36c5a33923a20f5ae4f91ce751c4263791d271c6e1d3675f9e6f97155334594b | Triage

Sharing

General

Target

8b3e465c4be7304302180504f287797d_JaffaCakes118
Size

4.0MB
Sample

240811-vq9ejayfjk
MD5

8b3e465c4be7304302180504f287797d
SHA1

9b552c921f3f396970bb148e0ea8af242dbc8f74
SHA256

36c5a33923a20f5ae4f91ce751c4263791d271c6e1d3675f9e6f97155334594b
SHA512

6667bea4f12ada5ba6e9a4948e9af45792f4e6b816011e0f4ceb80e5b6d75398affbd24c8ca5fe1f708c93c2930cc00e6c3a14899b147fe24cd74fd1791885c8
SSDEEP

98304:0LNMF8o0olj8VehOZxrwv5acwozvfj2I0I9F6pKcz1oGNeaSF/HbKfxsy+iGNya:02F8ooQhOZxrwwavaI0I9pcz5NeZH8x4

Score

7^/10

aspackv2 discovery

Malware Config

Targets

- Target
  
  8b3e465c4be7304302180504f287797d_JaffaCakes118
- Size
  
  4.0MB
- MD5
  
  8b3e465c4be7304302180504f287797d
- SHA1
  
  9b552c921f3f396970bb148e0ea8af242dbc8f74
- SHA256
  
  36c5a33923a20f5ae4f91ce751c4263791d271c6e1d3675f9e6f97155334594b
- SHA512
  
  6667bea4f12ada5ba6e9a4948e9af45792f4e6b816011e0f4ceb80e5b6d75398affbd24c8ca5fe1f708c93c2930cc00e6c3a14899b147fe24cd74fd1791885c8
- SSDEEP
  
  98304:0LNMF8o0olj8VehOZxrwv5acwozvfj2I0I9F6pKcz1oGNeaSF/HbKfxsy+iGNya:02F8ooQhOZxrwwavaI0I9pcz5NeZH8x4
Score

7^/10

discovery
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/BrandingURL.dll
- Size
  
  3KB
- MD5
  
  9c3488b5e9655d1837c3963ecec33f70
- SHA1
  
  f0fa9b4c29e75c6e4419c4633d09f2797aee2ef3
- SHA256
  
  05ef4beb7fab9d04c1fb251874166fa2d73a34b4a7f2b145d37a2fd00c88979a
- SHA512
  
  6af9f88d65d2279a71620f2a656062b1737b3a9a1692ed4e5887bdee891ce08d21c5c0b25ab3acbe6da9fe255dcd7f8a517c2751e73dc56add216740c945e4a7
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  14KB
- MD5
  
  b18dfaded8f6d2380fdfd8f6b6969211
- SHA1
  
  969fa0e906240ab1123254feeb833c275626cf76
- SHA256
  
  747d0222b652dbfc85e0de4f8486473662d325a55e32c7eacb91e53e37ceba58
- SHA512
  
  25fb09b8657997d31e61c908f1cd08357c1a1b68bbb1ba377e87b6a3eb347a2ef96c1a771b6c4332853abb33728c55c83efa73df5da03f3dfc132f8a69a2886c
- SSDEEP
  
  192:66JaVGQ+xI5EeuyvMmGpeWH2J5xprN+AxTLK72dwF7dBdcQOz:66JaVh4I5rpPbTL+BdhO
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/LangDLL.dll
- Size
  
  5KB
- MD5
  
  9b17a13f814b137f88b961c087858063
- SHA1
  
  c290dd3139b79aa340aec3ed3d674160433035e1
- SHA256
  
  e54792a179a06acbb9b69c117ee804dce070505d1853d6e7d512f2a055a801b2
- SHA512
  
  3a625f5f13e344c24973c79c074d1ced4d9206f87f392dc7c8f0c116d0f2b878b60340e2377d0240c47f0e34e25e4e3af8b196bbca1c6a29a0f51d8408e8b0ec
- SSDEEP
  
