General
-
Target
5ad75e7ca9120967c6e44e22d014a8e8_JaffaCakes118
-
Size
5.5MB
-
Sample
240719-hc2fjszhle
-
MD5
5ad75e7ca9120967c6e44e22d014a8e8
-
SHA1
c68847127065c49d06a97d2fa4e1d6953356d651
-
SHA256
02e1bccb80a7dd17237b5114864ecd577354e02394b1a8feb3ee1a670fa13a8a
-
SHA512
c13d35088c9dafd985712f6ce3bf68568b05a60d41ea731d2df61013c9553fefd516f02d05ae78acf4e283a02fc1f31c37436e92c0789a493ffa3a26b4eb2b5e
-
SSDEEP
98304:oxjkinffDmwMHBSauLTvS5d6OXDzh6vjNRFcyu8ikrkKoNB3FZ39XVgXhnx6gNwB:oxQYf/MHPu/vS+Gd6vjjOy3ikov9XVgg
Malware Config
Targets
-
-
Target
VistaMasterSetup.exe
-
Size
5.6MB
-
MD5
c6733f05975e63108100f88edb281d80
-
SHA1
58c34dcc1da5212ea14fd41415b284037dbdfb10
-
SHA256
5691b5a9fcd3a47eeed0c307605262e656f65a9b2d89a7b02072ebd10af9747e
-
SHA512
3f7751633ec0cd9334bdd39797283e31f2bbd35855c3c7cd5664a53ae5fcdeb0ac22cee7d8834e5e07ea931ab53746909d05bf22e960b8171e3c43aa16530239
-
SSDEEP
98304:4j1tgP6ssefRZCSMBMDWd2QL8/jiAapkoCGDaT89xOChoVHjHvkaGag8m1R:U66ssefRZCSyaWdH87itCGDaT8TOChmU
Score7/10-
Loads dropped DLL
-
-
-
Target
$PLUGINSDIR/InstallOptions.dll
-
Size
14KB
-
MD5
eef9e469e8a30717974499f277d97e2a
-
SHA1
2d33c25984ebd9116beeb55cdde4c5c86c023e5d
-
SHA256
1f35bb6728237483c779005fc227e69fef51b0bafd32d15855d483948a337078
-
SHA512
d860132106a1c03dfa23f983b3c503f1216ac02f3d47833b96dfb333fb30bc8ab4d4fecd1f1f0a89f0c7f3586405461e2d53c26f282bb48970e549659b364b48
-
SSDEEP
192:8np6d+dHXLHQOPiY53uiUdigyU+WsPdc/A1A+MTjK72dwF7dBEnbok:8p6UdHXcIiY535zBtMTj+BEnbo
Score3/10 -
-
-
Target
$PLUGINSDIR/StartMenu.dll
-
Size
7KB
-
MD5
d53886f68098c2006d8248993bb37d92
-
SHA1
a35fafce1a990ac4017ce6645b46917de0d25eed
-
SHA256
c7a089e0329523a307d5be32a8765b1c0409e49925965b9500d8a202b9e8b65a
-
SHA512
b36e22b22df42d55b1785d8ac26a637725f74708302404cc29adb3b7e58fe1fd109fe7f8bb5e3255455dcdc66eb46ef9de418cc200daca1ea84cf0c31c071ba8
-
SSDEEP
96:fiqA7bDe2xHkR1C41EhvSE+6nNtMn0iGd8Cqp5tIRhElfL:fiqA7/ZH0uQMtcfCqbtQgf
Score3/10 -
-
-
Target
$PLUGINSDIR/System.dll
-
Size
11KB
-
MD5
c6f5b9596db45ce43f14b64e0fbcf552
-
SHA1
665a2207a643726602dc3e845e39435868dddabc
-
SHA256
4b6da3f2bdb6c452fb493b98f6b7aa1171787dbd3fa2df2b3b22ccaeac88ffa0
-
SHA512
8faa0204f9ed2721acede285be843b5a2d7f9986841bcf3816ebc8900910afb590816c64aebd2dd845686daf825bbf9970cb4a08b20a785c7e54542eddc5b09a
-
SSDEEP
192:qADKnJZCv6VmbJQC+tFiUdK7ckD4gRXKQx+LQbVUSF:qAViJrtFRdbmXK8+WVUw
Score3/10 -
-
-
Target
$PLUGINSDIR/nsDialogs.dll
-
Size
9KB
-
MD5
f2c993a0c726386d72e4640967cef83e
-
SHA1
efe88db252b5e9edff2d859e783fcf1a349e553f
-
SHA256
6739a2c8075cc383620a867e983957de0b4ae9ef0453baadd1469132893d7301
-
SHA512
3873a87ba360702c72a6d3e853a0b6f2df219593cf5436d12a9d4d169029e939993c45330212008b628184da64ae98d6a7ab42b30d5f82c896acfc89d558169f
