47c2257df65a955f95b272e30b6a7256673de75a3900ae0f110bacc6f7a2ca14

Sharing

Copy URL

Twitter E-mail

General

Target

40bf3b0145c7f266ee28eaaffbec2103_JaffaCakes118
Size

319KB
Sample

240713-jb7rlstgjg
MD5

40bf3b0145c7f266ee28eaaffbec2103
SHA1

ffd9b01f9212510b2291c1720916e5a77594aa98
SHA256

47c2257df65a955f95b272e30b6a7256673de75a3900ae0f110bacc6f7a2ca14
SHA512

274f2395966e02843127df9124e876b40888fe7a74f0b6340ff4b3472e2a58b03f91c3033835eafa88274a289fa4b9479021b25b31072a6d9d044303fcb3da81
SSDEEP

6144:qe34TAkByBCeRug6rFZ530rhwa6/9Lj8W1nFULcy+CDfpgByBCezug6rFr:/gO6Z30WI7LpEu6p

Score

7^/10

Malware Config

Targets

- Target
  
  40bf3b0145c7f266ee28eaaffbec2103_JaffaCakes118
- Size
  
  319KB
- MD5
  
  40bf3b0145c7f266ee28eaaffbec2103
- SHA1
  
  ffd9b01f9212510b2291c1720916e5a77594aa98
- SHA256
  
  47c2257df65a955f95b272e30b6a7256673de75a3900ae0f110bacc6f7a2ca14
- SHA512
  
  274f2395966e02843127df9124e876b40888fe7a74f0b6340ff4b3472e2a58b03f91c3033835eafa88274a289fa4b9479021b25b31072a6d9d044303fcb3da81
- SSDEEP
  
  6144:qe34TAkByBCeRug6rFZ530rhwa6/9Lj8W1nFULcy+CDfpgByBCezug6rFr:/gO6Z30WI7LpEu6p
Score

3^/10
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/DLLWaitForKillProgram.dll
- Size
  
  28KB
- MD5
  
  9c4b8ec42d89f7557bfd90798ce52787
- SHA1
  
  2376dde426ea65aa27c30e304086310605382475
- SHA256
  
  ed52bdad7b383a179b9b0e21fefdda2d72695c5263a815d5e1e0bfac6c718548
- SHA512
  
  17c12a27a08746755868558c037376dd7e20f03f0f71888c1329903b70975a54f57786c3c32bf88aaf30119f11ed978a6830ba91949e11cfc94fbb5ad95305b7
- SSDEEP
  
  96:EP5ZuFye0MyQW4uPwhs+R/+gFrE1m/U/uG98bp2y+HS21kEZ1b+4Tu9C1uGg8wBu:akFyFRQ5wIzlH/UGq36EZY4T+Gul8U
Score

3^/10
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/DLLWebCount_new.dll
- Size
  
  28KB
- MD5
  
  f16f5feebd9b431a8bc63456c0ad267c
- SHA1
  
  acc75cfa3ed7888334aa2ccf305a6c6c58a08aaf
- SHA256
  
  5417af0fc8284e9745650a55803bb34217e314096dc7cedf113c960624ae08ad
- SHA512
  
  ed1e62d903b511a29abd5def4419b5afa63699ee2d1c91a9d884ffb01d7debe5981559574cac4885140d1f27f4275be56236f5c6f1c327147dcac8893f965512
- SSDEEP
  
  96:3YP18J49uJPeaFX/0gOtJ/9nMjbnbk2Zl1bU6i9vtmAuSBudGaTA:3f1bFX/rOtJ/lMvbfJU6snpYdb
Score

3^/10
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/IEFunctions.dll
- Size
  
  3KB
- MD5
  
  9701818d39318145dd164794ef3a3846
- SHA1
  
  7db701f8dc19163d46ba88e8b68d8dbf428a8152
- SHA256
  
  3122b0413f74e88518cfd1b9c6e18435dd326ca177a2374b6405df78f43e776a
- SHA512
  
  d92786630250e9eb6c47537b09684fa107f959b50d255c7f3952741eb438c3be47e171827d3a4407b049c33c12dad73f8ec381a7265b28a6d8ca101ff702e8a4
Score

1^/10
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  14KB
- MD5
  
  eef9e469e8a30717974499f277d97e2a
- SHA1
  
  2d33c25984ebd9116beeb55cdde4c5c86c023e5d
- SHA256
  
  1f35bb6728237483c779005fc227e69fef51b0bafd32d15855d483948a337078
- SHA512
  
  d860132106a1c03dfa23f983b3c503f1216ac02f3d47833b96dfb333fb30bc8ab4d4fecd1f1f0a89f0c7f3586405461e2d53c26f282bb48970e549659b364b48
- SSDEEP
  
