Overview

overview

7

Static

static

3

46d40a00f3...18.exe

windows7-x64

3

46d40a00f3...18.exe

windows10-2004-x64

3

$APPDATA/I...er.lnk

windows7-x64

3

$APPDATA/I...er.lnk

windows10-2004-x64

3

$DESKTOP/I...er.lnk

windows7-x64

3

$DESKTOP/I...er.lnk

windows10-2004-x64

3

$DESKTOP/�...Ʒ.lnk

windows7-x64

3

$DESKTOP/�...Ʒ.lnk

windows10-2004-x64

3

$FAVORITES...��.lnk

windows7-x64

3

$FAVORITES...��.lnk

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$SMPROGRAM...er.lnk

windows7-x64

3

$SMPROGRAM...er.lnk

windows10-2004-x64

3

$SMPROGRAM...��.lnk

windows7-x64

3

$SMPROGRAM...��.lnk

windows10-2004-x64

3

$STARTMENU...er.lnk

windows7-x64

3

$STARTMENU...er.lnk

windows10-2004-x64

3

$STARTMENU...��.lnk

windows7-x64

3

$STARTMENU...��.lnk

windows10-2004-x64

3

$TEMP/remote.exe

windows7-x64

7

$TEMP/remote.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...dl.dll

windows7-x64

3

$PLUGINSDI...dl.dll

windows10-2004-x64

3

$TEMP/sobar.exe

windows7-x64

3

$TEMP/sobar.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    46d40a00f37af8335bac8390ff7d0682_JaffaCakes118

  • Size

    513KB

  • Sample

    240714-v51e6szhkp

  • MD5

    46d40a00f37af8335bac8390ff7d0682

  • SHA1

    3387acac9bb39e3459109f8ebf426ad6d9e5e3ad

  • SHA256

    6bc088efcca40085f6c711a1b011f9947b97ed2538f5f280d4b82ec3116462d7

  • SHA512

    42f6ac7bf1e8f57638855e665c805502ff062a173b04cd54c52e7ed50c7da08c21e04810c0bd6c8ee5f7f1ad27e1b548db26151f2c6d53619ab93812e2f0d341

  • SSDEEP

    12288:KCy5t9UrNvc3Up0+tHMIrBj2JbFNBNpmI4zZRtHiIOLQ9iuKEd79:AtMCkmOMXJbFSv/JivQss

Score
7/10

Malware Config

Targets

    • Target

      46d40a00f37af8335bac8390ff7d0682_JaffaCakes118

    • Size

      513KB

    • MD5

      46d40a00f37af8335bac8390ff7d0682

    • SHA1

      3387acac9bb39e3459109f8ebf426ad6d9e5e3ad

    • SHA256

      6bc088efcca40085f6c711a1b011f9947b97ed2538f5f280d4b82ec3116462d7

    • SHA512

      42f6ac7bf1e8f57638855e665c805502ff062a173b04cd54c52e7ed50c7da08c21e04810c0bd6c8ee5f7f1ad27e1b548db26151f2c6d53619ab93812e2f0d341

    • SSDEEP

      12288:KCy5t9UrNvc3Up0+tHMIrBj2JbFNBNpmI4zZRtHiIOLQ9iuKEd79:AtMCkmOMXJbFSv/JivQss

    Score
    3/10
    behavioral1behavioral2

    • Target

      $APPDATA/Internat Exp1orer.qnk

    • Size

      1KB

    • MD5

      9ffaab5f197ee38cf1fe65e19d4bb217

    • SHA1

      39ee57d785cb31b75fe79879ab5dfed14eb1a28e

    • SHA256

      6a1bfc7b4d0b3c749f9a5737f7f0253c634bdd62fe812948807c6beae039ecca

    • SHA512

      eaa04c6437eac713912a81b2e11f97cfdc38d5d5bb459d7f4ae94d140b2bd4d74685cda43697f00b6803b1b58da3bef78ca3d9d6a4b9f5e4278ff2451aee512b

    Score
    3/10
    behavioral3behavioral4

    • Target

      $DESKTOP/Internat Exp1orer.qnk

    • Size

      1KB

    • MD5

      9ffaab5f197ee38cf1fe65e19d4bb217

    • SHA1

      39ee57d785cb31b75fe79879ab5dfed14eb1a28e

    • SHA256

      6a1bfc7b4d0b3c749f9a5737f7f0253c634bdd62fe812948807c6beae039ecca

    • SHA512

      eaa04c6437eac713912a81b2e11f97cfdc38d5d5bb459d7f4ae94d140b2bd4d74685cda43697f00b6803b1b58da3bef78ca3d9d6a4b9f5e4278ff2451aee512b

