a4e10fe06bb5202f8b07f3264adf23bd3d3825e214fef6b096adbe5d6a530e91

Sharing

Copy URL

Twitter E-mail

General

Target

61901604ebf438822f721a051bdf4f53_JaffaCakes118
Size

1.2MB
Sample

240721-1v6gbswhmd
MD5

61901604ebf438822f721a051bdf4f53
SHA1

e7a3fe6b12a188d8f352a259e1a7a78310cc3460
SHA256

a4e10fe06bb5202f8b07f3264adf23bd3d3825e214fef6b096adbe5d6a530e91
SHA512

fb0ea549b0f2101954b1247bec2ad74ffa2c67bafeb7973746e342be0cdc3090e1ade6722ca577a574223e304076ba488a0e10f537673613e7c843a02b21a484
SSDEEP

24576:nMM7up2lA3/eU93w26xznXN0fyaU3iPeuBqpwiwuNPITldbWn1mBbeIk:MklGWUFw5DN0bGuUp0u2Jw1mBbeIk

Score

7^/10

Malware Config

Targets

- Target
  
  61901604ebf438822f721a051bdf4f53_JaffaCakes118
- Size
  
  1.2MB
- MD5
  
  61901604ebf438822f721a051bdf4f53
- SHA1
  
  e7a3fe6b12a188d8f352a259e1a7a78310cc3460
- SHA256
  
  a4e10fe06bb5202f8b07f3264adf23bd3d3825e214fef6b096adbe5d6a530e91
- SHA512
  
  fb0ea549b0f2101954b1247bec2ad74ffa2c67bafeb7973746e342be0cdc3090e1ade6722ca577a574223e304076ba488a0e10f537673613e7c843a02b21a484
- SSDEEP
  
  24576:nMM7up2lA3/eU93w26xznXN0fyaU3iPeuBqpwiwuNPITldbWn1mBbeIk:MklGWUFw5DN0bGuUp0u2Jw1mBbeIk
Score

7^/10
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/Banner.dll
- Size
  
  4KB
- MD5
  
  258dd27107feabb1969908a9387a79d7
- SHA1
  
  80f85b610e57d6ab07988cdae60c83300bef6a8f
- SHA256
  
  f4fc1344c32ad1c075067c6abfd168a1815dbc6f97103e83e7e8e708230889d2
- SHA512
  
  e2df96efab3ea794e75b6a3c9038601c7abd956b41fbbcc4fb60013e0d319d9978f539dc0f944778d05d2e384192d918e06dce8bf76f355d0cbfd142313b9a2b
Score

1^/10
behavioral3 behavioral4
- Target
  
  $TEMPLATES/Setup.txt
- Size
  
  1.1MB
- MD5
  
  357a8dd0433cde3759f13b42f493c4e0
- SHA1
  
  2ba4a971e1d398589233e770030581a9767d4240
- SHA256
  
  2b4aa368f9b1363aa19b9de02f1b41fabde07d2359014eb456746cd7d66aba2c
- SHA512
  
  ce0432ce668dc60841832b0c14babd4e77a055709d9e0d027a51c2c6b500d99348f71d9aea2f1846781623289845a6690c037b8a1a40da97402f34651ba86488
- SSDEEP
  
  24576:FN605Kioe+2CrVFJwQmel0xeSadHsrRbnJ7ZGNTgDVwy4uY11jKRJ8f:fVXQmeD5dHMjJ7MgDVN8KRJw
Score

7^/10
- Loads dropped DLL
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  15KB
- MD5
  
  9a886711c559308c39c01c20e9d9a1e3
- SHA1
  
  0f27cf1cf6e4960e140651b68d72ed4b92c58e9e
- SHA256
  
  98be8860d38ad9cf31b55a1a04594de59eabad67510ba2a33ed20a80863ddfa4
- SHA512
  
  4dabdd9ea7a8330a367589a3975a9dc7286b82c66efc7db118b4d7a2db08a467851c6d3dc991668e13c4dd5473aa974e9696a2226039db94df8b198da54354a3
- SSDEEP
  
  192:3+8EHhdmwZYQBjHUEuX0esaONOs6zrMQQwoJwjwE6g//6IF7cBMEha:3qzBFHUENesmPdQwxj6g//QBMEh
Score

3^/10
behavioral7 behavioral8
- Target
  
  KKjie.exe
- Size
  
  181KB
- MD5
  
  67e89640d9ed9f8c7bc8a219e42a033f
- SHA1
  
  d2e5402fca8646e7b09a26e2866c0ab013c113f7
- SHA256
  
  d41dbe9ba5366a7701d9b45ab18a993476eedf34775e47a34fcc52f7ce690a3e
- SHA512
  
  c4833e39457540e18c25320c12148c2532f685d706eace42f04838f815c210fa7428ce90cf64397d5e7fb9939e91e1af400db6bc46138b979e06cb139627fe92
- SSDEEP
  
