d2488c3b9b1d9e7276b6db97870f5c07fcbcd6fe34e84bad1451bab306c0d08f | Triage

Sharing

General

Target

6806511d67081521c2ce19ef719e58b5_JaffaCakes118
Size

5.7MB
Sample

240723-r967qswarn
MD5

6806511d67081521c2ce19ef719e58b5
SHA1

e556a533c7405f961922f308fafa576600f63575
SHA256

d2488c3b9b1d9e7276b6db97870f5c07fcbcd6fe34e84bad1451bab306c0d08f
SHA512

092bd6bb0aaffb4c7a9a3afc32235fd371cc063be68e9f653daa7ec3a1e0b5d7bb38b7fd2afdc417f2405c78d434a0e651c89525a1a9eeaaaa682f9058c2eed9
SSDEEP

98304:H5p12EyRvuctreBB2668iKULmGt1P410Vz72/imlpMrDkLHOjDk4UJBjlZUgAzoJ:H5psNlr4g66AG341Y72/PpqDQH8QrB5x

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  mpkcd-v2011v1.exe
- Size
  
  5.7MB
- MD5
  
  650a6e3b76135edd1f0eb4b3311c60cd
- SHA1
  
  7c544d3041d802b2f29de77d4e7b5606fa274ebb
- SHA256
  
  07beb2ba176c7ca59b32705af577c45590f2c7078cc4f8c49ec7e5dc08bf26ae
- SHA512
  
  0708a0f90aecafab630b32604cbfae8abcfbb18e2ade7868c5ccf090b502954c8405df0f5a7a976d39ac93f7fef28594ce4deab6c6f2b1d113efeea614fcd6f5
- SSDEEP
  
  98304:3b7tcgylpu2VLmBn26ooioGbC+fjd4jgvzt2tWmHhcXDujrOj9m6q9RTpZUMqVCC:3b7ybZLC26oy+p4jut2t9hqDsryQzRVg
Score

7^/10

discovery
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  12KB
- MD5
  
  4c7d97d0786ff08b20d0e8315b5fc3cb
- SHA1
  
  bb6f475e867b2bf55e4cd214bd4ef68e26d70f6c
- SHA256
  
  75e20f4c5eb00e9e5cb610273023e9d2c36392fa3b664c264b736c7cc2d1ac84
- SHA512
  
  f37093fd5cdda74d8f7376c60a05b442f884e9d370347c7c39d84eca88f23fbea6221da2e57197acd78c817a74703c49fb28b89d41c3e34817cc9301b0b6485a
- SSDEEP
  
  192:6KdqJ4Bhf1mdCMI26t510swClJOeFIsm7F1QuPs:6KdE4zAddwR0swqOeFxu
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/advsplash.dll
- Size
  
  5KB
- MD5
  
  ca60ae514320a0bfc4991c1fca3dc4ce
- SHA1
  
  c0d7db92c979d75233db185f18dee0c9518dd8ae
- SHA256
  
  08d2283396141ae8222c6959a0e1b4f75a75a3f2643b33d6d1c9b90d0669c606
- SHA512
  
  8e2d00909828b2f527bed1d2dae39e991142091cda8e80fb512ef2790fdd8146e6222dc1a98730af864b1437eab9f0e881e9adc3aad4e6c67f840dc3c4115a3b
- SSDEEP
  
  96:+JVdCWbnbRurMwGFhcIeJaWBkUhW9dfrZ8:+t1bRKMpn+NGUhW9Rr
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  API_COM.DLL
- Size
  
  295KB
- MD5
  
  2ec27c0604e85cb480f9c751bfdd210b
- SHA1
  
  f9f6992210d14456d3230795adac0b3f16b136c4
- SHA256
  
  5005f3082768b142e1f96af7139d57c59de21a04bc04c8956ec3a29ea728861b
- SHA512
  
  d5956ca874b1e468f361ddadf9fbe8d2d7fd53fc60a201d6e0fa20092e54785f4a1fd24133251f688ff62a06ede79bdf0b8393bdc3d96a279d07c75bbb3039d1
- SSDEEP
  
  6144:UwbZgYtmXMsoAdkM40g8okAbstl2FSLgP0te/mDNjPqAlzfNUWTGjGyvKOXHyVyi:UKgYDsotM40g8okAbs72FSLQ0te/mDNJ
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  Mwic_32.dll
- Size
  
  172KB
- MD5
  
  8cec16f685a11d0bc4df581fa75a957d
- SHA1
  
  d404b5d4ae873ef82d107dc47e809dea05e15d58
- SHA256
  
  0e811f22887ad9eda7ea2370c02fa32e71116c86ee7d408ffa3a3f68da0a2471
- SHA512
  
  423b052b4f993806b90b5d412beadbc07dc1f2fec5bb71e7301df2eb0a02f9572cdf6dac479af4df2458fa78afbd7b02e8148e22e6f0de59fd21b668489b4908
- SSDEEP
  
