da412986317f3f19b8389172dc6eb82e8b5103712eb94b7b4703087776ade7be

Sharing

Copy URL

Twitter E-mail

General

Target

3c4d4229f2f28ce0eaee937000325553_JaffaCakes118
Size

2.0MB
Sample

240712-g74cysvala
MD5

3c4d4229f2f28ce0eaee937000325553
SHA1

435952047b60661710969af6f70df5317334689a
SHA256

da412986317f3f19b8389172dc6eb82e8b5103712eb94b7b4703087776ade7be
SHA512

b560bc05ecaf7a634b889148399c0d7b7d5f71fce5f72d645121e8010935ddd29555fdd12f2ef7f26292fa159c8278b3472ee0d3a1f606427dfa3df9c76fc60d
SSDEEP

49152:k8ObzM3p5SmDzPSF27v5IN0RU6ErBidd3VtfycDyqUTWax:kWaA+A6pwpptD4z

Score

7^/10

upx

Malware Config

Targets

- Target
  
  3c4d4229f2f28ce0eaee937000325553_JaffaCakes118
- Size
  
  2.0MB
- MD5
  
  3c4d4229f2f28ce0eaee937000325553
- SHA1
  
  435952047b60661710969af6f70df5317334689a
- SHA256
  
  da412986317f3f19b8389172dc6eb82e8b5103712eb94b7b4703087776ade7be
- SHA512
  
  b560bc05ecaf7a634b889148399c0d7b7d5f71fce5f72d645121e8010935ddd29555fdd12f2ef7f26292fa159c8278b3472ee0d3a1f606427dfa3df9c76fc60d
- SSDEEP
  
  49152:k8ObzM3p5SmDzPSF27v5IN0RU6ErBidd3VtfycDyqUTWax:kWaA+A6pwpptD4z
Score

7^/10

upx
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2
- Target
  
  $TEMP/TeamViewer/Version4/TeamViewer_.exe
- Size
  
  2.0MB
- MD5
  
  4ae8b5de17aefcd95361456b104d92dd
- SHA1
  
  1b2d34b560c409367efe354004db97023b4e3c63
- SHA256
  
  f16fe5b444a7eff1e09dbba778a93aa87f47217d52aa33847962da093fcb4e4f
- SHA512
  
  cb34b898107d8d54674f548e5dddb9c7a09e4d17316ea47c40402027ef56589802f812d66146694b36fbcebb72c8e74aeb4a60afde3dcae1aeee17d0f1caa503
- SSDEEP
  
  49152:SZT4GJg0hDNZTC+wOvl1zgGbGyQnQHtuF52QG2:ZGa0dfxttlbGy9G5v
Score

7^/10

upx
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/AccessControl.dll
- Size
  
  9KB
- MD5
  
  15a0c55e77f3028bf9a621a80f45c39a
- SHA1
  
  66b62493ae4d8ea2e72da262f407a25c33afd586
- SHA256
  
  f75be8f7d39dcbeeb07e772a842dd26ad72e38e106f1cb4179daf738ac634d7a
- SHA512
  
  6e681d82e125488b3863a3962d49ee7ea15a866ff4c9853201bd9deaed04c13f6482f31f7d84b67f7a993f232bac25867799fd0207d99a8dd8f8f5ac349279f4
- SSDEEP
  
  96:LoolSAhQXvE2++443oyasVAaY4ZSTJdyJal6NHuekueGuXcolEspBh+p:MolSAhQXS43oyixZTJdyIl6NHXkXGGc
Score

3^/10
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/Base64.dll
- Size
  
  456KB
- MD5
  
  9459a28dbb2752d59eaa8fbb5cf8c982
- SHA1
  
  4ad7eb230cf6d05df967037225fa19dd385bf7cb
- SHA256
  
  4688dcd01db816485a770cb8fc047fef9a408f3dbec5a2c83752fee115ce6963
- SHA512
  
  7dff6414f4215aa4c7a168158b4ac5dd422c7dd35c6af58bce658c6bf9bf5a3545a5ee0db5f5d47a17c7ae53cb54551b98b492137e36c73e684b2041d775cd97
- SSDEEP
  
  6144:NbK5zygAJ/kzt5KdaoOj4uhorVoK9omsgL204E0bm+J7iOi6rG:5KlnAJ/CtkgPlSVoVgLYbxJ7iOi
Score

3^/10
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/CustomLicense.dll
- Size
  
  3KB
- MD5
  
  3c4c9b038c7eb5223691586a42415fef
- SHA1
  
  53eb3587f5313f9aae5aea8b92f7ceb45db19fc6
- SHA256
  
  60f9263a1693ae5a18523ee5d0f37e512882edaea2b84a028279d7fe5bb305ae
- SHA512
  
  a07843d793811ca6ea9be734c458209a1bb224297743e23304f48b65f38ea9ae5a570f99b5c23642431ecb5cb30bcb43848bb92e6529395c232c63f641143250
Score

