Overview

overview

7

Static

static

7

81c7933959...18.exe

windows7-x64

7

81c7933959...18.exe

windows10-2004-x64

7

$PLUGINSDI...nu.dll

windows7-x64

3

$PLUGINSDI...nu.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

bink.exe

windows7-x64

7

bink.exe

windows10-2004-x64

7

binkconv.exe

windows7-x64

7

binkconv.exe

windows10-2004-x64

7

binkmake.dll

windows7-x64

7

binkmake.dll

windows10-2004-x64

7

binkmix.exe

windows7-x64

7

binkmix.exe

windows10-2004-x64

7

binkpl64.exe

windows7-x64

1

binkpl64.exe

windows10-2004-x64

1

binkplay.exe

windows7-x64

7

binkplay.exe

windows10-2004-x64

7

changes.html

windows7-x64

3

changes.html

windows10-2004-x64

3

rad2exe.exe

windows7-x64

7

rad2exe.exe

windows10-2004-x64

7

radana.exe

windows7-x64

7

radana.exe

windows10-2004-x64

7

radbatch.exe

windows7-x64

7

radbatch.exe

windows10-2004-x64

7

radinfo.exe

windows7-x64

7

radinfo.exe

windows10-2004-x64

7

radsiw.exe

windows7-x64

radsiw.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    81c79339595f7cbc7f940ec0f5cd168a_JaffaCakes118

  • Size

    1.2MB

  • Sample

    240801-z942dawgmr

  • MD5

    81c79339595f7cbc7f940ec0f5cd168a

  • SHA1

    967df97d761c411f76329c84a5eefba50e4e207d

  • SHA256

    24513240bba0a69bd9b9f5bfe77756c3f16b44cfb0895f8b15f628d14e759463

  • SHA512

    f1b9a581004cb4cdbb92445925fb0cbd646814361cdd2c45401be15f9c1e745669467d9c92cc6684803fd42cdc0da916b1b3ad6fde7aeca4577f120023d21de5

  • SSDEEP

    24576:gHzUI2li1t8g75dAudz7fjE+U89d2Rx+CIctHetpsP8GxawMR12nY:/IZZ7Mmgulc6psP8TwUUnY

Score
7/10
discoveryupx

Malware Config

Targets

    • Target

      81c79339595f7cbc7f940ec0f5cd168a_JaffaCakes118

    • Size

      1.2MB

    • MD5

      81c79339595f7cbc7f940ec0f5cd168a

    • SHA1

      967df97d761c411f76329c84a5eefba50e4e207d

    • SHA256

      24513240bba0a69bd9b9f5bfe77756c3f16b44cfb0895f8b15f628d14e759463

    • SHA512

      f1b9a581004cb4cdbb92445925fb0cbd646814361cdd2c45401be15f9c1e745669467d9c92cc6684803fd42cdc0da916b1b3ad6fde7aeca4577f120023d21de5

    • SSDEEP

      24576:gHzUI2li1t8g75dAudz7fjE+U89d2Rx+CIctHetpsP8GxawMR12nY:/IZZ7Mmgulc6psP8TwUUnY

    Score
    7/10
    discoveryupx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

    • Target

      $PLUGINSDIR/StartMenu.dll

    • Size

      7KB

    • MD5

      e98edd029f7f9f62ebb75992841817b8

    • SHA1

      8a7054283e4386689a29c63f4e65f3ef1ea7c43f

    • SHA256

      abf56fe9b605c8cd716a2cc59b6ef052428753d5c716aaf857c3349d74fae66c

    • SHA512

      d6f3b151715a843a795f5a79931867031b2cc0c6406050f6af665fd07ba9d3b69557a09c720f88328b277fde0f47fffbb36a895196b7eb28d3c15ad0becc063a

    • SSDEEP

      96:Z+dBC0x22epxPEvC4FkWE+in1/FMvsCGRfRFqCB5tlGhEl5VN:Z+/epxPE1r8/FtmCDtUg5v

    Score
    3/10
    discovery
    behavioral3behavioral4

    • Target

      $PLUGINSDIR/System.dll

    • Size

      10KB

    • MD5

      82f7926fd7d12e3eb8ed7b5232bcf956

    • SHA1

      6065fc921b742cc86c77ce2533fc1d17359eb45e

    • SHA256

      604b5e75f43ffae8f172018cdd8f136392d9c52ae0c100d27ef537bb2dfb3984

    • SHA512

      b31a63ebbda8f147c32d8336c5ecde8c5261ad5526b01926d7cd74b7a9a1348da56e180e53d20e1e300daca76f9511f24d6e695550b705b7650c239e5b6e76c7