  3072:iZMJnTeM4cJJliRR7mH4QvaNCj3Vf7pfTLR/bNTubouYKux+PlXEcWxGAc+KTWYu:6eTeM/cRcH4QiNCjl75d1ubAV8ZWFcLM
Score

7^/10
- Executes dropped EXE
- Loads dropped DLL
behavioral10 behavioral9
- Target
  
  $EXEDIR/KKjie_safe.exe
- Size
  
  377KB
- MD5
  
  ac68dffc261c8625c5f2a94364ca10c9
- SHA1
  
  d5873084dcf4a74631c9abe82f1afc3ba1216464
- SHA256
  
  16694059e7073810021960bb709f814f42490a5219f7970fa201b3d8ef259db7
- SHA512
  
  d7ab568b6906d6d0ff924da59983cb8def9cfbb76ed93371e815c26f2f59f3a33edef0e65419bdaee02bcf85efc7a5b856949de5c26afab689aeada50a705b59
- SSDEEP
  
  6144:5wtFT4b6lH3XgRZD8A9TokLzgfrkrEHydPl/+xsXsTRztNf3js:YF88H3XgRZ3dz00d9/+xIs9js
Score

1^/10
behavioral11 behavioral12
- Target
  
  $PLUGINSDIR/Banner.dll
- Size
  
  4KB
- MD5
  
  258dd27107feabb1969908a9387a79d7
- SHA1
  
  80f85b610e57d6ab07988cdae60c83300bef6a8f
- SHA256
  
  f4fc1344c32ad1c075067c6abfd168a1815dbc6f97103e83e7e8e708230889d2
- SHA512
  
  e2df96efab3ea794e75b6a3c9038601c7abd956b41fbbcc4fb60013e0d319d9978f539dc0f944778d05d2e384192d918e06dce8bf76f355d0cbfd142313b9a2b
Score

1^/10
behavioral13 behavioral14
- Target
  
  $PLUGINSDIR/FindProcDLL.dll
- Size
  
  3KB
- MD5
  
  8614c450637267afacad1645e23ba24a
- SHA1
  
  e7b7b09b5bbc13e910aa36316d9cc5fc5d4dcdc2
- SHA256
  
  0fa04f06a6de18d316832086891e9c23ae606d7784d5d5676385839b21ca2758
- SHA512
  
  af46cd679097584ff9a1d894a729b6397f4b3af17dff3e6f07bef257bc7e48ffa341d82daf298616cd5df1450fc5ab7435cacb70f27302b6db193f01a9f8391b
Score

3^/10
behavioral15 behavioral16
- Target
  
  KKjie_safe.exe
- Size
  
  377KB
- MD5
  
  ac68dffc261c8625c5f2a94364ca10c9
- SHA1
  
  d5873084dcf4a74631c9abe82f1afc3ba1216464
- SHA256
  
  16694059e7073810021960bb709f814f42490a5219f7970fa201b3d8ef259db7
- SHA512
  
  d7ab568b6906d6d0ff924da59983cb8def9cfbb76ed93371e815c26f2f59f3a33edef0e65419bdaee02bcf85efc7a5b856949de5c26afab689aeada50a705b59
- SSDEEP
  
  6144:5wtFT4b6lH3XgRZD8A9TokLzgfrkrEHydPl/+xsXsTRztNf3js:YF88H3XgRZ3dz00d9/+xIs9js
Score

1^/10
behavioral17 behavioral18
- Target
  
  KKjie_safe.hlp
- Size
  
  33KB
- MD5
  
  3c57fe4b35cf0a9685559c3e42911dfe
- SHA1
  
  d107f41998c12832f04bd4a5f92e7a311b604048
- SHA256
  
  d43f05f0bb99779a01ad4abf7260cda15da68592fae6a6176137b81529409bdc
- SHA512
  
  86c857052b915b112f85525572ba8ce072b6565f7c032282b91d85e7d76a7742d9c5e2b00ee1620868e69dda985aefa80f48e1cd902b129bd26abead91e10d71
- SSDEEP
  
  768:ChLHItpz2fjAxFfNPoVLTxUaW5enNDoisBW:CJIXy8xFfNPoVL15RNDbs
Score

1^/10
behavioral19 behavioral20
- Target
  
  languages/Chinese.lang
- Size
  
  52KB
- MD5
  
  c373c9337b2db700fe19c1b27564db74
- SHA1
  
  2d6b681fdace3f06d003f814521662f0aa4d075a
- SHA256
  
  ed100eb75601a8d6afce0dea67ab0fb9fa9fb49beb1966097dc66d15670f1e9c
- SHA512
  
  5073b7e1acdb96a5f96f96bf7b4cbe940310ea3c8040b4f7feb662dd97d66b675f791d714fc117e21de82ad1a3926d7f98720140ad775f772c8f6dcf297adffb
- SSDEEP
  
