8ffc036085a9e465fa52366aa43cd2a862c2a78c145425338dcca3db2f3158f4 | Triage

Sharing

General

Target

b37e3a05697abfe4e8a82ba16d387e51_JaffaCakes118
Size

6.4MB
Sample

240821-pxewlsyfmd
MD5

b37e3a05697abfe4e8a82ba16d387e51
SHA1

a4a5a5cecef4d3bae5ce5ae01cdb3f88160e8a4d
SHA256

8ffc036085a9e465fa52366aa43cd2a862c2a78c145425338dcca3db2f3158f4
SHA512

13a0ca799b4462ae3ec4c41369f23cc718d70adf4e4fde0fdbbc2af4e1ab41e6c18019ec8b363036449aa2c660d759f76342dcbd3666f9d5456372136443190b
SSDEEP

98304:dc7LdIWnu058PUYgwdnTH19+1CVroXH+vvsNxWvjXnLZpcrdu3UE8zZeBh3nr:CuWnP58Pz7b+1DH+vESnoyUHtmF

Score

7^/10

discovery upx

Malware Config

Targets

- Target
  
  PSPsetup.exe
- Size
  
  6.5MB
- MD5
  
  aafcfbd9e9751ffa14fb63eea1a2a21a
- SHA1
  
  d974f69b2c814304e0f8fdb2f2867796cb914f57
- SHA256
  
  43fe10471e24407465cad72321ef58cff8d7caf5f7734dbb6185b04a10b98e0c
- SHA512
  
  bafc9f0275e8afa953522b9486515ebba450e35e0b1a09ce98a1a7151554f16c1eb0d0324b80723eb535e8fd94d7b5cc9528efb9f3b146872e97b7a1ff050c23
- SSDEEP
  
  196608:Qt84RHDm/MODxdvh6WjncpafrM9AEPym8UD4GH:A/jm/pDEWjn0ErMymT8UlH
Score

7^/10

discovery
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/Banner.dll
- Size
  
  4KB
- MD5
  
  258dd27107feabb1969908a9387a79d7
- SHA1
  
  80f85b610e57d6ab07988cdae60c83300bef6a8f
- SHA256
  
  f4fc1344c32ad1c075067c6abfd168a1815dbc6f97103e83e7e8e708230889d2
- SHA512
  
  e2df96efab3ea794e75b6a3c9038601c7abd956b41fbbcc4fb60013e0d319d9978f539dc0f944778d05d2e384192d918e06dce8bf76f355d0cbfd142313b9a2b
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/BrandingURL.dll
- Size
  
  4KB
- MD5
  
  71c46b663baa92ad941388d082af97e7
- SHA1
  
  5a9fcce065366a526d75cc5ded9aade7cadd6421
- SHA256
  
  bb2b9c272b8b66bc1b414675c2acba7afad03fff66a63babee3ee57ed163d19e
- SHA512
  
  5965bd3f5369b9a1ed641c479f7b8a14af27700d0c27d482aa8eb62acc42f7b702b5947d82f9791b29bcba4d46e1409244f0a8ddce4ec75022b5e27f6d671bce
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/Delay.dll
- Size
  
  7KB
- MD5
  
  4602d9a9ed82d646522ead08a58536a9
- SHA1
  
  b070bad90e13e85c97bd4e530ca7958c22e36a5a
- SHA256
  
  b6691bf37f13e37bfc07d45990092fd9398f7eff8cb1bbad05e528def0307c4a
- SHA512
  
  5ebad4e83d411799a25b1e462ac3c7683dd0c973f131eed29131af7a240f92f55e6c60b78f96388bf7c4134941353794d79ef6c91476e8def7e5c803544afec9
- SSDEEP
  
  96:fkcYhKlqWFeJ9DekCN3jPpP4DyGE3qLNf:cXKMJRC5BfGE3qLN
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/Downloader.exe
- Size
  
  64KB
- MD5
  
  620db192960aa0254e628116cc2e481e
- SHA1
  
  7e876192b000dbf373f7c7c31857c0d624b004e9
- SHA256
  
  b3c4703b758f550eeaad7600f1ecc5967bf5272a98e6252ddf9e88034b937015
- SHA512
  
  59dc894920db6e770bb46d4cef587f869220a4ea72ac198e9f4681cb05d1941510d01fb409fc1247ab18a8e57e8c850b7a10e989fa2ce10f2a928aa7ad98ab31
- SSDEEP
  
  1536:Qf4exGDkeZ4mOoSgJEAJJ/4Romu/BpiUoBp5WYaT/dc9:u4eYZ4+1JXJJ/45C2BDCdE
Score

7^/10

discovery
- Loads dropped DLL
behavioral10 behavioral9
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  10KB
- MD5
  
