28411261cb3f27081f910190d1c7742fb805185430af10131d5b39fd2e39c832 | Triage

Sharing

General

Target

a31156b8d80a68e8f4354c63e0747beb_JaffaCakes118
Size

3.2MB
Sample

240817-srlczssdqd
MD5

a31156b8d80a68e8f4354c63e0747beb
SHA1

185705e7d217132a104dc3f4ee12a72c7e8749ce
SHA256

28411261cb3f27081f910190d1c7742fb805185430af10131d5b39fd2e39c832
SHA512

33db65bf69a721be613316b729c06137ae4f323314b707f591b09f06f10dab2643f36742a457d04b5816e6e2aa795d78f01987ca173bd4ed0f0845279d2c96eb
SSDEEP

49152:a9r/Wx+GhZdsM+1GfhXM5uOMkbKH+1Ma6h2ZoHrkQb7MOBIfn2vrPLuG:ASgsdiM26+1MaO2iRTIv2vrjp

Score

7^/10

discovery execution

Malware Config

Targets

- Target
  
  a31156b8d80a68e8f4354c63e0747beb_JaffaCakes118
- Size
  
  3.2MB
- MD5
  
  a31156b8d80a68e8f4354c63e0747beb
- SHA1
  
  185705e7d217132a104dc3f4ee12a72c7e8749ce
- SHA256
  
  28411261cb3f27081f910190d1c7742fb805185430af10131d5b39fd2e39c832
- SHA512
  
  33db65bf69a721be613316b729c06137ae4f323314b707f591b09f06f10dab2643f36742a457d04b5816e6e2aa795d78f01987ca173bd4ed0f0845279d2c96eb
- SSDEEP
  
  49152:a9r/Wx+GhZdsM+1GfhXM5uOMkbKH+1Ma6h2ZoHrkQb7MOBIfn2vrPLuG:ASgsdiM26+1MaO2iRTIv2vrjp
Score

7^/10

discovery
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/AccessControl.dll
- Size
  
  10KB
- MD5
  
  055f4f9260e07fc83f71877cbb7f4fad
- SHA1
  
  a245131af1a182de99bd74af9ff1fab17977a72f
- SHA256
  
  4209588362785b690d08d15cd982b8d1c62c348767ca19114234b21d5df74ddc
- SHA512
  
  a8e82dc4435ed938f090f43df953ddad9b0075f16218c09890c996299420162d64b1dbfbf613af37769ae796717eec78204dc786b757e8b1d13d423d4ee82e26
- SSDEEP
  
  192:8SEWBGgiJM4LN+xq56XdNcNz/NWdlJmlyOcROQ:8SEPgii9KTzyt
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  14KB
- MD5
  
  14c212bb2fa90fe52a6424b955c86ad6
- SHA1
  
  9e94f8ad17ff9b6b31e5f029ee5f726e307ac8ee
- SHA256
  
  1854afccace3053dca2707b10609ea78a30f0ee853bdb9f251c076317ee53120
- SHA512
  
  d42fa579f93b98d1446daf3d0734c19838fa310ef27cd05344e25d9f86ba37a5fa1752236e5de4df7c9f414236538bd7431bffda126fb9c74fd112539de0e713
- SSDEEP
  
  192:Rc6JaVGQ+xI5EeuyvMmGpeWH2J5xprN+AxTPK72dwF7dBdcQOz:m6JaVh4I5rpPbTP+BdhO
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/LangDLL.dll
- Size
  
  5KB
- MD5
  
  7e856702410e5598296a9c056c273db2
- SHA1
  
  1711125771f4e364717079aae5e4419ac3d69a5d
- SHA256
  
  394d7d46b5e1ea621cfcc4f0bc8609d5ad8d42074186cddb737f3abe10874403
- SHA512
  
  34ae337e44a5ce9dd17e4c726977f895b90614e02df09d9db46d7e6905850b05b44a4951508c07272acc2683454c1bc949ee1f83e14592e7400bdeae2033c886
- SSDEEP
  
  96:wr7ZDGEQ9LJX6weN2TuXQ2lBiwag/npL:wrdULvEpJBiw
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  10KB
- MD5
  
  4c0c6163b636f627e0d505deda672c90
- SHA1
  
  2eae4e6f00673a03ae2434f1b22dc9218e4761a8
- SHA256
  
  bea71368433f91e32c597db990089ecb7599879f76a64f7f3446489578b2d5fb
- SHA512
  
  e817ad35f0e89ecce9d73add641d9eab95de6c6c30153e594673c8e0243e738a31dfb872cc76a8d51bc513775fc1dabc9adb65019298048539d6c3aa7d33e2ef
- SSDEEP
  
