492396adcdec1f09536061c15d85d31d1ce57d94ba122117ddae5c147372ea80

Sharing

Copy URL

Twitter E-mail

General

Target

750ffaf3e8da1c843ea75aaa0ed384ae_JaffaCakes118
Size

5.4MB
Sample

240726-v9j9raxckb
MD5

750ffaf3e8da1c843ea75aaa0ed384ae
SHA1

e5c22b3550b57c02126776b438c204462dda2d82
SHA256

492396adcdec1f09536061c15d85d31d1ce57d94ba122117ddae5c147372ea80
SHA512

5073ec50f3b832a99fed81de954c9c1b2fa7b73e35c3ffff75caee9f892d0c77ac27b0bb44797595a71f23df682bc9c9ba34b6b2ff4e7e58f941ebd460fcbee7
SSDEEP

98304:kSdw0yhDpG8H0OZ+KM+fipFSktSfDvltpQBK6kGF5+oshX8CFMUKUqJzDzUVv:kSdw+8hbUFSktwtpmKM5+fhXRFf0Piv

Score

7^/10

Malware Config

Targets

- Target
  
  750ffaf3e8da1c843ea75aaa0ed384ae_JaffaCakes118
- Size
  
  5.4MB
- MD5
  
  750ffaf3e8da1c843ea75aaa0ed384ae
- SHA1
  
  e5c22b3550b57c02126776b438c204462dda2d82
- SHA256
  
  492396adcdec1f09536061c15d85d31d1ce57d94ba122117ddae5c147372ea80
- SHA512
  
  5073ec50f3b832a99fed81de954c9c1b2fa7b73e35c3ffff75caee9f892d0c77ac27b0bb44797595a71f23df682bc9c9ba34b6b2ff4e7e58f941ebd460fcbee7
- SSDEEP
  
  98304:kSdw0yhDpG8H0OZ+KM+fipFSktSfDvltpQBK6kGF5+oshX8CFMUKUqJzDzUVv:kSdw+8hbUFSktwtpmKM5+fhXRFf0Piv
Score

3^/10

discovery
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/FindProcDLL.dll
- Size
  
  27KB
- MD5
  
  6f73b00aef6c49eac62128ef3eca677e
- SHA1
  
  1b6aff67d570e5ee61af2376247590eb49b728a1
- SHA256
  
  6eb09ce25c7fc62e44dc2f71761c6d60dd4b2d0c7d15e9651980525103aac0a9
- SHA512
  
  678fc4bf7d345eeb99a3420ec7d0071eaba302845e93b48527d9a2a9c406709cc44ec74d6a889e25a8351a463803f8713a833df3a1707a5ad50db05240a32938
- SSDEEP
  
  384:DZoRF0XXUuJReQg0Tw67ADWBTgmldIogUD3GLgFmyaX/fVYcWJQCDmrinogRdBl:DZaF0HtTwuz9yu3KgwRX1nWJ1q+noI
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  15KB
- MD5
  
  6e663f1a0de94bc05d64d020da5d6f36
- SHA1
  
  c5abb0033776d6ab1f07e5b3568f7d64f90e5b04
- SHA256
  
  458b70e1745dc6e768d2338ccf3e6e86436488954ca3763472d8ffec4e7177e4
- SHA512
  
  2a037c39f3a08d4a80494227990f36c4fef2f73c4a6ad74dcc334317a1372234c25d08d8b80d79e126881a49fa4b3f2fffe3604c959d9ceceb47acc7192cc6a5
- SSDEEP
  
  192:VsIZHdT9uwYX94kYd2iCzHR+yK7imphLAykycpKPd5mj8ozxGUWumle:VsUHd9GN2d2iwl0impATIPdAj8Ov6
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/KillProcDLL.dll
- Size
  
  36KB
- MD5
  
  1cc87d2b5a79b18f133b4f944e2f2f74
- SHA1
  
  98e0ddb727c76e06be1668434d754e5b80a0c154
- SHA256
  
  de1177a4bd1c56c3555f366d40b37d7dd9cb25e16c4973d0a4d22bf9a8af7aed
- SHA512
  
  d8fee1c09fef9af4e1f38baaffa3a6d059713b14ecad900815c086cc22855644fcdeacd6bba31ea6e6925831e650f7b0d34e6dea4c57a978fb4f5bf0cd6d72a9
- SSDEEP
  
  384:JLmJwO50x66T9JOpOUT38YZvml7xoKdyuwlx8xSiorppugBwUdJopS:JW50hJwwUTsXdPwxvtpDtdJo
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  11KB
- MD5
  
  b9f430f71c7144d8ff4ab94be2785aa6
- SHA1
  
  c5c1e153caff7ad1d221a9acc8bbb831f05ccb05
- SHA256
  
  b496e81a74ce871236abcd096fb9a6b210b456bebaa7464fa844b3241e51a655
- SHA512
  
  c7ce431b6a1493fd7d1fe1b1c823ad22b582c43c8eb2fb6a471c648dd9df9953277c89932c66afd598d43ea36f4a8602e84cd175115266943071cbc8ce204099
- SSDEEP
  