3^/10
behavioral10 behavioral9
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  14KB
- MD5
  
  7af3ead73bedf48083d088228d99b200
- SHA1
  
  66123f71a8303951517748317a6a475e1154a7c7
- SHA256
  
  75ff58404f0211a16341aee2eeeb5c19afc8d7827a79b27c5aa501f53a0bad71
- SHA512
  
  9635319adb84555568356a63b7608fb1e7df74625d56ad1d43caa3048ef0cd8c39919c87d8ecf3841a7c770a7f2c5895239140969a23aeb7720fd03f402693b4
- SSDEEP
  
  192:AG6J+U9eQ+W8zuKiM3pGWPsjgKh7jPK72dwF7dBJcQlZ:t6J+U95buCDjP+BJhl
Score

3^/10
behavioral11 behavioral12
- Target
  
  $PLUGINSDIR/Registry.dll
- Size
  
  16KB
- MD5
  
  24a7a119e289f1b5b69f3d6cf258db7c
- SHA1
  
  fec84298f9819adf155fcf4e9e57dd402636c177
- SHA256
  
  ae53f8e00574a87dd243fdf344141417cfe2af318c6c5e363a030d727a6c75d1
- SHA512
  
  fdbbedcc877bf020a5965f6ba8586ade48cfbe03ac0af8190a8acf077fb294ffd6b5a7ae49870bff8cacd9e33d591be63b5b3d5c2e432c640212bdcd0c602861
- SSDEEP
  
  384:Bl1fUuJHxreh2OatbswPCr64oLchV0oLQYYfVB:BlBzHxrehKbswK2TchDLQZfVB
Score

3^/10
behavioral13 behavioral14
- Target
  
  $PLUGINSDIR/SimpleSC.dll
- Size
  
  48KB
- MD5
  
  72b95a219d2525f9b1c2213ab9b8556c
- SHA1
  
  de5b369a18b8701ebb6852d3a4b0d55213f789e8
- SHA256
  
  0b6b5ef0835c570c4330e597eebfa00c2a13d4c5f043283b604e585fdaea6b4e
- SHA512
  
  2e31684638d136049c89cecee7a86360933845a0f115f145150b31a144bdd2b621d779392e14b0504e40c19a0c8e23a50f8b3534bc002b12150aa6cf12696596
- SSDEEP
  
  768:AutqkcrJvsz+w+S9CoMY7If7gQ1To2rIF/wYpyFmQAw1+04VtD//1GV4MCR:rtqkcrJvsRLMYcb1nYpyoLOwCmMCR
Score

3^/10
behavioral15 behavioral16
- Target
  
  $PLUGINSDIR/StartMenu.dll
- Size
  
  7KB
- MD5
  
  ee388fdf6bf27673f7874d26f85724ac
- SHA1
  
  7d3f6c37d372bd8cf3f20e34aa9bcba88f670337
- SHA256
  
  f31c16b1ecb01c7aa12f1893ec5935c1d9eda7f5caccf1616a0044bfba4ee3a5
- SHA512
  
  c2fe427f5e00bb22b6a94fb56aff77bce665c7528b6674a8b824fcc354aa32ca09dacb80a6f143dfe4e761eb7f579f47ba5583ee07cb4cf987bfae1475510e82
- SSDEEP
  
  96:Z+qBC0x22epxPEvC4FkWE+in1/FMvsCGRfRFqCB5tcGhEl5VN:Z+SepxPE1r8/FtmCDtzg5v
Score

3^/10
behavioral17 behavioral18
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  10KB
- MD5
  
  0b96e50e5fd9b241435cfec46600b5a7
- SHA1
  
  1f79688c6bdd78b4e1812b110fd16d27c59b32d5
- SHA256
  
  10841d8d0a0fa457a62be63af7e30e72ffaec265470dbe16c0d61cc5b111d1e6
- SHA512
  
  01a5884ce81a622f81da23c4075aef4cbe68d18471908bb6082ad98bfd002c8a6c2b8069d250df0320cde22ad76eedc14a5d9369b370c2012d58575720da48b7
- SSDEEP
  
  192:yO6dJA/ruAFEiUdWWE6hE5RYUdJfbub1a7gMO:nKAFERdlxhGRYUzqZa7
Score

3^/10
behavioral19 behavioral20
- Target
  
  $PLUGINSDIR/TvGetVersion.dll
- Size
  
  6KB
- MD5
  
  409b195108f014b032eb5dd36ca17a12
- SHA1
  
  4544950c7c081fb0aeba7971bcf46f2761430f4e
- SHA256
  
  52b487ff38814953eae017f2751f8e2fed7284f6faa250266cbd8d749547695f
- SHA512
  
  fe981570f6642933c36bbd7b1fef0d7e469600d44ea9e3b94ad94e1b6bb81c98c74c0d1c8673385443daaa3750de4e7eedc49aaf38ccc56c09e2d141e27068db
- SSDEEP
  
