c9018a2ece8a1dee225e1d3530169968bdbf3e0aba291086c539aecedb49a9e3

Sharing

Copy URL Twitter E-mail

General

Target

61b450f4a2c16d8c26a12b07809ed0f2_JaffaCakes118
Size

437KB
Sample

240721-2mmjxs1bpn
MD5

61b450f4a2c16d8c26a12b07809ed0f2
SHA1

ccc09b48d45daa144c8cde41cea6d1d40b6a12e6
SHA256

c9018a2ece8a1dee225e1d3530169968bdbf3e0aba291086c539aecedb49a9e3
SHA512

e77d4481a00c981fb3cc8367f5e033c5d3ac60f9e05e28cf20d22470c454cb9d16bc418f990be8313cda986407027a05be3411caedd08e0b9d24cc4c43f43967
SSDEEP

6144:rsnnF5vql91p+IoJP7HNfuIF7XLhjfDqM1Gz8HixXaZ0E9bnc2727vJd:inF1q5p+pP7px7XLV7qM1BEU1+27qJd

Score

8^/10

Malware Config

Targets

- Target
  
  61b450f4a2c16d8c26a12b07809ed0f2_JaffaCakes118
- Size
  
  437KB
- MD5
  
  61b450f4a2c16d8c26a12b07809ed0f2
- SHA1
  
  ccc09b48d45daa144c8cde41cea6d1d40b6a12e6
- SHA256
  
  c9018a2ece8a1dee225e1d3530169968bdbf3e0aba291086c539aecedb49a9e3
- SHA512
  
  e77d4481a00c981fb3cc8367f5e033c5d3ac60f9e05e28cf20d22470c454cb9d16bc418f990be8313cda986407027a05be3411caedd08e0b9d24cc4c43f43967
- SSDEEP
  
  6144:rsnnF5vql91p+IoJP7HNfuIF7XLhjfDqM1Gz8HixXaZ0E9bnc2727vJd:inF1q5p+pP7px7XLV7qM1BEU1+27qJd
Score

7^/10

spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/ApnIC.dll
- Size
  
  240KB
- MD5
  
  197215658b8015182192e1ebca3bbcc3
- SHA1
  
  40e49124ad0b55a25f947333ca88e9d0bc30a7e3
- SHA256
  
  08db125c09eb53cc28e7bc7c427b6c2217ff6134a122e6d65d1d24f70e875d9e
- SHA512
  
  5fe9d6c96c817bd64ea78ff511734e9e11e6ca13b4506b589156a801fa4fed568c37d958cfafb96ad86ee1229ceeb35165965cb776f3a74cafaedb1a946bbf79
- SSDEEP
  
  3072:fBLh8OUd9YLlA1kQYcNAJP1pXm0cns0teMqbPOxtmBO4S9vIyxUMUoQbl:fBLhm9YLlDQU1Nm0BPOxESvfHw
Score

8^/10

spyware stealer
- Blocklisted process makes network request
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/ApnStub.exe
- Size
  
  139KB
- MD5
  
  c36923084822c017f69396418a999d39
- SHA1
  
  fdc2005ced8acf86c68fe1b86b0698d0539e8ce0
- SHA256
  
  7a158fdeea8f7107be5ce40242546a503193aa1c278f74a4730871b8edd0ba76
- SHA512
  
  fb1106d4f4a138cad28a4282cb00c72688e03610be1d31a7cdd7b42b23e00e4f7ca9e731a7ab016d5920411707e165e3ee48164ef520112d8ac36fad85749c44
- SSDEEP
  
  3072:kchfXbup04LnomgmlgV5sUjbW/+lt5qqqqqqqqqqqqBYFpbO:BPbue4LP+V5f6U7qqqqqqqqqqqqH
Score

1^/10
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/EBanner.dll
- Size
  
  5KB
- MD5
  
  cce7bc13dbc3faea7769fcf7727eb19f
- SHA1
  
  59633ed1adc02235ca058883534ff36be4fb3f37
- SHA256
  
  dd519ae6d7fd6df0c32db834df215df2fe7c1d044b800922a58da7f4f00b95ab
- SHA512
  
  21e4a8ecd383d59ef24f590367328248d21c7fe452fc5c3a42ec597f920e79caf6a8047babb9fb44d2cca8329dd7d14b39cf13a0934aee409fa5bdd7c2e4f121
- SSDEEP
  