  192:hClej3uzvJwqJMQKN4GbeWZksMI4ETWcEbcBZ8ep2Kra7yOG:hCm2HgN4GbeWmbI4Eybogia7yO
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  $PLUGINSDIR/nsDialogs.dll
- Size
  
  9KB
- MD5
  
  7823fc560926dcd8741de6f0b900083f
- SHA1
  
  93dc0a704bc0b8f90668548e36daf459be0ae10a
- SHA256
  
  ca869d6c6752aa4a8a6c874a694b543442992d7e854d0c48a1b60bca01a8c8c6
- SHA512
  
  c79509cd306638ea9badec64ed9f7d0690e46fcab7ac77f25134065b628e76d2812f2d874ea2cc4283685c567b613a39d27b9fc4a6de2d4b9d30131f3161c4e9
- SSDEEP
  
  192:SzQhZDqlJcKISw99ioU3MSfwLF/+nhHUVsdz:SzoZDGKYw9goWyFGBU4z
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  $R0
- Size
  
  3.0MB
- MD5
  
  5b6b36f69b5291b255d863f1c511a80a
- SHA1
  
  4380de3bc4830d72ca0646065dce8c15171ae65c
- SHA256
  
  ec5a3d0afe837e17cac7457492f5dbb96af5f944811bd1251eedebaa4121d23b
- SHA512
  
  d5ad4bec9390609ea23b76ed7420d438c23477de4652a54cbacbf3dbd097f5d4fa877de4d23ecb5a1b7b07f02be1ff69b5e3c5c171ce77269b7dc71d255a4257
- SSDEEP
  
  49152:wVI8DlzkhxeomPuR+ZR32msU88FCUmvjyH9/zC2AAPUo1g:N8DokugZR3H88FC5jyHIqP9m
Score

6^/10

bootkit discovery persistence
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral13 behavioral14
- Target
  
  StartPage/$R0
- Size
  
  7KB
- MD5
  
  bdc5a933dd11a46ba1881a7446bdd2c6
- SHA1
  
  03547b50e393b564fb7494027fe3a364018e1985
- SHA256
  
  2cb9c99f39635d2905be12cf17167628075aaea33d2da58fee0370f14f894e22
- SHA512
  
  17b98eb6296aab9d20b5850a9e31998c7f983b587170272f13df2a01f42e526e2d5b7bf7398e0ef0e748446e9a3417675a3a3e6ed557da227b36205cb547596d
- SSDEEP
  
  192:7uEFsHp4giMi03LcioiE3rj0i4iQQe28F:7RFsJ4giMi03LcioiE3Ei4iQQv8F
Score

3^/10

discovery
behavioral15 behavioral16
- Target
  
  StartPage/Local/ie.js
- Size
  
  21KB
- MD5
  
  3d61b3a104239092d28d6333879fb0ee
- SHA1
  
  47e8877c7a462702d9628da1dbb6dd751dccad81
- SHA256
  
  3e1b2a87513381cf10635112d3e5442bae247ef879eb1872701342d0e362e264
- SHA512
  
  f30fe56e6120bd4f276e162bb0972a89d73468af88fb2dbb43e8f3461c28e1bda26550984e6b54ace628246f4787ae1739d6a4e68dee68b11f2d9ba40a00ac54
- SSDEEP
  
  384:fQZDQ6R+ad0Z4ztlS6Ww0IjSSsSEMzFhJhEul3YreS7jYseS7Ai19isiaixsitib:fQZDQHCsU87yhDLcb
Score

3^/10

execution
behavioral17 behavioral18
- Target
  
  StartPage/Local/iframe.html
- Size
  
  2KB
- MD5
  
  7f025dd24024bb1ea34025cb86d17522
- SHA1
  
  19eb3d0d0a365f0997868d50256cce03ad108761
- SHA256
  
  0e158e6ad1423ec383db5cfb656e559bdce6f57bf11be464eea555b0d1491423
- SHA512
  
  bfea114378bd67b353b9e208478f330910074b2dadc78e82d57cca752fe1de080d10838f0e60980260aecb0ce5703f1f176cd19fd932e74a2726bc0aae5a32fa
Score

3^/10

discovery
behavioral19 behavioral20
- Target
  
  StartPage/Local/iframe_wk.html
- Size
  
  2KB
- MD5
  
  388c90fc50e3e7399da677c10fd108c8
- SHA1
  
  6c1e457174aeba2bb60c1da4e88deba7baf74364
- SHA256
  
  209dba04648f85caf01b72d112d3312f32731555cb984771f24dbeda542d994c
- SHA512
  
  5a70d2fde39626e145f74b3a94aa397b79b6f534d3da37f6db7fd5465ebfc881062003b97f6b74a9ca67799e6dcc5c31b8419bca4b2c18c3737978e1429da44b
Score