  192:8np6d+dHXLHQOPiY53uiUdigyU+WsPdc/A1A+MTjK72dwF7dBEnbok:8p6UdHXcIiY535zBtMTj+BEnbo
Score

3^/10
behavioral10 behavioral9
- Target
  
  $PLUGINSDIR/KillProcDLL.dll
- Size
  
  36KB
- MD5
  
  6958016193a066833556992077bad4fe
- SHA1
  
  5f564945936f99381d7e2408f034f97d069005a4
- SHA256
  
  f38c669c87f2a73768a27a01622690997e9d93d5ca3830b349bd24c3ff9f8d2e
- SHA512
  
  fd6ab5c341b331b80c940ba97a2cd14547c796933a2df26d3dd87ede1602b86d9f8c37baebd7dd4c68d811199fc96a27ad4cb995bb8889d51af91db9f43ba0a7
- SSDEEP
  
  384:IL6T2Izs/XGCanZSwEfj5lwTSYlml89oayKA15JiQNRw/9uosAUdJofiiqd:88Y9gZSwq1lwTS2XA15DRm9cddJo6l
Score

1^/10
behavioral11 behavioral12
- Target
  
  $PLUGINSDIR/SelfDelete.dll
- Size
  
  24KB
- MD5
  
  7bf1bd7661385621c7908e36958f582e
- SHA1
  
  43242d7731c097e95fb96753c8262609ff929410
- SHA256
  
  c0ad2c13d48c9fe62f898da822a5f08be3bf6c4e2c1c7ffdf7634f2ca4a8859e
- SHA512
  
  8317af5cc3ac802eb095f3fa8cc71daa1265ca58fead031c07872f3d4bb07663a7002ae734fad392a7617f0923fe0caf1f54ed55afdf8516a6a08e202d86fa7f
- SSDEEP
  
  96:1dIrJYYrzPpqAAZ9sNIaI2y9WulXEGNRrG:nuYATpq/viyYuEYRr
Score

1^/10
behavioral13 behavioral14
- Target
  
  Uninstall.exe
- Size
  
  126KB
- MD5
  
  6313c988b270390dc13bfe5ed2f1c7a2
- SHA1
  
  5722a42f8f546fd541f0041aaaff94316b1e429c
- SHA256
  
  71a4a74e6d5718ce17f714896d620ee247dbc423c4400e7191c33bea50e59aaf
- SHA512
  
  0cd6d2ea7c48a22a3a6797c93fc94214f818389cfb42633f6594d017adc76c9c3d553fcadab2b155472ab3b9c65095acd60ff89657086aea357969fec5e86178
- SSDEEP
  
  3072:qgXdZt9P6D3XJQ4+ByBCK5RfoCfpIhCxcE6rF60qf:qe34mpByBCeRug6rFpk
Score

7^/10
- Executes dropped EXE
- Loads dropped DLL
behavioral15 behavioral16
- Target
  
  $PLUGINSDIR/DLLWaitForKillProgram.dll
- Size
  
  28KB
- MD5
  
  9c4b8ec42d89f7557bfd90798ce52787
- SHA1
  
  2376dde426ea65aa27c30e304086310605382475
- SHA256
  
  ed52bdad7b383a179b9b0e21fefdda2d72695c5263a815d5e1e0bfac6c718548
- SHA512
  
  17c12a27a08746755868558c037376dd7e20f03f0f71888c1329903b70975a54f57786c3c32bf88aaf30119f11ed978a6830ba91949e11cfc94fbb5ad95305b7
- SSDEEP
  
  96:EP5ZuFye0MyQW4uPwhs+R/+gFrE1m/U/uG98bp2y+HS21kEZ1b+4Tu9C1uGg8wBu:akFyFRQ5wIzlH/UGq36EZY4T+Gul8U
Score

3^/10
behavioral17 behavioral18
- Target
  
  $PLUGINSDIR/DLLWebCount_new.dll
- Size
  
  28KB
- MD5
  
  f16f5feebd9b431a8bc63456c0ad267c
- SHA1
  
  acc75cfa3ed7888334aa2ccf305a6c6c58a08aaf
- SHA256
  
  5417af0fc8284e9745650a55803bb34217e314096dc7cedf113c960624ae08ad
- SHA512
  
  ed1e62d903b511a29abd5def4419b5afa63699ee2d1c91a9d884ffb01d7debe5981559574cac4885140d1f27f4275be56236f5c6f1c327147dcac8893f965512
- SSDEEP
  
  96:3YP18J49uJPeaFX/0gOtJ/9nMjbnbk2Zl1bU6i9vtmAuSBudGaTA:3f1bFX/rOtJ/lMvbfJU6snpYdb
Score

