20f8b45d691761fe77abc98d4cc177eeca5285508bede224998f238bf41a9f6d

Sharing

Copy URL

Twitter E-mail

General

Target

959901e9b3c67ab6ce4cb9d39da0b0aa_JaffaCakes118
Size

5.3MB
Sample

240814-lw3phazhrl
MD5

959901e9b3c67ab6ce4cb9d39da0b0aa
SHA1

1dc11a749feeb978783b80285f11fdca297db0a0
SHA256

20f8b45d691761fe77abc98d4cc177eeca5285508bede224998f238bf41a9f6d
SHA512

9d6e12fc79a635e9d67df86164e0c28171aecefed33e3e80295670d2d7378512a257b09009105d7bf9962f17ebe0c8f6ebc194a258d4ecfe82a18dea10d74e4e
SSDEEP

98304:jt76ZBFjJ7PMq/sgwrjZ20zYh7wGwgxclH+bKuuvv2U2jpQvfrm5MntI:B4l5h4k0zw77cVjuiJvzmStI

Score

7^/10

Malware Config

Targets

- Target
  
  959901e9b3c67ab6ce4cb9d39da0b0aa_JaffaCakes118
- Size
  
  5.3MB
- MD5
  
  959901e9b3c67ab6ce4cb9d39da0b0aa
- SHA1
  
  1dc11a749feeb978783b80285f11fdca297db0a0
- SHA256
  
  20f8b45d691761fe77abc98d4cc177eeca5285508bede224998f238bf41a9f6d
- SHA512
  
  9d6e12fc79a635e9d67df86164e0c28171aecefed33e3e80295670d2d7378512a257b09009105d7bf9962f17ebe0c8f6ebc194a258d4ecfe82a18dea10d74e4e
- SSDEEP
  
  98304:jt76ZBFjJ7PMq/sgwrjZ20zYh7wGwgxclH+bKuuvv2U2jpQvfrm5MntI:B4l5h4k0zw77cVjuiJvzmStI
Score

3^/10

discovery
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  13KB
- MD5
  
  72862ffef9009b6fb8612da1ad0a5c6d
- SHA1
  
  c11ac4e0ec4da3045bcd8f13a2f316091e44a960
- SHA256
  
  4d9256ed7156a541a336f44b9fac8ef9e5b5b787abbbc68297b455a79d2bfdbe
- SHA512
  
  796ba8d70c7373275b5e4ed0a5a1f91e0809b65e2a942c56cad9f7e941c62e24608c924c53a6fac4b1431cdcf24d9f8e15b8356dd085098706b16d947330bc40
- SSDEEP
  
  192:1znbcLwcLP4wuoId0pdafRbUjuNey3YG/1vpEcDFC1Ac1W:17bWLw3IsJojEey3YMpEcDF
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  Puzzle_Blast.exe
- Size
  
  652KB
- MD5
  
  64d84a33eff9d46427ee88c9ca88cd0b
- SHA1
  
  48701c679c39fde49dee30cd06d0131b284c1709
- SHA256
  
  09ecf29d7534a459a547a9eb811d73a7220751fc3756062a214359794de23ec6
- SHA512
  
  780234324d36abe8d2873bd73f08005f463934b626979de18e2e9e03dc0ae4bcf91cd7adeec0a7dfb4b00faf21bfb4f5494d62e7aed5737ee1a09cc504e1f2b8
- SSDEEP
  
  12288:s4K5IvIl1GxVghGNNFtAcQeNaFnyiUTfV6W9gPF2Gn:KkIli1Tt7NayiUTfv9gd2Gn
Score

7^/10

discovery
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
behavioral5 behavioral6
- Target
  
  bass.dll
- Size
  
  96KB
- MD5
  
  ee3757788eea4bd71e7779b497a30672
- SHA1
  
  87eac11f16444f38adf19c8b68087a001bf3704a
- SHA256
  
  1ec0ae08cd89e542cb32e1ff6206b2d033a4513630f3e00751cc41e57a061a45
- SHA512
  
  d9f7c06db0a100601d8f81dcdf1f052f6444956c45a2de660847d413abc4e383137e5ca21b9bf79aba106d1451366abd0814d96b7f80189e9f38849fdcd4dec6
- SSDEEP
  
  1536:vwMJ+mc09Bm36GOr3GitlGjftiwbj9su8WXF+u8+J3hBTN2aSy69ju4UmEM/g:Ikx9Bm365GitEQwbJsdb+J3tn69jxU3
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  mysearch.exe
- Size
  
  312KB
- MD5
  
  49f799c24707ba2933989f2447f732f7
- SHA1
  
  d3fbc5ce62a374b4519419ceddade4c6277f8c0d
- SHA256
  
  b2a164564f7882cced37eb1b712254ed13b07aa91b2b351946176f15192e1cce
- SHA512
  
  710de1d58b7fa68e1cddd902faa7272b933558523d20abab89958f6c13fb4a0ea66439a3058d9de8fd31304c5316c4a6b8dfc196900abbb13ef36ddac08b6288
- SSDEEP
  
  6144:3+bkpRwTJ5e6T9DdqbPaPowUxJMX6vnNcB1ZiRoKRU:7Ue6TiaUNnW1wRl2
Score

7^/10

adware discovery spyware stealer
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
behavioral10 behavioral9

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Browser Extensions

T1176

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Unsecured Credentials

T1552

Credentials In Files

T1552.001

Discovery

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Data from Local System

T1005

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Checks BIOS information in registry

Loads dropped DLL

Reads user/profile data of web browsers

Checks installed software on the system

Installs/modifies Browser Helper Object

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10