b59e1e75d9647357e686f077470054688d2b130e08dfc7ab9763ae22b83b2109 | Triage

Sharing

General

Target

8c396fbdacce214de2e86354a77350d2_JaffaCakes118
Size

1.9MB
Sample

240811-2db2ts1hql
MD5

8c396fbdacce214de2e86354a77350d2
SHA1

dba514af18c0ed0b190f16f8b9da2d137f47a219
SHA256

b59e1e75d9647357e686f077470054688d2b130e08dfc7ab9763ae22b83b2109
SHA512

5b30016234a2e96088192568d2b623a8bf5b2d8d1c6c2c4a460af313ae8369c3542528b8a69abe51f62c82493e953b7c010f064fff23508a033b39d595526f39
SSDEEP

49152:2noEndaVYgP1icZSXh1i23k3wt3hXPqYTyIxHiu9z6SWXUwN:2nFneP1iAS/l3bbSCyIx76

Score

3^/10

discovery

Malware Config

Targets

- Target
  
  8c396fbdacce214de2e86354a77350d2_JaffaCakes118
- Size
  
  1.9MB
- MD5
  
  8c396fbdacce214de2e86354a77350d2
- SHA1
  
  dba514af18c0ed0b190f16f8b9da2d137f47a219
- SHA256
  
  b59e1e75d9647357e686f077470054688d2b130e08dfc7ab9763ae22b83b2109
- SHA512
  
  5b30016234a2e96088192568d2b623a8bf5b2d8d1c6c2c4a460af313ae8369c3542528b8a69abe51f62c82493e953b7c010f064fff23508a033b39d595526f39
- SSDEEP
  
  49152:2noEndaVYgP1icZSXh1i23k3wt3hXPqYTyIxHiu9z6SWXUwN:2nFneP1iAS/l3bbSCyIx76
Score

3^/10

discovery
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  10KB
- MD5
  
  b21538d9f049d3e3e8b666744d7ca36d
- SHA1
  
  b97fc58f9aa238758a7574a2e32dac4e97392f47
- SHA256
  
  9dbe958fd425903ffc2197a112bec4fa597284f9637fe8fd5685016f32e21334
- SHA512
  
  05d2c660a43519fd35daa3b4310419b33e61ce8557bde55942315ca59c3b9cb9fdeaea42c403ad78a54fa9923eaa712bcf5a10dea83619a18c4ef0c451e6d533
- SSDEEP
  
  192:ROSsJI/rqmIDNLU0dq51EgAiNbubv6xLZ:/HQQ0d01Egbq76x
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/ext.dll
- Size
  
  84KB
- MD5
  
  e9e87ea109620f5afa4ff48cbb47260b
- SHA1
  
  0757b87eeffafc30ad2145a4e2eaf7e2a8b301a9
- SHA256
  
  f5ba1c0d227e01ec1352794c69163687c5176ec5d1d3cf304d5d4b39ceedecae
- SHA512
  
  491fd6ec873c8c3797fa59885c26a226056cbc1be87c116a8755bc55ed7436bc311811e9dc4182457699002eb63cd93d7275334feb3a576aedb9aee9e5f6b94a
- SSDEEP
  
  1536:yuUPpl1FaoDRbROaLlGxgo4dsLhwzi2RjRlyVYDfc+OSHmu:yBpl1FPJRFlBPRFlyVK0+OSGu
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  $TEMP/pin.vbs
- Size
  
  287B
- MD5
  
  3f764ed6ee61afced5405a2e3f62738b
- SHA1
  
  ce56c02f451bdbf20a1003df87fc2692ca06d0ed
- SHA256
  
  22804ed36ad186b3ab18605719c83e70b6244f60aba00e16ca8f97d80b5cc0e4
- SHA512
  
  6ed1d6327b67b3c863f71ede1d8be2f24c51454aab25b104d474024bfafcd732ba84a63ea60b218ce0e97a740c2717f87f4a38fcf211e780d027d36f4bc1d859
Score

1^/10
behavioral7 behavioral8
- Target
  
  $_7_.exe
- Size
  
  1.2MB
- MD5
  
  5a2e0fa817dc4fc765e5428e5a45b631
- SHA1
  
  7f25af1e31d52895a0593a9e4203aa8a1ff867b9
- SHA256
  
  74566d31f194c77caad7e7b563035de8f091f7c4312adc5c70ca61bb5d8662d7
- SHA512
  
  5d7dba6ef7a30391b985061c97975d6cedc0802705447ee162ce29d13bb069bbf3ca1435b1691632995367099b082eb28346a7f3c192df575ac943d774ce34bb
- SSDEEP
  
