8779168270de0ccf60a1ba0e571135d448f435df4ffd2bd47195c531634d1762

Sharing

Copy URL

Twitter E-mail

General

Target

5bb4bf4abfd408422d700e32523e962a_JaffaCakes118
Size

1.4MB
Sample

240719-nclb8a1gla
MD5

5bb4bf4abfd408422d700e32523e962a
SHA1

35fecbcbf96d18c8c6f93799708adc1687e36f7f
SHA256

8779168270de0ccf60a1ba0e571135d448f435df4ffd2bd47195c531634d1762
SHA512

788ae203db0d75f5d16bd258623591f7312c4ac09586f5319dd16feb81134771c7d73dd198dac47e9d8e0a0659ccb3f42f9b6731195b6783d8900c3cef0bf9a7
SSDEEP

24576:k7Z0+VLLoy7yDZgDstOXV7cFxAtdEBn5ho32x+KtEvhcCgUos1cHcsqr5kBE2NTg:4Z0yH7yFgiOt2Bn/BcKCqCpr1lOpNk

Score

7^/10

evasion trojan

Malware Config

Targets

- Target
  
  5bb4bf4abfd408422d700e32523e962a_JaffaCakes118
- Size
  
  1.4MB
- MD5
  
  5bb4bf4abfd408422d700e32523e962a
- SHA1
  
  35fecbcbf96d18c8c6f93799708adc1687e36f7f
- SHA256
  
  8779168270de0ccf60a1ba0e571135d448f435df4ffd2bd47195c531634d1762
- SHA512
  
  788ae203db0d75f5d16bd258623591f7312c4ac09586f5319dd16feb81134771c7d73dd198dac47e9d8e0a0659ccb3f42f9b6731195b6783d8900c3cef0bf9a7
- SSDEEP
  
  24576:k7Z0+VLLoy7yDZgDstOXV7cFxAtdEBn5ho32x+KtEvhcCgUos1cHcsqr5kBE2NTg:4Z0yH7yFgiOt2Bn/BcKCqCpr1lOpNk
Score

7^/10
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  14KB
- MD5
  
  0dc0cc7a6d9db685bf05a7e5f3ea4781
- SHA1
  
  5d8b6268eeec9d8d904bc9d988a4b588b392213f
- SHA256
  
  8e287326f1cdd5ef2dcd7a72537c68cbe4299ceb1f820707c5820f3aa6d8206c
- SHA512
  
  814dd17ebb434f4a3356f716c783ab7f569f9ee34ce5274fa50392526925f044798f8006198ac7afe3d1c2ca83a2ca8c472ca53fec5f12bbfbbe0707abacd6b0
- SSDEEP
  
  192:n6d+dHXLHQOPiY53uiUdigyU+WsPdc/A1A+2jPK72dwF7dBEnbok:n6UdHXcIiY535zBt2jP+BEnbo
Score

3^/10
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/ShellLink.dll
- Size
  
  4KB
- MD5
  
  073d44e11a4bcff06e72e1ebfe5605f7
- SHA1
  
  5f4e85ab7a1a636d95b50479a10bcb5583af93f3
- SHA256
  
  b96b39cb4ad98f4820b6fd17b67e43d8d0f4b2667d50caa46eff44af245d75bb
- SHA512
  
  e9f99b96334764ae47aa026f7f24cfb736859a9131bd1c5ec7e070e830b651787f49910911f82e4ade0dc62fea0ad54ba210b07e44830eb2be6abb710a418a98
Score

3^/10
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  11KB
- MD5
  
  00a0194c20ee912257df53bfe258ee4a
- SHA1
  
  d7b4e319bc5119024690dc8230b9cc919b1b86b2
- SHA256
  
  dc4da2ccadb11099076926b02764b2b44ad8f97cd32337421a4cc21a3f5448f3
- SHA512
  
  3b38a2c17996c3b77ebf7b858a6c37415615e756792132878d8eddbd13cb06710b7da0e8b58104768f8e475fc93e8b44b3b1ab6f70ddf52edee111aaf5ef5667
- SSDEEP
  
  192:7DKnJZCv6VmbJQC+tFiUdK7ckD4gRXKQx+LQ2CSF:7ViJrtFRdbmXK8+PCw
Score

3^/10
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/locate.dll
- Size
  
  15KB
- MD5
  
  3ed8f71cc67857223cad786e0c7c578e
- SHA1
  
  a4864b53ac8c0d0eaffc516f891644c935de942a
- SHA256
  
  58200fbce500184e73d8cf63bc689c157763b8a63e3d1cd62165e334e8d1596d
- SHA512
  
  7424517d42dea7a3121cc9c52d490d6d1c27df59e1e1d926cf97d3543908de78c1e384061ba76b3520cd5a7eecef83f3629b565add617193d09db09a5f882430
- SSDEEP
  
  384:e3vRxT1E9qSqCDwNnN3NLNmwJOXZRPX2qkf:e/Rx2D4N95RIXZprk
Score

1^/10
behavioral10 behavioral9
- Target
  
  $PLUGINSDIR/rfshdktp.dll
- Size
  
  2KB
- MD5
  
  9410591a148871a6d0629cf25b94526f
- SHA1
  
  be1e8b0fe8327f185136a0d2460a68f720484535
- SHA256
  
  acc76e81f71e7f2ba58c36d678bc9ae4705e0187a3cdfa6d0025190467d9c0c7
- SHA512
  
  465d3e418e769b907262e07cbca3d2c5132bf328431d456be09c059821be20a6d30106562d7ef0bfa93ca219b2abe57ee891d937419fc4b8840987b184b45df0
Score