  2b54369538b0fb45e1bb9f49f71ce2db
- SHA1
  
  c20df42fda5854329e23826ba8f2015f506f7b92
- SHA256
  
  761dcdf12f41d119f49dbdca9bcab3928bbdfd8edd67e314d54689811f9d3e2f
- SHA512
  
  25e4898e3c082632dfd493756c4cc017decbef43ffa0b68f36d037841a33f2a1721f30314a85597ac30c7ecc99b7257ea43f3a903744179578a9c65fcf57a8b7
- SSDEEP
  
  192:ibEOXfXZQ6i1AZ2q6grklcm/iaULQAos:ib/41AZN6uklckLUJo
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  $PLUGINSDIR/inetc.dll
- Size
  
  18KB
- MD5
  
  d10b6bf2a8e89632a9a25eeb056bd1fb
- SHA1
  
  dc8585c46bb9bf33d244a6c9b83790c94023d9fa
- SHA256
  
  e72ed04c48dd5e980639e4cf016e69c193d9a3016f847b6aa158131905688827
- SHA512
  
  f23e98eebb367de3a69e695c355340b93b9949236244c630e2b8cfb2dab79ef38372c7d44faeafa5731a88a717c19ed9ab60f11274c1c3cc4fdc794ded12a079
- SSDEEP
  
  384:63YVNNhROv8F5EQT5ctuTflwqC7k49/fUya9zn0Ac9khYLMkIX0+GMhg52:6EW8F5EQ8OflwFNJDa9z
Score

3^/10

discovery
behavioral13 behavioral14
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  10KB
- MD5
  
  2b54369538b0fb45e1bb9f49f71ce2db
- SHA1
  
  c20df42fda5854329e23826ba8f2015f506f7b92
- SHA256
  
  761dcdf12f41d119f49dbdca9bcab3928bbdfd8edd67e314d54689811f9d3e2f
- SHA512
  
  25e4898e3c082632dfd493756c4cc017decbef43ffa0b68f36d037841a33f2a1721f30314a85597ac30c7ecc99b7257ea43f3a903744179578a9c65fcf57a8b7
- SSDEEP
  
  192:ibEOXfXZQ6i1AZ2q6grklcm/iaULQAos:ib/41AZN6uklckLUJo
Score

3^/10

discovery
behavioral15 behavioral16
- Target
  
  $PLUGINSDIR/inetc.dll
- Size
  
  18KB
- MD5
  
  d10b6bf2a8e89632a9a25eeb056bd1fb
- SHA1
  
  dc8585c46bb9bf33d244a6c9b83790c94023d9fa
- SHA256
  
  e72ed04c48dd5e980639e4cf016e69c193d9a3016f847b6aa158131905688827
- SHA512
  
  f23e98eebb367de3a69e695c355340b93b9949236244c630e2b8cfb2dab79ef38372c7d44faeafa5731a88a717c19ed9ab60f11274c1c3cc4fdc794ded12a079
- SSDEEP
  
  384:63YVNNhROv8F5EQT5ctuTflwqC7k49/fUya9zn0Ac9khYLMkIX0+GMhg52:6EW8F5EQ8OflwFNJDa9z
Score

3^/10

discovery
behavioral17 behavioral18
- Target
  
  $PLUGINSDIR/nsDialogs.dll
- Size
  
  9KB
- MD5
  
  c6284e23cd7e4d11db8298deb4541083
- SHA1
  
  e338686c7579620383ab8cc5a51bbb8d846f60cf
- SHA256
  
  79914940cbbf70a385f13a9970a9d577d7a7e07d240fe44563b45a472cd4bc3f
- SHA512
  
  72103e470d770fb402a18e975ff339526a3e4c9aeb8fac1b0977995a6eace0eca965b1915404df9b5a25b59628db1b199d2b9b10372841309c137054356a5cd7
- SSDEEP
  
  96:q0HzOxnC1hncrcpRciM8wcxMkDOW6LbUXv8X2PXv5bcndYosRn:qJxw3pmiMRxNE/8c5bcdo
Score

3^/10

discovery
behavioral19 behavioral20
- Target
  
  $SYSDIR/avisynth.dll
- Size
  
  306KB
- MD5
  
  8f43ae82ec175236a1249c30fab4ee5c
- SHA1
  
  987b8f59470c7cecc393677bd9c9b3b41ea3d848
- SHA256
  
  1d214e20ea6feea336e370c3d4b5b4dc0483db396219e56d740de45dff32cf95
- SHA512
  
  eeac3d6827e8ef7ee830c04c035c8f14e8ed90a5885aa3345302e2e04442d39916d9d401d6b2293b4454b20dc46f8ef5dc5c64fb8e02e2914a1799e4c248bb62
- SSDEEP
  
