1ac32cdb8b9969bdb69f97fbfc8f65aaa6bd0f65ee068ff99e6a4e4b073c51fd

Sharing

Copy URL

Twitter E-mail

General

Target

668c494f743d785a1b73026414d958e4_JaffaCakes118
Size

2.2MB
Sample

240723-hmepjatcrr
MD5

668c494f743d785a1b73026414d958e4
SHA1

893e8b02e8532b2680723e3a06a3c94aaf5a532b
SHA256

1ac32cdb8b9969bdb69f97fbfc8f65aaa6bd0f65ee068ff99e6a4e4b073c51fd
SHA512

6fe4e8da366c23f954a7334825dea7484ca0fc0cd947fc5a7406f028034a11b581286e84607860b3b816513d508556364f34ed609fc5a9fbea3c9a73ee3bfef0
SSDEEP

49152:9jVuNXRlfhDzJBeKeNUWgrdau1xSfInEw9an6+la2jaS4+Ny9q2pchcy:ZCdhPJNau/SAEOX2jrYq2ccy

Score

6^/10

adware stealer

Malware Config

Targets

- Target
  
  668c494f743d785a1b73026414d958e4_JaffaCakes118
- Size
  
  2.2MB
- MD5
  
  668c494f743d785a1b73026414d958e4
- SHA1
  
  893e8b02e8532b2680723e3a06a3c94aaf5a532b
- SHA256
  
  1ac32cdb8b9969bdb69f97fbfc8f65aaa6bd0f65ee068ff99e6a4e4b073c51fd
- SHA512
  
  6fe4e8da366c23f954a7334825dea7484ca0fc0cd947fc5a7406f028034a11b581286e84607860b3b816513d508556364f34ed609fc5a9fbea3c9a73ee3bfef0
- SSDEEP
  
  49152:9jVuNXRlfhDzJBeKeNUWgrdau1xSfInEw9an6+la2jaS4+Ny9q2pchcy:ZCdhPJNau/SAEOX2jrYq2ccy
Score

3^/10
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  14KB
- MD5
  
  0dc0cc7a6d9db685bf05a7e5f3ea4781
- SHA1
  
  5d8b6268eeec9d8d904bc9d988a4b588b392213f
- SHA256
  
  8e287326f1cdd5ef2dcd7a72537c68cbe4299ceb1f820707c5820f3aa6d8206c
- SHA512
  
  814dd17ebb434f4a3356f716c783ab7f569f9ee34ce5274fa50392526925f044798f8006198ac7afe3d1c2ca83a2ca8c472ca53fec5f12bbfbbe0707abacd6b0
- SSDEEP
  
  192:n6d+dHXLHQOPiY53uiUdigyU+WsPdc/A1A+2jPK72dwF7dBEnbok:n6UdHXcIiY535zBt2jP+BEnbo
Score

3^/10
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  11KB
- MD5
  
  00a0194c20ee912257df53bfe258ee4a
- SHA1
  
  d7b4e319bc5119024690dc8230b9cc919b1b86b2
- SHA256
  
  dc4da2ccadb11099076926b02764b2b44ad8f97cd32337421a4cc21a3f5448f3
- SHA512
  
  3b38a2c17996c3b77ebf7b858a6c37415615e756792132878d8eddbd13cb06710b7da0e8b58104768f8e475fc93e8b44b3b1ab6f70ddf52edee111aaf5ef5667
- SSDEEP
  
  192:7DKnJZCv6VmbJQC+tFiUdK7ckD4gRXKQx+LQ2CSF:7ViJrtFRdbmXK8+PCw
Score

3^/10
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/nsDialogs.dll
- Size
  
  9KB
- MD5
  
  ab73c0c2a23f913eabdc4cb24b75cbad
- SHA1
  
  6569d2863d54c88dcf57c843fc310f6d9571a41e
- SHA256
  
  3d0060c5c9400a487dbefe4ac132dd96b07d3a4ba3badab46a7410a667c93457
- SHA512
  
  99d287b5152944f64edc7ce8f3ebcd294699e54a5b42ac7a88e27dff8a68278a5429f4d299802ee7ddbe290f1e3b6a372a5f3bb4ecb1a3c32e384bca3ccdb2b8
- SSDEEP
  
