6ca130ba72f20992d5755b69cd67a807c86bd7884ae4e3dc5440dd668ad1a583 | Triage

Sharing

General

Target

b03f74adf77cf993a0867c89a6203de8_JaffaCakes118
Size

1.0MB
Sample

240820-wjy6nawamh
MD5

b03f74adf77cf993a0867c89a6203de8
SHA1

9d80728595beba093463c3702d08d60eb32ab03b
SHA256

6ca130ba72f20992d5755b69cd67a807c86bd7884ae4e3dc5440dd668ad1a583
SHA512

ca59130f70e4b8228f55df287647faddceb5cea4ac702c898ff9d757d4d20598ec92e2fdd50a29c5b75ba53704b3ec84127bee1302803aa124c17ba059dbbade
SSDEEP

24576:DCccaofUD+Ik/LS8kOe9bF2FuV2yzc/4FE5TUxk7WvLwmFPC2:W/BMDWTkEQ2p/4e5TUa7Wvc8t

Score

6^/10

discovery execution

Malware Config

Targets

- Target
  
  mircciOper/QueryAcceptor.mrc
- Size
  
  7KB
- MD5
  
  5fc008ff9b9a5f0d80d9edbb04795b4f
- SHA1
  
  c9f2a5e80a737bdc9bc904fdcaac28e5957bb208
- SHA256
  
  005dde8010a8d0d7581bc6dfe29114688d647c8e08bc124376142a28a045f9e0
- SHA512
  
  ce3fcd8ba354cc3fbc2fb0635467b43a430cf0e306a4f45e66b9f134d2b582fa7d408070d4bf21406d46d650cf92a0a594e7c4938be5cc7cb33cac9172151468
- SSDEEP
  
  192:C2jDNKyNCDNO525b5XlXXSHUJq42ByX86SQw7gnxMKPMs:C2jDNKyNCDNO525b51dq4eyX86bw7gxd
Score

3^/10

execution
behavioral1 behavioral2
- Target
  
  mircciOper/fp/airc.dll
- Size
  
  50KB
- MD5
  
  6e770f5027e8060f4677d5060244dbc7
- SHA1
  
  958b0295f132ae2cdeaab387f099ef766694b3db
- SHA256
  
  f637afd27f169d1eec09f313f3cd1560478a1fb5fbbe7e21b44381b105474efb
- SHA512
  
  f6f9040f501197399ae56cd44d42a7e997a2419018716a94bce4a763a1f5e4846a63979f326e8dbf5ad2510e92942cec8910ee0c8751a91a1d72a2446f751b9f
- SSDEEP
  
  768:qUZ3LFYogiwMlqhkmmfwF4uXqF7/t9W6wjwY0e7j0RfWZizgeTV3KHZKjvn5rLsN:V3msLFeioxfiwFxfFAgJ0o0PoY5m
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  mircciOper/fp/flood.mrc
- Size
  
  105KB
- MD5
  
  b4820d367f54723277fd299ae48f1e5b
- SHA1
  
  310720c1c2862c49734edab0c4d3aac71f358984
- SHA256
  
  ad2c422719bfd173f514b5855fd596694d2c132860e7951b83461a28754da573
- SHA512
  
  dbc483d778cbcc05f2f6fd899900622a928d2c42e6c1039cf176b59146771a409ca976155420c85796b4928699ca02c858809886a49d78ac6337525f244fc8db
- SSDEEP
  
  3072:luIyCMH1aJCBYPqqL2SiC7Yr2ZOPweCsj1B5Z8+8PGPyEX8udCsAHLpEHLr8N8ay:32O2f
Score

3^/10

execution
behavioral5 behavioral6
- Target
  
  mircciOper/mirc.exe
- Size
  
  1.9MB
- MD5
  
  d20dd1be97ee43da4e7efd0030af834f
- SHA1
  
  12f926bc76402a564e6cb49297651273ac742dd9
- SHA256
  
  96a27f0a8fe9566e230241cd7f06a43ee9be2adcf160df99626cd584b4806b3c
- SHA512
  
  0bc965e3290c817680a6374ed486462d30d439d4462929db5fad935aa481fde7e16063f7e450664ce47a90710d48a7a3268256ca97339c0307acc8427e20af94
- SSDEEP
  
  24576:vu171jcC5n7rnCr7idVXDyOf3yz4yr3sjOGDhwYnbwCM/6nfxJBUk/uzP5NCbi9e:AJzV6ZqbwCMifxJBuv6X7CKT
Score

6^/10

discovery
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral7 behavioral8
- Target
  
  mircciOper/mp3.cs
- Size
  
  28KB
- MD5
  
  aa8435af14fbc7eb7c3781178aa1e6a1
- SHA1
  
  63e23717e19b2f66e0e9ab5421070ac4fdca6ba8
- SHA256
  
  ece9fbd3ab35d812b2874b12323da7777efed7196ba378c2f9848f0fd7e5edf8
- SHA512
  
  f2d9e449c13e8e3eb72b0ee95e5d550982efcc24d67e6e736fa51cb45dd879b7e9ce633e83635a0ace3ebf5c6c24852c583182135272a69665e21a97fa3dc10f
- SSDEEP
  