3^/10

discovery
behavioral21 behavioral22
- Target
  
  StartPage/Local/index.html
- Size
  
  7KB
- MD5
  
  bdc5a933dd11a46ba1881a7446bdd2c6
- SHA1
  
  03547b50e393b564fb7494027fe3a364018e1985
- SHA256
  
  2cb9c99f39635d2905be12cf17167628075aaea33d2da58fee0370f14f894e22
- SHA512
  
  17b98eb6296aab9d20b5850a9e31998c7f983b587170272f13df2a01f42e526e2d5b7bf7398e0ef0e748446e9a3417675a3a3e6ed557da227b36205cb547596d
- SSDEEP
  
  192:7uEFsHp4giMi03LcioiE3rj0i4iQQe28F:7RFsJ4giMi03LcioiE3Ei4iQQv8F
Score

3^/10

discovery
behavioral23 behavioral24
- Target
  
  StartPage/Local/wk.js
- Size
  
  21KB
- MD5
  
  4904b7809d40e2c367c5d16aa73d9e09
- SHA1
  
  6c4b5b1d3b723e02fae1c1de864a6b48012b0fc6
- SHA256
  
  2ca56e278808cc582a4edb7f96fcd070325e4068ad5bd44d3c6b29e799e95451
- SHA512
  
  63a1b06697b500b9741d4ff912186d636592fc15af546b29ea54b54647e8a55205e846e431c0c83bb5419c59ee11cca831b0f895aec94ee08b900132bdeddef8
- SSDEEP
  
  384:fQZHQP+adkD64zt2lS6Ww0IjSSsVe2zFAJhEul3VreS7tqseS7+i19isiaixsitJ:fQZHQ6usLrwyhDLci
Score

3^/10

execution
behavioral25 behavioral26
- Target
  
  StartPage/Selector/index.html
- Size
  
  15KB
- MD5
  
  283a98ba9466718cb6e46a001e5002f2
- SHA1
  
  46ac6469d958fcbb5156d98b6468aeff06e9d182
- SHA256
  
  01086414fb97f745082c62afe145084555e1b293cab5d768236dcec74a2beae8
- SHA512
  
  04e18f9d8ce0ef6b42a501daaf2757f1101cdd9bc99d99179a379adc44cb9f3ebd99ca524da66f4304e333213b981a1d9abfee3179a9e4334c2dd6cbd6102b83
- SSDEEP
  
  384:77eO72IDW/jcBq/503ql3UUhuTYtlwrWnmsTdtQr510mAdiTiGZ5ff50+cl2Heie:uX8uq6lE0YaKCmspM2E5ff5Akvb3a
Score

3^/10

discovery
behavioral27 behavioral28
- Target
  
  install_flash_player.exe
- Size
  
  1.8MB
- MD5
  
  a281d68f8ae56f0fb3971df7dc6e4e26
- SHA1
  
  f1df1ab84b61e7f2c3eea0a959d2115dd001816b
- SHA256
  
  9305e0c413dd8045f7a9f62578849f903431ed6d3b2cb1d3ca59b082360d2e00
- SHA512
  
  855ddcdc0124ecd350d13d6174d2a6aeeede565cfe3afaa3df015f82049ebb74eb21047f334194626a215e78c6f81b053f83029171b68ba82795f92293e21643
- SSDEEP
  
  49152:1ZjrU2pjuIOVIzMiJZLT1tMQ5IrqNUN3PU2wm1kuqE5+vxFLdMk:njr1qIzpJZLT1tbGqNUhM2w5uq5vxFLR
Score

7^/10

discovery
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Drops file in System32 directory
behavioral29 behavioral30
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  12KB
- MD5
  
  b3ebe1cb6bdd529302c121dd4e2e0d00
- SHA1
  
  305f022e7e3ef0ae6cdc5f18bd6adc3032f64304
- SHA256
  
  5a1696f9892567b3339faf2bf4df5eb1d2d886c49807529028b65f0f493e79b2
- SHA512
  
  6f6ea4aec1588bb6f7ab4f8422942ac0acbddb8b916af2ead039b434bec6db4d0bf64deb3b8d6cc33666cabd70024a1208411ab6e0ee10bcf98c47951f8d359a
- SSDEEP
  
  384:7Klm7i+c3QW6ckPhyDEaLnu2bbBBIXwZ:mqi8BcyhEhLjbbTI
Score

3^/10

discovery
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

T1059

JavaScript

T1059.007

Persistence

Pre-OS Boot

T1542

Bootkit

T1542.003

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Pre-OS Boot

T1542

Bootkit

T1542.003

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Writes to the Master Boot Record (MBR)

Loads dropped DLL

Checks installed software on the system

Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32