  96:EBABCcnl5TKhkfLxSslykcxM2DjDf3GE+Xv8Xav+Yx4MndY7ndS27gA:E6n+0SAfRE+/8ZYxldqn420
Score

3^/10
behavioral7 behavioral8
- Target
  
  $PROGRAMFILES/QvodPlayer/Codecs/ColorFilter.ax.new
- Size
  
  141KB
- MD5
  
  fa098ed1394496b2ba53f1773f70d711
- SHA1
  
  6db54dfee27c70e61e3ef1d5374513c16fd602aa
- SHA256
  
  19b84b912d782333cfed1727e69da83846b77d7c90736b5621b438f9f50d107c
- SHA512
  
  74b2704dba6ace3fecca0dd6e790162b961ca9fb9ae6240aefb1f0d52959f58456c626378c745cbc155a8928d850614b8df6804b851e8d017c5ebeca01c17a8c
- SSDEEP
  
  3072:9ymeNWoqvzMcvAXQQ0vlvYKQptcabWQlHs69rDc92:wE1vzM8bvhs7lHs69A2
Score

1^/10
behavioral10 behavioral9
- Target
  
  $PROGRAMFILES/QvodPlayer/Codecs/RealMediaSplitter.ax.new
- Size
  
  372KB
- MD5
  
  b91968f4f21d803d2467da89d9cd7275
- SHA1
  
  a0e1a676fe340f6bd211a1b40c0b6d8d1715d82e
- SHA256
  
  4287023170ab52ec3883af9a464d281358ae44225b25b101697c2ae66c82f935
- SHA512
  
  047470fda7ff9cda15cc4baaf0d5031bc8c37a9a7a827601c0e6db149f3af5149860afc45dd92c1a035f537971a70cb0f31372de12c080cecc3d93a89e6b8d65
- SSDEEP
  
  6144:sbH9JP/W0D2hzNqURg44nlHR0urOU48+EQHapawA9MDL:OJP/W0D2Pq/rpR0urOU4lExnn
Score

1^/10
behavioral11 behavioral12
- Target
  
  $PROGRAMFILES/QvodPlayer/Codecs/asfsplliter.ax.new
- Size
  
  64KB
- MD5
  
  4a7e26d268c355fb5da19a4400e7770b
- SHA1
  
  ebe3c19a94e12c2a5d39bc816317961797a6c89b
- SHA256
  
  5c44df6b0d4d212271a1ca4c008ea003a2dd1168059333169b3562c51065c3e9
- SHA512
  
  db5f0161d64b27cebc6de443e68cf596725ea1034f20c58f2a019f2d50e67574e33ffe65e8f5a9b21095cd2f309a97b58ee3603e528276aeefa67c9d7b3234f6
- SSDEEP
  
  768:Y9We0OJXnfX2c+AOW8gpukVl5sqiCpl3il7T59bSob4p9Gk0:Y9WEXn/2c+7jlkV4dCpN67t9bSXG5
Score

1^/10
behavioral13 behavioral14
- Target
  
  $PROGRAMFILES/QvodPlayer/Codecs/cook.dll.new
- Size
  
  64KB
- MD5
  
  fa220dae3898b8578c34791648321a38
- SHA1
  
  12bdd5396e996d071368980d36ef6f6c7b39f936
- SHA256
  
  f8b5898569a508e370eb25db27c1cba440c9d559529850c05589e56a93659835
- SHA512
  
  9c2ad73fd43de7ca16a1d75b2974a737dfe1478d094783861ff5e3f994e17bc9e36e31f130296b497bb8955849be31db526018c0621cf5b09496fc6e5c3d6f34
- SSDEEP
  
