e6e572a7a97464a2425d42d270dbdb7400397a90e32eac590209f8e14c3a703b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8976806003b3910f5104e9824a6e0ca9_JaffaCakes118
Size

250KB
Sample

240811-hz6nsatfqg
MD5

8976806003b3910f5104e9824a6e0ca9
SHA1

93602ec05e09e2aee0fb0e30e18bd85d7e6585c6
SHA256

e6e572a7a97464a2425d42d270dbdb7400397a90e32eac590209f8e14c3a703b
SHA512

858ab4e279ac2095de16909c1d56688aeb74f51a97470e03ab20b013540b1dbe59b26bc8c668131f1a267dac537363ac20df3619eb6d6d72515aaa787a8628bd
SSDEEP

6144:ZzZZjhmPyUJErGJ2HeTr3FOFukQvDQWxkScs2GG4CSaGw1:ZzZRhmPb+i/E7GzxkScs2GG4baZ

Score

7^/10

discovery upx

Malware Config

Targets

- Target
  
  8976806003b3910f5104e9824a6e0ca9_JaffaCakes118
- Size
  
  250KB
- MD5
  
  8976806003b3910f5104e9824a6e0ca9
- SHA1
  
  93602ec05e09e2aee0fb0e30e18bd85d7e6585c6
- SHA256
  
  e6e572a7a97464a2425d42d270dbdb7400397a90e32eac590209f8e14c3a703b
- SHA512
  
  858ab4e279ac2095de16909c1d56688aeb74f51a97470e03ab20b013540b1dbe59b26bc8c668131f1a267dac537363ac20df3619eb6d6d72515aaa787a8628bd
- SSDEEP
  
  6144:ZzZZjhmPyUJErGJ2HeTr3FOFukQvDQWxkScs2GG4CSaGw1:ZzZRhmPb+i/E7GzxkScs2GG4baZ
Score

7^/10

discovery
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/BgWorker.dll
- Size
  
  2KB
- MD5
  
  33ec04738007e665059cf40bc0f0c22b
- SHA1
  
  4196759a922e333d9b17bda5369f14c33cd5e3bc
- SHA256
  
  50f735ab8f3473423e6873d628150bbc0777be7b4f6405247cddf22bb00fb6be
- SHA512
  
  2318b01f0c2f2f021a618ca3e6e5c24a94df5d00154766b77160203b8b0a177c8581c7b688ffe69be93a69bc7fd06b8a589844d42447f5060fb4bcf94d8a9aef
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  11KB
- MD5
  
  959ea64598b9a3e494c00e8fa793be7e
- SHA1
  
  40f284a3b92c2f04b1038def79579d4b3d066ee0
- SHA256
  
  03cd57ab00236c753e7ddeee8ee1c10839ace7c426769982365531042e1f6f8b
- SHA512
  
  5e765e090f712beffce40c5264674f430b08719940d66e3a4d4a516fd4ade859f7853f614d9d6bbb602780de54e11110d66dbb0f9ca20ef6096ede531f9f6d64
- SSDEEP
  
  192:sRer7uivwq1XpKs4FVWSjMd8tIg2cREbyCsZ8q2R4Sy+Xe:s67Xws4FVWig86/5eCBqSy+Xe
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/animgif.dll
- Size
  
  8KB
- MD5
  
  63f11d04d07615bd610c857d0abdbed5
- SHA1
  
  fee63014806f8250c3e301a219fc43ef4b3a8f19
- SHA256
  
  a1fa2e0191f986824f5fc0ef62aee8b4b25695cc56d4b00fecdc1c92f8ea237f
- SHA512
  
  211f3689df9c219507072f71e9795e74cf9dd3a37f32330d8b7cb5cf335b9aec6f874df2e5fabf90e7f3e4d61655f7674d1ca94cd7d7ec4244a153019c334e23
- SSDEEP
  
  96:r9TyHw2an3ioGqEHsVBMOZm0GY/IXZjtV0iY3gW4hHxqK/KUnGQEmPD7KGucbl0r:r9TyHLhCRZm0GIIJbzOaBxqpZc65KHy
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/execDos.dll
- Size
  
  5KB
- MD5
  
  0deb397ca1e716bb7b15e1754e52b2ac
- SHA1
  
  fbb9bcf872c5dbb4ca4c80fb21d41519bc273ef5
- SHA256
  
  720be35cd1b4a333264713dc146b4ad024f3a7ad0644c2d8c6fcedd3c30e8a1f
- SHA512
  
  507db0bee0897660750007e7ce674406acf9e8bf942cf26ded5654c07682757b07c9eb767bead0966478abc554dc9a6461c4288dc35d12cacfadad4c128f1bb7
- SSDEEP
  
  96:J++xDiP4p7t7dNOt3stxtRFFXxGD6qxlnKE6ttdH3r3:Rx9pJ7jQs5toD6Cln/6tt1
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  $PLUGINSDIR/inetc.dll
- Size
  