    Score
    3/10
    behavioral5behavioral6

    • Target

      $DESKTOP/ԱմƷ.qnk

    • Size

      1KB

    • MD5

      3801cf5240ef322de5fb53224f763068

    • SHA1

      e4286f9b6e5986b6a237bc70fdc03e8a36287e11

    • SHA256

      23dde6d591dc39c8b7901a49ce2edbe1591ef2b68d69700a4c81fd741f2d714e

    • SHA512

      3d26058c20050e236cb78533485dc2dd02ed6be0ab7037e8eac5916b75abe189d38f57ed45899787cbe69318ec4d6763633d1a8a96600fd0b20b83aaa9f03ef4

    Score
    3/10
    behavioral7behavioral8

    • Target

      $FAVORITES/Ա.lnk

    • Size

      1KB

    • MD5

      62d588bdb74e4e2e5d1689fa9272ce39

    • SHA1

      9d0db515d8f65e57353381d707060f7343a74da7

    • SHA256

      248402dd02a096f9721d61fe867fac5cacf4dc9001fa2aa6a50a59f7405606ef

    • SHA512

      cbb47f7e4227177ad39a1c914e00e0ca13209fe0839d13819299ad203572b69026c541d71c5101e4cdddbcf7786c6adf339af3e4b0aab65cb188614f646a893e

    Score
    3/10
    behavioral10behavioral9

    • Target

      $PLUGINSDIR/InstallOptions.dll

    • Size

      14KB

    • MD5

      107737e3282fefd85684f2fa3df6d1c3

    • SHA1

      3befbcae116a644ae28cebdc1d7dfe6be5c8ca5f

    • SHA256

      21042be362d4073053bffcc90511b3ecf77902243525b56bb159581b5ece43a0

    • SHA512

      439ac2f3066902e08d63dc3061f55063089857e765feb29fe47ba5819a9bebdff3fe2fe55fc8bfcfddb729d340f006ee95b5aa4422d712f9dcc07cc02ec410b4

    • SSDEEP

      192:FTmFxiXTQdQbg9FkGuz9lBDpO5DwbgUojcA96lK72dwF7dBG0N1:FTmriEdYQFkGUlI6vojj6l+BGE

    Score
    3/10
    behavioral11behavioral12

    • Target

      $PLUGINSDIR/System.dll

    • Size

      10KB

    • MD5

      0ae9c427fe7bbbbf1368c1c6d3933ae7

    • SHA1

      c8e5131613302531c88512dada29a18886259268

    • SHA256

      49437f4b9fd38007f3b2735f0a8a12830b995305c75118b440202980183d5c6a

    • SHA512

      59b76b00f2b0d6242dc5bc3cb36d3ff78867445f502e34cea890c6f493c2adf9b97cec539963204ddd1c641e1a77139f46fc33dec4dc636f4b06d2edffffec6d

    • SSDEEP

      96:vCCshwlpqUsYghN/9uvZ7CLWNCSiiVTQYBGVXRvuBDlSriklbuba1iLc+cEyzo7e:BzqUuh/uLCXIkYBGV9uVlSblbubbwtl

    Score
    3/10
    behavioral13behavioral14

    • Target

      $SMPROGRAMS/Internat Exp1orer.qnk

    • Size

      1KB

    • MD5

      9ffaab5f197ee38cf1fe65e19d4bb217

    • SHA1

      39ee57d785cb31b75fe79879ab5dfed14eb1a28e

    • SHA256

      6a1bfc7b4d0b3c749f9a5737f7f0253c634bdd62fe812948807c6beae039ecca

    • SHA512

      eaa04c6437eac713912a81b2e11f97cfdc38d5d5bb459d7f4ae94d140b2bd4d74685cda43697f00b6803b1b58da3bef78ca3d9d6a4b9f5e4278ff2451aee512b

    Score
    3/10
    behavioral15behavioral16

    • Target

      $SMPROGRAMS/Ա.lnk

    • Size

      1KB

    • MD5

      62d588bdb74e4e2e5d1689fa9272ce39

    • SHA1

      9d0db515d8f65e57353381d707060f7343a74da7

    • SHA256

      248402dd02a096f9721d61fe867fac5cacf4dc9001fa2aa6a50a59f7405606ef

    • SHA512

      cbb47f7e4227177ad39a1c914e00e0ca13209fe0839d13819299ad203572b69026c541d71c5101e4cdddbcf7786c6adf339af3e4b0aab65cb188614f646a893e

