ba06433033d955289c16e22468ce3ab721e7bbadb5a1562259df84ab1051d0e0 | Triage

Sharing

General

Target

ab1de07756c2a8a147dac4b3f6dbb37e_JaffaCakes118
Size

6.0MB
Sample

240819-p7fkwsvfld
MD5

ab1de07756c2a8a147dac4b3f6dbb37e
SHA1

fde9d3f2bbdba5a5bcc19a2206adcced5b8b00e0
SHA256

ba06433033d955289c16e22468ce3ab721e7bbadb5a1562259df84ab1051d0e0
SHA512

50abd635f2766eb93aca9abf35b5b1d5d8dfca82f4111eec695fb8d0abdd60d055baee25f9515b13528c845953cda32dc371a158f238419054d82468866b2176
SSDEEP

98304:U4HQbX85rAJHcGV7cPLO/giTbdW9Ky3JT0c39+uLcUnLhaj7+UvmxTZ5MRREc+:Uts5rAaKDYhJ0GLq7+UvcZ5Mgc+

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  155ɫվ.url
- Size
  
  219B
- MD5
  
  3a1f2a8a3ef08ae269517a69ea918b2c
- SHA1
  
  7d2e6719702bc8472e045e010efa6ed3f7df4b5b
- SHA256
  
  66eafefa8bb0155e60828476bde6068573fe64a4fd0aa052eba074dbe85d46cd
- SHA512
  
  22203a78192cadc02d0f887247675925273a69e3be82ec1a331197f892216a282cc8f37c3ffbfb578a708244181037277b8cc6a40d8ec70cdf0feac5d80f8576
Score

1^/10
behavioral1 behavioral2
- Target
  
  Lz0/keygen.exe
- Size
  
  294KB
- MD5
  
  3ca4f9807f899667763aee5586f860a6
- SHA1
  
  cf2c2e04c58bd3184cb62711de7f1ac4394eb01e
- SHA256
  
  60cbe928f0ceffa380e4981767447f1408dc88857d50443126b2eab99403fb98
- SHA512
  
  1f3a5c6987479756a0d999a279fae80086728968cd2164956d0270ef35e79f07f2f4fd7b5a368fba99be623336cf45bd850cfd4b1e42b644381b3707b06db694
- SSDEEP
  
  6144:HVBByNZ8juB1Z0ckuwAYVTmBPpqesBVwd6NA6kk7GOEHqY09ReWq9:HnByNwsWgPp3s9S6t7GtHqp9ReP9
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  j-dvd-to-divx-converter.exe
- Size
  
  5.7MB
- MD5
  
  e84972291a1c5900506418645d9bb260
- SHA1
  
  846762c46a540ab8a4069d18c644a9a791adbc89
- SHA256
  
  3e18612c373288b8c7c1ab1c21bfeea54239821eca3fdb385676eb4a7ff21bf8
- SHA512
  
  b6e91b6507e678cab4c27007c713e96fe8dd56079ec8c7622b617476f1db82b4c5329136d0d4c160b31c4fc5e924df16110db7a45a905668e38f1070634eb4ea
- SSDEEP
  
  98304:SRdmHSTpOZrwv7cyV1qvpOzKiPbVGFQiLlxs6/jGkloETfZcP1uGh6TrZNOF4Q:SDvQZrwoGpWVDs0p61uGhyZNOF
Score

7^/10

discovery
- Loads dropped DLL
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/ExecDos.dll
- Size
  
  44KB
- MD5
  
  c504f25c5a97cf266d873156f01ed734
- SHA1
  
  8c987df77971febf2a46d6c4ec889839e9db4c28
- SHA256
  
  7c19c603fb1898f0683edfc98809b66bc48dfac5f0dc342c480b26883bee3730
- SHA512
  
  6f212a04e399c24b46d9e87b87ee92ff44f211c37931811ea16ed38f21082d21f3d2160269f1eaf360920b85dc98dbc96bd65b64af89bfa480827ece25be298a
- SSDEEP
  
  768:MO/vXnX2aeysZoTLR1uDsMFoJGvtiX0B79JEcbqMCPlFd:MO//X2piLf+F26Y0B7XKl
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  15KB
- MD5
  
  572ae88572a13f691fe2e6c8781876ab
- SHA1
  
  06fc4442e3038bb74a6c4bf58cf3cec0e867cc05
- SHA256
  
  f95125d48352d4e31c4d85114ddd19e728f3a2d98fc629d1ff55c67770a6584f
- SHA512
  
  be58343f4c84c4f9456c5e068b03d4dd168e84eb39e65d15da4312e699e25f6f7a073ca8bdb8ce3317377349534a6df887bdae562d6b220857616c079dc108e5
- SSDEEP
  
  192:e4LbyYQDDUx1gf1CE0pvxbg9UasXVh6VT6Ur++Qj29O0phLAYFxOKRF3v6:9LbZQDE1g170bKUasXIFixippl6KRx
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  $PLUGINSDIR/LangDLL.dll
- Size
  
