45b5b444fb9c51207474a3d3baa9062056ce5f44d4f092930fc68e06da6f8faa | Triage

Sharing

General

Target

a5357b01647400c898692509e56e70e0_JaffaCakes118
Size

5.6MB
Sample

240818-dz2mlssgnb
MD5

a5357b01647400c898692509e56e70e0
SHA1

c1ae3aad7341eed321a8e8880e6853339355f013
SHA256

45b5b444fb9c51207474a3d3baa9062056ce5f44d4f092930fc68e06da6f8faa
SHA512

61ce28a65e42ac63a481e5c33ae30f647ff44a73baeb7aa1d71322f6bbcb6c53578fa7bea209fb67b379dc9a3a0ad10987137e8362a3943f7721bb37c90caf23
SSDEEP

98304:xSkZo0qPks6qC+a26DWmgenA2y/LfhNeNmyEH3f8rRZG6Y1vSkIsQlN:4M6fTCD26D1nH+NN4zEXb1jZQ3

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  a5357b01647400c898692509e56e70e0_JaffaCakes118
- Size
  
  5.6MB
- MD5
  
  a5357b01647400c898692509e56e70e0
- SHA1
  
  c1ae3aad7341eed321a8e8880e6853339355f013
- SHA256
  
  45b5b444fb9c51207474a3d3baa9062056ce5f44d4f092930fc68e06da6f8faa
- SHA512
  
  61ce28a65e42ac63a481e5c33ae30f647ff44a73baeb7aa1d71322f6bbcb6c53578fa7bea209fb67b379dc9a3a0ad10987137e8362a3943f7721bb37c90caf23
- SSDEEP
  
  98304:xSkZo0qPks6qC+a26DWmgenA2y/LfhNeNmyEH3f8rRZG6Y1vSkIsQlN:4M6fTCD26D1nH+NN4zEXb1jZQ3
Score

7^/10

discovery
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  12KB
- MD5
  
  29459d9ee2bce32ed937fb1f965f9d5e
- SHA1
  
  8fff45ed45f3af8f8c248eba9a1c02c9c5fc911d
- SHA256
  
  ad07968b7d93ef19e10e1deb52e0c912e96dde30c0a49a0239daf176fd4c9ef5
- SHA512
  
  d4ef4eadb0f53e7086a1d242bf7f745ad79d83d9ecbfaa283cf0dd499271a804589a575040bb20d5c98e86197cc65ca05ab1a358c556ea82a3e297d0255015a6
- SSDEEP
  
  384:oKlm7i+c3QW6ckPhyDEaLnH2bbBBIXwZ:dqi8BcyhEhLWbbTI
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/StartMenu.dll
- Size
  
  6KB
- MD5
  
  60b3aa18a9bab5423f7ef1ef117a0393
- SHA1
  
  bdd9bb4dcbbe89e1a7714fa81763e48efeb50de7
- SHA256
  
  f06829ec459b4bc336a7602caab332d235bb9f1d2f127d867d98b74b573bcf4f
- SHA512
  
  30410c9f4d9301e6882f81ece5da28790fedfbc42894674bc56d84fb97f256469b5ada323b19c8feabc41f83184f23c81af6101e9ce9f2eb0485cb51ad0ae5d0
- SSDEEP
  
  96:71C0Qaep2wbE+WH1/FMXF6CGQhFzK1KQ59nhElMmV4d:Nep2w5k/FyEtFgN
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  10KB
- MD5
  
  05e52213cfa17dee760186462a9645ed
- SHA1
  
  f6d5e82080bbba65db7d54e89250c95af833aae3
- SHA256
  
  d9d3ffa4c7d7a152f435f4777e72aa1b6a6c0555f277e59eedebc587c3b66ba5
- SHA512
  
  586eea0bec6345b437667ce528bc2396427dd444a396456e38046a8962e92a52e7ee62b9f6c97f41bc1fb4a1b3905a302d6f7055e26b84e60709ba3b416ad172
- SSDEEP
  
  192:GOShJI/rmOAIPkWpUybQ9WhP4t5Rwc89XbubZav5:X6OAOkWWycGP4XRwc2qFav5
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  Jigsaw.dll
- Size
  
  920KB
- MD5
  
  6ca2058153f21bcfd13eebc1bcf06924
- SHA1
  
  9b8ae9f3d5914d21389fe0524ffa4f1818852997
- SHA256
  
  645e147e8df75f5e59cf9d3cfd0d485016f17c272f4b11b3c65eeaef4ca60ae1
- SHA512
  
  60aa77d56ce7a8601c415125301d1a973eabb8d3e0c88b442a117d4b7114861f8bdb464edd97cbd9dc2f01f85eb66bb8cc08102d24bbec6ad1290b7aca86d8db
- SSDEEP
  
