2de119b465a2e51cbab3293b51b419c49d6da1f497c68e17549839e0f6ae2a9b | Triage

Sharing

General

Target

a0faaea087a29e3462421661f51c2f81_JaffaCakes118
Size

8.2MB
Sample

240817-dm2f3sxckr
MD5

a0faaea087a29e3462421661f51c2f81
SHA1

904b9025a2b42b61424d1353d9f5f743e94831e8
SHA256

2de119b465a2e51cbab3293b51b419c49d6da1f497c68e17549839e0f6ae2a9b
SHA512

360990dc7a495f5231262596933ad1f2ff220c3b192786dda8e39875ef9d3269fd6e3cd416844964c4283980620e40a36740403f6ee6604fc856ebc4aad90838
SSDEEP

196608:xlNLpCx7AoNv3O+bD3AJMS6nvFX2sWCmWrPucwDJsSUtCPB+:xTLQ7AoND7A76nB/WIrPuLDqXt2U

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  a0faaea087a29e3462421661f51c2f81_JaffaCakes118
- Size
  
  8.2MB
- MD5
  
  a0faaea087a29e3462421661f51c2f81
- SHA1
  
  904b9025a2b42b61424d1353d9f5f743e94831e8
- SHA256
  
  2de119b465a2e51cbab3293b51b419c49d6da1f497c68e17549839e0f6ae2a9b
- SHA512
  
  360990dc7a495f5231262596933ad1f2ff220c3b192786dda8e39875ef9d3269fd6e3cd416844964c4283980620e40a36740403f6ee6604fc856ebc4aad90838
- SSDEEP
  
  196608:xlNLpCx7AoNv3O+bD3AJMS6nvFX2sWCmWrPucwDJsSUtCPB+:xTLQ7AoND7A76nB/WIrPuLDqXt2U
Score

7^/10

discovery
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  14KB
- MD5
  
  325b008aec81e5aaa57096f05d4212b5
- SHA1
  
  27a2d89747a20305b6518438eff5b9f57f7df5c3
- SHA256
  
  c9cd5c9609e70005926ae5171726a4142ffbcccc771d307efcd195dafc1e6b4b
- SHA512
  
  18362b3aee529a27e85cc087627ecf6e2d21196d725f499c4a185cb3a380999f43ff1833a8ebec3f5ba1d3a113ef83185770e663854121f2d8b885790115afdf
- SSDEEP
  
  192:86d+dHXLHQOPiY53uiUdigyU+WsPdc/A1A+2jwK72dwF7dBEnbok:86UdHXcIiY535zBt2jw+BEnbo
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/LangDLL.dll
- Size
  
  5KB
- MD5
  
  9384f4007c492d4fa040924f31c00166
- SHA1
  
  aba37faef30d7c445584c688a0b5638f5db31c7b
- SHA256
  
  60a964095af1be79f6a99b22212fefe2d16f5a0afd7e707d14394e4143e3f4f5
- SHA512
  
  68f158887e24302673227adffc688fd3edabf097d7f5410f983e06c6b9c7344ca1d8a45c7fa05553adcc5987993df3a298763477168d4842e554c4eb93b9aaaf
- SSDEEP
  
  48:iV6pAvmNC6iMPUptxEZK65x/AmvycNSmwVsOYJyvrpXptp/JvR0Jlof5d2:2811GED5ZTvycNSmwVsTJuftpZR0Sd2
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/StartMenu.dll
- Size
  
  7KB
- MD5
  
  a4173b381625f9f12aadb4e1cdaefdb8
- SHA1
  
  cf1680c2bc970d5675adbf5e89292a97e6724713
- SHA256
  
  7755ff2707ca19344d489a5acec02d9e310425fa6e100d2f13025761676b875b
- SHA512
  
  fcac79d42862da6bdd3ecad9d887a975cdff2301a8322f321be58f754a26b27077b452faa4751bbd09cd3371b4afce65255fbbb443e2c93dd2cba0ba652f4a82
- SSDEEP
  
  96:2fiqP7bO2qHkAC40KhvSE+6nrxtMn0iGd88qRLqtJ1tbRhElfRx2:siqP7OHX1Q4xtcf8qo/ttgfRx2
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  $SYSDIR/IntelQuickSyncDecoder.dll
- Size
  
  139KB
- MD5
  
  7f587345a13905f5629d24905419c523
- SHA1
  
  9242e6fe00368675f1a81cf2414bc7a314beaedd
- SHA256
  
  2a3f8c28c59e9afdb900548e3cf0064f5b68a235e656ede2b8fbe699cfffff9f
- SHA512
  
  22d2013713c94fdd27474322b5c5cc3b0e782f3ef3eefd85ca84e2cd46492c214d0d7caf323fa10b2c74d3ca11ec7dfff61ec61081ccc2f051cec5843331179e
- SSDEEP
  
