dc5328c987a32c4618929b3721d4d546e74d15b5e1c77ceef23a8bd04a8fa912 | Triage

Sharing

General

Target

94b0815466932f60d4276ab68f040c8a_JaffaCakes118
Size

2.3MB
Sample

240813-zn2zwswamb
MD5

94b0815466932f60d4276ab68f040c8a
SHA1

742649cf6a4da6eb4d23ebce19018b7e564b4f85
SHA256

dc5328c987a32c4618929b3721d4d546e74d15b5e1c77ceef23a8bd04a8fa912
SHA512

11c3bc0d0b074f1b6c0d50dc48b148e4bd00c51499ad7759f9a8fe73568254295b11c1d5d0abe76434926bbbcb7f33b6d0c7a0302e66a0abffc9c50b017eb532
SSDEEP

49152:p2kVY9+dUZ35GbcDid1f1RC6gk2wjLIEuI9RD/e4VBDj/MU0MvAE:p2kVYawJucD0CJIIElBFL24

Score

7^/10

discovery execution

Malware Config

Targets

- Target
  
  94b0815466932f60d4276ab68f040c8a_JaffaCakes118
- Size
  
  2.3MB
- MD5
  
  94b0815466932f60d4276ab68f040c8a
- SHA1
  
  742649cf6a4da6eb4d23ebce19018b7e564b4f85
- SHA256
  
  dc5328c987a32c4618929b3721d4d546e74d15b5e1c77ceef23a8bd04a8fa912
- SHA512
  
  11c3bc0d0b074f1b6c0d50dc48b148e4bd00c51499ad7759f9a8fe73568254295b11c1d5d0abe76434926bbbcb7f33b6d0c7a0302e66a0abffc9c50b017eb532
- SSDEEP
  
  49152:p2kVY9+dUZ35GbcDid1f1RC6gk2wjLIEuI9RD/e4VBDj/MU0MvAE:p2kVYawJucD0CJIIElBFL24
Score

7^/10

discovery
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/FindProcDLL.dll
- Size
  
  31KB
- MD5
  
  83cd62eab980e3d64c131799608c8371
- SHA1
  
  5b57a6842a154997e31fab573c5754b358f5dd1c
- SHA256
  
  a6122e80f1c51dc72770b4f56c7c482f7a9571143fbf83b19c4d141d0cb19294
- SHA512
  
  91cfbcc125600ec341f5571dcf1e4a814cf7673f82cf42f32155bd54791bbf32619f2bb14ae871d7996e9ddecdfcc5db40caa0979d6dfba3e73cfe8e69c163c9
- SSDEEP
  
  384:1NWlNdqdAnhTKMLE2oIM05fnqCiWg3Yy9kflIinokN:1NWtqdihTKCldkYwkdpnoy
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  14KB
- MD5
  
  fa5beae80dba254fb6c21b58265f5310
- SHA1
  
  f2f776611dbbb157b151aa744a7e0be1d4b8c079
- SHA256
  
  34b8a2130729064ca2f9b3b8e6f90d883d84662156b648a4eeccefefc3473269
- SHA512
  
  7c74b9e9f1ff0665ffd6fcf76fca462d9f4fbd7c4a215bc67b419497ef4c3cb9cede6c5b0803cabb316bc5391c4c6f0d578d36e1094b8ed326b140f8e272b538
- SSDEEP
  
  192:06JaVGQ+xI5EeuyvMmGpeWH2J5xprN+AxTZK72dwF7dBdcQOz:06JaVh4I5rpPbTZ+BdhO
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/LangDLL.dll
- Size
  
  5KB
- MD5
  
  7eaad8c651cdeb4a71355b10dbe8d17b
- SHA1
  
  1ef6cf4f98c7f20238e548dc6cdb270b741cfe8b
- SHA256
  
  fad96602241e65daeef96b559092e7efa2c3b68948a65f1bd7f126b9963df468
- SHA512
  
  6f7867774bfd82b1d12d0db5479e9539440ebfc6fee54aafc4381edea8fdccb89a9521a60b5f907033c147c805e6f541ec534c56bfe5f7354c55ca04df5175b9
- SSDEEP
  
  48:SnHsOVN7ZTPUptxEwvB3UAKxwLJXyTpXfaV4MOa1n8iwuf0//nDGkaEJPof5MKIM:Y7ZDGEQ3zLJX6d6pOun8iwY0//npEO
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/NSISdl.dll
- Size
  