  3072:f7qs0DOV8MTId5gD50FfEWTwAw9cJ/pDonpk:Dqs0DOV8To0fEW0/9cJ/Ok
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  POS58/pos58_2000_xp/I386/RASDD.DLL
- Size
  
  425KB
- MD5
  
  d187053be3d5afe38b14bd80e1284997
- SHA1
  
  b765496c4cedb7d0fec79cdc73da130dccfa6313
- SHA256
  
  e0709dd910e84b38ce11ee141f1e21061eb48484a8356c4b012f3f5572fe40d8
- SHA512
  
  f98100eb114789f4397126fb9cd3e98fecfe68cad981a88640447a71dfa2133514e15d2d8e6f480d251654b4fc0507a6b5d4af7e3bb48f4717b42491b042230d
- SSDEEP
  
  12288:f0ortbP0Hd3EnD5IBaqGE2z4UYksDWVcToX:MortT+d3EnNIKt4UIqcTo
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  POS58/pos58_2000_xp/I386/RASDDUI.DLL
- Size
  
  80KB
- MD5
  
  cf88e3e16b1b96a91b8ce807045665d8
- SHA1
  
  c5d5c9b950f36360755adf6484f9888c7f156b56
- SHA256
  
  fd8653846fa5587c6aca6ca00357d8a0ff2d711d74cc8129540a552557b14219
- SHA512
  
  6f0f4e5820b8e0b76582dbe4fc6c1914e39a83939150f3dee7ab45454aaf9f6a2af403a817f0ee1a67db30a4e212ede3efec31fd9b9d3b4c3f029e4b8e0003f2
- SSDEEP
  
  1536:KRJb5V4cHz98X3md6qdhtVZW7vOki608MbNjcKfCgpJwiKupY+aLSfMy959g1LY:c3V9VThzkndM60wibY3Uw
Score

3^/10

discovery
behavioral13 behavioral14
- Target
  
  POS58/pos58_2000_xp/POS58.DLL
- Size
  
  20KB
- MD5
  
  2dfaafa80d8c6a7b26050186d1a5ec2d
- SHA1
  
  8dafce2a55563a094eb90aae2ddb555995980aa7
- SHA256
  
  5a0e9c04809ec6a26cbc2c1bb62a04300d650442ea3014d2a755379269c00893
- SHA512
  
  4603ccad20756cb78dee904472c9475d4fed05e3002c4764510c59d1ed053f897725596cb7f332e199f5e4346a6b6f550ca93bd192ada13ee464e8ce8113cce6
- SSDEEP
  
  192:jhoYWS4Wx7IR8oDVYiU1UqwUqTj4O7UlfMrEfgcgBlFqpk7jVZqbdu8kHUfHwGs9:jhnWS4Wx7YDgPqTsOwZYo67BmTsZnVK0
Score

3^/10

discovery
behavioral15 behavioral16
- Target
  
  I386/RASDD.DLL
- Size
  
  425KB
- MD5
  
  d187053be3d5afe38b14bd80e1284997
- SHA1
  
  b765496c4cedb7d0fec79cdc73da130dccfa6313
- SHA256
  
  e0709dd910e84b38ce11ee141f1e21061eb48484a8356c4b012f3f5572fe40d8
- SHA512
  
  f98100eb114789f4397126fb9cd3e98fecfe68cad981a88640447a71dfa2133514e15d2d8e6f480d251654b4fc0507a6b5d4af7e3bb48f4717b42491b042230d
- SSDEEP
  
  12288:f0ortbP0Hd3EnD5IBaqGE2z4UYksDWVcToX:MortT+d3EnNIKt4UIqcTo
Score

3^/10

discovery
behavioral17 behavioral18
- Target
  
  I386/RASDDUI.DLL
- Size
  
  80KB
- MD5
  
  cf88e3e16b1b96a91b8ce807045665d8
- SHA1
  
  c5d5c9b950f36360755adf6484f9888c7f156b56
- SHA256
  
  fd8653846fa5587c6aca6ca00357d8a0ff2d711d74cc8129540a552557b14219
- SHA512
  
  6f0f4e5820b8e0b76582dbe4fc6c1914e39a83939150f3dee7ab45454aaf9f6a2af403a817f0ee1a67db30a4e212ede3efec31fd9b9d3b4c3f029e4b8e0003f2
- SSDEEP
  
  1536:KRJb5V4cHz98X3md6qdhtVZW7vOki608MbNjcKfCgpJwiKupY+aLSfMy959g1LY:c3V9VThzkndM60wibY3Uw
Score

3^/10

discovery
behavioral19 behavioral20
- Target
  
  POS58.DLL
- Size
  
  20KB
- MD5
  
  2dfaafa80d8c6a7b26050186d1a5ec2d
- SHA1
  
  8dafce2a55563a094eb90aae2ddb555995980aa7
- SHA256
  
  5a0e9c04809ec6a26cbc2c1bb62a04300d650442ea3014d2a755379269c00893
- SHA512
  
  4603ccad20756cb78dee904472c9475d4fed05e3002c4764510c59d1ed053f897725596cb7f332e199f5e4346a6b6f550ca93bd192ada13ee464e8ce8113cce6
- SSDEEP
  
