1e4519b90828e71ac7b3f6e6eeb3463a02462640433e6b384206cf852931c4a4

Sharing

Copy URL

Twitter E-mail

General

Target

4ced262b34f360c28c2d580d847fffb0_JaffaCakes118
Size

650KB
Sample

240716-fwckesyhne
MD5

4ced262b34f360c28c2d580d847fffb0
SHA1

e4588ddb8850635e1516e4c7304d75ce104cbc06
SHA256

1e4519b90828e71ac7b3f6e6eeb3463a02462640433e6b384206cf852931c4a4
SHA512

907bf01357565b517172d7a04e6bf33aceadc9d9b54604d2777b35f732aa4329278be3934cd24940070c86b8f81566bbdc1fcfd41a830586f3c57403833ea344
SSDEEP

12288:n2ncfTgXVPOjxm/OHtY41gnRTCJzct+Udd1a+60KnXOFFZ8XC4czsDJMtc:n2nc09YHNuRKQt+Udd1aeuXokJGc

Score

7^/10

Malware Config

Targets

- Target
  
  4ced262b34f360c28c2d580d847fffb0_JaffaCakes118
- Size
  
  650KB
- MD5
  
  4ced262b34f360c28c2d580d847fffb0
- SHA1
  
  e4588ddb8850635e1516e4c7304d75ce104cbc06
- SHA256
  
  1e4519b90828e71ac7b3f6e6eeb3463a02462640433e6b384206cf852931c4a4
- SHA512
  
  907bf01357565b517172d7a04e6bf33aceadc9d9b54604d2777b35f732aa4329278be3934cd24940070c86b8f81566bbdc1fcfd41a830586f3c57403833ea344
- SSDEEP
  
  12288:n2ncfTgXVPOjxm/OHtY41gnRTCJzct+Udd1a+60KnXOFFZ8XC4czsDJMtc:n2nc09YHNuRKQt+Udd1aeuXokJGc
Score

7^/10
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/Install.dll
- Size
  
  222KB
- MD5
  
  e1ec3d2a9b2cbe5de921cb3c12a509fe
- SHA1
  
  416b87df5b8a47c17b3b2e9436ae0b3f007caeaa
- SHA256
  
  86fe1c287abdb24f997d31b71849e7c31fffc2c4d58bcf410cc9af8d8b1efd16
- SHA512
  
  0192f2cfe18d34a0d8af91078e2b44b5144b0f70331f39aa2dfe207ab3184a5c21417f99a8cc69a02493de9396457ad080f876bc04aaa44a2f1073a7914f4fd8
- SSDEEP
  
  3072:RaFL7OLlWKgTBafA8s2Ix+Y0MeG5igVHPEpppIlJFYk9J1uVpZmtGRMzp42SHy3+:R2nBiwx+Y0JGjPEdIlJJ9Jyp4NVq/
Score

3^/10
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/LaunchHelp.dll
- Size
  
  66KB
- MD5
  
  848e419d749f41014858bd67c5b0b840
- SHA1
  
  6e8baeebb7919d38d64825fbf3aaafb9d7cce90a
- SHA256
  
  598b0affe5eda00c6f3eccd1425e2384f96ca885ee1a9a39dc37ae0702a078d1
- SHA512
  
  49a96bf14526517329d9bbcca8c4e64c4e3eaea392a88f7ab4604ff5565e027a4ae67551dac8519e8ac16a76089df94e353727709770dfdb740110de98c71beb
- SSDEEP
  
  768:VAVPzAnhYtIvY/09Xa/k1ZfEkO9QNxhJOfLYwLgEnBC/tkeeXzAiOUEDInQUC3KN:VGzrtIiMjHQfLYwLJnI/tkzRjm8
Score

