2d09bb39a7bd1309d9d79503a358a12b3f0b5be8fd42bb1d2e8b93d91518c3d1 | Triage

Sharing

General

Target

6f7866b0527f9d26154bddadf626ca01_JaffaCakes118
Size

8.0MB
Sample

240725-n3v94szgpd
MD5

6f7866b0527f9d26154bddadf626ca01
SHA1

e564982cf838d2dd83d716995cafb8404bb05ea5
SHA256

2d09bb39a7bd1309d9d79503a358a12b3f0b5be8fd42bb1d2e8b93d91518c3d1
SHA512

9b0a03e031904ff39d65f39094dc4ca1432e2e77a56dfc7377c41fb0877be46c2e31331fb0117bc365b3788d3fecb0d688d7992aeac61bcf85ac16cf38dddc0b
SSDEEP

196608:KaEpSC9SBmkqL7rIv3Hf7686azxLycVdLTvw+4YRoS:KaaSCemf7E/HO86ahPvw+kS

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  6f7866b0527f9d26154bddadf626ca01_JaffaCakes118
- Size
  
  8.0MB
- MD5
  
  6f7866b0527f9d26154bddadf626ca01
- SHA1
  
  e564982cf838d2dd83d716995cafb8404bb05ea5
- SHA256
  
  2d09bb39a7bd1309d9d79503a358a12b3f0b5be8fd42bb1d2e8b93d91518c3d1
- SHA512
  
  9b0a03e031904ff39d65f39094dc4ca1432e2e77a56dfc7377c41fb0877be46c2e31331fb0117bc365b3788d3fecb0d688d7992aeac61bcf85ac16cf38dddc0b
- SSDEEP
  
  196608:KaEpSC9SBmkqL7rIv3Hf7686azxLycVdLTvw+4YRoS:KaaSCemf7E/HO86ahPvw+kS
Score

7^/10

discovery
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  14KB
- MD5
  
  0dc0cc7a6d9db685bf05a7e5f3ea4781
- SHA1
  
  5d8b6268eeec9d8d904bc9d988a4b588b392213f
- SHA256
  
  8e287326f1cdd5ef2dcd7a72537c68cbe4299ceb1f820707c5820f3aa6d8206c
- SHA512
  
  814dd17ebb434f4a3356f716c783ab7f569f9ee34ce5274fa50392526925f044798f8006198ac7afe3d1c2ca83a2ca8c472ca53fec5f12bbfbbe0707abacd6b0
- SSDEEP
  
  192:n6d+dHXLHQOPiY53uiUdigyU+WsPdc/A1A+2jPK72dwF7dBEnbok:n6UdHXcIiY535zBt2jP+BEnbo
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/NSISdl.dll
- Size
  
  14KB
- MD5
  
  254f13dfd61c5b7d2119eb2550491e1d
- SHA1
  
  5083f6804ee3475f3698ab9e68611b0128e22fd6
- SHA256
  
  fd0e8be2135f3d326b65520383a3468c3983fa32c9c93594d986b16709d80f28
- SHA512
  
  fcef8ac5bd0ee6e316dbbc128a223ba18c8bf85a8d253e0c0877af6a4f686a20b08d34e5a426e2be5045962b391b8073769253a4d9b18616febc8133ccf654f7
- SSDEEP
  
  192:t5ZTobBDJ68r67wmsvJI5ad9cXzFOVu+mZ/P3p+57CvpVqDxVp01Dwn2GRYgsfA:fBo/680dCI5adOjFOg9//p27uNw2bo
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  11KB
- MD5
  
  00a0194c20ee912257df53bfe258ee4a
- SHA1
  
  d7b4e319bc5119024690dc8230b9cc919b1b86b2
- SHA256
  
  dc4da2ccadb11099076926b02764b2b44ad8f97cd32337421a4cc21a3f5448f3
- SHA512
  
  3b38a2c17996c3b77ebf7b858a6c37415615e756792132878d8eddbd13cb06710b7da0e8b58104768f8e475fc93e8b44b3b1ab6f70ddf52edee111aaf5ef5667
- SSDEEP
  
  192:7DKnJZCv6VmbJQC+tFiUdK7ckD4gRXKQx+LQ2CSF:7ViJrtFRdbmXK8+PCw
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/UAC.dll
- Size
  
  13KB
- MD5
  
  7191bf2f751c79e50386b87c458ed2da
- SHA1
  
  30df71f1945f0ece8d396042dba84d92f84dbfb6
- SHA256
  
  45de80c4ef75ac01fdfca02a0c05c090311cb65b0f52b61e2307494d643466df
- SHA512
  
  121143369c5edd732a513c884fa90d0ffc03f3966c46f8feccad09591295890de61dec7872e6fd6cd03ae132287bd1dad44d74b45fc8e623a0fa4a647510ca91
- SSDEEP
  