3^/10
behavioral19 behavioral20
- Target
  
  $PLUGINSDIR/IEFunctions.dll
- Size
  
  3KB
- MD5
  
  9701818d39318145dd164794ef3a3846
- SHA1
  
  7db701f8dc19163d46ba88e8b68d8dbf428a8152
- SHA256
  
  3122b0413f74e88518cfd1b9c6e18435dd326ca177a2374b6405df78f43e776a
- SHA512
  
  d92786630250e9eb6c47537b09684fa107f959b50d255c7f3952741eb438c3be47e171827d3a4407b049c33c12dad73f8ec381a7265b28a6d8ca101ff702e8a4
Score

1^/10
behavioral21 behavioral22
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  14KB
- MD5
  
  eef9e469e8a30717974499f277d97e2a
- SHA1
  
  2d33c25984ebd9116beeb55cdde4c5c86c023e5d
- SHA256
  
  1f35bb6728237483c779005fc227e69fef51b0bafd32d15855d483948a337078
- SHA512
  
  d860132106a1c03dfa23f983b3c503f1216ac02f3d47833b96dfb333fb30bc8ab4d4fecd1f1f0a89f0c7f3586405461e2d53c26f282bb48970e549659b364b48
- SSDEEP
  
  192:8np6d+dHXLHQOPiY53uiUdigyU+WsPdc/A1A+MTjK72dwF7dBEnbok:8p6UdHXcIiY535zBtMTj+BEnbo
Score

3^/10
behavioral23 behavioral24
- Target
  
  $PLUGINSDIR/KillProcDLL.dll
- Size
  
  36KB
- MD5
  
  6958016193a066833556992077bad4fe
- SHA1
  
  5f564945936f99381d7e2408f034f97d069005a4
- SHA256
  
  f38c669c87f2a73768a27a01622690997e9d93d5ca3830b349bd24c3ff9f8d2e
- SHA512
  
  fd6ab5c341b331b80c940ba97a2cd14547c796933a2df26d3dd87ede1602b86d9f8c37baebd7dd4c68d811199fc96a27ad4cb995bb8889d51af91db9f43ba0a7
- SSDEEP
  
  384:IL6T2Izs/XGCanZSwEfj5lwTSYlml89oayKA15JiQNRw/9uosAUdJofiiqd:88Y9gZSwq1lwTS2XA15DRm9cddJo6l
Score

1^/10
behavioral25 behavioral26
- Target
  
  $PLUGINSDIR/SelfDelete.dll
- Size
  
  24KB
- MD5
  
  7bf1bd7661385621c7908e36958f582e
- SHA1
  
  43242d7731c097e95fb96753c8262609ff929410
- SHA256
  
  c0ad2c13d48c9fe62f898da822a5f08be3bf6c4e2c1c7ffdf7634f2ca4a8859e
- SHA512
  
  8317af5cc3ac802eb095f3fa8cc71daa1265ca58fead031c07872f3d4bb07663a7002ae734fad392a7617f0923fe0caf1f54ed55afdf8516a6a08e202d86fa7f
- SSDEEP
  
  96:1dIrJYYrzPpqAAZ9sNIaI2y9WulXEGNRrG:nuYATpq/viyYuEYRr
Score

1^/10
behavioral27 behavioral28
- Target
  
  WindowWizard.exe
- Size
  
  544KB
- MD5
  
  cdef50397621be6cb0615f1e0de66ea7
- SHA1
  
  4783266b25c0bd7d26ff6d4335eb42cb7787acf0
- SHA256
  
  5322eecf029d1a54305edeb6c924c06fb37a7bf916bacb8d898113aab2cb12a9
- SHA512
  
  8149840cbee939de25a8f457daef69ddcaedb67e5de33136ead24be570b26b7cba350b830ca59c85dd12dde16c4b9679bfa9ecfbb6853d1ce6ed2a2ff12f6ff9
- SSDEEP
  
  1536:4HEZKzXWtCZlPTrM1qdPJewy2J7BTzu07+SUQbdV5l9Yoi/VMvpppppppppppppW:eE2PTrMqJrOQO/anuDMQ
Score

1^/10
behavioral29 behavioral30
- Target
  
  WindowWizardT.exe
- Size
  
  212KB
- MD5
  
  eba67b034e13610daed9f2a87e7ab530
- SHA1
  
  5f96f1d5a4a580c17116774aad88bee700fe7fea
- SHA256
  
  c5281a298f7fc386288b28be0fd35388dbd00ec1cdfbaa74fab772c4cc1ae1d8
- SHA512
  
  a71c04e0472e5fc556fb7d3dcdc8a281bdb9c1b05388e3e7b3098acc563395646c7627dd96f7371252ef64a2670ea09c5afaece8a5b89586bcd81b477b49a793
- SSDEEP
  
  1536:CXXXxL4G9svW0SIQ5kPNXDQfrM1qd1Li:iHR4G9IVk5kPNXDQfrMI
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Executes dropped EXE

Loads dropped DLL

Checks computer location settings

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32