  192:jhoYWS4Wx7IR8oDVYiU1UqwUqTj4O7UlfMrEfgcgBlFqpk7jVZqbdu8kHUfHwGs9:jhnWS4Wx7YDgPqTsOwZYo67BmTsZnVK0
Score

3^/10

discovery
behavioral21 behavioral22
- Target
  
  POS58/pos58_win98/DMCOLOR.DLL
- Size
  
  17KB
- MD5
  
  a4325003c6cb7b4632654c4b8950ce4a
- SHA1
  
  f13e9afcc9d1d8592f26ca08c14924c7220f9bc7
- SHA256
  
  1de3922cb0c94a73d83ce47c2b873ce5b9028428b38ebc9a392411b82d37a469
- SHA512
  
  f51d34330218810e660da2528c7afe7ffeee718d09af7e3491ee9c6180b079056c4458517d5d4d9f7d6ef180d64de10db8269fbc5e969a647acf1f4e3f08bbd2
- SSDEEP
  
  384:HA6qa+InnSt61TR3PonbfJ4E0PGm/8jShGCmF0p8vD2huCQ5dhF06K1t:Hvq8nx1TR3EmEClhGCm6avD2hHQvhZK
Score

1^/10
behavioral23 behavioral24
- Target
  
  POS58/pos58_win98/ICONLIB.DLL
- Size
  
  118KB
- MD5
  
  ed70efd441caa9f6ad185f4c15e490f4
- SHA1
  
  f26dfde70f3987f175d18851877cfb38dfed74dd
- SHA256
  
  a2451d2ee6636076705d272d311dda7978008d53f9941accb99a7fc1a976c3b6
- SHA512
  
  cd7f5d9a7c0a3aa998cfab8292a57fb0e517f4d2998d5c7ef36c0f93d561abbc47c0395b1d0927e4f014b95b76eb91deed6a622cf13ae128646e4a80cbd328d8
- SSDEEP
  
  384:d2yOapglcAH9vg55zs935xZxO5XAXtI/dSK5IkSkkBkd5555555555555555555G:dZOR6YvpO2jCjfyl
Score

1^/10
behavioral25 behavioral26
- Target
  
  POS58/pos58_win98/UNIDRV.DLL
- Size
  
  208KB
- MD5
  
  39d544cce2ed3dba9858b9e513409d2e
- SHA1
  
  20d8d9bb9b647564af79a2cf352d44aa8c7df088
- SHA256
  
  dba11943e0fd8018bf474f5df7c459d741515fd4bd0e2b4b1b79ecaa144b3e1b
- SHA512
  
  7ef081e2b45291c6dbdf66160320e0bf9d2bd7a3d4faf7369b6ba6901f19cf756816e50e50afa8a2694bac2cac17c86eb2f1ae013f328ec08971ca04ff439744
- SSDEEP
  
  6144:KduLei8gf2Zt6/Rml2Tklr/PK4Hl6bt9Z+cLNNTlSJm9BS:MuLei8gf2Zt6/R82GLPK4F6btZhNpSIy
Score

1^/10
behavioral27 behavioral28
- Target
  
  RWic.dll
- Size
  
  287KB
- MD5
  
  25d6489b7deeac1cf38ef2d62a8fe433
- SHA1
  
  54594e79534ec4000d5d5a86fd68cf18b0feca01
- SHA256
  
  1678a564785ea7e1ff7164d6752706aec1aa0cc1e115ee7e0864b6932daeee0c
- SHA512
  
  3aa75b7eb71882a6ce694540a2d4330b988d5d41d7bade71da4463f98825dca056d13c1e07cd37460e69175614c23df2be5347b4610b186b82c6b5fb53d13f57
- SSDEEP
  
  6144:js1/IYrUqsU07McLcxBOVwg/mvDHysUejWa4Zt6gshKEZ1OQmNBmDq1bI/df:js1/IYo5UTCcxBOV+vxHjWaqshKEvOQB
Score

3^/10

discovery
behavioral29 behavioral30
- Target
  
  SWind.dll
- Size
  
  152KB
- MD5
  
  46e60eff6e1c0e0561e4fdff3541c9d8
- SHA1
  
  ea9175b16006aa65c13dde17bcf6db296909402a
- SHA256
  
  5bd7caf86aad19b232384c1d60726e8f0165f42eed68538cc1907aab602ec0f0
- SHA512
  
  f7da4f61ad10dbdd28e563923c677be6f7be1ed54946b1edb6d12f65d35bd0a5da9bda8c40f2d6e8fd870e3be42d78109a9e69fd3cfa215bc4934587654ab466
- SSDEEP
  
  1536:l95MbWrDILjcexB73Tpk3GZF6/m/2hALy6jm1XJIoVJax6Z+8kZaJwx+:D5IcS63Q6/jA5m1CoVJuw+8Ikw
Score

3^/10

discovery
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32