  192:MO6dJA/ruAFEiUdWWE6hE5RYUdJfbub1apgMO:9KAFERdlxhGRYUzqZap
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  LinkCreator.exe
- Size
  
  264KB
- MD5
  
  9f18f88ad53b4e424a118b06edaed811
- SHA1
  
  cfc2cd8ed8a57f5c67e9355a99b15bf7b6432c20
- SHA256
  
  dec5f9be2593e80a4f00e1290ce026eab7327ea89a6cbb63ef1558dee9fa5d04
- SHA512
  
  07960b4a7668f368dc111aece9b245c678af951778ef523ab34a5442c22f9c623c47e001bfee66250a5700e6ef05a9ecf7a1c0732531f466ad0a9b20b5f8ba1f
- SSDEEP
  
  3072:0qjwtKRVf/K5kMbQVnW97a6eNWyhL6O75eicVC6PR++A823cIKPGRL/jWg/UN8Kb:iIR9qbikJeNWcMicV1R++UKG
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  Uninstall.exe
- Size
  
  79KB
- MD5
  
  a8e3e8c5ba3d8492edf5520eb24d64ba
- SHA1
  
  f0948f66fb8731d7ce3fc9fbf91eede9bc9df50b
- SHA256
  
  268bf5ffc58ec8a3671def0dfd886b4f22caab1313fc961583db77ad99c4b2d6
- SHA512
  
  2d8837b2a147f0f9860e3dccb1c2cd8d7911423b52e20b0140d0be00f3f61ddf7a16c680f7161fe29ccdfdaf8802ae69c2ad0facb5a5e4b8c4a36851fd55e698
- SSDEEP
  
  1536:RPx/CJAmx2/W5Ebnto4tmJ5gdLeAyN9OSyooRUQr+TSk34ae6S:Nx6UW6tpmJ5ceAFTrPae
Score

7^/10

discovery
- Executes dropped EXE
- Loads dropped DLL
behavioral13 behavioral14
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  10KB
- MD5
  
  4c0c6163b636f627e0d505deda672c90
- SHA1
  
  2eae4e6f00673a03ae2434f1b22dc9218e4761a8
- SHA256
  
  bea71368433f91e32c597db990089ecb7599879f76a64f7f3446489578b2d5fb
- SHA512
  
  e817ad35f0e89ecce9d73add641d9eab95de6c6c30153e594673c8e0243e738a31dfb872cc76a8d51bc513775fc1dabc9adb65019298048539d6c3aa7d33e2ef
- SSDEEP
  
  192:MO6dJA/ruAFEiUdWWE6hE5RYUdJfbub1apgMO:9KAFERdlxhGRYUzqZap
Score

3^/10

discovery
behavioral15 behavioral16
- Target
  
  eMule Light.tmpl
- Size
  
  70KB
- MD5
  
  ad2bc4bafad65fcacfcf10a28ad0b9ff
- SHA1
  
  e6edcd270b98642120bc801d86404aa029619fb9
- SHA256
  
  1e8181d1c36472041ec0294de8e636ced4359572b696f264e40ae5368b52733f
- SHA512
  
  87e72ac7be006277d4655bc88be8dafbbf0c82710381c4d7f4bcf8c42647fe4512c9d56ec7a144a13abc84bddb244c8e22a8adcee2bbc50e85ead5385f3a45f4
- SSDEEP
  
  768:qhRMWI6lEQfXKM77c0Fpqe/EUGlfn9mbE:qpfnlF8e/EUGlL
Score

3^/10

execution
behavioral17 behavioral18
- Target
  
  eMule.tmpl
- Size
  
  112KB
- MD5
  
  457f731698ae8cebc9beacc51bd5c731
- SHA1
  
  350833e1c7e9f600d7183ecb17de2058d6734e34
- SHA256
  
  380fb92b65aef7c3e73ca944446c39142e2c038fd75adf8df2a92382dfbc3472
- SHA512
  
  52304312a1d7962f8a2bddc285daa9b210846558467659d87e892f223e713a20f9584a935da0dbf882b3fce45957d88d51d6763d30d71c2b0cb170e5e7cd6e66
- SSDEEP
  
  1536:JwZBdPPemqmymPWSOsr7Z7Eb38ju1ruI8kyDFQe/rUGlB:k3dqmymuSOsr7ZK38ju1uko/rd
Score

3^/10

execution
behavioral19 behavioral20
- Target
  
  emule.exe
- Size
  
  5.5MB
- MD5
  
  f3f709c2d49dd6636f4ede5c2cae5448
- SHA1
  
  8e0ea03e4c38199e10a2bc12db8b2df70484111d
- SHA256
  
  06cdf814387f627a4bd05a0c68211f715bfa952423e8e8a462e1f47c11a4d20e
- SHA512
  
  7a0df912b5ddc149d770260a2e1a3f55e58ac2e9ef02883e8baa08e79261075b82955bc8e57641bb2c16983abcada2581850fafc11b92a133605127bda80513e
- SSDEEP
  
