8af39b027b4fc8d3634f50bcd673572c7e50277556577858b3f06ef9e040ac9d

Sharing

Copy URL

Twitter E-mail

General

Target

4a840139cd925b8f06aff2a7ed56227d_JaffaCakes118
Size

3.3MB
Sample

240715-t531masepd
MD5

4a840139cd925b8f06aff2a7ed56227d
SHA1

82b7f8e1ef2bc95ac56bbcc3416fb3a247d28773
SHA256

8af39b027b4fc8d3634f50bcd673572c7e50277556577858b3f06ef9e040ac9d
SHA512

7d8215e2dbc7fd2a6a55bea7b6de4590254043c76c26aebe184cb160db03b1e12dfe588e9f8dc2e20cffb970a1f658190d6493958656c658215d229999de3aa1
SSDEEP

98304:3AXTR4Iqr84H0p+7c1dT7WV0dVGWeseuVaW5c2kmbkBWP:4OxVHZOTSWdVNesTVB5cVAOWP

Score

7^/10

Malware Config

Targets

- Target
  
  4a840139cd925b8f06aff2a7ed56227d_JaffaCakes118
- Size
  
  3.3MB
- MD5
  
  4a840139cd925b8f06aff2a7ed56227d
- SHA1
  
  82b7f8e1ef2bc95ac56bbcc3416fb3a247d28773
- SHA256
  
  8af39b027b4fc8d3634f50bcd673572c7e50277556577858b3f06ef9e040ac9d
- SHA512
  
  7d8215e2dbc7fd2a6a55bea7b6de4590254043c76c26aebe184cb160db03b1e12dfe588e9f8dc2e20cffb970a1f658190d6493958656c658215d229999de3aa1
- SSDEEP
  
  98304:3AXTR4Iqr84H0p+7c1dT7WV0dVGWeseuVaW5c2kmbkBWP:4OxVHZOTSWdVNesTVB5cVAOWP
Score

7^/10
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  14KB
- MD5
  
  0dc0cc7a6d9db685bf05a7e5f3ea4781
- SHA1
  
  5d8b6268eeec9d8d904bc9d988a4b588b392213f
- SHA256
  
  8e287326f1cdd5ef2dcd7a72537c68cbe4299ceb1f820707c5820f3aa6d8206c
- SHA512
  
  814dd17ebb434f4a3356f716c783ab7f569f9ee34ce5274fa50392526925f044798f8006198ac7afe3d1c2ca83a2ca8c472ca53fec5f12bbfbbe0707abacd6b0
- SSDEEP
  
  192:n6d+dHXLHQOPiY53uiUdigyU+WsPdc/A1A+2jPK72dwF7dBEnbok:n6UdHXcIiY535zBt2jP+BEnbo
Score

3^/10
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  11KB
- MD5
  
  00a0194c20ee912257df53bfe258ee4a
- SHA1
  
  d7b4e319bc5119024690dc8230b9cc919b1b86b2
- SHA256
  
  dc4da2ccadb11099076926b02764b2b44ad8f97cd32337421a4cc21a3f5448f3
- SHA512
  
  3b38a2c17996c3b77ebf7b858a6c37415615e756792132878d8eddbd13cb06710b7da0e8b58104768f8e475fc93e8b44b3b1ab6f70ddf52edee111aaf5ef5667
- SSDEEP
  
  192:7DKnJZCv6VmbJQC+tFiUdK7ckD4gRXKQx+LQ2CSF:7ViJrtFRdbmXK8+PCw
Score

3^/10
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/ToolTips.dll
- Size
  
  4KB
- MD5
  
  9a0da2692764bb842411a8b9687ebbb7
- SHA1
  
  5c3a459faa08a704bdf162476897ad4580ae39bd
- SHA256
  
  28aeaa48c929188a0d169887cc3f16370741467ae49e1db59763f030710a6bbb
- SHA512
  
  814d686617df4fe9f50a93dac9428babff3a14836aa27b4666976379ec3fafcab65fd82d8886998fa65e7b59dc192ca067cf8b4cdeb8ef551812912d80dab8ed
- SSDEEP
  
  48:apm2+v7BWCLWQqLa7JZ0ZK59HXesxdrqZZSakw6/K:Ymjv7BWoTicJZ0ZKPHXVx1MOw6
Score

3^/10
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/WebCtrl.dll
- Size
  
  5KB
- MD5
  
  418a34a689d5f9bb85fc951168749edb
- SHA1
  
  0b75ce26883e12944abdbb67c143000fd0905d6b
- SHA256
  
  915322078d1f8eb278250f446c1960e1555ffa0f8dcd048a48ed32fe7f5a5b3f
- SHA512
  
  9aabb74cfd37cbda4718077ba76c7906e0f3ab5949e99f9d800fb1952757a60cabe29413f054f62e2887ff57aeb9d355532fd1662ebf3a523a500b20fe702b90
- SSDEEP
  