  768:79rczOVJc8avUhcRxV6Sz+b2G90YnGZosMwCJtVSk7K+t6tj6tVDWVp3Ghv+Xb:7uqc8/aUSz62G9LnOnMK+t6tR
Score

1^/10
behavioral15 behavioral16
- Target
  
  $PROGRAMFILES/QvodPlayer/Codecs/drvc.dll.new
- Size
  
  28KB
- MD5
  
  1197b01e99216f51be418c0ebc758522
- SHA1
  
  3d6b5167a747b6c1f54575f2047fdef6f293f1d1
- SHA256
  
  004e45d3d3d721f0295a9f430ce3d46ebe7b9a5df797b0ea9029c74509c34600
- SHA512
  
  6e172b8cb66a326d16d8eb9c4e3e0bc0df773ca887a15643ac328ddefa3ad5a982f514dae5b5b4439808afe823414b94f2a26732b9f3e8ad9cbd245cf7e6ee6c
- SSDEEP
  
  768:D/HWfTds7D+aqQZANSBLKwY8LBIonnMFvX8I:SfTdSsNngAvX8I
Score

1^/10
behavioral17 behavioral18
- Target
  
  $PROGRAMFILES/QvodPlayer/NetAgent.dll.new
- Size
  
  89KB
- MD5
  
  998ed6748226a24ab900a4410ef522e9
- SHA1
  
  85212590067a3edb2416c0552d7a1f3595b777e2
- SHA256
  
  1305f656ebf3e63efad9f828844f0d9a5bdcaf65bb3295c3947b00b052322495
- SHA512
  
  bddb67122a03a3e7ad8e492ba4235efe60373a7ceb648b4dcac5fee92e28fad6a7f12fba13924a86b1f96c6fb3b64feefbe18fcc811fe11570a312de4f7f7a73
- SSDEEP
  
  1536:rvKt7xujJ3WJTDt6HCCqf+uVo3TQhaLCMd:Qxtcq2uVo3/Jd
Score

3^/10
behavioral19 behavioral20
- Target
  
  $PROGRAMFILES/QvodPlayer/QvodBand.dll
- Size
  
  85KB
- MD5
  
  1b1bdb8295c4a1705f92dea9bef53efb
- SHA1
  
  5f3790e649e44d98f18c3508b39952f65422796c
- SHA256
  
  104b370f1e7c3c014c54b41cd196e4922e4005a3b3ac7eb318c57047df13bf4e
- SHA512
  
  26c2f5376e0ff3ff0e00b18fe87388a777c4658d752d2a9b130408842f166b304828af656756d43ef5521c8ac595b19f28f714589177971dcbbcca08caf840af
- SSDEEP
  
  1536:fxsS1aqWpd53AtTNfvJrXffRqVCR474T1lLyNrT3UM:fOSUqhPvZXfYvET1lLyNrT3p
Score

1^/10
behavioral21 behavioral22
- Target
  
  $PROGRAMFILES/QvodPlayer/QvodExtend.dll.new
- Size
  
  149KB
- MD5
  
  25746904b49973d98bc9b7d5e6352ed7
- SHA1
  
  25e2db2c6b8566a5c6abbd237451858446bb1162
- SHA256
  
  17f4caa40b9c36a0f7116c53ee723bd82834d96085b1239d4bd3673da8ad9be2
- SHA512
  
  a33cb11f00d884d538b4e16b4a66c66c08a1b416d9c9f9eb35a876072a6dc522f23ec998b60f8932e04216d8ce873b33c9f494b4ced04ff487afd928eeead746
- SSDEEP
  
  1536:jURDTXacG3KkToWhdYBpm4ANzlSxWQ1cX8C0NBRApbpQ1cX8C0NBhrSjCx/:QRfacG3K3pxANzlSxwS4LSxSm/
Score