1^/10
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/Setup.dll
- Size
  
  70KB
- MD5
  
  ceb233fa36d2f6dd6a4f4058a453d462
- SHA1
  
  c254ab2371c415d956613a2c6acb277c16d906fe
- SHA256
  
  1313e4399fcec8c6fd0928a8b9a8814cdc7dc31906bf173edf79adaf2ac2d74c
- SHA512
  
  8bbb3f3f9205cc1134484c03ce4623eb7440893707f56ffb79b36eb794d9044d90fbf953445e3c1fe47cc6aa38d4eb4acb8f180096d0ebde0e9b50fea014f734
- SSDEEP
  
  1536:AsyccnG+3ONTVIw8fe56H8GDOMVekcMHWItT:A6Ipe51NaiMHWIt
Score

1^/10
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  11KB
- MD5
  
  c17103ae9072a06da581dec998343fc1
- SHA1
  
  b72148c6bdfaada8b8c3f950e610ee7cf1da1f8d
- SHA256
  
  dc58d8ad81cacb0c1ed72e33bff8f23ea40b5252b5bb55d393a0903e6819ae2f
- SHA512
  
  d32a71aaef18e993f28096d536e41c4d016850721b31171513ce28bbd805a54fd290b7c3e9d935f72e676a1acfb4f0dcc89d95040a0dd29f2b6975855c18986f
- SSDEEP
  
  192:7DKnJZCv6VmbJQC+tFiUdK7ckD4gRXKQx+LQ2CSF:7ViJrtFRdbmXK8+PCw
Score

3^/10
behavioral10 behavioral9
- Target
  
  $PLUGINSDIR/inetc.dll
- Size
  
  72KB
- MD5
  
  db6fa5497746c30f657d4f5273d4cf9d
- SHA1
  
  097b939914f2f12f5cfb7648359d0c6d95deb0ae
- SHA256
  
  c7d9989d927b4e0622983bb1fabe26d0c8a45c217b93f837e1855af76edb040a
- SHA512
  
  75d19d6161ac4648855b197ff02e326bd4b751e00e3ebbbb054124af50f89827c0f7676ed7ef6f8613f0027e999720229e2ebac28f156e57993d83bc7f318558
- SSDEEP
  
  768:wMWMshg75NF64QY04Xod0YmS4uYjHIyUg5luHT3W/Ipz6BTpeRpl/i5kUykfIq:washg44k44mnjHIigHTW/Ip0TpMy5/
Score

3^/10
behavioral11 behavioral12
- Target
  
  $PROGRAMFILES/FREEzeFrog/bin/2.0.19.0/$OUTDIR/FREEzeFrogUninstaller.exe
- Size
  
  143KB
- MD5
  
  82ca6c186e3b98235fb7a8fb1a9f55cb
- SHA1
  
  a36e26f242e17633acd87778326c446135bbbde0
- SHA256
  
  cc116300a9d7945519680c0fd189baf05262a9e172126d1ef668b57e073f6065
- SHA512
  
  8abdd4f82b31f2873a2a2e916f4426177822ae738377520447c0716a8257e30fe87687a40c8568b8ec0d4e1820f2a0f4145538d0b0254030e991b67dd046d84b
- SSDEEP
  
  3072:nQIURTXJMYCuH86TFKAEvU6wNKitEmQIusSr2sRAzMHrwG6DT48I1:nsFD86TcA4wNB9OsSCsRwGg+1
Score

7^/10
- Executes dropped EXE
- Loads dropped DLL
behavioral13 behavioral14
- Target
  
  $PLUGINSDIR/Install.dll
- Size
  
  222KB
- MD5
  
  e1ec3d2a9b2cbe5de921cb3c12a509fe
- SHA1
  
  416b87df5b8a47c17b3b2e9436ae0b3f007caeaa
- SHA256
  
  86fe1c287abdb24f997d31b71849e7c31fffc2c4d58bcf410cc9af8d8b1efd16
- SHA512
  
  0192f2cfe18d34a0d8af91078e2b44b5144b0f70331f39aa2dfe207ab3184a5c21417f99a8cc69a02493de9396457ad080f876bc04aaa44a2f1073a7914f4fd8
- SSDEEP
  
