1aefc871cf047916411426953da59bcbfcfde96cbac4180242d8b3839686f8a3 | Triage

Sharing

General

Target

961cca6cec6d7649b04ae106aae9b991_JaffaCakes118
Size

2.0MB
Sample

240814-pp7lnascpa
MD5

961cca6cec6d7649b04ae106aae9b991
SHA1

3ce49de40c840c6facebf32723fdf35ab32e4ab9
SHA256

1aefc871cf047916411426953da59bcbfcfde96cbac4180242d8b3839686f8a3
SHA512

fe91a2d82a7e49f4bd8eb714188803c4f1675930c5269c5c80d6ff0007afaf5e993fdfe3ccfe8bed8ff3beae8066128ebe5b860e970364682bd98b27aa27cf96
SSDEEP

49152:Hu3ImXECPUUCak4jZDnz3+FLYCyuvTcnEjpNMdo5VipR:HuYmUC8D0NnKhYCyeZ2O5Viv

Score

3^/10

discovery

Malware Config

Targets

- Target
  
  961cca6cec6d7649b04ae106aae9b991_JaffaCakes118
- Size
  
  2.0MB
- MD5
  
  961cca6cec6d7649b04ae106aae9b991
- SHA1
  
  3ce49de40c840c6facebf32723fdf35ab32e4ab9
- SHA256
  
  1aefc871cf047916411426953da59bcbfcfde96cbac4180242d8b3839686f8a3
- SHA512
  
  fe91a2d82a7e49f4bd8eb714188803c4f1675930c5269c5c80d6ff0007afaf5e993fdfe3ccfe8bed8ff3beae8066128ebe5b860e970364682bd98b27aa27cf96
- SSDEEP
  
  49152:Hu3ImXECPUUCak4jZDnz3+FLYCyuvTcnEjpNMdo5VipR:HuYmUC8D0NnKhYCyeZ2O5Viv
Score

3^/10

discovery
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  15KB
- MD5
  
  786110d3394edf4bb5c14e3e9a49f9e6
- SHA1
  
  4adf64a5999a1a41870fedefba22f67840f36f3a
- SHA256
  
  3ccb4385cd22b5c69bc2583e181da4085477906c193f04eb5a400801e00dbcd5
- SHA512
  
  e85e49b492a04188c46c90fef6ba5b177f85c670848f902748ec1540839ffb2f5d88563c14026328dd2100a48979ff8e67e7af1eee70fea0eb477c78db4d9524
- SSDEEP
  
  192:JsIZHdT9uwYX94kYd2iCzHR+yK7imphLAykycpKPd5mn8ozxGUWumle:JsUHd9GN2d2iwl0impATIPdAn8Ov6
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/LangDLL.dll
- Size
  
  5KB
- MD5
  
  bb3707e7614a444b799d3842bf34b31b
- SHA1
  
  e4b75748e417b8a7be3a199150f4338f9d883cca
- SHA256
  
  098a384cb4c14b9639db4f4f113426d2a91d170a2affca3e6ecbe57b18d86c38
- SHA512
  
  728e7d2a7a555228f24f04829099e5f266f8e3b2f91bc44181c0d08425de158d4c1d61a25c1914bdf0ade43377462169a23b311f7cd110a1e4a07bc781ff25e4
- SSDEEP
  
  48:a6T4WeApYxYlxamAWHN+EuWkGWBBWAGr9SdLB8m0bofYZVSA:MWGSxamjHNDuWRWBBWvm0TV
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/StartMenu.dll
- Size
  
  7KB
- MD5
  
  d911fbabec7d7edbbf2a5f77bef395a3
- SHA1
  
  755bdb5f66adefba5a0548d465105ddf30b3aba1
- SHA256
  
  36220ce8d40585ef2eec800cc0ddfd348c67363485f03c388822dae4f5d53724
- SHA512
  
  1a0b669bc02dd0decf91bdbbd32f25a4b73f65578ecdc17a69b230531f83c4bbe147e0bf8f62fa25654e78a99d60c8769057857cb858d6128804f4981ebc9a1a
- SSDEEP
  
  96:sXEsZNrFQiAYLvx8RxjjL82Orp2YDDBKIakCT9KNotMQl3wJk:sXEsYYLvxcSDBxan9my3+
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  AESocket.dll
- Size
  
  172KB
- MD5
  
  aecdb03a8def8083b08eb116b47fcb7f
- SHA1
  
  ce62bc044c1bf87ac9ddb37c746db1e36d62d9f6
- SHA256
  
  01dad3440a23eab59402943c6f299905acbfbaeffd33ead14da17c00345d036c
- SHA512
  
  706d6fa173ca2e1d531eb5c4802a654ef45263c336d38781d36e6b85ea8e8f0e1238d0024379067bd66a30d103bec73372199802d59aa8e4e34635d1ee7ebd64
- SSDEEP
  