  14KB
- MD5
  
  6b85b2ff78fe0e04b5f0d4e996f0d62e
- SHA1
  
  4507dee0b963080cbd75c383fa4650c7b99907dc
- SHA256
  
  c7a033bb91be5487d93cc402d27e4e893ba39b37a121f60c9dbef5bdf02e52e7
- SHA512
  
  84cbe4c2ecefd5eaa01ba5c1063056aed5f62a6ced32876c591bfb2bbe8688a020d02573a5f419cac2362579021fe2b4c6abf7e5d619de8178028db49d53e84b
- SSDEEP
  
  192:I4lsN55M8r67wmsvJI5a299sfoG8I+WhPB3RY+h/G3DNl/qYcVp/12wgszA:IysdM80dCI5a2LsQ5IlPNRY00AlAMU
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  $PLUGINSDIR/UAC.dll
- Size
  
  17KB
- MD5
  
  09caf01bc8d88eeb733abc161acff659
- SHA1
  
  b8c2126d641f88628c632dd2259686da3776a6da
- SHA256
  
  3555afe95e8bb269240a21520361677b280562b802978fccfb27490c79b9a478
- SHA512
  
  ef1e8fc4fc8f5609483b2c459d00a47036699dfb70b6be6f10a30c5d2fc66bae174345bffa9a44abd9ca029e609ff834d701ff6a769cca09fe5562365d5010fa
- SSDEEP
  
  384:w9JzaeWrF8d22hXAGFkr2WqErkuCYMAWS5Ns8AXXki:wLaBrrTXr3qruCYuS5qk
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  $TEMP/Toolbar.exe
- Size
  
  1.5MB
- MD5
  
  3376e8753c6558dd32042132a0df1f9b
- SHA1
  
  f5a168d2ab5571f3bdbd22a0f56d5d5c04b73772
- SHA256
  
  dde7c5888ea15b4ae388ef659ea615fde140602cf77e68d88a5cee1c8104f65e
- SHA512
  
  d76d187df3a9fe902473cf4510d3c896cc8c02123bb4d50cbbaf86e9152a14e45566ba87567e4c3f0d2f91d3555fee3cfe5db63a04f1eca3600636c565bc9314
- SSDEEP
  
  24576:maku/MDVYFk4J0ds+lGJFAxqRK43dAa1JGTwNp8I+Ii/MhnlA51YADVIxZCFWtvV:xkVVYOUYsgGbdrdAa1JGTgWIysAZIfCg
Score

7^/10

discovery
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral13 behavioral14
- Target
  
  content/ctoolbar.js
- Size
  
  1.4MB
- MD5
  
  62f0c246f267128a37cda656c3eaa7ed
- SHA1
  
  3a4e71a478a4ac7bfa5703022290ce149a00152c
- SHA256
  
  db0def8f0d18c20240ba12e5ee521b965e97c9da5d0b4a8d00e971f4fe3ac950
- SHA512
  
  eac4104247bf15cc01448eed46ed8a07268949aade7d2d7430c3444de02f89e1fa1ff21d14b6fb4bb5187c2c0db256f59c057c829cbdf641490a70237412c96c
- SSDEEP
  
  12288:HGEZHO1EpRBZw+IMjgHsgRgMsoMocLS+6JaVXTMIrzVCM5v:PZHO1EpRZjgbRfs3ocO+6cTMIrzVRv
Score

3^/10

execution
behavioral15 behavioral16
- Target
  
  components/ConduitAutoCompleteSearch.js
- Size
  
  12KB
- MD5
  
  e0e9e9198ae40b8e6cfad7b3e2161607
- SHA1
  
  2cf910c4c0aeefb02338e700b680047b76d96866
- SHA256
  
  5071fe441676d6e9219655eda341fdb6ce6f4d69c30fc6650129ca8bd2d79789
- SHA512
  
  0ba3666ea27a4f1dbd9e758f271cc9ec6956c7beacd76f4fb7d347b1a0091128fcb98761b12466dafd4a968925f460eb4f79bd309549b1aba7a7faa0929883b7
- SSDEEP
  
