Overview

overview

7

Static

static

3

971c0eca8c...18.exe

windows7-x64

7

971c0eca8c...18.exe

windows10-2004-x64

7

$PLUGINSDI...er.dll

windows7-x64

3

$PLUGINSDI...er.dll

windows10-2004-x64

3

$PLUGINSDI...er.dll

windows7-x64

3

$PLUGINSDI...er.dll

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...dl.dll

windows7-x64

3

$PLUGINSDI...dl.dll

windows10-2004-x64

3

$PLUGINSDI...nu.dll

windows7-x64

3

$PLUGINSDI...nu.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...fo.dll

windows7-x64

3

$PLUGINSDI...fo.dll

windows10-2004-x64

3

BounceOut.exe

windows7-x64

3

BounceOut.exe

windows10-2004-x64

3

BounceRes.dll

windows7-x64

1

BounceRes.dll

windows10-2004-x64

1

Uninstall.exe

windows7-x64

7

Uninstall.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...fo.dll

windows7-x64

3

$PLUGINSDI...fo.dll

windows10-2004-x64

3

aminstall.dll

windows7-x64

3

aminstall.dll

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    971c0eca8cd5665ea185039a2c4770b4_JaffaCakes118

  • Size

    3.0MB

  • Sample

    240814-wn5t1a1arn

  • MD5

    971c0eca8cd5665ea185039a2c4770b4

  • SHA1

    d375383178e1fff9ced72834339386b675804075

  • SHA256

    fa8ff6cd1cf26f4e9ee26e68cd7e764f572e9845ddbd0ca305ada1beaca97ccb

  • SHA512

    eb75d68eed270e53ab77c61e1e183e00a9680d16c865882e0fc10b08817a894c72a69da8febd528e4141ef2cdc7bd932a69c5f838a2f650f82dd41cdbdcea103

  • SSDEEP

    98304:FyxQ2neF96/3IQfUeGzkAgwwc9/BrqyGjLea:FyxQCeFqIjzkK9JrqyqX

Score
7/10
discovery

Malware Config

Targets

    • Target

      971c0eca8cd5665ea185039a2c4770b4_JaffaCakes118

    • Size

      3.0MB

    • MD5

      971c0eca8cd5665ea185039a2c4770b4

    • SHA1

      d375383178e1fff9ced72834339386b675804075

    • SHA256

      fa8ff6cd1cf26f4e9ee26e68cd7e764f572e9845ddbd0ca305ada1beaca97ccb

    • SHA512

      eb75d68eed270e53ab77c61e1e183e00a9680d16c865882e0fc10b08817a894c72a69da8febd528e4141ef2cdc7bd932a69c5f838a2f650f82dd41cdbdcea103

    • SSDEEP

      98304:FyxQ2neF96/3IQfUeGzkAgwwc9/BrqyGjLea:FyxQCeFqIjzkK9JrqyqX

    Score
    7/10
    discovery

    • Loads dropped DLL

    behavioral1behavioral2

    • Target

      $PLUGINSDIR/Dialer.dll

    • Size

      3KB

    • MD5

      de4b7820e03027762f0255059dccef1b

    • SHA1

      b5545c72537fe89d4db4286a8448db62edc56c2b

    • SHA256

      39b9f9e1ff6c4f4ea9739cad159448b6bf5f570b09b839d5f43f2abd79c16771

    • SHA512

      9152538cf1ea8c9f1a6b082f4cacb97cb05be915ff608125d4c705a8611a1e9368930e5284c820ff0f1106075a65e14d45052de6a75d7878ad5f75111d134455

    Score
    3/10
    discovery
    behavioral3behavioral4

    • Target

      $PLUGINSDIR/GameuxInstallHelper.dll

    • Size

      73KB

    • MD5

      b225e2a7fa0c597b68cd7b06bfcd7fa2

    • SHA1

      fd3df3532c38b8fc750248a91839f8653498084f

    • SHA256

      9ce7213567d8310e69c82f88586fcd38b5dd26a21c851b5d6f9c73bf46ff1429

    • SHA512

      0c14370373472113a57804097490acc6c490bf3db1c4a41dc0421dcfbdc79156397e6eaf60fd33e12809bbd4e8b87538546a7d5373eeeaa8573a8a871c5d7f32