  384:JJGtTvjcqpp424BfpCBSsPRwjMGh1Fr6RBoGqqSzOfnth8hUJVm3XVYSRkdbpU0:rhBpCBNRwjtAbonqSKnUhpHe5U0
Score

3^/10

execution
behavioral10 behavioral9
- Target
  
  mircciOper/script1.cs
- Size
  
  28KB
- MD5
  
  42755833e001b757925dd9088e6093d7
- SHA1
  
  f7ea4ac54c93b5a18186bb65eb4b3c0b2c1b1bdb
- SHA256
  
  8d91a6c37b05e88d951cdb0bef697a02dc350684e588cacce86c26c1fce8afa9
- SHA512
  
  4e4c869efe9b1747a557c891c9893fbcb39e0dcb420ba5bd0cb0e2323cf322e691853e210ee80a3bef161eaacd5e96cc4a57c7697a03efbaeebb08f8e419d1bb
- SSDEEP
  
  192:9KQStRqaaytZqA8bQ7uw95O+TiCvw6oui+MTd2bo1urIL5lpJQm/yRTv2vxRXVh0:9QtRqaay97uw2+OC8p8VIL5DJxcD
Score

3^/10

execution
behavioral11 behavioral12
- Target
  
  mircciOper/script10.ini
- Size
  
  34KB
- MD5
  
  bff37d4a1ea8b9ce2a77500142ce5e9b
- SHA1
  
  1c496145f1587382ddb8990c7fb4e52be1013dd8
- SHA256
  
  d85b969adebcfdc53cf83de00725ce099978eb06ea6c5cbde7ad083ca0ed5021
- SHA512
  
  fd112c57e371c6c5fad4b08bcacfea44892d8fd43dfba5031240e9679c126663a5ff4ecfd20501aaa9318378f87d204f53f1aa326c54a4ba17328cf717f3150d
- SSDEEP
  
  768:LE5KJyK5M77QxIOxmDgIcQ8vhk7s0xjOHy12coB9x3lT1K9PBPxOVMa97icMvz8V:LE5KJyK5M77QxIqmDgIcQ8vhk7s0xjOL
Score

3^/10

execution
behavioral13 behavioral14
- Target
  
  mircciOper/system/aircdll.dll
- Size
  
  7KB
- MD5
  
  a5a89aa4675cc0b19ffa0c4f8941a980
- SHA1
  
  f52e65747bba0bde86062dd7e3e25a50ec854025
- SHA256
  
  c213a2ceb0d308a11c2e8263085fc56a48991fe23062f7244913eb4c2adcd9e0
- SHA512
  
  12df65853295c67c2904cd9c688df49b34571a57a31ed72fd3640fce765d0479f7a9fe03c8a30a89ef46d2cc033589beef5408c7b53da8720934ca0b45a0e7cd
- SSDEEP
  
  192:BuZeFRKax4tvtOHLCfSqpVoPovF0rzm2E:42Kax4tvQH2z0rzmv
Score

3^/10

discovery
behavioral15 behavioral16
- Target
  
  mircciOper/system/bots.mrc
- Size
  
  10KB
- MD5
  
  9be8011cb7cc074649d1974623c9b4de
- SHA1
  
  6ca9e521b92af63607c517a82deae74356640da7
- SHA256
  
  a94f9581b1dfaa00018854e124ea41b449caf3194240ad28bd10ca3f94c492b3
- SHA512
  
  cbd329349f3df3cd25d694136faed5dc7eb0b3b00f4666592a98462b0c54b865192e5826340ec2dfe21ecf0bf40dfa573315ff1a1d25bf85687b28cb5dcaf723
- SSDEEP
  
  96:oWRImzxn+PUd5iSajsPFJiz7moyEP4zBjJnm9Dz9dPP4m4U6tkZk3:/VY7SaoPFIvm2P4Vjw9n4m4U6tP
Score

3^/10

execution
behavioral17 behavioral18
- Target
  
  mircciOper/system/yedek_bots.mrc
- Size
  
  8KB
- MD5
  
  2c53958fa2f4e4f878a98711888ae7d9
- SHA1
  
  ba8cf70a4ea27b5408b04228484e808edd017acd
- SHA256
  
  3d8c84db2fbb7218f8f5179297381b6468953879cf2796d0c1cc697cceb4f807
- SHA512
  
  a9b611501d056d26ef59416ee7bfb95b84c2cf12447844026430272baaa75f376c9ad46c394643b85f7a69a05d1d13ffbc9f1147d27b4016722226b9622ec4b2
- SSDEEP
  