    • SSDEEP

      192:BGO6dJA/ruAFEiUdWWE6hsD4YUdJfbub1a8SgMO:pKAFERdlxhTYUzqZaV

    Score
    3/10
    discovery
    behavioral5behavioral6

    • Target

      $PLUGINSDIR/nsDialogs.dll

    • Size

      8KB

    • MD5

      f42b19bd20c82eabcfe14273499e7664

    • SHA1

      99310fe91a2e2fbe720761b5625e1f83afeee0db

    • SHA256

      c99f30f5e2dfd948b7da2219bc5a0a73836a70e2486272b42c3ca45710b0316a

    • SHA512

      c6867ee68b3099a9b03aba7367ed6e55576f874eccab71fbebbc9c3cb01f20e616615e8080c2a379b7e7da1abe6cd776f862f8c9ad4dce38d2fa79b48fa38e49

    • SSDEEP

      192:Jc5gZmsbMx8dA4I5DpEPznEg0rh392d01:JigZHMxSA4kGzEzrp9

    Score
    3/10
    discovery
    behavioral7behavioral8

    • Target

      bink.exe

    • Size

      31KB

    • MD5

      e23d13d60e19a61c18cba46bc400aad9

    • SHA1

      9c834ddab67b8c4d8c02e781d6ea0e1421351e12

    • SHA256

      afeff11dcd8e42e6beff6f86e57097ff1695b37dc46059218e3dec8dce534a33

    • SHA512

      136ecd5db959d2efff8adfe684b8a947fce14ca3adab52ccc2173ba399870c20e17cb813a36e666f961359bca9ec36224070d7fcf029b492954daa25ea9e4340

    • SSDEEP

      768:wBCCy0uO9hWDc5I+DN+aPeYGwTVcqZ65:wBrCO2co9GT/Z65

    Score
    7/10
    discoveryupx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral10behavioral9

    • Target

      binkconv.exe

    • Size

      24KB

    • MD5

      559c3613c8fb1f412f95833ecbe67d5f

    • SHA1

      fd364998f8d16593f2051b68cc88a683417d9512

    • SHA256

      12bf56b20914904fabebfb08f3faa3be4cb03d9924b269d460782f612b98f35a

    • SHA512

      4ac703395ed584baf38c901abf586a1da1cba7572ef2c8533ca87a6002bdfa1325bc46cc1e507d219d5bdeb34df3bc346ce182cbe1d4ce8d07bee0016ebb87de

    • SSDEEP

      384:QyWhtzN1fpoCLGqlQ0vkEFeSRiqSqKDXiKDcVc5gZ65n:QyWnNvopavkTSkkVcqZ65

    Score
    7/10
    discoveryupx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral11behavioral12

    • Target

      binkmake.dll

    • Size

      83KB

    • MD5

      5e512bee392651ee2f707530fb9626ec

    • SHA1

      8be938186a04fdcd72df62c65e9930ea298eeee3

    • SHA256

      63bc569eb578682a8ed9cb7b437e55bf5a3b613d4f3cbc2ccb139ce6e9d68f4a

    • SHA512

      97232781e0c45670e0bacb0f1d0846c6d9795d1b49deea528149fc02bad17b5893b9c741718422d520c2e1ee60d52448044332fc93572cc25a96d1f82aa78fc7

    • SSDEEP

      1536:jQm0SRb91jIIVoZEfHkMXHPw+2G7YZ10IWVD8Zj+UC8I/NbkSXvo6aKL5Anouy8g:R9kIVckHkM+GEAD8ZCfF/NbkSXwOoou2

    Score
    7/10
    discoveryupx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral13behavioral14

    • Target

      binkmix.exe

    • Size

      19KB

    • MD5

      d064be27da6dbc00815519ad54a4f34e

    • SHA1

      22e0de9d30c8f88beea41a08937058d75ac19f6f

    • SHA256

      37b1d21aed203ff7d0fd7215152fdcf73d12cbc9c710670fc06b470e3b6ce666

    • SHA512

      4f3c5ffa4d609b08a7a982fa5638a84471e2a2f5783fe298690055570338e37cd030b240a23bd20078e15549d94dcfc83131ede19acec214165235d3fcdc92d5

