701c33586836d0cf13bbda5910098b5354968bba1cbcc22e3d041c42f7ff0b06408f3731b0e284
SSDEEP

12288:tGfYY6sDndmiClZmNZ0yEzh6+DUawpbFD6wuFKloDa92kZ:tlPsDdmNlZmNvUhDD3wpxGXKle0

Score

10^/10

evasion trojan

Malware Config

Targets

- Target
  
  3bf316a05394b15c3d2d0aa9b8699c3e_JaffaCakes118
- Size
  
  662KB
- MD5
  
  3bf316a05394b15c3d2d0aa9b8699c3e
- SHA1
  
  6fc1bb02050cfe67c1a55a760563f840eb99194d
- SHA256
  
  1810e1f501c1c4749719fe99e240e0b0045ff6fba384d448529f4dc0be3633db
- SHA512
  
  f80c633534d32e274fc256a51270bde6d086e7a4282fa7a457701c33586836d0cf13bbda5910098b5354968bba1cbcc22e3d041c42f7ff0b06408f3731b0e284
- SSDEEP
  
  12288:tGfYY6sDndmiClZmNZ0yEzh6+DUawpbFD6wuFKloDa92kZ:tlPsDdmNlZmNvUhDD3wpxGXKle0
Score

3^/10
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/AccessControl.dll
- Size
  
  10KB
- MD5
  
  055f4f9260e07fc83f71877cbb7f4fad
- SHA1
  
  a245131af1a182de99bd74af9ff1fab17977a72f
- SHA256
  
  4209588362785b690d08d15cd982b8d1c62c348767ca19114234b21d5df74ddc
- SHA512
  
  a8e82dc4435ed938f090f43df953ddad9b0075f16218c09890c996299420162d64b1dbfbf613af37769ae796717eec78204dc786b757e8b1d13d423d4ee82e26
- SSDEEP
  
  192:8SEWBGgiJM4LN+xq56XdNcNz/NWdlJmlyOcROQ:8SEPgii9KTzyt
Score

3^/10
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/inetc.dll
- Size
  
  20KB
- MD5
  
  134b93f8bd1f82cd2f1b06c878580703
- SHA1
  
  29cdbce7a2caf1f7e4d2a139c42336d490074665
- SHA256
  
  45153adf50541316468e2b189a0f8127be9fb29e2f920e7eeaa6aceb438db8c4
- SHA512
  
  f970c38debb6631dab7369e2bc96237f16a8fd328d9d35a2b54cb688e1807f62cc6d63230afe89ce5c3945097ae4466872c72929a9623adde3ee57bddf54b692
- SSDEEP
  
  384:EBQCxl9oGPZsw1v6yBIgktbBYeTeXMK5HQ/0lR+Tya4LV0Ac9khYLMkIX0+GBxgU:goGFghBZTeXMK6cVa4L
Score

3^/10
behavioral5 behavioral6
- Target
  
  avsoft.exe
- Size
  
  1.2MB
- MD5
  
  31ec6ab45215a857db84745ba6cacad9
- SHA1
  
  897dd2ef8fb746c64d7d4199d2fb856b90c18007
- SHA256
  
  d1ad1d47a22347d12aa8dabba4d605b2b538947ee8a7f13f1cb16958388adb60
- SHA512
  
  0d27b8065b1f890fefc86263363e4790ee7367c56f22d76e64d5efcc3cc69b2aa98091bee83ef18279cc4c895d11113e5277c13fce4d4f29b2390b90c7c8aa90
- SSDEEP
  
  24576:TcfX8cfBrne4j67+7ii6zNWT3hTUG8hysS/v1kcr:QfXRR7ihkTUQkcr
Score

10^/10

evasion trojan
- Windows security bypass
  evasion trojan
- Windows security modification
  evasion trojan
behavioral7 behavioral8
- Target
  
  htmlayout.dll
- Size
  
  1B
- MD5
  
  cfcd208495d565ef66e7dff9f98764da
- SHA1
  
  b6589fc6ab0dc82cf12099d1c2d40ab994e8410c
- SHA256
  
  5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
- SHA512
  
  31bca02094eb78126a517b206a88c73cfa9ec6f704c7030d18212cace820f025f00bf0ea68dbf3f3a5436ca63b53bf7bf80ad8d5de7d8359d0b7fed9dbc3ab99
Score

1^/10
behavioral10 behavioral9
- Target
  
  uninstall.exe
- Size
  
  40KB
- MD5
  
  94a11494765adacc8241db87a903ed04
- SHA1
  
  0463c4a58e13a28cb164b2188f5405b726b6a3df
- SHA256
  
  6a9c8a5f939460baf43b0c4f949c3de5e8ab157713cceea4abfc2a661a432c06
- SHA512
  
  4ca281910d7632d74c381cc4904acf4ea5dc8b41f743115cca82ae3a7e453a9ed1bccf1c7398865d69506d2182d1b8881c71dc64d0d28242656b755e808ffa74
- SSDEEP
  
  768:6HJd0TpH2+bQ2dUWVX9Hfv1JMWmtLEJOyuBxG0D3mjfS3XJdJRnSlCXf+ZnOlbh:6pgpHzb9dZVX9fHMvG0D3XJYlCXpf
Score

7^/10
- Executes dropped EXE
- Loads dropped DLL
behavioral11 behavioral12
- Target
  
  $PLUGINSDIR/AccessControl.dll
- Size
  
  10KB
- MD5
  
  055f4f9260e07fc83f71877cbb7f4fad
- SHA1
  
  a245131af1a182de99bd74af9ff1fab17977a72f
- SHA256
  
  4209588362785b690d08d15cd982b8d1c62c348767ca19114234b21d5df74ddc
- SHA512
  
  a8e82dc4435ed938f090f43df953ddad9b0075f16218c09890c996299420162d64b1dbfbf613af37769ae796717eec78204dc786b757e8b1d13d423d4ee82e26
- SSDEEP
  
  192:8SEWBGgiJM4LN+xq56XdNcNz/NWdlJmlyOcROQ:8SEPgii9KTzyt
Score

3^/10
behavioral13 behavioral14

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14