  96:LyoDfEPD4Z0H3G7bLTb3LOg0AwBeRzrJ:LuP0aH3G/LX6g0x4Rz
Score

3^/10
behavioral10 behavioral9
- Target
  
  Data/Games/GAME.htm
- Size
  
  3KB
- MD5
  
  1687a363eb3e35284e711897a12d3c9a
- SHA1
  
  bae9c0c93cd96dfdfd5397d775be98d21d19102f
- SHA256
  
  dde7896e904b40c9fabd7d467e0cd50a737b119120f491ffb6f7b6ebc559db9d
- SHA512
  
  3569d9c40434d18f285e945f1edc1f905964aef72c0134d3a94918b4b19b6f6d75140e50de768ed80425af211833a7de334ee3a8c572d6555feb130bc70a4800
Score

1^/10
behavioral11 behavioral12
- Target
  
  Data/Nav1/DH1.htm
- Size
  
  5KB
- MD5
  
  3e9756a6b25dc62fde3b0d75a406e958
- SHA1
  
  992a6a34e84a08434cb06c77a26bce478d3bab84
- SHA256
  
  0327b1f790dd0b5469e186bb679e3228a9489509e5780fae49f07a8cc9622505
- SHA512
  
  326743f04e3b63391c0cc14d75ee292c3d28406d7577f319f0d2dff6ec554b7e76a8d4c0b9b69a115d619290adc3c7917be1d5fa1cab832796ad151040bbf281
- SSDEEP
  
  96:ucQgITXjytvQaxxRAfmWz/PZ3w+FQVZAiMhqABwLmFFgH2a:ucJkutpIz/PZ/P2Oa
Score

1^/10
behavioral13 behavioral14
- Target
  
  Data/Nav1/DH2.htm
- Size
  
  5KB
- MD5
  
  e8f4f60c6b75ba71235b8956bd39b60d
- SHA1
  
  35d948a0257df99bbb041a6f8aac4d0e8fc742aa
- SHA256
  
  53ae7806b9148da6c54ab8cb363935c1d6f23009169e01e145eaef9b4fa182dc
- SHA512
  
  32053e2556acbc06fee14eec1c8aa0485011ac1a14e8fb5630e70e00cef8e3d0b18ab4c12c956215605ec910044822abf0e9d3dc3b981c7fbe344e7d86bb68c9
- SSDEEP
  
  96:ucQgITXjytvQax+wBRAfmcZ3w6FiVJ9dmdWdjHdlVVbdvdndZdJGLVfI1lcq1tY8:ucJkut92Z3iDZ1Ez9a
Score

1^/10
behavioral15 behavioral16
- Target
  
  Data/Nav1/DH3.htm
- Size
  
  5KB
- MD5
  
  8f9f1a2f5830dd04a778d3181cf9fb0d
- SHA1
  
  18d6bf0a28676e9a5e0ebf2ab0ce0d4633faa608
- SHA256
  
  cc019247e66ee3e632e9f7696f82887ab953999380d4bcfafb36d3a3d9a26574
- SHA512
  
  820e02dfd5330b05f89fa396d40c86f2cadf3b838817e392cec07957ad7a0d59c5ab5be9f15060372c2cadd5d4c1e2f3b89ba40ee62013c9c66cd27d61c4db9f
- SSDEEP
  
  96:ucQgITXjytvQax+wBRAfmcZ3w6F8VVq+TKmkVCMAmZGEVT6jxX/MdvdPadUHdMJ9:ucJkut92Z3N28Pa
Score

1^/10
behavioral17 behavioral18
- Target
  
  Data/Nav1/DH4.htm
- Size
  
  5KB
- MD5
  
  6568627f505634ebdcb49a54b1ba23bd
- SHA1
  
  5676b62bf71b1ab33c981a1bf17e36c31f7b68ce
- SHA256
  
  1196b4ce334ad94b2fb2f3fd5e4505e60d35efa8ce0ecd31147230a333a9a0a3
- SHA512
  
  6807966879cf9193f627404fa8b8fa5381ee7890c862b4bacbb15d8eb1e0e1f01af913203b61d41f221097dd6530e7b8191e7d71a8a9bec236716e9496739ee1
- SSDEEP
  
  96:ucQgITXjytvQax+wBRAfmcZ3w6FWVVdWlJ1VZ86JrlGcVXSjGPod9dWd24d5WAdd:ucJkut92Z3Kvxa
Score

1^/10
behavioral19 behavioral20
- Target
  
  Data/Nav1/DH5.htm
- Size
  
  5KB
- MD5
  
  d367806f4222bcc97d368ee7452c4463
- SHA1
  
  2addc4330c82361a3bc7ec04d92f34b000b01c22
- SHA256
  
  4d5f9d3c7a2db07a41361bdecb1ed393446f6414f8f7ee6e5ba260161ad4bd4e
- SHA512
  
  ee9b5bd2cd988b04882e3d0b5793dfba84e52d33477935cca12b8d89de278736585db11b654a180d36bf7d70f296f1e0fc2fda05f514a332ab09374bd7a4b96d
- SSDEEP
  
  96:ucQgITXjytvQax+wBRAfmcZ3w6FrVViJoYChVf6sk/GNVidBdZdLdHRd+dxd3d44:ucJkut92Z3UtaJLM5a
Score