    • SSDEEP

      1536:IOY/mBRLy0VN5sFAjNsLKapmxQZfjCGOOc1ztWhiFhsHaevt:IOY/30r5sFAJsjkr1ztWsFnEt

    Score
    3/10
    discovery
    behavioral5behavioral6

    • Target

      $PLUGINSDIR/InstallOptions.dll

    • Size

      12KB

    • MD5

      57db62366ef11fdc47922a02031f0492

    • SHA1

      6d30db5285b653025f94e74b9b045870dc0aeb7a

    • SHA256

      2338752092918db8e068d55bea61f8cdeb9be37b6e6d30a730d9703b169b08b4

    • SHA512

      d0257e02370863e07feb9346b88d87a102089f0c48aea13e069e55a14f0f6db51fb3d5f41ed5d2f39e36b612f4b6194a6b7c059709808bfb23ded89d0b0a3db5

    • SSDEEP

      192:gzixixDOHhG9db9rd+oSVPECMlh3I8tqDynq7hwbbHF1QuCb:gOx0DOHqrdwTY6+nq72bbMum

    Score
    3/10
    discovery
    behavioral7behavioral8

    • Target

      $PLUGINSDIR/LangDLL.dll

    • Size

      5KB

    • MD5

      51d66dbc791228d8411159379523d971

    • SHA1

      029981130567cd45cb98cff5041acbec13d6ba3f

    • SHA256

      9a2d4add45790a47d56aa67b9199b66119ec0a21185f3df6fabbc56a9b47cb88

    • SHA512

      c224b16c27869767f7fe403094797bc580b4710c92f05f7fad5fc405e834bd12b2c5022fa6e380ad7e2f58650115afe8792ce8bfba932c4fb46e8d27d99ccc7d

    • SSDEEP

      48:SHEnz1tBa/XC1TQO50vwovgxVLrh2TpXHW+iJ/L9Cp+0rf1uapRkdfhhdJcN:H9UXC13C/ovLrh2cD/L9NochjcN

    Score
    3/10
    discovery
    behavioral10behavioral9

    • Target

      $PLUGINSDIR/NSISdl.dll

    • Size

      12KB

    • MD5

      e32c7911814ae37f75ad9340fce9f46c

    • SHA1

      a24483c292fc1a89fe34962cc6fb685d16b42e97

    • SHA256

      a0de27810988abaa75ef1a3b8035a56f6632ee9bd9412918dda608dfe1ad6e4d

    • SHA512

      1201782253eadba8381d660e9e67bf2c74fee92955802e569d8172613d4ef8524985b3a747bb17d0ff256c2ca43e329d1414eacf3491092f4d12efd5b53927e2

    • SSDEEP

      192:BTed/9E1XMNUrW7VymsS9W+7HaQM7zFSnQXiCVIXuZsav+zPzrR2RMi:BTqE2UrW9tWeaQ6zF1NIXu6a2DP8Ki

    Score
    3/10
    discovery
    behavioral11behavioral12

    • Target

      $PLUGINSDIR/StartMenu.dll

    • Size

      6KB

    • MD5

      7e45b2485d98ad5a44514b6df4fa4544

    • SHA1

      bf000b012b341925aaddb546331064bd6949816c

    • SHA256

      95cf100fe8ce66189514002965c6274d2c9d3089fe885fb9230aae547a9e4012

    • SHA512

      01fa8e8cfb85243cc7ea89ede30aad21eed56508cc39e327c847a0c6c2121c3882d5b7068a1d56bf37d576d589697a58c1de8fa168707aa25d5e3aaf0486fa0d