  4KB
- MD5
  
  9bbf0b6948ae83d0d322b6ab56e2ee9b
- SHA1
  
  b4c97bb3f403ec5f2c3773f21b452983a275d110
- SHA256
  
  8872c5b2372180371d535ca2a3e4c2a4b25791c6780e0d3836efa7568ede3109
- SHA512
  
  33f474257dddcd21835136422b59eecabb13fd77defdeae1520c4407a745948becfb45fc4dbecd1f674c120086fc5127106b5bbb211bb3a980c1c6a82fd3d638
- SSDEEP
  
  96:pCcEEo6jAnINBl2hN9LvAEPJ7PZbye+Ptk2CmqG:fE12AINsDbjPlVytW8
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  $PLUGINSDIR/StartMenu.dll
- Size
  
  7KB
- MD5
  
  7bd043fd072c055f6bba11dd9143aab1
- SHA1
  
  350ee699dba96e24ad53579089501099e3006321
- SHA256
  
  5cd18c55fdb5e578338376855e2af4c5a93d80e8a5cd36ed562ba5789f486c91
- SHA512
  
  a56a318012a47d2fa050e64626acc34ffa709a296e37472f05ad672111b93bffa9ab43e9db58a1441c40a52f2bf76ee20b7375bbbe1dffc51f9e27c1e5da8bf9
- SSDEEP
  
  96:SOZfyXU0CS84RldcJsoaSpv2cNWF+Z0JBakCTRyXvXtJFqJeg:jqXUEdcJl+smBanRQdJFIe
Score

3^/10

discovery
behavioral13 behavioral14
- Target
  
  $SYSDIR/MSVCP71.DLL
- Size
  
  488KB
- MD5
  
  561fa2abb31dfa8fab762145f81667c2
- SHA1
  
  c8ccb04eedac821a13fae314a2435192860c72b8
- SHA256
  
  df96156f6a548fd6fe5672918de5ae4509d3c810a57bffd2a91de45a3ed5b23b
- SHA512
  
  7d960aa8e3cce22d63a6723d7f00c195de7de83b877eca126e339e2d8cc9859e813e05c5c0a5671a75bb717243e9295fd13e5e17d8c6660eb59f5baee63a7c43
- SSDEEP
  
  12288:fJzxYPVsBnxO/R7krZhUgiW6QR7t5k3Ooc8iHkC2eq:fZxvBnxOJ7ki3Ooc8iHkC2e
Score

3^/10

discovery
behavioral15 behavioral16
- Target
  
  $SYSDIR/mfc71.dll
- Size
  
  1.0MB
- MD5
  
  f35a584e947a5b401feb0fe01db4a0d7
- SHA1
  
  664dc99e78261a43d876311931694b6ef87cc8b9
- SHA256
  
  4da5efdc46d126b45daeee8bc69c0ba2aa243589046b7dfd12a7e21b9bee6a32
- SHA512
  
  b1ced222c3b7e63e22d093c8aa3467f5ea20312fe76a112baed7c63d238bbe8dee94dfe8f42474f7b1de7aa7acb8ba8e2b36fdd0a3cda83ee85ac9a34f859fa4
- SSDEEP
  
  24576:Tnc0xa+xDaWhzSenZncQfT0ExftQqDEu:Tn7VxWWhzSenZncQLVxft5DEu
Score

3^/10

discovery
behavioral17 behavioral18
- Target
  
  $SYSDIR/msvcr71.dll
- Size
  
  340KB
- MD5
  
  86f1895ae8c5e8b17d99ece768a70732
- SHA1
  
  d5502a1d00787d68f548ddeebbde1eca5e2b38ca
- SHA256
  
  8094af5ee310714caebccaeee7769ffb08048503ba478b879edfef5f1a24fefe
- SHA512
  
  3b7ce2b67056b6e005472b73447d2226677a8cadae70428873f7efa5ed11a3b3dbf6b1a42c5b05b1f2b1d8e06ff50dfc6532f043af8452ed87687eefbf1791da
- SSDEEP
  
  6144:OcV9z83OtqxnEYmt3NEnvfF+Tbmbw6An8FMciFMNrb3YgxxpbCAOxO2ElvlE:Ooz83OtIEzW+/m/AyF7bCrO/E
Score

3^/10

discovery
behavioral19 behavioral20
- Target
  
  ID3Tag.dll
- Size
  
  104KB
- MD5
  
  2aa396ff4b6b5bf81d46f3daac864109
- SHA1
  
  a8ef0698ef76c8d0ac0644a10a3c8d397d3c67c2
- SHA256
  
  d16b1c48a14059341ca9f61ed5235e1e12ffcd47bf9044d6afb145179f67bd51
- SHA512
  
  239f92a28c40c5bd092d696eaee1946f523eb6775a1442ad643e95d75b463a523f629e01743d7a29b57b82757c05cd0c1c0e2d2062825d78966c72ebd2774cb8
- SSDEEP
  