6^/10

adware stealer
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
behavioral23 behavioral24
- Target
  
  $PROGRAMFILES/QvodPlayer/QvodInit.exe
- Size
  
  117KB
- MD5
  
  d8ce693166ac2e6134867469a18287bb
- SHA1
  
  7f4a6c341f7b29a8c2a2ff1255e8a6124b09fbae
- SHA256
  
  afcc952523fbc909ccb7853f4bc6875c9738eaedf90c25f84665f2e6a16e64c3
- SHA512
  
  34a5fefd5d645599b869a1da3a1ad5a503a4cbc560a10cdc14db8b97d82bf019ca9a1f7272b041325aefc962122c59dbc42fd21d750f6aa8feca934c1897ce88
- SSDEEP
  
  1536:IELe5SZqtVykxJPLbtTJJlW0ijDORNSpLf2Xh9PRUGVASsu2VAaLCN:hZ5WVntTJJlW0ifORNSBOrRUm2Vxu
Score

1^/10
behavioral25 behavioral26
- Target
  
  $PROGRAMFILES/QvodPlayer/QvodInsert.dll.new
- Size
  
  737KB
- MD5
  
  3b39aa87d3be0a144772fd1b64a0d32d
- SHA1
  
  4b78adeb342d8ddcca904e79b95210f546490380
- SHA256
  
  83cf03cdb4387dc677f2fd895a45eb63d5bd1c1dc99dac68c34d3485c3bbc574
- SHA512
  
  e7d937a39be35c1fba2e1357dd45ed115f02021ab7d76dd05c1093d3f206d3fd3c19f6a99d672ffc9d01501ad14f586521ab343ca376c8dd42097968a04e3168
- SSDEEP
  
  12288:MMEfT/xbmbVI6tLtIRdH7bGwPBvw3ahfHK6MmMdyROZVN/SaqTQs6g/Uk:EfDxcVID7NSqhfHIyc9i6g/D
Score

1^/10
behavioral27 behavioral28
- Target
  
  $PROGRAMFILES/QvodPlayer/QvodPlayer.exe
- Size
  
  2.6MB
- MD5
  
  ae59d5523258f70471d2af408eadd350
- SHA1
  
  83b3111ef1e689cabe1cfebab85c71a1217de0fe
- SHA256
  
  4659c085ee792633c0db99c261dfa8d8851f7ab711943a1050f4183f46ae780a
- SHA512
  
  2b57f84a61c768fdad6fa752ac4b4a3170bb2ff3733cec6516003042e401cc3e7e92b9611f9705c24fda9f73ab21ba6fe42fa4b6b0c641fc9986ea3bf148c50f
- SSDEEP
  
  49152:i8SA9s04qApaCRdpLXIjLQeiO52F/tXIj1XdapPgDG7npXsCov3l8fX:o46hbpLXIjMeiO5qtXIj1XdapPgDG7nn
Score

1^/10
behavioral29 behavioral30
- Target
  
  $PROGRAMFILES/QvodPlayer/QvodTerminal.exe
- Size
  
  549KB
- MD5
  
  60ef60ad0aba409ecb39157b65e980af
- SHA1
  
  1182772b0eef1a49219ab3886c3a109475f91816
- SHA256
  
  0799c8dd3063dc02bad0b36fa10681f9491cb9c468ec7ff651f2e6a0ee41ec24
- SHA512
  
  ba3eff375309eea4c81b7ef4cfe704c98bdbac6a7a6dfff380b834f6dc49071edf54d2c188a54764c02f134b9d1036afc44f3a5a12055e707265373bf182bdf8
- SSDEEP
  
  12288:GZNGgauceSFX0t4tGXc3jL9vcqnOD+tRR843O3ae7O:GZNGruceMX0FivcqnODIR8H3aJ
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Browser Extensions

T1176

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Installs/modifies Browser Helper Object

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32