4dc3b3322933c0a71e75f83f59ef4dbe4ec0fb3b12271e6e75923b58dc7d1091 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a0d50f775455808c982070e167034aa3_JaffaCakes118
Size

6.8MB
Sample

240817-cnne6s1fph
MD5

a0d50f775455808c982070e167034aa3
SHA1

fe3e9bceb7f3f543459f0a89f64f81e114e8cda7
SHA256

4dc3b3322933c0a71e75f83f59ef4dbe4ec0fb3b12271e6e75923b58dc7d1091
SHA512

290f83b5e69e2f6ef3fc331cd8fcc3db04a5da9d199fed20107adb4056af0208c3f4f16112d754f064fa4d6d6e0d7497bab2ad55ba03c0e2c8ca94a03c45487d
SSDEEP

196608:n0APqlAxGMZ/k0OiFHcN/ROfp88ysOYxe6ngx6:n0Iqle1F8N/ETZE6n06

Score

7^/10

aspackv2 discovery

Malware Config

Targets

- Target
  
  a0d50f775455808c982070e167034aa3_JaffaCakes118
- Size
  
  6.8MB
- MD5
  
  a0d50f775455808c982070e167034aa3
- SHA1
  
  fe3e9bceb7f3f543459f0a89f64f81e114e8cda7
- SHA256
  
  4dc3b3322933c0a71e75f83f59ef4dbe4ec0fb3b12271e6e75923b58dc7d1091
- SHA512
  
  290f83b5e69e2f6ef3fc331cd8fcc3db04a5da9d199fed20107adb4056af0208c3f4f16112d754f064fa4d6d6e0d7497bab2ad55ba03c0e2c8ca94a03c45487d
- SSDEEP
  
  196608:n0APqlAxGMZ/k0OiFHcN/ROfp88ysOYxe6ngx6:n0Iqle1F8N/ETZE6n06
Score

7^/10

discovery
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  14KB
- MD5
  
  b18dfaded8f6d2380fdfd8f6b6969211
- SHA1
  
  969fa0e906240ab1123254feeb833c275626cf76
- SHA256
  
  747d0222b652dbfc85e0de4f8486473662d325a55e32c7eacb91e53e37ceba58
- SHA512
  
  25fb09b8657997d31e61c908f1cd08357c1a1b68bbb1ba377e87b6a3eb347a2ef96c1a771b6c4332853abb33728c55c83efa73df5da03f3dfc132f8a69a2886c
- SSDEEP
  
  192:66JaVGQ+xI5EeuyvMmGpeWH2J5xprN+AxTLK72dwF7dBdcQOz:66JaVh4I5rpPbTL+BdhO
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/LangDLL.dll
- Size
  
  5KB
- MD5
  
  9b17a13f814b137f88b961c087858063
- SHA1
  
  c290dd3139b79aa340aec3ed3d674160433035e1
- SHA256
  
  e54792a179a06acbb9b69c117ee804dce070505d1853d6e7d512f2a055a801b2
- SHA512
  
  3a625f5f13e344c24973c79c074d1ced4d9206f87f392dc7c8f0c116d0f2b878b60340e2377d0240c47f0e34e25e4e3af8b196bbca1c6a29a0f51d8408e8b0ec
- SSDEEP
  
  48:SnNQ/z+vUML8eYXICmlmGYKHz0JSpXSxwo6mpwzcR3RqG8aEJcABofgMGKO:Bz+MM4eqmvz0JScx56mpwzAhWcGV
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/ShellLink.dll
- Size
  
  4KB
- MD5
  
  073d44e11a4bcff06e72e1ebfe5605f7
- SHA1
  
  5f4e85ab7a1a636d95b50479a10bcb5583af93f3
- SHA256
  
  b96b39cb4ad98f4820b6fd17b67e43d8d0f4b2667d50caa46eff44af245d75bb
- SHA512
  
  e9f99b96334764ae47aa026f7f24cfb736859a9131bd1c5ec7e070e830b651787f49910911f82e4ade0dc62fea0ad54ba210b07e44830eb2be6abb710a418a98
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  10KB
- MD5
  
  810f3a0aefe36a9f63e29e604bea91a9
- SHA1
  
  2559d3d4adf51f8ecbe2d07e669e344eb7d0bd80
- SHA256
  
  f160eb7a1b4eb8d2e99e7424ae058acd81ba5019e43cbfa0ce81e3102b356779
- SHA512
  
  836b73c38ab60260e1bc81ebf8347e14d02453fc361b7d6f10f137287b8189f8bc43758ce2d9def8fd1c71112aab7ef1930af2d64ae69f6d4e58a6fe17b310bb
- SSDEEP
  
  192:CO6dJA/ruAFEiUdWWE6hE5RYUdJfbub1argMO:XKAFERdlxhGRYUzqZar
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  $PLUGINSDIR/nsExec.dll
- Size
  