  3072:RaFL7OLlWKgTBafA8s2Ix+Y0MeG5igVHPEpppIlJFYk9J1uVpZmtGRMzp42SHy3+:R2nBiwx+Y0JGjPEdIlJJ9Jyp4NVq/
Score

3^/10
behavioral15 behavioral16
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  11KB
- MD5
  
  c17103ae9072a06da581dec998343fc1
- SHA1
  
  b72148c6bdfaada8b8c3f950e610ee7cf1da1f8d
- SHA256
  
  dc58d8ad81cacb0c1ed72e33bff8f23ea40b5252b5bb55d393a0903e6819ae2f
- SHA512
  
  d32a71aaef18e993f28096d536e41c4d016850721b31171513ce28bbd805a54fd290b7c3e9d935f72e676a1acfb4f0dcc89d95040a0dd29f2b6975855c18986f
- SSDEEP
  
  192:7DKnJZCv6VmbJQC+tFiUdK7ckD4gRXKQx+LQ2CSF:7ViJrtFRdbmXK8+PCw
Score

3^/10
behavioral17 behavioral18
- Target
  
  $PROGRAMFILES/FREEzeFrog/bin/2.0.19.0/FREEzeFrogSA.exe
- Size
  
  780KB
- MD5
  
  508a2ca25ed1235d38844f48f9b64c7f
- SHA1
  
  2d5d3ddbe6a3119be28763e58d90e0e4f272790a
- SHA256
  
  74b2952b87d5f4ef1697cc6843b947fbf891a8ad8cc52c280940d78175aebdd7
- SHA512
  
  b7598b87e335272bd96707804790d6ea61ca9eb9b02be2ff0e4b502c72069b63db77fa0c626b918e7c71e3c0b0fb0148933c03862f85c934443b683b2c88d378
- SSDEEP
  
  12288:JG8YCWRwg3n/UUf0sJxK0JXDl53wkZWILKvHlwtvcpW22Ty+TaqCZxTN3g/y:JG8YvVt0sJxK0F31/uvHls2rIaRPWq
Score

6^/10
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral19 behavioral20
- Target
  
  $PROGRAMFILES/FREEzeFrog/bin/2.0.19.0/FREEzeFrogSACB.exe
- Size
  
  242KB
- MD5
  
  45be3ae8cffd66b583835f34408630a6
- SHA1
  
  0978c1086abecb669bb4fa9196c5f5fafd5d3fc5
- SHA256
  
  173bcb2caf220d2c489ade1afd617d81f0f263d5452d0dc0f98a0b5c6c6b1a0c
- SHA512
  
  84ba45d96a05b0501a054d696ffb32adb98763a204ad236c8efe7e4f312e80a4e04183c7fb785e855026d7b72931acd3c83a7ba60a70da75f0295c26e2917f3b
- SSDEEP
  
  6144:YnZt+NZuLq5C8kn5tgVsA9kR00uZNvsmRgB:EtCZwZNn0sGkR0PNEY
Score

1^/10
behavioral21 behavioral22
- Target
  
  $PROGRAMFILES/FREEzeFrog/bin/2.0.19.0/FREEzeFrogSAHook.dll
- Size
  
  147KB
- MD5
  
  eb78f2961de9241c5f9b30443aee5182
- SHA1
  
  1c474d932968812511c177bf654fd04e74ed9ef0
- SHA256
  
  1e109fd5ae22c73459b543309bfa06f8c1b135552baa0ae017b36e4228d71532
- SHA512
  
  0f95249c6d4d512f6a869650a0216cca93269596214c72cb882d9505623d9f4b6efcd49173f77e67bbb9aa241b8a1790747ea56d2845de12567a62f69367463f
- SSDEEP
  
  3072:sZCLlOx3gEeYCmqPpJdhFl6L0H8ht5ExSKvAk:IUOdgEWPpJ3F1Ck
Score

1^/10
behavioral23 behavioral24

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Peripheral Device Discovery

T1120

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Loads dropped DLL

Executes dropped EXE

Loads dropped DLL

Enumerates connected drives

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24