    • SSDEEP

      384:dDG7b51wRtZcB1N6x8A/Y1EqKDXiKDcVc5gZ65n:c7b5eC3il/YhVcqZ65

    Score
    7/10
    discoveryupx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral15behavioral16

    • Target

      binkpl64.exe

    • Size

      315KB

    • MD5

      1e4cc4349837760aae5f90e8ab966cf4

    • SHA1

      5b62489064bd830946eaf3b0ed583f7895b4a899

    • SHA256

      c8a96f2da5f5e7d76c6030964fa90f04df08f257b03a9f87b18b95bb8e631120

    • SHA512

      69626ccbc4c67baf1f40a2c593676a6a183b3e8f580ae89fbb4678a97de540355459884d88f96ab58544cffefae1fd0040e89cf867600ba52ad91e595c599b74

    • SSDEEP

      6144:Bbb87vo2JMw9TVrKwaTV/IiajaL3jvrKyd7N77ZbQfQYfAuK/1XvwHw8:Bbb87vtvKwAIiajQjjKy6/E1o

    Score
    1/10
    behavioral17behavioral18

    • Target

      binkplay.exe

    • Size

      137KB

    • MD5

      258261fda252488890518db3bc0b512d

    • SHA1

      088bf655f2f066aedb9599b161a47c8defd89176

    • SHA256

      4a60fb3ced26bf0e470274e0dcd8324f308986b6083df66f99aad54bb8c70d41

    • SHA512

      3d49208cf7711605533e10f41efe21ca4f6f32bec31d4e349cd39e944b7be47bdfc97e2590f6301e8d67a28bf53b39ff5cd72113088df9ab8d0a09bd58801f24

    • SSDEEP

      3072:9vcJkbEOlkMBXEthj27q3+3H/56A0yTdIZvxwLCQScE4IMO9I8out0/Ze:9vfbEOlE+3H/56CTdIZvKGI8oSu8

    Score
    7/10
    discoveryupx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral19behavioral20

    • Target

      changes.html

    • Size

      108KB

    • MD5

      f813d9bf5086310d61013b488d17ba00

    • SHA1

      c2d117ca7ca2177ba1ff8f90c7319b6fc8428021

    • SHA256

      2d8222c8323a53c8e7c52894e53377ffd91fb5862d0c253e84f10036199a165e

    • SHA512

      ab320195acc5f5a281e87c4389c794bc5b01957df3aded75de483c9c03a9bd3718601936744c52482cce7c267c92023e56358d591a5a7fef78cd464257717500

    • SSDEEP

      3072:LrVfF8ZfbDdwZ1ZxmWuSXywTpo1MzlbJZCN:LrVaf/kLlb6

    Score
    3/10
    discovery
    behavioral21behavioral22

    • Target

      rad2exe.exe

    • Size

      19KB

    • MD5

      3f66bb08669fd3b83d82b468f5d4f6e3

    • SHA1

      a3fe993d30cc23cd89b012a97d6192c22e7ac855

    • SHA256

      97f623c06580c146d1b7407ea2a6492ef5f9ebc0190dfa9f55993157e40afb7a

    • SHA512

      88e6eb8154dc44f05be4c070612fb3f738be07393e611f7331557274126d8acc8423d1dc1d97004deb912aadcb510a66a8313eb1b179d62e405be8cfe6fa2ae6

    • SSDEEP

      384:dk5EaH79WYlbIJ+fVUu8qKDXiKDcVc5gZ65nI:dkWEuJqasVcqZ65

    Score
    7/10
    discoveryupx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral23behavioral24

    • Target

      radana.exe

    • Size

      154KB

    • MD5

      937758d6f76d9a43a24c0fdbc9874dc6

    • SHA1

      665c72a8c5218499f534b3c7d0b1a7fd41ae7857

    • SHA256

      4833781c7d12e5276d31d85ea966af299e2bc74a013b75c599db5e303017c434

    • SHA512

      f3ce4fd9848a88c6ff250e6d8d72dce113cf6eee7d1dd8a24bbf68ae1f0bb56d54ff624f446268a1a281be4cdc2e8381210e638c03f2dba8b407f16eca6c7084

    • SSDEEP

      3072:kh9neBiGy5Uxyljccf6vLI6ryHiHCcDwJIj90r35BrKM5vqRyZhA+wvPEout:2eBiGihlIDI6mCKo4Brt5vqRyZ2HEoS