1^/10
behavioral11 behavioral12
- Target
  
  $TEMP/qq.t
- Size
  
  2KB
- MD5
  
  da9148a8ba13e67e82ac17c2e663e27e
- SHA1
  
  3f51314308ebebd99a4ff77b1d3c915426474817
- SHA256
  
  3e1f59a0eb8d302be47de3b7c489a741d91f3a92050f3df32efd2a6f7d3dc1f4
- SHA512
  
  44ffe15da573d3bcd07cee41236a04418b1f1e2484f6870ef868be6867d0f67fad72f7282d443aee819c3e647da79677d8ed8d39629a1c37d551b532c48d3ac6
Score

3^/10
behavioral13 behavioral14
- Target
  
  uninst.exe
- Size
  
  60KB
- MD5
  
  73cf0a4c88641e3a2c6285b1e3834e9e
- SHA1
  
  48212d420eee315c07623a79037401f23392b661
- SHA256
  
  bdd86d23a88a3ccb7d80cc870075b36ffbaed40bfe6efeb736d00f9f34fc1811
- SHA512
  
  b0e84d04d95efc3c29ed739c4a170bffe762737385a27d00985ff1b9359cfe3154649f2cf4cb41e7c2d1ed72a1d2486e32d2881be9294b0a6042d464d9c9edc6
- SSDEEP
  
  1536:5qBwbLWJLJFKqAZzrZA4kJJZgdLeAyNZmK78cB6YvlAeW:5qBFJLzgOJJZceAQoy8
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral15 behavioral16
- Target
  
  $PLUGINSDIR/KillProcDLL.dll
- Size
  
  4KB
- MD5
  
  99f345cf51b6c3c317d20a81acb11012
- SHA1
  
  b3d0355f527c536ea14a8ff51741c8739d66f727
- SHA256
  
  c2689ba1f66066afce85ca6457ecd36370be0fe351c58422e45efd0948655c93
- SHA512
  
  937aa75be84a74f2be3b54dc80fac02c17dad1915d924ef82ab354d2a49bc773ee6d801203c52686113783a7c7ea0e8ed8e673ba696d6d3212f7006e291ed2ef
Score

3^/10
behavioral17 behavioral18
- Target
  
  $PLUGINSDIR/time.dll
- Size
  
  10KB
- MD5
  
  38977533750fe69979b2c2ac801f96e6
- SHA1
  
  74643c30cda909e649722ed0c7f267903558e92a
- SHA256
  
  b4a95a455e53372c59f91bc1b5fb9e5c8e4a10a506fa04aaf7be27048b30ae35
- SHA512
  
  e17069395ad4a17e24f7cd3c532670d40244bd5ae3887c82e3b2e4a68c250cd55e2d8b329d6ff0e2d758955ab7470534e6307779e49fe331c1fd2242ea73fd53
- SSDEEP
  
  192:oNcwTweFbs9t2n2Sgiga65/aHdaGZavaJIYX4Hw2:oNcwBFg22SEw47CPU
Score

3^/10
behavioral19 behavioral20
- Target
  
  ޸IE ɱ.url
- Size
  
  1KB
- MD5
  
  1a4696b09948361a7034e850ba299856
- SHA1
  
  d8187c923c73d272c8cb5a8b69caaf397431a2cc
- SHA256
  
  05448df298916bba4eccde34838bf782631178295b93a15fdf67cf224525465a
- SHA512
  
  57ca75d5cc22212316811a2951acfed3f80593a54db9d96ed2b2e33446569bafd174ed5e929717eae8698e0364192a0a95e8bb712b7f10290bec22f34848cdd1
Score

1^/10
behavioral21 behavioral22
- Target
  
  ֮.exe
- Size
  
  958KB
- MD5
  
  4ea3fee7f26f48b87a8568ebba017b58
- SHA1
  
  dfec83d0e5ac938962934327d758f96c4847e563
- SHA256
  
  52c91718228015fce1c6c5776375fa76846f74fbdedbd1702a717248309553c3
- SHA512
  
  d233067d7d4411404a3849495b48d4d39172511acb0af833a3d538065364bac254259753a059c85d9a126403cfd3abd9d5e93e96cbd89dd5ef5ddf20d9944ce9
- SSDEEP
  
  24576:NadMv6CYrjqnyLQnaFqfcNflU4vFy/9LYPe:NnvyjdLQagfcTKYPe
Score

3^/10
behavioral23 behavioral24
- Target
  
  ֮.nls
- Size
  
  1.1MB
- MD5
  
  331810e9f6de0679e9cd337aa026aab4
- SHA1
  
  88cbc6a80afcfdd2d5506d8f73ca889a669c5eed
- SHA256
  
  7c06daa6628997c39580b86e9601ee35c7e688efe0079d11517310f6433911cf
- SHA512
  
  5c82f7a497519d8a466d898701c210c27908d12ec9ff0dae56e121b574551648fcbb30d2af0c8e2bdb9b3fc1f86801bdea0fe23858b721a61905eeabcb59e55d
- SSDEEP
  
  24576:oWTeo4A7fKVV/NeK2TYIT4/oFaASoA6Vfnw:dTeq7SH/yTYIT4QIoA6Vfnw
Score

6^/10

evasion trojan
- Checks whether UAC is enabled
  evasion trojan
behavioral25 behavioral26

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Loads dropped DLL

Deletes itself

Executes dropped EXE

Loads dropped DLL

Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26