  3072:7JNxIJEk37gtzsgx1tIRqQPPuWxvRKiSVhMo:7JNxIJEk37Ysgx1mRVPPzxvkiSVO
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  $SYSDIR/LAVAudio.ax
- Size
  
  208KB
- MD5
  
  c5ca436d963b7cb2607c71072c9f30ba
- SHA1
  
  62e9125889902a8444a7762faf22b2392e1beb67
- SHA256
  
  42255c0f5945f4b25b32fb90920905ee52916bb7f9fbec799a8d1e6df10bc26b
- SHA512
  
  3e0f20c104093640b22fc969c7d2b237ef1808803d09e72ae1400a07c81439dd8e48c16b5adff717bc5d9b6b3e7cc3403e2ff08f79b7c5d8040f5034328ff5e1
- SSDEEP
  
  6144:9+XYoAoKJQ/OV7kz/VLsmHQTHuORLC6L:9Ma7kz/VvHQyyL
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  $SYSDIR/LAVSplitter.ax
- Size
  
  450KB
- MD5
  
  fe4166ed0cadba8af8071234adc7613f
- SHA1
  
  38ac973e92044c53ece0b7ac9d3c869f9dd86669
- SHA256
  
  91020893ee9ecd2b89139b63dad0d5b41319dd3e0bd49814857df2714bf07476
- SHA512
  
  636fafd1a19592a9ed5d9edb3a69d70fdd657c80257c56f878ec90377296f92ffee9cdbcd9475b7685657e0165c241d9bcc71eaa3b4cd2d24b89c187746d6502
- SSDEEP
  
  12288:n2/Uk6UjJauk19QW+Deg/khwAvqy9ndmafS5N4NXJMTgDHTC5ipl:5wACy9dmafSv4NaTgzTC5
Score

3^/10

discovery
behavioral13 behavioral14
- Target
  
  $SYSDIR/LAVVideo.ax
- Size
  
  437KB
- MD5
  
  e41abdd77ff7e612d5f74d00ec722f32
- SHA1
  
  1293a7fbafdc74967bd17deefc1769566e510bd5
- SHA256
  
  7a8a39afc65a8c04fe5a6572347bbc1ede751235eae4a17c9a461041f5f2acfb
- SHA512
  
  95f57122b5ef69b44d74b251ad82400220da0e9ee31c7466f58d74f861d0854e67917aa75c03bd2b4fa0996bfe09ac0e0729670db97b681d8356aeeeec9fd33d
- SSDEEP
  
  12288:wbqNS0VtjtgWINik/dy+qIj9CUUZVu3q:CYjgWINik/dqI8USU
Score

3^/10

discovery
behavioral15 behavioral16
- Target
  
  $SYSDIR/MPG4C32.dll
- Size
  
  404KB
- MD5
  
  3f81e76e701bb4e00d3cce7a1a751fb2
- SHA1
  
  d65379b26c653a0842e649eb76399c7c0cda3b22
- SHA256
  
  19305bac9452a61b757db35dfe189369d4311c4203699cb4cbb3af5f590a8e04
- SHA512
  
  f9e7750d6b08a823d86ffa19a50723c78bcd9ca83be024caf572a9fd4158c2fbe7df98ea390621e78a0979fa49244d9c5ac745e56f475af49f97f5a20bd182f9
- SSDEEP
  
  6144:E/0BAIcKDZT+6zz8fK7o1yB+c8My7hFMMhmnslB3dJXRRmWds:E4nFLzWckcyzD4slR/RRmAs
Score

3^/10

discovery
behavioral17 behavioral18
- Target
  
  $SYSDIR/avcodec-lav-53.dll
- Size
  
  6.1MB
- MD5
  
  b0e35230800d6c0242cbcdb59b8756e8
- SHA1
  
  7599be00ed9146a12be932471f94b3f9e89f122c
- SHA256
  
  a65265502a0050a8ae7f432a3629c299d5d8d1ebe7118dc8117026e4d3b22970
- SHA512
  
  d0751608e7eab4fa61e594ecf43b6a48d7a37f6ec064da691f195b11ee5393bdd89748020b892f2de0717ca05c815d3d474aecc5b8b1b8d2473dc008b9e5cfe3
- SSDEEP
  
  196608:YzQpdeTc29Dj5gyoiP34ddi111oz/R26cmne/+Z9lpP7Ilr:Y0pEjY5Ll5lpElr
Score

3^/10

discovery
behavioral19 behavioral20
- Target
  
  $SYSDIR/avfilter-lav-2.dll
- Size
  
  135KB
- MD5
  
  80687813509ba2d2a686b2a401bb4373
- SHA1
  
  6b6d3d4540df94f0836830aae8624207f6427c0d
- SHA256
  
  7e4b9aca83143c0902f217f7c7b36fddd03868c4d637587247109fc0257f5ec6
- SHA512
  
  111321aaefba9f7cfc960f505bbb0f42cd5af6617fd4b34125b2ac34cd8db97b9db1b86de2fe41088f28cd439547eed5e6820b90eb5af796945c45fc0161d2a5
- SSDEEP
  