  3072:fZnbU+LrOBsR+l4J8TTgPJIVgbLcttNr3Lok:lxOSRZe4PmVQctHo
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  CS15Hook.dll
- Size
  
  217KB
- MD5
  
  77bf893bd126e759d79193ebdb878ffe
- SHA1
  
  503bec5026113a3031a7005b320729c2ac4a94ef
- SHA256
  
  25801094dd2c2a273cf1e28b1ce8da35734e337502a70560513570ee20efbcaa
- SHA512
  
  821b7d5e5d1ba9d9ccb5bca85f089f1c74b8fd2964c49523eccc47aa9976c5e428bdf8b8f446ed1236904397a7d7a8deea61b0e56f3efdf241804fad92219d51
- SSDEEP
  
  3072:IT7dz4DSyOyGY7L0W9Wm7vrxuee/biTsmJ8Xtxu5V9I:IT7HYMWD7vFe3e8XKV9I
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  CommonLib.dll
- Size
  
  172KB
- MD5
  
  564906d58b03e7a8e60ccaabd6f8bec4
- SHA1
  
  3672a21414bd576a5895e5bdf95298beef655bc1
- SHA256
  
  364d33288276379433048b303655eb011a7ca6eb2baf6fc8598ae8536d0f19aa
- SHA512
  
  f3fad80d904008f330b4b65dcd0457ce3635defcc1f7e0c8d3fc2ac5b4a4c1cba2700aeaeb5b0b06ec03c4ebb2f2f7b93fcbd7ebd2b88e07991494d1a904047c
- SSDEEP
  
  3072:M/lflo4O0wbK2Rmx0PR7BIVmN/c9TBfNh+kMtSc:M/lHZwbK2RG05dIVmN/c9TBX+kTc
Score

3^/10

discovery
behavioral13 behavioral14
- Target
  
  CrashSender.exe
- Size
  
  356KB
- MD5
  
  177af1f2650d985a77281e300108673f
- SHA1
  
  f8a943b0062350c4bab800f97bc1f963a13ea308
- SHA256
  
  1c7d72e377e4f6d67337d3a1fd7e18cbfc9c50c4336731c96d84d40adcdf2008
- SHA512
  
  8d99969a45bed0aa7c51744735d4970eb1553da2a9931ad941737babd7a30333fc7f1c6e446c29cbc7a817fe22e86f10a626ce4f72542f45ccf2dc9daeda1855
- SSDEEP
  
  6144:OB1upDkJlenlONoHDW2+VA2ybGFq6ObqJr+8E9J:baensqHDD+QJ6OIWJ
Score

3^/10

discovery
behavioral15 behavioral16
- Target
  
  FPSHook.dll
- Size
  
  57KB
- MD5
  
  0c3ea2b8408ffcba922a987e562882af
- SHA1
  
  36865ffa8721b2551d5c3cd0e40aa8dc0d2aa90f
- SHA256
  
  2d1ac975e299516f6f88f0e51ae937ac8abe14f9060b4d7b228376fc4cf7e4dc
- SHA512
  
  990f2db33fdb62a30b0edd872a909c941e35da52ae31bdf6c556debe774564cdbbc104f277469edf29903703708508054b98bf8c070a65e9da59e978bc422ba0
- SSDEEP
  
  768:IvrUnqmg1qYmAdfku7mt6VyKv3pg9SsW165e3H05URA2B:4r6ng4o7mulpgY6QE5UR/
Score

3^/10

discovery
behavioral17 behavioral18
- Target
  
  Garena.exe
- Size
  
  2.3MB
- MD5
  
  9ace0fec7c4d6a756715fe4cbebbd381
- SHA1
  
  28f73a2b615918cd1016bbda965cd115c5dd42f2
- SHA256
  
  0e2de6051a73c61dd13d8cdfa93040ae910aa4a0f7eb28c19ab4d8b17afc7a22
- SHA512
  
  f4d4ff1db9e3749ca5956ef3cb200a35939cce095b5834cfabe91103bdb833e66ca43030fc4c776ca2121d9887e1f013759cdd73a90ebd39d6d795fe5335a2d6
- SSDEEP
  
  49152:mwlEVuuiXsdDAFLB7hSI7tMPrsejY9689wkGsbTt20iOwmjMG8AZVPl:mwoYptlrZ2ZOD8A
Score

3^/10

discovery
behavioral19 behavioral20
- Target
  
  GarenaSkin.dll
- Size
  
  416KB
- MD5
  
  c2ee164eabc293eb6e0021e9192f8617
- SHA1
  
  5f4fab05c925ef3e7599469bb27fe74c1c005494
- SHA256
  
  26b5bba89d2ccf9a9e7e24775db5af0b8afcceb2e01d2228d4a5844565711f2a
- SHA512
  
  680358ccf7f03769604eebcac246f6e10bc93d92b2cd5d4a0adeb7fec19e2dc9d76a79535cd3047458f920d4bca27f4a6c44e71467db9da1d4fd6da0471486b2
- SSDEEP
  