  48:SnNQ/z+vUML8eYXICmlmGYKHz0JSpXSxwo6mpwzcR3RqG8aEJcABofgMGKO:Bz+MM4eqmvz0JScx56mpwzAhWcGV
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  10KB
- MD5
  
  810f3a0aefe36a9f63e29e604bea91a9
- SHA1
  
  2559d3d4adf51f8ecbe2d07e669e344eb7d0bd80
- SHA256
  
  f160eb7a1b4eb8d2e99e7424ae058acd81ba5019e43cbfa0ce81e3102b356779
- SHA512
  
  836b73c38ab60260e1bc81ebf8347e14d02453fc361b7d6f10f137287b8189f8bc43758ce2d9def8fd1c71112aab7ef1930af2d64ae69f6d4e58a6fe17b310bb
- SSDEEP
  
  192:CO6dJA/ruAFEiUdWWE6hE5RYUdJfbub1argMO:XKAFERdlxhGRYUzqZar
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  DTDJ_1.exe
- Size
  
  2.4MB
- MD5
  
  8d27ee64cb2d61eb4ef4371dc17df3a8
- SHA1
  
  79f84da2d8f936dd07eedb23fb7dd98f8c13bbfe
- SHA256
  
  90be12f6d151b040fa87cb6d6ac714f13be157660b7bdec041da575233f639f8
- SHA512
  
  a71162d7632a97f60a907b32dcbae2f84571837dd657483919a7b076ff314a3ef700fcc3af2cf969523737304e3e063df7abe81fccb4c6b227b9c2ee0eb3ec12
- SSDEEP
  
  24576:cAFITrkGIz36Q2sbIfi71i2HNtvjexqmTEC5Nn6b6cQiSH5REzwD813MzCuHby7G:cCwrkVLbL1frdCYR7SbHuuHG5Cx
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  DllPicStr.dll
- Size
  
  298KB
- MD5
  
  7ce1fe468a75566bd8f7d3f08233648c
- SHA1
  
  e2f9f078ff17b3267f0f5863dca7258e7678813f
- SHA256
  
  fc5b8f1981f18c35122c564e4d03ab2d577d0d14f4dc22157737ba60125c5a8c
- SHA512
  
  57f66ac3778b0fe4b3e4a1671a5ff5b2ae907efd4b6d7ff2934ba3d98aa850daa8be672687f52eeb98d8c3e2a6fe43cb4cea13576b10c3987019fac5af7b837c
- SSDEEP
  
  6144:4pJv9mkL28MlL4XRvGaQrKyAQJ5d3+Hdj:4TMkL28MVyOaQra9j
Score

3^/10

discovery
behavioral13 behavioral14
- Target
  
  LiveUpdate.exe
- Size
  
  364KB
- MD5
  
  d0cac4c5909b26a81c82bede0d312d35
- SHA1
  
  7baa9a845c90175a7c76aab8c66c127871dfddb2
- SHA256
  
  df4c58efc755f1ed70d6d36ae6718743f401c04f7644f7f50621776de0581424
- SHA512
  
  d7b66dbf0752f232414aaf76c1deda4d4668fd784cd42c45b441d2f3890c03d60c4eea05a2ee3d665e7a8eea6cdc9b21952ccc08b90d954ffba5d1f5387d3a2d
- SSDEEP
  
  6144:iAdtCii7LJ/i5U/Ed/ZoTZUjKSetduY3gTUIldei7U3Ys7GC:ljOJ/i5U/EqzSLjBiYCG
Score

3^/10

discovery
behavioral15 behavioral16
- Target
  
  ReplaceIAT.dll
- Size
  
  98KB
- MD5
  
  b4605ce87bb8706ab4d6117581944d6a
- SHA1
  
  8de7743b4901b48154a6457e02fc7d8b3905b79b
- SHA256
  
  30f390ba154521c67fec87486a2a82e6240a0eb24223a9009115cf5098fcb7d9
- SHA512
  
  d25c8374175b906f28269e49881361a260e7a2a094a225a6209c5ea51d6383958430ee47db3d3be2bc9b23e757332f02021b6ffc75155e619dbc4d5bf1606d1b
- SSDEEP
  