-
SSDEEP
96:qBABCcnl5TKhkfLxSslykcxM2DjDf3GE+Xv8XQB0NKndY7ndS27gA:q6n+0SAfRE+/8k0NKdqn420
Score3/10 -
-
-
Target
$PLUGINSDIR/processwork.dll
-
Size
231KB
-
MD5
0a4fa7a9ba969a805eb0603c7cfe3378
-
SHA1
0f018a8d5b42c6ce8bf34b4a6422861c327af88c
-
SHA256
27329ea7002d9ce81c8e28e97a5c761922097b33cedeada4db30d2b9d505007c
-
SHA512
e13e29712457d5e6351bfd69cba6320795d8b2fd1a047923814f8699f7188ec730ec7f0d946fdff66c8b430fef011415ed045b6ea56e4cc0b1d010171ab88178
-
SSDEEP
3072:n/93Fm9hfGIGjk1qc55CDoGowH6Fb/CcXwuCoty1IKYOlIa+zUk9sfqQAPfujRzS:/94yj9c55CDorNqot43ndqQpzjIKW
Score1/10 -
-
-
Target
$TEMP/GoogleToolbarInstaller_zh-CN_signed.exe
-
Size
1.2MB
-
MD5
471d05aa0418f025fa45a2132d2b8303
-
SHA1
f45b578c2e8b4e22e52a2aac0684dc1515b4c119
-
SHA256
effe1d164381c430ece6412f2a125110b71d3d0fee24558ac7b083243eb13a5e
-
SHA512
395e60a13d83d76f488143c2ecbf6185cd84a86c9a49d17c475fb9c53d73d147532c878e00463cc60db44f7b9b8a754511f96683b10e46f07d96bde13e604366
-
SSDEEP
24576:8Sr6xCLsh5JE2Co/VRu7zm/oFMQfLQcBjiAEayI5xN8HnSV30uhFe8MFhKYJIYzW:Fr6gLsfe2CURumoFLfMyEayIXN8HnMEe
Score7/10-
Executes dropped EXE
-
Checks whether UAC is enabled
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
-
-
Target
Animations.dll
-
Size
44KB
-
MD5
a1ad2ec6e2dd6bc90c462662d553800c
-
SHA1
d97593a2ea09d919036838e5da6a53625c46c0b6
-
SHA256
26ec105a08c74ff292727f4141cb8d07cb730ec50f0d416098903f3fd2d70b84
-
SHA512
c49fc0117acaaf343b32d7f2cecb4f7c26d07ac6a507d75afce069d3df8b5ec5dcce13a8ef569a08dc8fa8b8130638c7febcf902a68cd91c955714b65e31338d
-
SSDEEP
384:BTbTrKPCi0rKgTVQvVEECyou1K/lLUV+fvnv4HW3S4:BTPrKPZ0rKgTajKLi+fvvDi4
Score1/10 -
-
-
Target
DefragMaster.exe
-
Size
734KB
-
MD5
c7610651e2d2c5f52b83049bc1f49bdf
-
SHA1
87667868eaf0ae9e63f4e2055ca9ff94cc2ef65d
-
SHA256
d600500efb55a2aea41878d81c92d921df220ed6add77c50dfac318468edad8f
-
SHA512
2f59ab02d32e32ce764145206cbecbbcc53d861f2ee177b15c5946f923b3d94c6332e329f5a9161e134dbad5135c74b48d6a15f0355c6e625b21d48e38cd170f
-
SSDEEP
12288:EVmVkW+5mW/isYQmxJncWYOmRL8noBoPooPovoWooPpS9yxkS4nO3lRkRc4YFwjp:EVWkzmW/isYXxuWYOmR8oBoPooPovoWS
Score6/10-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
-
-
Target
DriverMaster.exe
-
Size
320KB
-
MD5
3e9f78b9b33960c04654b22330871725
-
SHA1
b3bf43bc45252a8334c22720822cd618ea046ac8
-
SHA256
4fe006b9d27ec4f100bb5caffcd66409695ccf6c847dc10aae6d148fe5376971
-
SHA512
845311848127935f268451202343cbe4a7947b709ca24b56c78b1f37d4dcc18da9371936cfd0d6b47909aae849400b42431c5c4293f3dba09c18b6353ac8d3ad
-
SSDEEP
6144:LGQghr5GcbP6j2+/SD/4pVJLaGf+JGQghr5Gcb:LRv6D/4pVJLaG8
Score6/10-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
-
-
Target
FileEncrypt.exe
-
Size