  96:oWRIm1xn+PUd5iSajssJiz76bEP4zBjJnmWz9dPP4m4U6Z:/LY7SaosIv6AP4VjwA4m4U6Z
Score

3^/10

execution
behavioral19 behavioral20
- Target
  
  mircciOper/tbwin.dll
- Size
  
  25KB
- MD5
  
  020145a70e97d7eed4ec42c928d649b3
- SHA1
  
  c8ff58a026d93840208e134e9ba39253d16574c7
- SHA256
  
  5280164143d0a28a5d0ce575d6d9c87e35851dba62b00d144e415b2fe62461c5
- SHA512
  
  2d215e48e8791be9e94478b661149faaf1b49493b6f3fc7c7980fc2dbd22dadda59b3776dacfc76464a7a495f1a17c30d801ba7f0b52a7ea77398afecc802d55
- SSDEEP
  
  384:B6+dk+CyqM+7Q1szyezdAySqHBC+8pQk7QYaBJZns7My+jFQI3CUtztcqEXUD:B7O+Rq7E1sz79C+37ZyDGCwq7
Score

3^/10

discovery
behavioral21 behavioral22
- Target
  
  mircciOper/webview/BARS.MDX
- Size
  
  25KB
- MD5
  
  16967b88e1699ff881999b423a916fb9
- SHA1
  
  c614f8077e7ec04311077158b3800fe42f92d759
- SHA256
  
  b6dcb56cc9bcbfabb0a5b725ccf396c52e8e320dc1e71b5915cedb8f83cec2e6
- SHA512
  
  b63dbaa521d15480d971acc78287392fcf317e3ebb748e8bd199ba8509fb99f623428c4a23216034e466dda987b29cd9799389b4e7c6741d58f1e0fb080b71b2
- SSDEEP
  
  384:byPAKTj2P4lAMxKb+aPkXUwb/Rkcds80OZqG24hMotbP1Pfcx0GZEMy3:MAKTj2PtM0wdbG+sWQd45xXa0GmMy3
Score

3^/10

discovery
behavioral23 behavioral24
- Target
  
  mircciOper/webview/CTL_GEN.MDX
- Size
  
  33KB
- MD5
  
  b1dd704e30c3d40cbc10ca122815f852
- SHA1
  
  976584979bec7d15d725603cc5fbe34c8e02d58c
- SHA256
  
  b1755f336dc45ca0489a3bc6528f0f167e1b7bb4334ef2185cfe295a7786c6e6
- SHA512
  
  7f2133771bec56f9032746aa79b3996b66d4c0393a08105b0ab1d6dbc3f6fdac72dc2048b354c34d845b2e90c2dd8a88888de50932671e29f3bcafbb5f1d9058
- SSDEEP
  
  768:2hKuHTWsHs99wk5I0gd1Tp3Ns0lN/wfHJfu:UKuHTWVwk58dh7s0LIfHJG
Score

3^/10

discovery
behavioral25 behavioral26
- Target
  
  mircciOper/webview/MDX.DLL
- Size
  
  41KB
- MD5
  
  901479fce8b78f9030c20a8f7a236e25
- SHA1
  
  4bfc1c28fecbe899035a0d3d66b72a0f7e709cd8
- SHA256
  
  50f52db4ded447793b13aeeaf26f41f6547c2784443fafd7e4d43758614c33bc
- SHA512
  
  dda26bf97cc75609bb95d087164cbaca1976b133871899bf974bda2975550719501a8ea9c093d8591a5c87819ec081c2fdf30a10c4305a230fb9de134154bd42
- SSDEEP
  
  768:YGAYTiNNsvUXVgbtW63nzIWCqjd9pRiuTNlF:DTWNs8lu13ndNjDpRTT9
Score

3^/10

discovery
behavioral27 behavioral28
- Target
  
  mircciOper/webview/VIEWS.MDX
- Size
  
  52KB
- MD5
  
  89ed144eeebefc83d7b3ec05d9908d69
- SHA1
  
  1bfa9e9997dbf30e02bbfee536bc1e139d9fe16c
- SHA256
  
  0269dd2300145e8e8eb307093ff767b59866854babda97d0ffc83e26cdf71e07
- SHA512
  
  d8f61808ff2f3915de8b4453dc869fa839130e565fd1386ef4d6a84f298497bcc8ed9a02d7557c66cdd996baf3d4dc483c994069cc95d1199f951ec0c7c8003c
- SSDEEP
  
  1536:gGTNxBzEB498+GJ0dMYoy8xP0EPPX9VlF:gGTNivgoL9Vl
Score

3^/10

discovery
behavioral29 behavioral30
- Target
  
  mircciOper/webview/kTools.dll
- Size
  
  48KB
- MD5
  
  6c05f0f7b96b706bf04c1c5b1e2989b2
- SHA1
  
  376ad84fd032afd39f3e15ee2aab5e3be4cd82d4
- SHA256
  
  e2031c38c8a471b3fa9df01ca22f9de83f4f9a2e3e6479ac1835344ed276a946
- SHA512
  
  41e9362ac2b6b1b6888d7b4a822fae659ff079194b94323751a0656b99462a366c7a11a35ba43b43cfdb1769315d61b5c8df84518c9d6eb536a6b14a5f49e8b1
- SSDEEP
  
  768:93So/sfQAdzCyS1H9HF1JT2z71mMVtws53Yg0ElSe:93gYcznq9HF1JT2/wMwsFj0gSe
Score

3^/10

discovery
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32