  12288:amn3FOFoqe6nxkowZCUSaTw65Se/YpYnCb5gM:J3FOiqtUrTZSe/YqnCNgM
Score

3^/10

discovery
behavioral21 behavioral22
- Target
  
  GarenaSkin1.dll
- Size
  
  480KB
- MD5
  
  ef6684078a73a074749086531700cf13
- SHA1
  
  779dd30fd4041085718d2c8df8ae8762a5e92caf
- SHA256
  
  2ee83c02520d07be4b0d2cfa394e4b3334a4ecaaeb059191a7b2f92d9e632c00
- SHA512
  
  55b526324d4f35a88ddbbbc85330f1f302835cced34283cbdca7558d8b56c117547b0a9a98dd5dc45ee88c81e2fab02f787021048440a14284fc769b8535178b
- SSDEEP
  
  12288:CoQH2J+gbaZK5z87AbprzOtk5ycM3CydLI9fkLmzbPAR/DwETgm4NNpGj4309IyK:tnZaU5z8M1rzCk5ycM3CydLI9fkLmzb9
Score

3^/10

discovery
behavioral23 behavioral24
- Target
  
  GarenaSkin2.dll
- Size
  
  480KB
- MD5
  
  5964123a29c684ccf215975922bd8f15
- SHA1
  
  c14f7fc101c09bdc4b9a79194cc2b93cd57bd57b
- SHA256
  
  fae2ce152aa390560310d9a7ddcbf529c61c03358e8d1d790c5820b614a69f66
- SHA512
  
  2bb4b00b6abe9e054170841f79f98621d80ecfb68398e047260e2f9dd40ad06709a95da164786faa4df2fe6f162be60781e89c872cd6575c22b78e1384ca707d
- SSDEEP
  
  12288:Xmmn+/CtVAj6bJn13uJnietHZMM3oydLI9fkLmzbPAR/DwETgm4NNpGj4309IyoJ:21/3jSJn1+piyHZMM3oydLI9fkLmzbPV
Score

3^/10

discovery
behavioral25 behavioral26
- Target
  
  GarenaTVHook.dll
- Size
  
  68KB
- MD5
  
  47dde81c0b6d4d952dee95f0583881ff
- SHA1
  
  c0e2cf2691bbff8eda576e3b679f11605ab5495e
- SHA256
  
  95bef630518fc76e1164417ab0be5d9fcc02fb21fab3226337b037e03d1540a5
- SHA512
  
  53dedde5b1e3bac63bbb1e7bf7eb56030c0a99605251f4cb38c72a73dd424a010fa0fd29b4180c6e5e70e01764a15a1b622db0b5a8f424cf7c08596295a112c2
- SSDEEP
  
  768:zENCo5MQKXh6yqADb7Hl3w67LVFdGunDsRfCie0Vt34tpNie:Qt5eXh7vH55NQR/dtonNi
Score

3^/10

discovery
behavioral27 behavioral28
- Target
  
  GarenaTV_UI.dll
- Size
  
  395KB
- MD5
  
  a8e8f3204ede6b24b7838d0f0eedcfbd
- SHA1
  
  5e71c85311ea871a25ff12631b3282fcf68ae680
- SHA256
  
  12831910bf2af04483fe80cdce003309ecbc20b074e65f918ab73b0056911ffa
- SHA512
  
  357d771a95bc6ab2bfa97482fa1f31b7e9ecf529b096110054ee78bc3526d8f697873dcfe4d652355a1d1d284004d41d1f26e3ec9bf7c03851e8c4eb3e4a29b0
- SSDEEP
  
  12288:PANfedg3V/RaV2khBnLA1byW0L9513pn:UVZZkTLb5L951N
Score

3^/10

discovery
behavioral29 behavioral30
- Target
  
  Inject.dll
- Size
  
  52KB
- MD5
  
  12be495da7d58512c54f5e08078163c1
- SHA1
  
  8d0743af2824b8efe1b0701dc7d6da58ae3736b6
- SHA256
  
  d9f0d049707c3031576f12622ffac641beda11584c6b2e034df315926fe8386a
- SHA512
  
  02bf45cdc1ef3fa6fe300019fc2da0716b7b76781dc85fa8fce033af20c745af02d515efa14e9ac6a71d7ef0226badb6cfc848aeb08a99a142b211318e32c1b8
- SSDEEP
  
  768:joXMpWhsya6ZB7pAehTp7nYxgwo6Oi30Vt0m4:EcQVptbYxgAgt5
Score

3^/10

discovery
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32