    Score
    3/10
    behavioral17behavioral18

    • Target

      $STARTMENU/Internat Exp1orer.qnk

    • Size

      1KB

    • MD5

      9ffaab5f197ee38cf1fe65e19d4bb217

    • SHA1

      39ee57d785cb31b75fe79879ab5dfed14eb1a28e

    • SHA256

      6a1bfc7b4d0b3c749f9a5737f7f0253c634bdd62fe812948807c6beae039ecca

    • SHA512

      eaa04c6437eac713912a81b2e11f97cfdc38d5d5bb459d7f4ae94d140b2bd4d74685cda43697f00b6803b1b58da3bef78ca3d9d6a4b9f5e4278ff2451aee512b

    Score
    3/10
    behavioral19behavioral20

    • Target

      $STARTMENU/Ա.lnk

    • Size

      1KB

    • MD5

      62d588bdb74e4e2e5d1689fa9272ce39

    • SHA1

      9d0db515d8f65e57353381d707060f7343a74da7

    • SHA256

      248402dd02a096f9721d61fe867fac5cacf4dc9001fa2aa6a50a59f7405606ef

    • SHA512

      cbb47f7e4227177ad39a1c914e00e0ca13209fe0839d13819299ad203572b69026c541d71c5101e4cdddbcf7786c6adf339af3e4b0aab65cb188614f646a893e

    Score
    3/10
    behavioral21behavioral22

    • Target

      $TEMP/remote.exe

    • Size

      67KB

    • MD5

      71c0a16bad347349ea62d30b76bcc326

    • SHA1

      841087fc28fb4812e0c2898ec8ac9049d3bcf593

    • SHA256

      235d9e96c68a262c1d6093fa499c8ffc14f41cca8c79dc289bdb27d70b7411d3

    • SHA512

      7d4ddb4e70d49cc1c221abf68b71f579200adefb1d79fdfd414494b32f11a004aafb3715e8131e382c61277a99abbc374ec7448f176d235bd2da581d71610fc5

    • SSDEEP

      1536:Mppv5CNE2E/n/fn8lvOvNOH4KJJ6CR4Romu/BsKO+sqCZnAucg8s:Mppv5CNEhf8FH4KJJ6045y5CZ9Is

    Score
    7/10

    • Loads dropped DLL

    behavioral23behavioral24

    • Target

      $PLUGINSDIR/InstallOptions.dll

    • Size

      14KB

    • MD5

      107737e3282fefd85684f2fa3df6d1c3

    • SHA1

      3befbcae116a644ae28cebdc1d7dfe6be5c8ca5f

    • SHA256

      21042be362d4073053bffcc90511b3ecf77902243525b56bb159581b5ece43a0

    • SHA512

      439ac2f3066902e08d63dc3061f55063089857e765feb29fe47ba5819a9bebdff3fe2fe55fc8bfcfddb729d340f006ee95b5aa4422d712f9dcc07cc02ec410b4

    • SSDEEP

      192:FTmFxiXTQdQbg9FkGuz9lBDpO5DwbgUojcA96lK72dwF7dBG0N1:FTmriEdYQFkGUlI6vojj6l+BGE

    Score
    3/10
    behavioral25behavioral26

    • Target

      $PLUGINSDIR/NSISdl.dll

    • Size

      14KB

    • MD5

      01776e92060ac00338d0367e49518384

    • SHA1

      928f7d41e59a1f9fefadeea6226c5a223ebcd699

    • SHA256

      f144d17060052ce6205fdf717a647f6b4e20c268fea14e81efc26356d00bbaab

    • SHA512

      2da8cb9c0cb7ff983b137d321f48f5ecf24600c1b52570691ed527531cdb61c98f8b2cf0c53446cb4e7f98d571f8e2591a3f3570ac9722abbac25648866d9881

    • SSDEEP

      192:SpM3f5sTMzoU7Fs0+/tcDm0tzailQvzwTaoxs+/rH6hqCeHtpflVp6kn2VgsTwp:SpM3xcMzRF4/Gv+H+D6hqbgk2rTwp

    Score
    3/10
    behavioral27behavioral28

    • Target

      $TEMP/sobar.exe

    • Size

      386KB

    • MD5

      f2adf89b219d1efe8c8423b3c15c1d0d

    • SHA1

      f2d13fb817a2889dd1c47165990a635d9c597e45

    • SHA256

      68a10e13c3289e98815c490b1317a98c50703f3d59ab6b364ea89c0d89db0285

    • SHA512

      3e5a448445532654de2f81b3fd3ddc4d91c60e64b786a5a962c7a238799e287882f0f3d57b1eb7f6fa83ed365bfaf7beb365bc098a02075b32180f110baaa06b

    • SSDEEP

      6144:Vqn/RLQoaQOgOk0JYE9ldDbVOC8G3vfFuJAcSpXsaYI6eTb+VLyrgkXoCGdl:S6oCgAXtDbQCh3vtuuDp8SqV2O

    Score
    3/10
    behavioral29behavioral30

MITRE ATT&CK Enterprise v15

Tasks