  6144:nGbn0kVJDMDQ+jnCBGxnA8E97pkwpDUs3xnkpQk:Gb0FDbC98A7pD9Ushnf
Score

7^/10

discovery upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral21 behavioral22
- Target
  
  $SYSDIR/avsplugin/ds.dll
- Size
  
  24KB
- MD5
  
  573843773242b1d36764cb4fcabe4a28
- SHA1
  
  624cc28f3b78b3c0941573725ad9d7c67a0edb3f
- SHA256
  
  dc28073f46cbc473d28ee1468b3e9bcc9a31bb23b4caf16341e3f3b804df8f5e
- SHA512
  
  c33f9b7321a12a63b0793b7bc2459b0dda0d5b9cc3be824edab7b406f15e0fcd38b49a5b583c6741a9371db6f99dc899b693146cc10bd72197025e1219c300e5
- SSDEEP
  
  384:gkdA80ym0XGYqSSVUdKoJB9hdbSxHbydXhIgn/dgcGo7P23:gNPymz2SAJ/Sx7yd9n/dpGo7P
Score

7^/10

discovery upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral23 behavioral24
- Target
  
  $SYSDIR/devil.dll
- Size
  
  703KB
- MD5
  
  d27959321703b70120025a9356e89a7d
- SHA1
  
  f1252382feb6a31a384a840e41e623b72bb3d000
- SHA256
  
  38aed5589e8da0a3b123e754b0c839818627f4fd178df31b556cbb304caefc28
- SHA512
  
  e2ebdd5d4d1d29859d6ac0b6290f3f0441b0dd7b520a17ab0df9a89562aca44fd06811b4e2291ca64b69c878ec50cadcfd71eff75c7bbd79cfe7d3856b83e90b
- SSDEEP
  
  12288:WI2QVF9rRtYszwn+nZDNMONWvTY6m7fikJ:WIpF9rRtzwn+nZDNMsXfi
Score

3^/10

discovery
behavioral25 behavioral26
- Target
  
  $SYSDIR/ds.dll
- Size
  
  24KB
- MD5
  
  573843773242b1d36764cb4fcabe4a28
- SHA1
  
  624cc28f3b78b3c0941573725ad9d7c67a0edb3f
- SHA256
  
  dc28073f46cbc473d28ee1468b3e9bcc9a31bb23b4caf16341e3f3b804df8f5e
- SHA512
  
  c33f9b7321a12a63b0793b7bc2459b0dda0d5b9cc3be824edab7b406f15e0fcd38b49a5b583c6741a9371db6f99dc899b693146cc10bd72197025e1219c300e5
- SSDEEP
  
  384:gkdA80ym0XGYqSSVUdKoJB9hdbSxHbydXhIgn/dgcGo7P23:gNPymz2SAJ/Sx7yd9n/dpGo7P
Score

7^/10

discovery upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral27 behavioral28
- Target
  
  $SYSDIR/etherh264.dll
- Size
  
  84KB
- MD5
  
  81cbfaf973cbc513b9692d6ccfaabea7
- SHA1
  
  016ba3f057af2b2b1a1c797c4b05523f7421e3d9
- SHA256
  
  6b2cce41a42355deffa2c3c5f6f07c655510a4d841a006458b885dc909e59c00
- SHA512
  
  6e2ac4b5627066574af601b8ee0bed51aa6a5df963da9e4062a3169b4ffd86a00aece3e4faf5e05476672fed251693ae033912e04065ca13dba9eb2b50931f52
- SSDEEP
  
  1536:JG/UolJjWuIYIgjfBmSSfNHTRYFRoRkVx8og9HRW:JG/hjjdIgjJNSlqRVx8og9x
Score

3^/10

discovery
behavioral29 behavioral30
- Target
  
  $SYSDIR/pncrt.dll
- Size
  
  272KB
- MD5
  
  13001eb0a58b4de96126b16ab15fd8cc
- SHA1
  
  4dfe6d2d02e9fa194f4af3d054b458b5a4bafbe6
- SHA256
  
  e983aa97fe1ce6af92f06433a71e03f54d3fc78392e26691cace927094bab8d7
- SHA512
  
  1a7c052bc1e7c824a3aff5e27c5cbd0720893e341dfb93062021b82c3a6d940c4ea23cbcdfaaeb174d90f51c36f0d8c62f693766f42172f894b6b689d26f49b2
- SSDEEP
  
  6144:3m7wHLiH0k6OgfjvQ0mvlxZ/PeT8Ah8EoHiIKaGo5RpTufufVvtr+dj7GcuT1JOy:3m7KLiHl6OgfjvQ0m93/5q+iIKaGo5Rr
Score

3^/10

discovery
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32