  1536:XfmRcmuw26XVEGmaN717CHlszMVRGti+dGF0Wd7yxqJRcnkEthQtZEGEilnYgMk4:uRcPwGaN717SVii+dEpyx+EBkr2b1P
Score

3^/10

discovery
behavioral21 behavioral22
- Target
  
  $SYSDIR/avformat-lav-53.dll
- Size
  
  983KB
- MD5
  
  6664880fb8eb8f673dbe1c523529895d
- SHA1
  
  b8a7e75d062c499f642bfb90e52b01b418b51afe
- SHA256
  
  1733932d9c61cd43cc7ca4179a9d568448371012cfb5441fcc1cc3da52dc03b1
- SHA512
  
  6cc1035e9676df1d95396da6a2c8020ec90ef3ea86890cbf815375705da78d80cbc5302462dce0daf6f46e8f6f10242c31daebcc8b85b295c69383b33c12c72b
- SSDEEP
  
  24576:DRfI2ULZqxageBwvSa2bwXhhNE0F46TUrAz7Qtd+sm4geTJNGmKJ+05:1fxxaN5a2EXhJK6bQL+sGeTGmKJ+q
Score

3^/10

discovery
behavioral23 behavioral24
- Target
  
  $SYSDIR/avutil-lav-51.dll
- Size
  
  198KB
- MD5
  
  33b73c93f73e7d2dbc2b23218e8d69e6
- SHA1
  
  137655c52cb513e74e35071df0560ab8a4164368
- SHA256
  
  dd2a525abafb589cf0e53f3f75da66d609fad986a0af74c38c9efccd8f064a5f
- SHA512
  
  7c5a91059b0599c5d5143746766c62e748d685c8c0247ee5bff870031a1d68e460b694f2a724a131cc119da68f72708a234f6534628eb2f75c887fe48df2d83d
- SSDEEP
  
  3072:VXteRjGeo1f6HzbQ0EQL5kEeiCTZ+GpKf/+dPVbXV78vbH:BtQKn1f6HzEWkviI7sfWdPVbXGvbH
Score

3^/10

discovery
behavioral25 behavioral26
- Target
  
  $SYSDIR/libbluray.dll
- Size
  
  168KB
- MD5
  
  fa71291abc0469ce3e42b0a5890265a6
- SHA1
  
  8e48fef43eaac005d7eba50a8b22afbac97a79e6
- SHA256
  
  aa98445ca90df63c5e655efdac4a6712a1d3488d10b72b6145418499aafe2a2e
- SHA512
  
  6e70a565553b051259878fcacb7fc0a9c8b347af36da3ae1a9c8733cb4c24dcc0c2e10304faea324172a5624f0b02eb9bdd9b8dab79600ffdb292de50374e3c7
- SSDEEP
  
  3072:3uFS67YtJlbIqEXEUNbbzwV55Z1my9T1sQYTD8w:3uFdUtIqEXLNnw5Z1muKQU4w
Score

3^/10

discovery
behavioral27 behavioral28
- Target
  
  $SYSDIR/mp4decoder.dll
- Size
  
  197KB
- MD5
  
  e8b4e9aaa5cc931b69401711506c6bd0
- SHA1
  
  e1321fe6483171207207802c5fcc85dd64e7375a
- SHA256
  
  8012aaf003cd11dcbbc7031a901fc876820672bdf0c6eeb83ea53bab0f94510e
- SHA512
  
  fecf59dc3a3d937e8b0ac2e46c4bb653a7f2c9980e6f44add839a49c68f07552287644ed508f74c8ccf4ab51dd753b09fbe9f350da23a45519d7cc8d77500dd7
- SSDEEP
  
  3072:CZGiO5QQqLFZH9NN8LAd1/hMjl7hWDq5Xs/c:Cu6QcFh9NGU1qJ74DE
Score

3^/10

discovery
behavioral29 behavioral30
- Target
  
  $SYSDIR/mpg4ds32.ax
- Size
  
  234KB
- MD5
  
  99f8bd46f424a2086a0821fde445902e
- SHA1
  
  341689b419e9bc2335b691748ede33b1aed5533c
- SHA256
  
  caa4262f53680c825484cf8613fb8cdff984c8c051c0f2f0f3e85becdf1258e0
- SHA512
  
  768760322ceabd0323e40dce8212ea1b4bcb6df12dc34beb42b67aa8b98d781b4582b718ae70043ae308b9e3a14864ad7cb5b779764c8934696dc89b8a0babcd
- SSDEEP
  
  3072:uT/B2YVFw+0oNZlobmKSylGynhyb+/qbN0HW1cBWkg083/A/X7sW0G+mZ5:EVG+jSbmKjphyb+ybN0HWDs8O7sRm
Score

3^/10

discovery
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32