  23KB
- MD5
  
  7760daf1b6a7f13f06b25b5a09137ca1
- SHA1
  
  cc5a98ea3aa582de5428c819731e1faeccfcf33a
- SHA256
  
  5233110ed8e95a4a1042f57d9b2dc72bc253e8cb5282437637a51e4e9fcb9079
- SHA512
  
  d038bea292ffa2f2f44c85305350645d504be5c45a9d1b30db6d9708bfac27e2ff1e41a76c844d9231d465f31d502a5313dfded6309326d6dfbe30e51a76fdb5
- SSDEEP
  
  384:l4Z8sUAUNuGGsPVPEZ+OLkCnFJDhgvZwcRa9h9S4y4fO:lG8sUAUnt88CFJDhmajMA
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  $PLUGINSDIR/nsArray.dll
- Size
  
  6KB
- MD5
  
  6585fc9e20b149a15e4dbb8aab03dbf6
- SHA1
  
  d3839b1694341ad494b0f92e4e3c6cc1c18e2333
- SHA256
  
  08e298c9a25208730f165660af4eec21e9fbd8021c34bce12a020d27e51843d4
- SHA512
  
  234f98317ba3a0cad5954a261610e0c851f3ae01d8213267bf4c06b259b57f1cc629c81b10e0778755065973381be33496a2f2ed82fea6c92540a389d7126476
- SSDEEP
  
  96:duRa4zuYKD7ODz63a0HydVCXRKnNh3ZGnjD6vHBzZHVefA7EfXxLfAZR:dOD+XHydMXRojUevpXjwX2ZR
Score

7^/10

discovery upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral13 behavioral14
- Target
  
  $PLUGINSDIR/nsDialogs.dll
- Size
  
  9KB
- MD5
  
  f7b92b78f1a00a872c8a38f40afa7d65
- SHA1
  
  872522498f69ad49270190c74cf3af28862057f2
- SHA256
  
  2bee549b2816ba29f81c47778d9e299c3a364b81769e43d5255310c2bd146d6e
- SHA512
  
  3ad6afa6269b48f238b48cf09eeefdef03b58bab4e25282c8c2887b4509856cf5cbb0223fbb06c822fb745aeea000dd1eee878df46ad0ba7f2ef520a7a607f79
- SSDEEP
  
  192:y1zQhZDqlJcKISw99ioU3MSfwLF/+nhHUisdz:ozoZDGKYw9goWyFGBU7z
Score

3^/10

discovery
behavioral15 behavioral16
- Target
  
  $PLUGINSDIR/nsExec.dll
- Size
  
  6KB
- MD5
  
  08e9796ca20c5fc5076e3ac05fb5709a
- SHA1
  
  07971d52dcbaa1054060073571ced046347177f7
- SHA256
  
  8165c7aef7de3d3e0549776535bedc380ad9be7bb85e60ad6436f71528d092af
- SHA512
  
  02618317d6ab0302324aae4d3c5fca56b21e68c899e211cfa9412cf73820a1f931e56753c904fd7e510c638b4463aedbfe9536790279e096ea0387b67013e0c4
- SSDEEP
  
  96:/Uspq2y5jOEEQrhySvUgfj74/vvrTBzfYZA4YF3Telac1nIq/2:/erjOELhySv5f2vvBjiAflaB1nIq
Score

3^/10

discovery
behavioral17 behavioral18
- Target
  
  $TEMP/instloffer.exe
- Size
  
  63KB
- MD5
  
  1d52bea45f0a713f999f75f9f6900ee2
- SHA1
  
  48cc080364779b322c06dc67461be20e48cdeb74
- SHA256
  
  07a8e29f8839ed49ea3bf2cd97a2d0c80300225fb86b7c7a731e07ad6fad035a
- SHA512
  
  8b2a912dcfd3bd0628a6c9e3d30503a7b11b962afe9a9fc5268b92e5d936c3c074656ea6f6270133a39e2ef83fb3733ac1da1c54f16c583e803e589432842ed1
- SSDEEP
  
  1536:jldZEszWriITJGrvopX1VF7CXjl7y5eRvPRSEvrGqEYiO:j2szWOITsEL50jl7yC5SEvrGqEdO
Score

3^/10

discovery
behavioral19 behavioral20
- Target
  
  $TEMP/license.rtf
- Size
  
  177KB
- MD5
  
  5432da9674a9318f09b4634df0a87cc5
- SHA1
  
  48e1f56723dcfaf0843ae2920bfacf0b1bc95c35
- SHA256
  
  4dbd50a2e62856a3cad754ec390e386c131e8541b72999af4b06b0d67c252e32
- SHA512
  
  9463e90d895bb711e91e769dabfacf55062174858f63c6d4823534d94255c99e39f886f087a0f265ab346edc46170e3ced353ca58478dab3bb2eaed3c53b64f1
- SSDEEP
  
  384:mt0DxtpjQGrpI7xTp5Xe2IOffdqENCw6OI/u2hb3enh+iXZG8voVcUGAyiQE5Cdg:L5t9WIqyD8RG8A29YYw/eNUtJj
Score

4^/10

discovery
behavioral21 behavioral22

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22