  49152:/BGoXbyOj8LePLHcPPLRCAnyOTxP9DzE4GEATLHYiipKXePi9Wxmw7b4ZC1VTWS3:rEWLHcPFCv745ATLHY1kO6g0w7b0XiG
Score

3^/10

discovery
behavioral21 behavioral22
- Target
  
  lang/ar_AE.dll
- Size
  
  84KB
- MD5
  
  51920bb83259b54d268e4d111c5ab263
- SHA1
  
  8e1d1da4a11ef507e5cbf91016be136669fe0d19
- SHA256
  
  7b124389d2a034205aa85b05ec9436ecd61ac8c2589ef298119e49e7282d93a2
- SHA512
  
  62525d938c2457e2b568a6deb01c3211d3193559f6c887c47485741935584a906e96d3cbe9843fb246eb6a3c849dcde2de60fed487361d4c4e005e3eec055006
- SSDEEP
  
  768:0qUN8geFjrfdN5QAclIXUI+ubvtt3QtnC6ZqY+5dLtT:vU+geFjrfdbQAclVI+stlQtn1qVLt
Score

1^/10
behavioral23 behavioral24
- Target
  
  lang/ba_BA.dll
- Size
  
  108KB
- MD5
  
  2c9715affc60fa5e7cd7950b7060a75e
- SHA1
  
  8eb4da717f1ee5e47f76d5812950d5316d99e682
- SHA256
  
  0ac0bdcf8dc9c79b20c5b660bde3aff137cb2f91e53da97691cf9f65efee3ae9
- SHA512
  
  72072cd3420afdc8953919c3904da7be00796b675a2f6a8a10434b4c008877195dcca1331a62c056adb5101b6262370ccbf0032e22a0884a3d59d7cb9bd1ea21
- SSDEEP
  
  768:ZipnpsZHXGfhCf1TFT0laJfFyK/HJZtJ2c4CvMyKzobTfc/Aesxj7/nl6y9G2mjm:ZDfdLxRwfA4nf0F
Score

1^/10
behavioral25 behavioral26
- Target
  
  lang/bg_BG.dll
- Size
  
  104KB
- MD5
  
  3e18a8f704c1ebe14eff07f2ba1fe0ad
- SHA1
  
  a03f48923cead82c4d04a10a6289f585cb8bf815
- SHA256
  
  f81420bb6e3bfdc182a868946e198c5975a559d954714d182827d182885fabc7
- SHA512
  
  5d46246afc7183d37994615b1a3a96c20f75932b5234d627fb040c6c4551770d2d806a221dbe33a49e98a68bd07337aad86afb36a0431b856ea9dbf0017769ae
- SSDEEP
  
  3072:XkvrHEop8Xuo0X1XzD7DN9Y84/kdAgZfKa9DuxvOOTNj:Kz
Score

1^/10
behavioral27 behavioral28
- Target
  
  lang/ca_ES.dll
- Size
  
  108KB
- MD5
  
  33ba03e9234a391a35d396dbbde7895a
- SHA1
  
  ffe0b988481672c47ff7746496c07c1f15f6bae9
- SHA256
  
  787819cbe580ae0d072e32837710dea36ab5700fb551cca02a1ed550c17a9ac1
- SHA512
  
  31377e8be6fc12bad9f28648291b35a1fcef74c9f91f6c0fe431611a7e6cf37c41e2e3bc11aa4e8fd368b4c56c4758a5b62c3dfb847010d57b6a3a892706f23b
- SSDEEP
  
  768:lqmyq0wPjL/9VYxrr9UJAyHksmaWqOQ0brSXlB4HHiaj9+cQdHs1uiuoT7rnGJg+:EYYaACOOWtR1tuEnvBZmr4uL
Score

1^/10
behavioral29 behavioral30
- Target
  
  lang/cz_CZ.dll
- Size
  
  100KB
- MD5
  
  7e5f28343dfab3cff350d678dfeb4ff4
- SHA1
  
  7b221bf4b04b1513a5b428d430ccb6ce4365b32f
- SHA256
  
  ab0b4859a13e5a938d54978e8428739943696c6831401443a79fc385eca8713f
- SHA512
  
  646e3e1e872c6cc8c999b80cd139e598b3a1a80b04f0c560226a3b919bf18e219a7db269a3c2a20246261260690074bd79fb86dae269403350d1a05be17ff38f
- SSDEEP
  
  3072:Bc9pEmVDo5X4UeFlgIemywPc92wESuMF0j33+jl4d4TY46AicqLnDUme5gu:izBL
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32