  1536:xoLtH9b3oyoff/2OWbATufGgA5TKNnX08Sta1VAPRovlamkeQ:Qt9b3fofy2uRA5enX08Sta1VeRovlD
Score

3^/10

discovery
behavioral21 behavioral22
- Target
  
  Uninstall.exe
- Size
  
  64KB
- MD5
  
  f1a6609ff28882fdab03a5dcf12b6b20
- SHA1
  
  3bdd9290093cbae2c1a2a355c14fa991f6ca1aaf
- SHA256
  
  0e613e03520c6243070779377f6844b1fedb1ae7d575a30e81be0d1929bdd644
- SHA512
  
  e234df24132a59ea1c3c0ea534eaab50552a38737cbed8f0b7968a26cb3fcc66cd28f577641faeaeae8cc06216fa53e9847a8ebe5f1ff9342923d6909a2f308b
- SSDEEP
  
  1536:iCzsp2FUI4Jf17ltK1dVMrPOczXzI/OEH0sfM0/DikFZgfMgNXrG:iYsp2z4JpLaMrGcDzIGsfM0/8a
Score

7^/10

discovery
- Executes dropped EXE
- Loads dropped DLL
behavioral23 behavioral24
- Target
  
  $PLUGINSDIR/LangDLL.dll
- Size
  
  4KB
- MD5
  
  9bbf0b6948ae83d0d322b6ab56e2ee9b
- SHA1
  
  b4c97bb3f403ec5f2c3773f21b452983a275d110
- SHA256
  
  8872c5b2372180371d535ca2a3e4c2a4b25791c6780e0d3836efa7568ede3109
- SHA512
  
  33f474257dddcd21835136422b59eecabb13fd77defdeae1520c4407a745948becfb45fc4dbecd1f674c120086fc5127106b5bbb211bb3a980c1c6a82fd3d638
- SSDEEP
  
  96:pCcEEo6jAnINBl2hN9LvAEPJ7PZbye+Ptk2CmqG:fE12AINsDbjPlVytW8
Score

3^/10

discovery
behavioral25 behavioral26
- Target
  
  aspi/aspichk.exe
- Size
  
  240KB
- MD5
  
  0b83742c67d20758c2262c467abb3bf9
- SHA1
  
  fc3533fc5bbab708b4683664a557edfe9c6ad8b8
- SHA256
  
  23ea8e1fd840c93181f086355c69f6d0b095569c537d755dbcf35d99355cd614
- SHA512
  
  fca359104fc255e87a3871241473ed8a1b4aa16cb51e85d9d6aae7ca6992ea70c97aade4bf2e4a1f658b77f3e1fac8b1c07abc19293cb3f87abf476ee0e948b7
- SSDEEP
  
  3072:aN36ryhf1iyxn/cFVZC+/RNYBfX/hXGR2hqd48Jgo8xg8AjoPvLBuQ/M:a0kIyxUFXCGURqL3cvLBuQ
Score

3^/10

discovery
behavioral27 behavioral28
- Target
  
  aspi/aspiinst.exe
- Size
  
  64KB
- MD5
  
  1094d113e10f70607000efac3c974761
- SHA1
  
  6007e2b97d19199db51f5f95c99ec04179dfca13
- SHA256
  
  878327d38dc71ce422e18fe5acdd6a26a11eff56bf8ce428edd63d42491a653a
- SHA512
  
  da070f00b138f3828d1c90993a215761963e3f7f5c88a44d45e62b44bcb0022960110f69952b80ef332f8b2d4027042282c0d1487c651787e39383867fcdeb8e
- SSDEEP
  
  768:mz9p+8En/UJV9osiN/ki/1XHjZ48SAj1b4FJD4oGpgQ4co/4:m7+8EgSPN8i/FZ4VfFJMokL4co/4
Score

3^/10

discovery
behavioral29 behavioral30
- Target
  
  aspi/aspixp.sys
- Size
  
  16KB
- MD5
  
  54ab078660e536da72b21a27f56b035b
- SHA1
  
  4ac7a5f0fdb1ccfb7ba0852142ea33b74fe60d9a
- SHA256
  
  41fa4d644ebc12ac8768d3d0ec12ff4e31fe0a7fe5e049432132710a1ed4e500
- SHA512
  
  fcd360a26b00bc9b37323026a0bcba0d1d2c4c8926b90938bfc77c8c263180d0e8fa49c3806f7cdb8e715dcd2f1d5b20b2bf1733229228997f84e4da8094b674
- SSDEEP
  
  192:dPJ2QPQQcF79KXSPxpcMYmrSLOh3ciAfXRlx/OQ3mVTpNDNUEeIT1UGbiVghQRum:d7PQQcF7KS5PAPRlxmQoN2GeVg1T
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32