  24576:x7hRTOuiCw6rjYmZBi2/V4otL0iW2dTBc9JZMR1AYIZp:x7LTO0w6rEK5FL0iW21cZMR1q
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  MFC71.dll
- Size
  
  1.0MB
- MD5
  
  f35a584e947a5b401feb0fe01db4a0d7
- SHA1
  
  664dc99e78261a43d876311931694b6ef87cc8b9
- SHA256
  
  4da5efdc46d126b45daeee8bc69c0ba2aa243589046b7dfd12a7e21b9bee6a32
- SHA512
  
  b1ced222c3b7e63e22d093c8aa3467f5ea20312fe76a112baed7c63d238bbe8dee94dfe8f42474f7b1de7aa7acb8ba8e2b36fdd0a3cda83ee85ac9a34f859fa4
- SSDEEP
  
  24576:Tnc0xa+xDaWhzSenZncQfT0ExftQqDEu:Tn7VxWWhzSenZncQLVxft5DEu
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  MFC71ENU.DLL
- Size
  
  56KB
- MD5
  
  baf751e7061ff626aa60f56d1d5d1fdc
- SHA1
  
  b0382c3ac0c0dad7d793c9a3335316b5fcae2690
- SHA256
  
  177b0bac987e7882449bd7c5900406f61a997f97ea1797614c8d86f40f03648b
- SHA512
  
  f7333b481f1498b5eab2688856a5b86fec96b6bf7b781564dfcc018882ded4d7ee5a1fc0c2498607195a66d42a74034f9649a8b61fa548d3d6029f25c5a9648d
- SSDEEP
  
  384:IxLbS+nSkl7c/tAGqyVaKOvtWQWJnBrx1+hV9RLNq/HRK/+nnWT59Dl:IZS+TeAGDjOvCnp4V9RLNqfRKGnWHB
Score

1^/10
behavioral13 behavioral14
- Target
  
  msvcp71.dll
- Size
  
  488KB
- MD5
  
  561fa2abb31dfa8fab762145f81667c2
- SHA1
  
  c8ccb04eedac821a13fae314a2435192860c72b8
- SHA256
  
  df96156f6a548fd6fe5672918de5ae4509d3c810a57bffd2a91de45a3ed5b23b
- SHA512
  
  7d960aa8e3cce22d63a6723d7f00c195de7de83b877eca126e339e2d8cc9859e813e05c5c0a5671a75bb717243e9295fd13e5e17d8c6660eb59f5baee63a7c43
- SSDEEP
  
  12288:fJzxYPVsBnxO/R7krZhUgiW6QR7t5k3Ooc8iHkC2eq:fZxvBnxOJ7ki3Ooc8iHkC2e
Score

3^/10

discovery
behavioral15 behavioral16
- Target
  
  msvcr71.dll
- Size
  
  340KB
- MD5
  
  86f1895ae8c5e8b17d99ece768a70732
- SHA1
  
  d5502a1d00787d68f548ddeebbde1eca5e2b38ca
- SHA256
  
  8094af5ee310714caebccaeee7769ffb08048503ba478b879edfef5f1a24fefe
- SHA512
  
  3b7ce2b67056b6e005472b73447d2226677a8cadae70428873f7efa5ed11a3b3dbf6b1a42c5b05b1f2b1d8e06ff50dfc6532f043af8452ed87687eefbf1791da
- SSDEEP
  
  6144:OcV9z83OtqxnEYmt3NEnvfF+Tbmbw6An8FMciFMNrb3YgxxpbCAOxO2ElvlE:Ooz83OtIEzW+/m/AyF7bCrO/E
Score

3^/10

discovery
behavioral17 behavioral18
- Target
  
  uninstall.exe
- Size
  
  44KB
- MD5
  
  f45a2ffddd8f83c2f11d0d3ee5f27584
- SHA1
  
  c29ca6b58c082f45414c452b1c7a72c000f50caa
- SHA256
  
  e55ac6005bd51adde0c61610dabf23fd4ed2fbd414a8edc883bcebc6ac63df31
- SHA512
  
  bb21f294361f9f69e22a0a2957511a1ede010707d423769fadda59fa0bf0770ee6093937b5828e4e1cd91aeca53cacc3bf744d92ad5e47f40ae8e289713d8fb7
- SSDEEP
  
  768:bRaH4ybltZwbj9BCTmG8ydBsRw1OlXqZfpIl:FGxojDCTmGr/sCal
Score

3^/10

discovery
behavioral19 behavioral20

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20