281KB
-
MD5
f5cc7b35c22eea65dbf5a88a6ccaa1e6
-
SHA1
4b2af9dfac23478edc87f35e28902968fc9f8cce
-
SHA256
ae445ec357ff2ea30f826d2088af35103855f7c6755d1ee7f282dceb007b2a4d
-
SHA512
272954b9de28ad706e636dbfcd9986bb56ea8ce621821883affc30d550ea082af1fae54ac51f58c713406a9e1d3a6d0a12044a0d407c3f661aa4a9afb41498aa
-
SSDEEP
3072:0Km6PzUxIFeRqglXuIMYYUHO6DnXcjr75jCYPz3+sKKm6PzUxIFeRqglXuIMYYUQ:+4Uxae0qu6O8C/oYPTl04Uxae0qu6
Score1/10 -
-
-
Target
FileShredder.exe
-
Size
770KB
-
MD5
32d71986bb2a8cb05cbd0b0127126c3d
-
SHA1
518d5ff055c010d9523f58557523ef21309ff438
-
SHA256
66f435938d81ec657207e293317478693323f16364e8117adca14a8ba4a4c799
-
SHA512
86c266c98b05c52ae4c7fcdd47f2b3549eaf1668624dce2e285c050796976726a0ddb02a712208041a27aa0bb9256a286a2c8e49a1e6ada86a6d45d69a1c6444
-
SSDEEP
3072:gu9oMCdW/oCrKCnwS0xOwYaiPdq9fkUdQaj0LZwDrTJhCHkjgXQlO70UM1lBUnaF:gwhwPQYDBSKaxjhTwhwPQYDBSKax
Score1/10 -
-
-
Target
FileSplitter.exe
-
Size
284KB
-
MD5
4a07bd3f54db973b504aab3958114b1d
-
SHA1
278609a2de4e4c71dc90a049ee915143cba78c88
-
SHA256
5abbcb044c1c1b86711b73378019ebbc55c3fda6ca179062c4fad0fcc236021d
-
SHA512
0cb0525fb9e7807c5f9c80e7de5029409b0ef5890934b56261c05faa1e0d18c929257b9688ba4f55fd75351970387ceb59c2d91f417a6abb8851250a38010f34
-
SSDEEP
3072:96DnXcjr75G5lxtDYYYYYYYYYYYYYYYYYqYYYYYYYYYYYYYYYYYYYYYYYYYYYYYh:98C/s5z7uONAac5z7uON
Score1/10 -
-
-
Target
IEMaster.exe
-
Size
859KB
-
MD5
ec87f50129384aa75e7b893d8fbdd8b8
-
SHA1
4f42991df68fc1584ba7b66c4633991409eeb463
-
SHA256
1b420f2ca03a8fb95d9cf561bcb6964f8cd78d700b73e201adaeb10234cbcad8
-
SHA512
e945bad175e4af6773dbccdb138c81abfdf6a4bfc9e439226ac651f83e166745f44a8baad0c7f43047857112a354fd297ebc89605a0ff71285dafef8182648f1
-
SSDEEP
12288:gvhg/t2J57jHNlFnBINwGuRObitsJZJ57jHNlFnBINwGuRO:X/MJxjtHn+NwYiYZJxjtHn+Nw
Score1/10 -
-
-
Target
Interop.IWshRuntimeLibrary.dll
-
Size
48KB
-
MD5
b162aa99781ab11f0d76b2413395fda6
-
SHA1
b4e9fcfc8f9300d948791df9bd2f1953a129cd32
-
SHA256
396ac8b52b1d61c7fc7f777c7ac9daaa37853d2b179d82abff5fbba4eabced48
-
SHA512
81c0c10e656a03127ec2ce80dde92181be87fc8e8860cc1325243ffc3258fa3b5fd7aa58d9fa2235465029bf37bc921626d9c34a722d7c725b64a3ff9c67e812
-
SSDEEP
768:Ax3LY+sPhWVJPsedLVDUYlkXrSXVteUdzttJ2z9IkCBSQtcNg:YL9nVJEetVDUxSpvJ2z9IDS3g
Score1/10 -
-
-
Target
Lighting.dll
-
Size
264KB
-
MD5
306e68fbe4306d580480baa0b06bc00f
-
SHA1
367a15d00dd8e6cc1f9d2623313bdd7087139aef
-
SHA256
0d0e70f5ec0c17d21d5ee3d7570ec64c95af7551503fae15588dc31d52fe5a2b
-
SHA512
ef6058f2246daa8e0a62ea2d8aa8ecf4292fb2c2e01541946dcaecba40c368f19efdbf7d975c6fa046f9b13fda7ce97b5d081c2b917aee4f55d285f607fa6c52
-
SSDEEP
6144:h/vWV7L5xoO3HbbtiP0ztJp5utzW/LBvxtbgmw3xSr/b/RS:9Whr7ZiP0JJp5ud8BvDstxS
Score1/10 -