49a6613b3b1575f5bedec9f348d5afca76ce39dc5f867a03aa5750135498b9b3 | Triage

Sharing

General

Target

96b4efb322e9f719e9da043e26a2bd97_JaffaCakes118
Size

656KB
Sample

240814-tf8jtavhnr
MD5

96b4efb322e9f719e9da043e26a2bd97
SHA1

3825278830bb9a9d8b3bff6968b9fe730018179c
SHA256

49a6613b3b1575f5bedec9f348d5afca76ce39dc5f867a03aa5750135498b9b3
SHA512

1cdcf1c622a88e0f7c73838a67517f229509dfd9c39359a37843e012901b7c1c56d30897d31c9eb7f6ad8f1f36cfb2e34729954c9058c297a6fa40d4ac8141c0
SSDEEP

12288:R5QepwNJe5vSyv7eTmYcfOT9p9rEf2w0RZ5h:R5Q9lmXOzZEf2w0jf

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  96b4efb322e9f719e9da043e26a2bd97_JaffaCakes118
- Size
  
  656KB
- MD5
  
  96b4efb322e9f719e9da043e26a2bd97
- SHA1
  
  3825278830bb9a9d8b3bff6968b9fe730018179c
- SHA256
  
  49a6613b3b1575f5bedec9f348d5afca76ce39dc5f867a03aa5750135498b9b3
- SHA512
  
  1cdcf1c622a88e0f7c73838a67517f229509dfd9c39359a37843e012901b7c1c56d30897d31c9eb7f6ad8f1f36cfb2e34729954c9058c297a6fa40d4ac8141c0
- SSDEEP
  
  12288:R5QepwNJe5vSyv7eTmYcfOT9p9rEf2w0RZ5h:R5Q9lmXOzZEf2w0jf
Score

7^/10

discovery
- Executes dropped EXE
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Drops file in System32 directory
behavioral1 behavioral2
- Target
  
  $0/questresult.dll
- Size
  
  560KB
- MD5
  
  12a2c49aebce29c356ffddd3c850942c
- SHA1
  
  2aa9779d6d761967eccabf086b36cbc8c5a3ff35
- SHA256
  
  fc271d47443d1874b2473cedead184d59169a956051435baab685ea4e7d73ecb
- SHA512
  
  5fd95c11c29722b2e9322d922ea084787b89400bb49c65c6a715bc02df5643cabf0fc12b1be16242c7b5e7cef90f48150b5ac73be49b333ef316d9defaf19c86
- SSDEEP
  
  12288:H1x11HPNJiuG60q8pu+bZEk7A6xm/oBapHLNZmmlqAUdKBQv3admp:H19loukq8tbQaadL3Udhv32mp
Score

1^/10
behavioral3 behavioral4
- Target
  
  $0/questresult.exe
- Size
  
  48KB
- MD5
  
  b88d605702d92e81c8dfcc5a33841dd4
- SHA1
  
  44d944a6ca25df041cc914cc329f5ade9592486f
- SHA256
  
  0e2fade0af3c09ef949cf065411fc93a611b43ae469bd2fc125c9fbe86fe3058
- SHA512
  
  4075625551b08901527d0ba6d62132d4d94b8807caa1b929a30ec3566b5c8b588e794f8785863c043aed59d0fcbcf3da3bec9cd6b6cc4cf02e0db2f038bb785d
- SSDEEP
  
  768:GFTgvzf1p629yRwMjYphWsgYPRSVQoSgoSoC5lm4wke8jk3PYAUH839iOqV5l:GlgjZunIWjY5SVQoSdS5/mkjkf3s8t6l
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  $0/uninstall.exe
- Size
  
  83KB
- MD5
  
  b8581e4563421179a21eb5f9daff2380
- SHA1
  
  99531598663bfaf0acd2e656532d9df44a69e4f3
- SHA256
  
  79334466126d6e4bf47b1964675c01885a9dbf27541fd72e72aae58f95acfd23
- SHA512
  
  800e36eeff74e6e0a03d2cb75c71a9460c6fa1cbcc7457301996e20f1e578cf0cf9cba66de8e964bedf0f4a188bd954dc4799c0a87e4d2cea76b8b8e4b92cb33
- SSDEEP
  
  1536:6EkjY1zy214Qay0DGkJ7qAELVigJU4cp9iCxVF97d2/D8q:BkjAJ4dDGkJ+AI0bxvxVDQ/F
Score

7^/10

discovery
- Executes dropped EXE
- Loads dropped DLL
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  13KB
- MD5
  
  d765c492c21689e3d9d61634371fd861
- SHA1
  
  ac200933671ae52c9d5544d0e2e8e9144d286c83
- SHA256
  
  551e6042dd494ea01549555ffc194ab9729da09058ec714eb368dd06642c9bbc
- SHA512
  
  9919a9e848c8f1e26c75d0d29207571e4b86a4140bd554743d2c1f8bd7f386fe4919345b163d89a5d907fb165e435ba0ac5f6b1101713636141f156a420e2e0f
- SSDEEP
  
  192:9B6RvrfvOuJQDghBy/X7QKq3TLGciZJf0EzWzMnz6WoF1dBs:v6RrviWaX7eiZJ7nz6bB
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  10KB
- MD5
  
  fe24766ba314f620d57d0cf7339103c0
- SHA1
  
  8641545f03f03ff07485d6ec4d7b41cbb898c269
- SHA256
  
  802ef71440f662f456bed6283a5ff78066af016897fe6bfd29cac6edc2967bbd
- SHA512
  
  60d36959895cebf29c4e7713e6d414980139c7aa4ed1c8c96fefb672c1263af0ce909fb409534355895649c0e8056635112efb0da2ba05694446aec2ca77e2e3
- SSDEEP
  
  192:rO6dJA/ruAFEiUdWWE6hE5RYUdJfbub1aMBgMO:yKAFERdlxhGRYUzqZaMB
Score

3^/10

discovery
behavioral11 behavioral12

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12