  192:dlKA1Fiy+JjtWyPPW/O3w3hzwGRDvTR5QKZMAWSp2o0R:WA1n+HXoO38bVvTDZMAWSpuR
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  MTA/D3DX9_42.dll
- Size
  
  1.8MB
- MD5
  
  c6a44fc3cf2f5801561804272217b14d
- SHA1
  
  a173e7007e0f522d47eb97068df0ca43563b22bc
- SHA256
  
  f8b9cfab7fffbc8f98e41aa439d72921dc180634a1febca2a9d41a0df35d3472
- SHA512
  
  2371844bc86cdce2d1933625b921b982c4d1b84a39698b51180b09a2d45732407d721fa01d294ca92a88777607a1bb00283f6bcdd4231137a388216d0b09dd5a
- SSDEEP
  
  49152:E8kmV+RIMtAO1r5EHT7SPy/OsXEKWtElmrAtmguohFR:E8k8+RIMtAO1r5EHT7SPy/XXtlmrAAgd
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  MTA/cgui.dll
- Size
  
  1.6MB
- MD5
  
  1c8ec11fc62e928e698a3abdeabc6356
- SHA1
  
  018fe1e2e05bfc1a998f92cd87a45bb7c3380bb4
- SHA256
  
  2ad6bb00cd67ed758bf51c1c4423ef7712a6d0ded868f53723e6e57c28f1ff85
- SHA512
  
  17456c80f9bedd235171430152017ecb0d4af6a9579b584e709e2354e7fb6cb9cdb2d402c9d8c22d5e1c96edccd78f9b7b696cd9d95faa875b4fda5a74c2bad5
- SSDEEP
  
  49152:AUKvXaONZGz1WKJvMUy7zQ9GApKvJZyYAtiJJ7:AUeXaONCLY7zQ9GApKvJsYAt
Score

3^/10

discovery
behavioral13 behavioral14
- Target
  
  MTA/core.dll
- Size
  
  531KB
- MD5
  
  8394942df3553e660a79e18f411ad6b6
- SHA1
  
  dcedca2491c33439d58ea12fe5debd32ceacd3ab
- SHA256
  
  5f3be1ea15ea6eafe94bfb6a6a74f866ba32319333454cc4024f5528825b21dc
- SHA512
  
  a48bdffb198ae794a3bfb33d37dffe226bd78a6e0aaf24be17695b701236d62947fe82276bf5305fb57394426dfbd854d2786a2315ffc911057c0b229467aa72
- SSDEEP
  
  6144:1q8bKOQRF6sc9ZaPukCeR0648UVO9OOuhcOsD44HTBqKKc9X7Sq+IWg4OKoFspj:1/bFQRF6Fp4AIQrsMyTsK19X7SHRgLA
Score

3^/10

discovery
behavioral15 behavioral16
- Target
  
  MTA/game_sa.dll
- Size
  
  451KB
- MD5
  
  78475982b7accc61c19e6fb4c5ea3a0a
- SHA1
  
  102e4da0cde2d69eaca941c999ae2e639f0eed1c
- SHA256
  
  b807a4442973f30127da6a5eb89196f78aa529669b782cf34a443bfeb6226b8d
- SHA512
  
  23ae85ea181221cb16abba98e7060d32f9035f833e181cb285cbd3ab9ed20dbcd8365661e069f3bb77c8df3f61421167ed330add406c70f860cad86be09a7b17
- SSDEEP
  
  12288:6TFVAbxtbJ5YPEhhKRnT9Zvhaht4zz5D/p7l5My2e/MWplotddYA/qk:5moVyk
Score

3^/10

discovery
behavioral17 behavioral18
- Target
  
  MTA/ikpMP3.dll
- Size
  
  128KB
- MD5
  
  fdcf2732596902fc918b4b1fb3042a47
- SHA1
  
  bfd935a121afaee5c4d799563d3d3e91e6a76797
- SHA256
  
  d8695000636ebff3b741bfdbd62506951cbca3d5f54fba63a15346c41a7c2c20
- SHA512
  
  bee2b4a337038e2cced6d41293a9aaf8b92d595e140715de8cbdb3ced9c552d1d0dc455cf5acac80be4ee1171c7671a1ec50888fc424768bca08b2f2178a9a12
- SSDEEP
  
  1536:qk9qwmGEijQwbSCSnFjqhqZMEE2bzyD+6Uwd3PISq6uSFwBoEJhvtmgMbFuTsliG:PmGVdHqZMElqnYBoEJRAg0FuTslik
Score

3^/10

discovery
behavioral19 behavioral20
- Target
  
  MTA/irrKlang.dll
- Size
  
  448KB
- MD5
  
  5f0b1a30145555e420d2654ea7ad65b2
- SHA1
  
  18c5e7e130f9a196e3708f85b77b4710e3fad5d8
- SHA256
  
  e06ff17463a5a7ed887cc6bf5c4cd6132609e878ddd5b47b3846e945c0374327
- SHA512
  
  8eb84d3abb6265a853846030dfd80a2f9f4d93261d820150c6a43d9c8b028fcb791cc4a79b456768c22beff2f0c46f410ed3b4bfa65afd048ebf6e7d9f236c06
- SSDEEP
  