  24576:x98II/AtuoiYFeaK8S8HyPKZipeth4a7TOZVtuOef6wwwwwwwwwwwwwwwwwwwwwa:x98zYhFeaK8LiKQpIhdTcd
Score

1^/10
behavioral10 behavioral9
- Target
  
  JigsawBeachHoliday.exe
- Size
  
  2.0MB
- MD5
  
  6db593956cd4b1465c3bd3055e90820f
- SHA1
  
  016a333ffcdf75e742bc0ea05c4d41be3e96ba56
- SHA256
  
  c9d7823fb78db5a1918162470529ea55cae6590d2433a7872774954896b0406d
- SHA512
  
  27c1a0d7e3c917a55451dda77eff2ac0b88c335a5c026359636cf58384c8686a9c1e2d5660a67d4929f958162bc2c90d6b30685bf65bee85f9cc4d49ce3f9724
- SSDEEP
  
  24576:vSN03yz922LQa65Pis/DQ223qAvSfFg3tqzjMGrUFxj/zvfWRA//FjisdzkWGB9:40iz9Wa+6sbQ26qA4YWILj/4V9
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  Uninstall.exe
- Size
  
  89KB
- MD5
  
  9111cd15ae20e9466f9f849b7af57ca1
- SHA1
  
  416420588d49d2a12ad61b6bac94a22be1e1c7fb
- SHA256
  
  226324be5f0a18c000a6ee22f7083eb4997a10b5778e274fd86ed876e94ad8fd
- SHA512
  
  ffc4bbe5be308fa36a33678616025a6af3d7ae4b15eaa6991d082ba8d89a1fb5c39bd961f776aff532f2aec88238b699eea20dfa1132a5ce80da32f3613f0b48
- SSDEEP
  
  1536:sUqBWUSFNrdN90DukJrXVXmXeUv+yLPrulXytFDOpFAM:PGW3B+DukJrF2OorLDulibE
Score

7^/10

discovery
- Executes dropped EXE
- Loads dropped DLL
behavioral13 behavioral14
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  12KB
- MD5
  
  29459d9ee2bce32ed937fb1f965f9d5e
- SHA1
  
  8fff45ed45f3af8f8c248eba9a1c02c9c5fc911d
- SHA256
  
  ad07968b7d93ef19e10e1deb52e0c912e96dde30c0a49a0239daf176fd4c9ef5
- SHA512
  
  d4ef4eadb0f53e7086a1d242bf7f745ad79d83d9ecbfaa283cf0dd499271a804589a575040bb20d5c98e86197cc65ca05ab1a358c556ea82a3e297d0255015a6
- SSDEEP
  
  384:oKlm7i+c3QW6ckPhyDEaLnH2bbBBIXwZ:dqi8BcyhEhLWbbTI
Score

3^/10

discovery
behavioral15 behavioral16
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  10KB
- MD5
  
  05e52213cfa17dee760186462a9645ed
- SHA1
  
  f6d5e82080bbba65db7d54e89250c95af833aae3
- SHA256
  
  d9d3ffa4c7d7a152f435f4777e72aa1b6a6c0555f277e59eedebc587c3b66ba5
- SHA512
  
  586eea0bec6345b437667ce528bc2396427dd444a396456e38046a8962e92a52e7ee62b9f6c97f41bc1fb4a1b3905a302d6f7055e26b84e60709ba3b416ad172
- SSDEEP
  
  192:GOShJI/rmOAIPkWpUybQ9WhP4t5Rwc89XbubZav5:X6OAOkWWycGP4XRwc2qFav5
Score

3^/10

discovery
behavioral17 behavioral18
- Target
  
  aminstall.dll
- Size
  
  124KB
- MD5
  
  2ec42398e55da7ef94b72261b9a598ea
- SHA1
  
  ebb8ea2af408b985117930b214b3ac9fb9bfb27c
- SHA256
  
  a5240dd109c8721f3d8b0279375dff0044c5461cf68306eae9267fa122f0caf1
- SHA512
  
  c5532c8f7628c56f2aebd311261202b3764d1a04111dc90040de9711f7df49dfc71fd9b674b1d9251052bafec0b6dff9f9b49ec79fa2fb484fda7891905edb77
- SSDEEP
  
  3072:N5ejXjok9otaxPAWe3TBfywbl0UjpXwtep6+BR:N4jMk9ot0AWe3TBJeUSMR
Score

3^/10

discovery
behavioral19 behavioral20

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20