    • SSDEEP

      96:JLJdRZk8OkmE+WHw0FMXF6CWhFxKpKsxQhEfP0:JLjPk8OT30FFA2CP0

    Score
    3/10
    discovery
    behavioral13behavioral14

    • Target

      $PLUGINSDIR/System.dll

    • Size

      10KB

    • MD5

      b21538d9f049d3e3e8b666744d7ca36d

    • SHA1

      b97fc58f9aa238758a7574a2e32dac4e97392f47

    • SHA256

      9dbe958fd425903ffc2197a112bec4fa597284f9637fe8fd5685016f32e21334

    • SHA512

      05d2c660a43519fd35daa3b4310419b33e61ce8557bde55942315ca59c3b9cb9fdeaea42c403ad78a54fa9923eaa712bcf5a10dea83619a18c4ef0c451e6d533

    • SSDEEP

      192:ROSsJI/rqmIDNLU0dq51EgAiNbubv6xLZ:/HQQ0d01Egbq76x

    Score
    3/10
    discovery
    behavioral15behavioral16

    • Target

      $PLUGINSDIR/UserInfo.dll

    • Size

      4KB

    • MD5

      593345196fcd1c553b0702cc026ccccd

    • SHA1

      84446849c10e0c4d6683072f4c2eea5a085bac2f

    • SHA256

      fb4a4bea088b8dbf2adda6fdeb50be4b96bf20ba62bd9ac64b68ea628166a28d

    • SHA512

      b28da01bec7a34a493316606c7406c06d0b278f1318563874f037caf203c2ec261c3f5c2a1790c6c177537bbb0f4dd0b7be482976f7114f70be75b5e4b311306

    Score
    3/10
    discovery
    behavioral17behavioral18

    • Target

      BounceOut.exe

    • Size

      1.9MB

    • MD5

      17b4e24e5393178e4defb1dde4e51e97

    • SHA1

      6b28d115719e84cc4bf6595ddd7114e45e7cf7f9

    • SHA256

      ae8c8c359d8d017133d8d02d0a2df0df49ac17a580942b531cb15851e4a43368

    • SHA512

      de0781bb4aac834a8611ac6c1becc63ee746b53cd126622cded0ce5214c14285b02142df063614b5de57f452c3827919720084cb36caa60c8e448257107ea293

    • SSDEEP

      49152:vi5cXY42x4ACp2ZtcO8ZEMZoWY+KGemSejTBgUUFZaNhMbus5QvF2:Ico42+1p2Lc4lWGjejTi42lmN2

    Score
    3/10
    discovery
    behavioral19behavioral20

    • Target

      BounceRes.dll

    • Size

      760KB

    • MD5

      cede2d70e806195f4dc673a9197ea189

    • SHA1

      26aa0c3e0b1d83010d253c9fb24eda6360d5edc1

    • SHA256

      dda54e1aee16f48b8584ac18f981c3ae6edb526f0f5d11cdbce7f3a704a57aa2

    • SHA512

      25d1b4c59c983b14570e1822de6ee25bad983c474ba5fa00b4ff0ce84ab0459d57ae1f3ddbe56f5054d8b84f3fdcb10b8a01280376966ad5b4ba25ed4228c11c

    • SSDEEP

      12288:2FoyQNgtEZvGQK+rYSLDrWUMz7QEyXuwC/4qWEXs3f+DdZaBGueEEDtYEe6Qv+L3:2qyQN6EB6mYSL3WUXjK46ef+hZqNEDs+

    Score
    1/10
    behavioral21behavioral22

    • Target

      Uninstall.exe

    • Size

      119KB

    • MD5

      009f034ca7b4eeeef212b003bec66a33

    • SHA1

      63f74124cc8cf140b5b89a9231e158266967bb73

    • SHA256

      7ef6d8efe1841e58f458854d1b03694b9fad80e53c0bd7469474c944ac655e80

    • SHA512

      6a1c8bb8aa54623b151a3604d5f83bc08216f19866d29f91830dedb175634f70ae720c8723d0f8f04f92c94ebe004807fd6609e42091f29671885042841772bf