  6144:ji/1vBSNZXsmYPe0QWQd8mWh5dPw1EzkEZNvMezszoTaGKt9TgOW8rQjfmKnauDz:S1esmY2dCpMe3Gb9TgV8rQjflnTNamy
Score

3^/10

discovery
behavioral21 behavioral22
- Target
  
  MTA/libcurl.dll
- Size
  
  171KB
- MD5
  
  6dbb3664f75eef0083ace528e9e6bcd2
- SHA1
  
  85ec406f10648bf33f5f2724c04e536ce91a7187
- SHA256
  
  3bf0538690f99e90976c74203f63c42595cceb269a554951de7cc36c7a3eae48
- SHA512
  
  a6cf81891a240d37d6bc3eee07dead58d4aeb72be90bfffa9b9253471551604a89d58e75c4ca53d079724176bd4b11e395d50b2e4c06c10f92e5a997b5c08bdf
- SSDEEP
  
  3072:QjkcqmjFjxYuUieIduItvHAfW99kyrG5b/NYFWdzVzA1XclcmUJ5Qu7coBi5GgXr:6ZjxYD7I5Hh9g1YFWdxzcmuG5z
Score

3^/10

discovery
behavioral23 behavioral24
- Target
  
  MTA/multiplayer_sa.dll
- Size
  
  50KB
- MD5
  
  31b3f92fde0c517f16c8db3d7186fc27
- SHA1
  
  69c1320c1dc0156a1b4e88c7752f42104fa0eded
- SHA256
  
  7d8f99857b46f4594cdd6041d5843ac3ba08b854b1a05684c83712ffdb4f9cb4
- SHA512
  
  350c7ca9f93cf3b3ed97d49a47e51a236a4123b2eb7acf6fb5c2f555f5ee60bf31a6e03274db6de055ba99b57171e222b1279aba4c939d7666de319c1f00218f
- SSDEEP
  
  1536:G9WbcpmZaXN7XhEjQUn413xt4NMgXOt1kJG:xbmmZ07xEjQ2Kj4NM4Ot1
Score

3^/10

discovery
behavioral25 behavioral26
- Target
  
  MTA/net.dll
- Size
  
  184KB
- MD5
  
  bc8654400809bb9d6c4a152fda32446c
- SHA1
  
  08a23c63706a17f300ec7c9a925d145c157568b1
- SHA256
  
  20a91d7cea541afaaf64b01e6f537eb9204fb8d22c32993953ee5da535d516d4
- SHA512
  
  a39dc6c12ed011150c067e46f3389c13d6c7dce646973b0975eba8175c051d1ca74d89ad40ba07320688989e32cc42c9406aba8f8afb854083a156bd41ec823d
- SSDEEP
  
  3072:azaRLADQ5fExO4r5rDKm8TBSt/th5MwH/wvRy7hBpj/bx4gYEKuWhzOtq5MqqDLU:azaeDucoo5niqPCy7hjj1SROtqSqqDLu
Score

3^/10

discovery
behavioral27 behavioral28
- Target
  
  MTA/xmll.dll
- Size
  
  58KB
- MD5
  
  6b2e6ca88df0831729876160772a5510
- SHA1
  
  b73b361ac895023e06a04ed945c0fe33b765ee15
- SHA256
  
  ab24b6a1ffa51621150406c741a21129bd353e61d6edff9367338252fcc34c5b
- SHA512
  
  2aeea02b9cb467e42764ab31326e8100dda52a1aa30fd693de46acc92b03ae91af561399c6e96fca407013bb5a2a9bd78485e8cfe46c8a098f26391ff06fe602
- SSDEEP
  
  768:yilBW2KsWlAtcTRA/GmPvcHvY3U7RR8MSN3hVFmbFeEJGoTB/KFxYlYZCEPVV+OR:yiyCg1y3aGoToFxSYZCENV+OtSST
Score

3^/10

discovery
behavioral29 behavioral30
- Target
  
  Multi Theft Auto.exe
- Size
  
  430KB
- MD5
  
  4df33632b703620ae26d5ade35f8740b
- SHA1
  
  492f75ccc1a9574708f3e1ce4de14560184521df
- SHA256
  
  c195aa6f3bd3e2612847a98365c072f6f3a468d8b30959627c8c9c2510204d21
- SHA512
  
  498b5ed7209cdf4e394eca05bf95fc32dd337d9677a8898343b40df4e98df6303d0cb9e42b07cad385ddcac90e6cb20714b5108d435a24f2a3a230545dbede6f
- SSDEEP
  
  3072:wo63hzka995LKStq6PL/AQ631z/cfcU/tDuZi/IqMcIYc4eL8QTOhE/DyzO6n7:mD97JD/V63V0vZPc4c0hE7iD7
Score

3^/10

discovery
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32