  192:uk/M++iFddQBM8N3jvxpZ5HAwxkDxbUd0xT/ibv:ukEFiLdTOl5HAckDudh
Score

3^/10

execution
behavioral17 behavioral18
- Target
  
  components/ConduitToolbar.js
- Size
  
  3KB
- MD5
  
  76df67a78a4d6e4e08d5bdac1a2a1ba7
- SHA1
  
  2a9718f98dba5dfd23df2881986ef5f0907ab5cd
- SHA256
  
  dad87f2f88cf11ba9ae3cc394b56ab2942cbfa1e2b70135cdf71031d4b545902
- SHA512
  
  c4cffa2a864f0b15d9d772af9986a0b3644d60bc1738a8f210c303cdd7e0e8bd9fa8b41f1f29744c92df1d8562dd8bb5b976e8c0a96956d862b0ee364bde86b5
Score

3^/10

execution
behavioral19 behavioral20
- Target
  
  components/FFExternalAlert.dll
- Size
  
  51KB
- MD5
  
  d0a352aca3ad8730fe761238c3d58aec
- SHA1
  
  1062b4d0e5b782d342ce914cc139645b9655a73b
- SHA256
  
  d7787b19504cca0064f689b0fe28f98aa3e8d63f0f7db5bbcfb2186673a4b746
- SHA512
  
  a9ede88c114cc520a291f401666960a37c4bd31d774272800121e3931cfff2b8ae72ca387f361438ba1fe423d69ea928e69280a5f872ac7cd529c3dc973d9e07
- SSDEEP
  
  768:r6LJb2Im8e7+eV8J77AtaV2O2nn388ip0oaCoMCl5YRRG9s:r6p2ImiXcA2npKDRRG9
Score

3^/10

discovery
behavioral21 behavioral22
- Target
  
  components/npmozax.dll
- Size
  
  112KB
- MD5
  
  bb2fd4632cbf410c584bab0be026b733
- SHA1
  
  da1433810446595bb38fdbc3a664ffb09e81d06c
- SHA256
  
  1056248d3674adbc9e33e81f836a578b0e830c054da5a35723fe7072976c3ba6
- SHA512
  
  541b333b24e5943ba7d8d5ca052b450138d51b915760dfa512e7403144738994995358ea0bc4304f7aa75e28b6a4a6cd04f608729d100bd6c5dce40f68d4a631
- SSDEEP
  
  3072:fd8cpf3GOywbdopQzdglm4c0j9G9rAiYIH9Lf:fxe3wbdXdgRcoGpPjd
Score

3^/10

discovery
behavioral23 behavioral24
- Target
  
  components/nsAxSecurityPolicy.js
- Size
  
  8KB
- MD5
  
  c982f14a117ca444fcd4e558684e72ad
- SHA1
  
  d349adb454d434939ad56937dfc6b77bc9bcd1b9
- SHA256
  
  fe1cf8b6c350ce8b890ab8aa1c2e8441dd9c672b43439e6241bd90b63bee3718
- SHA512
  
  8ce89bcdd31f3b8c529a14255f69c684216eaab44987612b094f1a2c2fed94fd43877caad56fb082eabf1e2de20870b9e681e2f2b04baf55fae1fa847a95b560
- SSDEEP
  
  96:8HeHqTzNT0oIOyYDVvJR0zrvwby0eNPNEla0cOnJujv/abPHJ1F9jYuOonoDZt9B:vH0zNT0KyYJKFSSaaml/KgXD4vb
Score

3^/10

execution
behavioral25 behavioral26
- Target
  
  lib/xpcom.js
- Size
  
  354KB
- MD5
  
  e5a3dd32ff8ccdbe510ebe44719828df
- SHA1
  
  2f4e652d7e9c5952e4dc0d1ba6431468ab4c338a
- SHA256
  
  f9ab4a9ffe0d686be5de1e58da196052249abfc5d46d428603416af0d216cfbc
- SHA512
  
  935fd30aec5afd828acc303658aa056c002c2cc26df863d753c1c0e9186b4d6695edd47de98ab848e9cb7a209f5fb6a106c88c0c5e1c56f61f3a65005ce4f4b4
- SSDEEP
  
  6144:fu1sGt8AmtskG9pBTXgCHwwhdjYcK7/rny+UIuB:21sGt8AjW77y+UIuB
Score

3^/10

execution
behavioral27 behavioral28

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28