1^/10
behavioral21 behavioral22
- Target
  
  Data/Taobao/GW.htm
- Size
  
  5KB
- MD5
  
  b45839af167a9a9fd3492dbd4a2b37b1
- SHA1
  
  ef03f1d2b549da6d855d43bd2279230de8778484
- SHA256
  
  6a7c55c36df04113bc86b62b50e95ac1969551210101af8cab56bd2c9af7b5bc
- SHA512
  
  1e77c5ccc17683a96a6fc1102552cc5a04bd70f94c973379c070b8248384638ab254fd1364220ea000030e1788fb3ff3d20d1b590a8377546c440291144aa6c2
- SSDEEP
  
  96:ucDLITXmRRAfmigMNvdQdVodNd3d/dRqbdRrzqdRLfdldRGBdCd8fXTR9FTThTRk:ucnkk8gMbQOC1prAWcT
Score

1^/10
behavioral23 behavioral24
- Target
  
  Data/Tools/Software/ͺļ/Oil.exe
- Size
  
  124KB
- MD5
  
  eff1dd95e1115e89e15c56eafb103b5d
- SHA1
  
  c6231d1f064866e59b3fdfcb6b91a2fd0f2db723
- SHA256
  
  53a45b98db7192855454aefc0b4c4bff26cae4543cb9168aa16acd8f6c2733a7
- SHA512
  
  a04db26f1183d27efbfb39da8f01b76b4cc5fe2ef584f210c0cea5b17cdd4d0c7181fd5d38c274062a54e22f60229e90f7e9505674672bd31b9522ab6ebb44e5
- SSDEEP
  
  3072:VEmCHyRgvG9HsNLL4Kr+Pt6J6GtEn+qD9:S1vGGLck/N6+W
Score

7^/10

upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral25 behavioral26
- Target
  
  Downloads/Baidu-TB-ASBar.exe
- Size
  
  1.2MB
- MD5
  
  a2803b8224d340563a6aa0e6b5426b8e
- SHA1
  
  fee0ea7ab1c463fda251393f61b94d36f1634fce
- SHA256
  
  327ec4da74e76b4ff4d89113dfe6c8bad332e2274a70037715991f2b7d7b9570
- SHA512
  
  1edfa9e72e5d9a6a26b7f54fe2686bbec20483daccc20e7dcc8a7a867cc6874b0fb85ad90f029e41a9bcc811f9441f9ade94bf204164a87dd07c6d7d476aee0e
- SSDEEP
  
  24576:S2O6gdXL5IGV8zzRHzsBlm6uWf/N8qkX9Fu5CwGxVWBHDxfdzuaPk83yFIhDv:S2OpGvRHzemXYN8qsI0MBjxEapDv
Score

7^/10

adware discovery stealer
- Executes dropped EXE
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
behavioral27 behavioral28
- Target
  
  $PROGRAM_FILES/Baidu/ASBarBroker.exe
- Size
  
  129KB
- MD5
  
  0ebf8f583abb1ffb40c07b87eae4edb3
- SHA1
  
  ef91b3245f426b86c2b69fd9678176d3be05c009
- SHA256
  
  00a481ef9985281177c1f6cc6d055c2bdb719db224637e7eb474a3eaab6305cf
- SHA512
  
  0bca7bc46019628149afb00cd69d26fd59195c4cbecbb472f9afabf73e8b3eb1da20fdaa4ef03c0776d11b5c8532d16b40a927e4b8b68640067c145cb7e463b4
- SSDEEP
  
  1536:K+4yiwujgLVFsP+TCwXCqm5vb+cNCZkBfT3ol9t7tG2Tn+8Z7nzrNPTJdSnaxCi7:AdwusDXUfvbhNCool9t7tG2TXJz9maD
Score

1^/10
behavioral29 behavioral30
- Target
  
  $PROGRAM_FILES/Baidu/AddressBar.dll
- Size
  
  1.1MB
- MD5
  
  57d9f8b6e595ef4a02d8630c53fddcc3
- SHA1
  
  523dedd35613dc3221657876a3f5248e38e2a842
- SHA256
  
  c9a2b8ff0be921e2ac2ff6993f7fecc486b02969254884f89af3a19babfcf7e6
- SHA512
  
  e95f144caa3bb636fd4a085a24a41d95ac6dae1c47d729400bb65a37527863b02b15e98cb62121f2155956f8a2b177f3b1a11d9ba08881858924d9bd75be985e
- SSDEEP
  
  24576:ToJx/zjXPRxxgihJfn9svZw/UDkK4ac3tHtTKJZTXjSH/:ToH//nxzhlXtNTKJdXjSH/
Score

7^/10

adware stealer
- Executes dropped EXE
- Loads dropped DLL
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Browser Extensions

T1176

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Loads dropped DLL

UPX packed file

Executes dropped EXE

Loads dropped DLL

Checks installed software on the system

Installs/modifies Browser Helper Object

Executes dropped EXE

Loads dropped DLL

Installs/modifies Browser Helper Object

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32