  192://X67bKIuJFHIfw0+OW3fRVBi46AQuFsin:3q/KJjZ3PBi46AQuain
Score

3^/10
behavioral21 behavioral22
- Target
  
  $PLUGINSDIR/UAC.dll
- Size
  
  15KB
- MD5
  
  f6864bd1708daa67dc0e47d5624e8938
- SHA1
  
  dfbb5a96f13ab36712349d7c56e2e7fc9ab73819
- SHA256
  
  2bc962a7f596a0c0a40bf3c3dfcf77c4e8dfc49830115e636b720ab68094606b
- SHA512
  
  d935fb87b2ed6e668e80627f21d965df7b73dfbf47c33e02721f02cbab2c525c0f5a36eb2a84573af2fffe5db43ac8823079607b9b70bb2bf51b0df8195ff01b
- SSDEEP
  
  192:uMtWEALVfpLcBB5yoOINGaZYjWigGcr2fNxhRUNFd5dMAW5s+2oAw/8tox:xtpAL/G0zIBZqLlZUNXHMAW5BL/o
Score

3^/10
behavioral23 behavioral24
- Target
  
  $PLUGINSDIR/UserInfo.dll
- Size
  
  4KB
- MD5
  
  fcad39646b416b4c2e0ea259554c3ec1
- SHA1
  
  8cb881913d923de35e6e131c2329b20ce51fe84f
- SHA256
  
  bc3872dbafefc41db2191b11b7371e988736dc12c9913bead1aa953dd28ef62b
- SHA512
  
  d81e00ac4828cce4ada42d28845d91601a98a6647d7b4fabad23e45b1aa529297fc554771b8cf8e484525e91a58f892ba5836263a81d6c061a54801abf0beecf
Score

3^/10
behavioral25 behavioral26
- Target
  
  $PLUGINSDIR/nsExec.dll
- Size
  
  6KB
- MD5
  
  70616f6adbb9ac1c6151ec241f5e494e
- SHA1
  
  ceae3d3948f7df439b706e6c37eb0055bd0e1bf6
- SHA256
  
  57e18bb8974e87b3d98aec43eaca1082fa634bf7788f63f84fe0e4104c93fd55
- SHA512
  
  868de8325250722b6ff06257ea2bde2976179903895390369782cf7c709a841977689bd3542909828d7aa4f3100731132a5a206b6de92f3bba60579810a649e6
- SSDEEP
  
  96:GVX1XJX70VnIjKdpClMdOfHFI2NaeI0Q1qND1qN3riUTEVXkcL:GRx1AVnIudpClyOtIs1QUhUZriUTEVX
Score

3^/10
behavioral27 behavioral28
- Target
  
  $PLUGINSDIR/nsisFirewall.dll
- Size
  
  8KB
- MD5
  
  69f2e8c6fd141e9e720b2c4c366a8154
- SHA1
  
  a6279d93a102b6d7608dced32a36ddcd3e51994c
- SHA256
  
  2e204ee4f1d12b4ca35c8205cea0cabe354f2e79a471863cfb76a7cee83cf107
- SHA512
  
  bf23a5f3ce98e6a1c04fe8ae6b6f385483ceed62470cd109017c97f37c23adbf0203bfb43d09b007c6925aeb5da9617f33bc5c478618f00cc91da83a48cacaf2
- SSDEEP
  
  96:KCQjg8aCpUcmloiwmXaYY8NVxIYn69TEdUc1ND0RrXQAcuAtoFrJxalMu2k:KCQPeip58NjMNWND0RrXYuAWkM
Score

3^/10
behavioral29 behavioral30
- Target
  
  $PLUGINSDIR/nsisdt.dll
- Size
  
  5KB
- MD5
  
  df4795dfabe3bc9278a73d496cc4b40d
- SHA1
  
  2648ded47e29ecf3e1a1cc20c631e83caf566897
- SHA256
  
  2261027077f23c8dba6b72af28862832aaa059740d0f5634b46cabb14326dd10
- SHA512
  
  013d9712c3d699a7f41ab3e55931c9abb421fb2eda3542da5a4831ad2f073a1b0643120cc78147db0bfcd01df98ade3045ecb2f1e252fff1dc40be845e5ae303
- SSDEEP
  
  24:etGSyYi61xyMmuEwv61OVXOwr+t5blXgO8ELnD3TPrHjf7Xz5CY1aeBEW58q6TvK:6y2xyNuEwWwU5blmPeB958xTvT7L/
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Checks computer location settings

Executes dropped EXE

Loads dropped DLL

UPX packed file

Loads dropped DLL

UPX packed file

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32