    • SSDEEP

      3072:/k5+bFdkJHeNy4SqvntmsZ6nK1+tNI3RxahoU:40O4Bvnz/+/qRAf

    Score
    7/10
    discovery

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral23behavioral24

    • Target

      $PLUGINSDIR/InstallOptions.dll

    • Size

      12KB

    • MD5

      57db62366ef11fdc47922a02031f0492

    • SHA1

      6d30db5285b653025f94e74b9b045870dc0aeb7a

    • SHA256

      2338752092918db8e068d55bea61f8cdeb9be37b6e6d30a730d9703b169b08b4

    • SHA512

      d0257e02370863e07feb9346b88d87a102089f0c48aea13e069e55a14f0f6db51fb3d5f41ed5d2f39e36b612f4b6194a6b7c059709808bfb23ded89d0b0a3db5

    • SSDEEP

      192:gzixixDOHhG9db9rd+oSVPECMlh3I8tqDynq7hwbbHF1QuCb:gOx0DOHqrdwTY6+nq72bbMum

    Score
    3/10
    discovery
    behavioral25behavioral26

    • Target

      $PLUGINSDIR/UserInfo.dll

    • Size

      4KB

    • MD5

      593345196fcd1c553b0702cc026ccccd

    • SHA1

      84446849c10e0c4d6683072f4c2eea5a085bac2f

    • SHA256

      fb4a4bea088b8dbf2adda6fdeb50be4b96bf20ba62bd9ac64b68ea628166a28d

    • SHA512

      b28da01bec7a34a493316606c7406c06d0b278f1318563874f037caf203c2ec261c3f5c2a1790c6c177537bbb0f4dd0b7be482976f7114f70be75b5e4b311306

    Score
    3/10
    discovery
    behavioral27behavioral28

    • Target

      aminstall.dll

    • Size

      157KB

    • MD5

      cec88cfc2853cf5490d23af767f3aae4

    • SHA1

      642b38211d1c18def13b9d6b76b622f7b36779a2

    • SHA256

      2a7ee893990dc65bdd4865e0ff3295fe331c82981a5cc40751c8fdfe90d1190b

    • SHA512

      9dc4ed2fcbdf1f01f0a873a7607a705d80f8621b08aa18ef56ea8b8b5cce29c304507bed6096a28bfdde4a15dd76a57ffcdd20b175157682add98d05db354b52

    • SSDEEP

      3072:8oy/SJZ1bsvb7EX3jUzrK9TBffJqteZDXwtep6+:8aosXmK9TBZFK

    Score
    3/10
    discovery
    behavioral29behavioral30

MITRE ATT&CK Enterprise v15

Tasks

static1

Score
3/10

behavioral1

discovery
Score
7/10

behavioral2

discovery
Score
7/10

behavioral3

discovery
Score
3/10

behavioral4

discovery
Score
3/10

behavioral5

discovery
Score
3/10

behavioral6

discovery
Score
3/10

behavioral7

discovery
Score
3/10

behavioral8

discovery
Score
3/10

behavioral9

discovery
Score
3/10

behavioral10

discovery
Score
3/10

behavioral11

discovery
Score
3/10

behavioral12

discovery
Score
3/10

behavioral13

discovery
Score
3/10

behavioral14

discovery
Score
3/10

behavioral15

discovery
Score
3/10

behavioral16

discovery
Score
3/10

behavioral17

discovery
Score
3/10

behavioral18

discovery
Score
3/10

behavioral19

discovery
Score
3/10

behavioral20

discovery
Score
3/10

behavioral21

Score
1/10

behavioral22

Score
1/10

behavioral23

discovery
Score
7/10

behavioral24

discovery
Score
7/10

behavioral25

discovery
Score
3/10

behavioral26

discovery
Score
3/10

behavioral27

discovery
Score
3/10

behavioral28

discovery
Score
3/10

behavioral29

discovery
Score
3/10

behavioral30

discovery
Score
3/10