    Score
    7/10
    discoveryupx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral25behavioral26

    • Target

      radbatch.exe

    • Size

      31KB

    • MD5

      be483d99c4ea05c3bf1ee180ae26028e

    • SHA1

      dd68645f8a4083899906de747d7962eaee22f873

    • SHA256

      689c2fcc600754105a7a86833c90e033df3d235b1a15cbdfa7641139584f2e7e

    • SHA512

      32e9017fa3dd222b1047099b23822e0a9460e7ea8c08301c3aa782c95588c172ed0cbac48aed449e88f7ad384126b45cfe8281fecc799ae0afd3d8bdbaa02bca

    • SSDEEP

      384:qlhvw0E5ViB6aCWo42tWAI8UeYHsYBD3XqKDXiKDcVc5gZ65n:uS0UkoaChehHHDkVcqZ65

    Score
    7/10
    discoveryupx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral27behavioral28

    • Target

      radinfo.exe

    • Size

      7KB

    • MD5

      1556d287709256eee4233841b99cca4f

    • SHA1

      ba46cd76bdc81c97f0401ec27cb0c3808723ba88

    • SHA256

      1f8addf0cbdd1c6887a1aaa4f2e9dc962e6c9bc6a9c6de7cb909d2e43034a1d7

    • SHA512

      a87ccbb74c5a7ff4162d8291753ed45b73647dcd70ab0ebe1191140624adff6fd8d47aa799c940d9f3353074a713b76cf3e2e55030cd7a65de332c2a43c1feff

    • SSDEEP

      96:NIW0yOjnPBnlI2ILqzEd4ppMb7TCjLcCRMPyU1olrx7GVSLYx8:N2yQBlI2I+zfpwTCchPn1olUiYx8

    Score
    7/10
    discoveryupx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral29behavioral30

    • Target

      radsiw.exe

    • Size

      18KB

    • MD5

      cf0610baf39eea22a2cb203c0052ea88

    • SHA1

      87b25e8c80fc3d50a4b6a8ef058b6a8d06628c08

    • SHA256

      381ee339c6634a2409fde9c722870da36f18dd82f8ce9ff48ef3be7d982ea77d

    • SHA512

      87d73561267377a71d09b81b3cbafe5a158c4440a413e6bf2231aa9289518943f0a783317956e38c080f9c6092372f2e6dd8edcaa68580fc8b1cabd4638461e0

    • SSDEEP

      384:xWlO64NnWl4Sih2vAAUXvaMS6HlOrXQ55HK6hw08yhEmKaXGxK9Wzss+qLwmc88w:l6mYoOUXvaj6srXQ55q6BpK+EKYzZ

    Score
    1/10
    behavioral31behavioral32

MITRE ATT&CK Enterprise v15

Tasks

static1

upx
Score
7/10

behavioral1

discoveryupx
Score
7/10

behavioral2

discoveryupx
Score
7/10

behavioral3

discovery
Score
3/10

behavioral4

discovery
Score
3/10

behavioral5

discovery
Score
3/10

behavioral6

discovery
Score
3/10

behavioral7

discovery
Score
3/10

behavioral8

discovery
Score
3/10

behavioral9

discoveryupx
Score
7/10

behavioral10

discoveryupx
Score
7/10

behavioral11

discoveryupx
Score
7/10

behavioral12

discoveryupx
Score
7/10

behavioral13

discoveryupx
Score
7/10

behavioral14

discoveryupx
Score
7/10

behavioral15

discoveryupx
Score
7/10

behavioral16

discoveryupx
Score
7/10

behavioral17

Score
1/10

behavioral18

Score
1/10

behavioral19

discoveryupx
Score
7/10

behavioral20

discoveryupx
Score
7/10

behavioral21

discovery
Score
3/10

behavioral22

discovery
Score
3/10

behavioral23

discoveryupx
Score
7/10

behavioral24

discoveryupx
Score
7/10

behavioral25

discoveryupx
Score
7/10

behavioral26

discoveryupx
Score
7/10

behavioral27

discoveryupx
Score
7/10

behavioral28

discoveryupx
Score
7/10

behavioral29

discoveryupx
Score
7/10

behavioral30

discoveryupx
Score
7/10

behavioral31

Score
1/10

behavioral32

Score
1/10