  3072:atA5jWDxMLRd4liaO9TfvxtaaHBZDfta:atA5jWs8l09jvPZB
Score

7^/10

discovery
- Loads dropped DLL
- Drops file in System32 directory
behavioral17 behavioral18
- Target
  
  cfClient.exe
- Size
  
  3.0MB
- MD5
  
  2992cab4d1c491bc4c926d38966e3ba3
- SHA1
  
  93ed20918a2ebbfaeaa167de63911ad181d6b16f
- SHA256
  
  8cd261f816341ef1d9c3b34c1ada38831272b8c1ee2639203d4e2b6579fad5c8
- SHA512
  
  16441f88d2f9802223b4876cf35ab1514c7a9d23410cc8b01137316067eee230524813914a290ddb1a8a393db5102f3940febea22d945594cd543891692bb54c
- SSDEEP
  
  49152:Bisg+ENMeF4Iso5dFzQ/Nb7omtgUCvT1hPB/rAFmkgwxzk:BisgwE30gUCvT1hPRkUVf
Score

3^/10

discovery
behavioral19 behavioral20
- Target
  
  unins000.exe
- Size
  
  671KB
- MD5
  
  2b7409e9afdf03ec8b62b6a5685ef307
- SHA1
  
  4aa9705b85d4baaa5cd53bee0c35086c70a10f1f
- SHA256
  
  5f4707b9ecf8e6ceb6c13dabbc60d042f4555fc31087fd1084cc74a6d0b5a2fe
- SHA512
  
  7db342b6e613d917d872a183bc8e295a7e32190989ebf243cc4ddd0976c15973d4f3a9a7e09658021373c0943b60f3444fa145356d3b0cfa816a17fd730c5c20
- SSDEEP
  
  12288:NNuz2eB7rPw7373zHEA6Tcg1kzgeN4zR4oOtQIBKe35xGv4:Tuz2eVrPw7373zHEA6hkzgkoONBD35x9
Score

7^/10

discovery
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral21 behavioral22
- Target
  
  uninst.exe
- Size
  
  68KB
- MD5
  
  7907aeadad44a5a79a72f7f9282cbbba
- SHA1
  
  5aaa99d1317265b928000cebac41b34e621b4a46
- SHA256
  
  529f357deadbd890613b549f0a1e54468d007550f7b80ab8e5f0799dc99b7edd
- SHA512
  
  0ac39d0f72812687b34921720b5eb0a76037eea8bc9a87d7efa16af9149f3e37dbbaed42b2d3517b3e2b6b5498983dfd6dac21ae3192e91b3ab0fa0b66444d71
- SSDEEP
  
  1536:IRhoEXBpnbfRpQmJ/CrweqRECy3lvUyS1vg3XTsJLYKR:IjJ7nbppQmJ/CrMREx1vE1vg3XTsJsKR
Score

7^/10

discovery
- Executes dropped EXE
- Loads dropped DLL
behavioral23 behavioral24
- Target
  
  $PLUGINSDIR/FindProcDLL.dll
- Size
  
  31KB
- MD5
  
  83cd62eab980e3d64c131799608c8371
- SHA1
  
  5b57a6842a154997e31fab573c5754b358f5dd1c
- SHA256
  
  a6122e80f1c51dc72770b4f56c7c482f7a9571143fbf83b19c4d141d0cb19294
- SHA512
  
  91cfbcc125600ec341f5571dcf1e4a814cf7673f82cf42f32155bd54791bbf32619f2bb14ae871d7996e9ddecdfcc5db40caa0979d6dfba3e73cfe8e69c163c9
- SSDEEP
  
  384:1NWlNdqdAnhTKMLE2oIM05fnqCiWg3Yy9kflIinokN:1NWtqdihTKCldkYwkdpnoy
Score

3^/10

discovery
behavioral25 behavioral26

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26