  6KB
- MD5
  
  d669116223b97ea62efd33b228b60458
- SHA1
  
  e63cf81d5a054a1ab2dc2bbb99736ec662e64212
- SHA256
  
  bb13f2d3154d74a50278e8b0d21d2d5863f30984878207ac778d5e110a8db0a9
- SHA512
  
  99ed43cafc52b5683c23cd6cf0a3e82bdaf15c94be1a8fecfab4572c4c0726b396b04f2be7e53795d33f5bd4c455a8926a6759bdf4de57272345c83a9f85e1af
- SSDEEP
  
  96:GsX1XJX70VnIjKdpClMdOfHFI2NaeI0Q1qND1qN3riUTEVXFcL:G2x1AVnIudpClyOtIs1QUhUZriUTEVX
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  $TEMP/SetACL.exe
- Size
  
  296KB
- MD5
  
  2e5a7d12c3170f61a08866600e74075b
- SHA1
  
  c13e3ee03a215b8620e015fab2f4d6d980f82a73
- SHA256
  
  f921a1f235dcc23114c359110e63739fc1eb5eed5fe7dcc8346b2b6768d05508
- SHA512
  
  d4b07286c39f13658da288e1b905c9f2208d6d2ee68cba8d36794127e40e3e0cacbb5caad5ee20938501a912f5cf296c3fb1198fd62ce93d60f8cc09b0ccc486
- SSDEEP
  
  6144:CcDIrb+NsZPEc1QJuvIM9C/DO1VJVleqvZjLKWmFAOElTq:CcDqbfIDOvJVleqvZjJm64
Score

3^/10

discovery
behavioral13 behavioral14
- Target
  
  MahjongGarden.exe
- Size
  
  665KB
- MD5
  
  4e5afa38f77f9b8cf044600ac11be584
- SHA1
  
  a8c28a920f35dc67e60fe97ecc6d906c07c1fab5
- SHA256
  
  65b19dd6e1cb4074b474f84b60d8ab73e36ce6478f1cf0c7ceb2795268ba2f1c
- SHA512
  
  98966a5434d9ce1db6b81051cdc2bb69aa02b0ffaa30887a63371e6ed1a6e9a1e23c3b3f2974c5954f6828d634456d973ecb5a033e496b73bd2da6f07c11dcc9
- SSDEEP
  
  12288:0AWj0iuU6j+hk0niQaXn+VNxDO9yaLaUhvq0/Ki4en3TPQasz3K:0AWj3UjCnHaXn+VPo+UBh4OQae3
Score

3^/10

discovery
behavioral15 behavioral16
- Target
  
  mjgardenres.dll
- Size
  
  25KB
- MD5
  
  a11d66d32aa0b56bfc4a9ab8f4ba633f
- SHA1
  
  b491be4280f316e5f63b2b5baef7bd961ff2113f
- SHA256
  
  4ae6de5de9028d66ff46fc4e136ee37dda7102523d395f5a7515ff4d94fcfed7
- SHA512
  
  3f4170d5cb264e2d2a2e99d69aacb2457bd976a4e5ce3b02fe9cacba04c2ebc9cf0e4a6f3aa66ab73ed2fe26249fdc7862aa2c4a1eedb2b7f257aaeeaa53d100
- SSDEEP
  
  768:2lMeHkD3RNRBUFgNcRhD4UAzKnyxvha5o7:0r2RFC8Qnw
Score

3^/10

discovery
behavioral17 behavioral18
- Target
  
  uninst.exe
- Size
  
  64KB
- MD5
  
  c1a66456705673f4cec01badab037ae2
- SHA1
  
  8179bb77af4b5b099d9bf2e5050d8625202e0437
- SHA256
  
  90eab61e5aa7b82404a6e2e13514b7e8efd6259db3635fbbc9b0c49911aec937
- SHA512
  
  0d6a6d9210f2f8d9ef688d53fed1d42b1c388a6c60dc9d9ff47006a16f5f0aa7838c4f0b1e070c3142aa11060896eb9911580011e0fed09b558f44bdbfec9f8b
- SSDEEP
  
  1536:CRhoEXBpnbfRpQmJjg0eVAW0Ubg3XTsJLYKF:CjJ7nbppQmJjpFR2g3XTsJsKF
Score

7^/10

discovery
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral19 behavioral20
- Target
  
  $PLUGINSDIR/FindProcDLL.dll
- Size
  
  31KB
- MD5
  
  83cd62eab980e3d64c131799608c8371
- SHA1
  
  5b57a6842a154997e31fab573c5754b358f5dd1c
- SHA256
  
  a6122e80f1c51dc72770b4f56c7c482f7a9571143fbf83b19c4d141d0cb19294
- SHA512
  
  91cfbcc125600ec341f5571dcf1e4a814cf7673f82cf42f32155bd54791bbf32619f2bb14ae871d7996e9ddecdfcc5db40caa0979d6dfba3e73cfe8e69c163c9
- SSDEEP
  
  384:1NWlNdqdAnhTKMLE2oIM05fnqCiWg3Yy9kflIinokN:1NWtqdihTKCldkYwkdpnoy
Score

3^/10

discovery
behavioral21 behavioral22

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22