897155cc67dea5b3e363b37c8d890f92e2cd8070eb1a0626a0d8de193c06bb49 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

838f0690186d88326e6b46e0728c085b_JaffaCakes118
Size

1.7MB
Sample

240809-zyay6ashqa
MD5

838f0690186d88326e6b46e0728c085b
SHA1

3211b6b3a4d4a103d9a6e8ecc1e510aa5b387ea8
SHA256

897155cc67dea5b3e363b37c8d890f92e2cd8070eb1a0626a0d8de193c06bb49
SHA512

f0af08264b2d1cd741fe38e19d1fe1ce84806d587a1662ccc116bbe8d18befb96b9e8f246044f12f6cd0dc7686ee7efab32cbf27dac7d9ff0f66d990424713c4
SSDEEP

49152:C9q3WS5thUKoSKygtWKQZefPOw3dZrgJXuddwJjgsBnPvldt:D3nKbtuZ54dZM+ddUPPvldt

Score

7^/10

discovery upx

Malware Config

Targets

- Target
  
  838f0690186d88326e6b46e0728c085b_JaffaCakes118
- Size
  
  1.7MB
- MD5
  
  838f0690186d88326e6b46e0728c085b
- SHA1
  
  3211b6b3a4d4a103d9a6e8ecc1e510aa5b387ea8
- SHA256
  
  897155cc67dea5b3e363b37c8d890f92e2cd8070eb1a0626a0d8de193c06bb49
- SHA512
  
  f0af08264b2d1cd741fe38e19d1fe1ce84806d587a1662ccc116bbe8d18befb96b9e8f246044f12f6cd0dc7686ee7efab32cbf27dac7d9ff0f66d990424713c4
- SSDEEP
  
  49152:C9q3WS5thUKoSKygtWKQZefPOw3dZrgJXuddwJjgsBnPvldt:D3nKbtuZ54dZM+ddUPPvldt
Score

7^/10

discovery
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  12KB
- MD5
  
  3c19f79ce11facc2fc4d3351dbb263e0
- SHA1
  
  17f4bf4b18ea7700f70ac7d825dc997be0d25f71
- SHA256
  
  cfaba712ad640ce2b4890005ffcf03ed9e2a18a6cf9075295f3aaea1478896b9
- SHA512
  
  05c9ac861e4fed610171fcb5fad40abc30cbf90e9c7cb13c758f52cdff568af0fdd6af968db4fb143a748c77f21c353c7cffea28cbcbd2ad17157038ab490273
- SSDEEP
  
  192:Aq6dnSzJb/WHM9Vm8/FlW8pMFEi49xpkpIURnPehwbbHF1Quhcb:L6dnYbuH+3FlcmzWnW2bbMuO
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  help.chm
- Size
  
  976KB
- MD5
  
  e0fc2136523b81db7b317a054efde6f7
- SHA1
  
  5d6681e6f6167ef68617a27799027e964c65d6c2
- SHA256
  
  9e3d69993bfdb5b998cff62a432ab028219e6b8cbe0ee8a61f1ebd65583071b9
- SHA512
  
  c58bd278fe2bac5a163bf7f43e41450c0d04aba2a5b0f3ce76a9f960f420942509db88ed15df7d7062777630f2b435aeb93cbd9e2723a24df57dab8782080897
- SSDEEP
  
  24576:GPLimLT3dZ2KzckoDb0rzdLRH/H/Q7FjsrsRb/nPc+lkO:GPOw3dZrgJXuddwJjgsBnPvlX
Score

1^/10
behavioral5 behavioral6
- Target
  
  hurrun.exe
- Size
  
  608KB
- MD5
  
  0d9abb40bf010b674e9bd8420c646600
- SHA1
  
  9a0112ee0bcb6e817f6f8ca7d86b8b770887d3fc
- SHA256
  
  5108a8493e9f6bd20adf29426c2166a1e0056f11b35bad5b7a05443348fd85c1
- SHA512
  
  70fb169885a0057649442e77ee7663b404ee662121753aa4fcd5d0ee2f56a191c663eb0fe10fd10c2ea66dab873a2f6be593a1bc07204d4aa5930046a5931cdd
- SSDEEP
  
  12288:8W4ENBASDcRlt3IqT04eg8pe+b+LO+l7uqEqZB1KRZr:9hN2SK33g3bI+CLRlbE+TK
Score

7^/10

discovery upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral7 behavioral8
- Target
  
  import.dll
- Size
  
  162KB
- MD5
  
  93a0ada475d95ba06539b84b646439c7
- SHA1
  
  b173ac84bb754b92df2a50b6c00731072bb201d1
- SHA256
  
  52628639e73c6d88451ffef1c124cda208704599636c381868ddf5388d669b78
- SHA512
  
  42c20896b30633c65ef5341e8a1367f512d5f8c278597fbb761bf481cd75218b56a30a6207d2b24212f720e7afe9027a6f4b475f7d8e1187e5df281ff0b67593
- SSDEEP
  
  3072:z5xUk+w9Ms8LbB3vcQqXsVAzJHm174+G0qEXUZmX+jWZ/VwXqi62:FxN+9xLbBfecqgh/3XUolZ/V
Score

7^/10

discovery upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral10 behavioral9
- Target
  
  mousehook.dll
- Size
  
  9KB
- MD5
  
  a560b9edf19e09a865823b27b7b8a6fc
- SHA1
  
  dde098890626c027ea6cec98e965bccf34291749
- SHA256
  
  6398895ebf5b9fe6a9657a10f182a7caca5ae9344f24ac306d192823e24ebb07
- SHA512
  
  a5dfb5a84110e8daca3d216d09f7a81dc090a41ce4b307378239b5eb55c481b97ae21918d3b5ac046fc108a6e245128251a3ffe62ea0d39459f39cdad9a82913
- SSDEEP
  
  192:nHO5BLRvLQYSOzQumreWuafHkvfCh/Nff0XGT4GJM+ey6cVRmuSf:HOPlQYvmreWuaMnCjVvrs
Score

7^/10

discovery upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral11 behavioral12
- Target
  
  uninst.exe
- Size
  
  61KB
- MD5
  
  6267dc951f93a0b05841cd50800fbe5f
- SHA1
  
  1255bc33be06de4979d353160f7d77b6a5548cce
- SHA256
  
  8fe64a9f8784d7fb48dcf04b23310f06dabcad52ff7ba76a884936840e2b478f
- SHA512
  
  4b681613d03c36b49749cba1a296f6072af692975c8fb00f054c0ccbad8f77adff0d900e0308f7711cf84490e64ac3f0a9ea17cc6eb834cd6e878304a85b34e6
- SSDEEP
  
  1536:j7aQWAWNyREzwxXxT64kkJt65QcREYRNX4:jfWxcHfT64kkJtNqI
Score

7^/10

discovery
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral13 behavioral14

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14