  96:9agsHJMYSzHl+I3tFGLafz6Dy/qCWDIH7:9DspmHlv3Lnf0yiCmIH7
Score

3^/10
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  14KB
- MD5
  
  325b008aec81e5aaa57096f05d4212b5
- SHA1
  
  27a2d89747a20305b6518438eff5b9f57f7df5c3
- SHA256
  
  c9cd5c9609e70005926ae5171726a4142ffbcccc771d307efcd195dafc1e6b4b
- SHA512
  
  18362b3aee529a27e85cc087627ecf6e2d21196d725f499c4a185cb3a380999f43ff1833a8ebec3f5ba1d3a113ef83185770e663854121f2d8b885790115afdf
- SSDEEP
  
  192:86d+dHXLHQOPiY53uiUdigyU+WsPdc/A1A+2jwK72dwF7dBEnbok:86UdHXcIiY535zBt2jw+BEnbo
Score

3^/10
behavioral10 behavioral9
- Target
  
  $PLUGINSDIR/NSISdl.dll
- Size
  
  14KB
- MD5
  
  a5f8399a743ab7f9c88c645c35b1ebb5
- SHA1
  
  168f3c158913b0367bf79fa413357fbe97018191
- SHA256
  
  dacc88a12d3ba438fdae3535dc7a5a1d389bce13adc993706424874a782e51c9
- SHA512
  
  824e567f5211bf09c7912537c7836d761b0934207612808e9a191f980375c6a97383dbc6b4a7121c6b5f508cbfd7542a781d6b6b196ca24841f73892eec5e977
- SSDEEP
  
  192:tUZTobBDJ68r67wmsvJI5ad9cXzFOVu+mZ/P3p+57CvpVqDxVp01Dwn2GRPgsfA:6Bo/680dCI5adOjFOg9//p27uNw2Go
Score

3^/10
behavioral11 behavioral12
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  11KB
- MD5
  
  c17103ae9072a06da581dec998343fc1
- SHA1
  
  b72148c6bdfaada8b8c3f950e610ee7cf1da1f8d
- SHA256
  
  dc58d8ad81cacb0c1ed72e33bff8f23ea40b5252b5bb55d393a0903e6819ae2f
- SHA512
  
  d32a71aaef18e993f28096d536e41c4d016850721b31171513ce28bbd805a54fd290b7c3e9d935f72e676a1acfb4f0dcc89d95040a0dd29f2b6975855c18986f
- SSDEEP
  
  192:7DKnJZCv6VmbJQC+tFiUdK7ckD4gRXKQx+LQ2CSF:7ViJrtFRdbmXK8+PCw
Score

3^/10
behavioral13 behavioral14
- Target
  
  $PLUGINSDIR/inetc.dll
- Size
  
  20KB
- MD5
  
  7569b23f19a0f5cb4c1d3b30a296c4bb
- SHA1
  
  c5f3546b3c795e46445393960694a2341692ddc7
- SHA256
  
  615bf32e15aaa8d58832df2298f75dd2b29ea5f25bf152c99630315cb618a31a
- SHA512
  
  11663bf180f9540ad247957b6793f8afd1b4e66f3b692b4ad05735f07459dd524571245928c40e26e3de691472508f5632fcd4add1eebad559d504eca32c08a9
- SSDEEP
  
  384:gBCwUYeQ8geEQyhUtXlcgCHe8DSMk8/UhU7ya4Lp0Ac9khYLMkIX0+GvRgbJ1:pwUEpet1cgCHe8DNN/UhUua4L
Score

3^/10
behavioral15 behavioral16
- Target
  
  $PLUGINSDIR/nsDialogs.dll
- Size
  
  9KB
- MD5
  
  c10e04dd4ad4277d5adc951bb331c777
- SHA1
  
  b1e30808198a3ae6d6d1cca62df8893dc2a7ad43
- SHA256
  
  e31ad6c6e82e603378cb6b80e67d0e0dcd9cf384e1199ac5a65cb4935680021a
- SHA512
  
  853a5564bf751d40484ea482444c6958457cb4a17fb973cf870f03f201b8b2643be41bccde00f6b2026dc0c3d113e6481b0dc4c7b0f3ae7966d38c92c6b5862e
- SSDEEP
  
  96:hBABCcnl5TKhkfLxSslykcxM2DjDf3GE+Xv8Xav+Yx4VndY7ndS27gA:h6n+0SAfRE+/8ZYxMdqn420
Score