  768:E2XiSC1i3Dkku0sTfsNV1Fw6Vtf+EBAex8OMRm:Br7/vsTfsNFN8OIm
Score

1^/10
behavioral21 behavioral22
- Target
  
  xiezai.exe
- Size
  
  40KB
- MD5
  
  1896b0d7caae95ccffc41e8fab6ae088
- SHA1
  
  44850e98a146be40086eed7aa71b352b2f67354d
- SHA256
  
  8f797add4e857820016f6fff5b8d99d6b95a48ce6225a963a7dcbaa5fd3bf0e4
- SHA512
  
  c543cfe89a02379758d524fa24b846b55435414484c037a3291dc8850ef88881eae59569ed94b40df838bb5adb7676cc46b39a71e455e2f5a1d35bc5fa8e3de2
- SSDEEP
  
  768:3PH4rKS4GDkQBZ3ImWlTtEIRlJ+qFZ2bSgJzANqM3wJJNnRvOX+C/////2XRL:3f4exGDkeZ4mOoSgJEAJJhod/////2Xh
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral23 behavioral24
- Target
  
  $PLUGINSDIR/FindProcDLL.dll
- Size
  
  3KB
- MD5
  
  8614c450637267afacad1645e23ba24a
- SHA1
  
  e7b7b09b5bbc13e910aa36316d9cc5fc5d4dcdc2
- SHA256
  
  0fa04f06a6de18d316832086891e9c23ae606d7784d5d5676385839b21ca2758
- SHA512
  
  af46cd679097584ff9a1d894a729b6397f4b3af17dff3e6f07bef257bc7e48ffa341d82daf298616cd5df1450fc5ab7435cacb70f27302b6db193f01a9f8391b
Score

3^/10
behavioral25 behavioral26
- Target
  
  $TEMPLATES/installstat.exe
- Size
  
  44KB
- MD5
  
  7c30927884213f4fe91bbe90b591b762
- SHA1
  
  65693828963f6b6a5cbea4c9e595e06f85490f6f
- SHA256
  
  9032757cabb19a10e97e158810f885a015f3dcd5ba3da44c795d999ea90f8994
- SHA512
  
  8aadb5fd3750ab0c036c7b8d2c775e42688265b00fe75b43a6addaefc7ee20d9fa3f074dd7943570c8519943011eda08216e90551b6d6a782b9ed5ce20aa6bab
- SSDEEP
  
  384:H+HHi0nKwn0RDbwemPK7BywsgtDgHJR0bA6VWqaCL6VuhV5bIle+vEv5aY3uBRgl:en1nKwn0ZFmKApg7AqaCL6Y16Ha5/uO
Score

1^/10
behavioral27 behavioral28
- Target
  
  $TEMPLATES/redalert3.txt
- Size
  
  49KB
- MD5
  
  9a0d407e720246d6a48ef7cc369c49ef
- SHA1
  
  cd7e422b3130298e2075838a7ccdd6eaedd2ca1f
- SHA256
  
  5cd375441e87c3e728694fa7d956fedde62e5bc537e4c615a60107902f5fe58e
- SHA512
  
  b70d8068a69b54dfe598852178d3c88b71a5d445108d5aab0a1f068dda58b71906740a838a1497fae543c8bf276812164f50b0103a5828b9cc278c9d6e94d215
- SSDEEP
  
  768:2hMZ0dF4ZFvQbn+eePu3cIQGCGbiC4k42M3wJJEX7NQz2r0/djiJXj+Jp:2yZMSZFvknTePMZd4k4kJJELR6dkG
Score

7^/10
- Loads dropped DLL
behavioral29 behavioral30
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  10KB
- MD5
  
  2b54369538b0fb45e1bb9f49f71ce2db
- SHA1
  
  c20df42fda5854329e23826ba8f2015f506f7b92
- SHA256
  
  761dcdf12f41d119f49dbdca9bcab3928bbdfd8edd67e314d54689811f9d3e2f
- SHA512
  
  25e4898e3c082632dfd493756c4cc017decbef43ffa0b68f36d037841a33f2a1721f30314a85597ac30c7ecc99b7257ea43f3a903744179578a9c65fcf57a8b7
- SSDEEP
  
  192:ibEOXfXZQ6i1AZ2q6grklcm/iaULQAos:ib/41AZN6uklckLUJo
Score

3^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Executes dropped EXE

Loads dropped DLL

Loads dropped DLL

Executes dropped EXE

Loads dropped DLL

Deletes itself

Executes dropped EXE

Loads dropped DLL

Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32