3^/10
behavioral17 behavioral18
- Target
  
  $PLUGINSDIR/nsRandom.dll
- Size
  
  21KB
- MD5
  
  ab467b8dfaa660a0f0e5b26e28af5735
- SHA1
  
  596abd2c31eaff3479edf2069db1c155b59ce74d
- SHA256
  
  db267d9920395b4badc48de04df99dfd21d579480d103cae0f48e6578197ff73
- SHA512
  
  7d002dc203997b8a4d8ec20c92cd82848e29d746414f4a61265c76d4afb12c05bce826fc63f4d2bd3d527f38506c391855767d864c37584df11b5db9ca008301
- SSDEEP
  
  384:LCHDPMs4GdtyO5roguusMxUXiO3wOw95euooP2UgKbd9BvNtf:LCHD6Gh87MKXil/5r2U3z
Score

7^/10

upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral19 behavioral20
- Target
  
  $PLUGINSDIR/nsis7z.dll
- Size
  
  170KB
- MD5
  
  46e29660c591067e77276fa960625f57
- SHA1
  
  3c3206ec4415de4f09a2066a658fa12621e2ed74
- SHA256
  
  51f3274fcaf2ef42860f97bed95f407abc60ab31f81a42b38fb2ea1d9b0a434f
- SHA512
  
  ed7f9babcaa6244eb8f42350a522f75b5078b2854919e281215a4a4ef62ec4bb731a457f5da3a615419a575986eb96517a6c5238f65b2173138c7fd4ff122d83
- SSDEEP
  
  3072:/U9a+LOBZgLCJqPb83T6RhYI3Y3de57FjqFJL4A1QH9ykgt1c32pk:kaVUmcQGLYoY3KMlq9H8jk
Score

3^/10
behavioral21 behavioral22
- Target
  
  Uninstall.exe
- Size
  
  56KB
- MD5
  
  ae098952bc80c412592b7eeddf84ba18
- SHA1
  
  5d8475c42459760a534841f666ea1ca048e57f57
- SHA256
  
  25aba1b37744fd22a30c81e7e8125428ab46438b21d8f633349d5961c9dac14c
- SHA512
  
  1c4ef5be951429a09d74711b57cd7ce4de34c6bbf22f836ba0916f89dd3bb7aefe403dcb7fa3434f96747b215a0511bf87e9964cfa99e53058af26ae61bd4cec
- SSDEEP
  
  768:d1cVhpQI2EQK0iPDh84nScF15GYbWjXO3XJPHVkqhTYg4kZ2P7IY3w1Iwsn:rQpQ5EP0ijnRTXJfVkqhTYg92jv
Score

7^/10
- Executes dropped EXE
- Loads dropped DLL
behavioral23 behavioral24
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  11KB
- MD5
  
  c17103ae9072a06da581dec998343fc1
- SHA1
  
  b72148c6bdfaada8b8c3f950e610ee7cf1da1f8d
- SHA256
  
  dc58d8ad81cacb0c1ed72e33bff8f23ea40b5252b5bb55d393a0903e6819ae2f
- SHA512
  
  d32a71aaef18e993f28096d536e41c4d016850721b31171513ce28bbd805a54fd290b7c3e9d935f72e676a1acfb4f0dcc89d95040a0dd29f2b6975855c18986f
- SSDEEP
  
  192:7DKnJZCv6VmbJQC+tFiUdK7ckD4gRXKQx+LQ2CSF:7ViJrtFRdbmXK8+PCw
Score

3^/10
behavioral25 behavioral26
- Target
  
  $PLUGINSDIR/nsDialogs.dll
- Size
  
  9KB
- MD5
  
  c10e04dd4ad4277d5adc951bb331c777
- SHA1
  
  b1e30808198a3ae6d6d1cca62df8893dc2a7ad43
- SHA256
  
  e31ad6c6e82e603378cb6b80e67d0e0dcd9cf384e1199ac5a65cb4935680021a
- SHA512
  
  853a5564bf751d40484ea482444c6958457cb4a17fb973cf870f03f201b8b2643be41bccde00f6b2026dc0c3d113e6481b0dc4c7b0f3ae7966d38c92c6b5862e
- SSDEEP
  
  96:hBABCcnl5TKhkfLxSslykcxM2DjDf3GE+Xv8Xav+Yx4VndY7ndS27gA:h6n+0SAfRE+/8ZYxMdqn420
Score

3^/10
behavioral27 behavioral28

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Subvert Trust Controls

T1553

Install Root Certificate

T1553.004

Credential Access

Unsecured Credentials

T1552

Credentials In Files

T1552.001

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Data from Local System

T1005

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Executes dropped EXE

Loads dropped DLL

Reads user/profile data of web browsers

Blocklisted process makes network request

Reads user/profile data of web browsers

UPX packed file

Executes dropped EXE

Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28