fcc14813f9ec0ed12cdf7da8598263756aaf480d4e934535a8ae7368a337bc34 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ba01137a9e2ebc78c344e3d6585b4424_JaffaCakes118
Size

5.5MB
Sample

240823-cxkqms1aph
MD5

ba01137a9e2ebc78c344e3d6585b4424
SHA1

f742447835ab0a6a942b1da7c0e4ac474afa696d
SHA256

fcc14813f9ec0ed12cdf7da8598263756aaf480d4e934535a8ae7368a337bc34
SHA512

16f4a456254d26825bec61b87d3da7a85762ae24b310a6e24fc8469e8ad4acd0fb320d670523719eb83b4dfba8b5c7ae9d967b0a2f359b5062cd883390fdeb97
SSDEEP

98304:+TBRigK0YYn8xQySdkow8nlR5yexIYQhCqjHwvLzBK1mXfGthHucbNNtSCmOlR5i:+1TKBYpySPHnlR5yt70DzBfG7HpxNnJs

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  ba01137a9e2ebc78c344e3d6585b4424_JaffaCakes118
- Size
  
  5.5MB
- MD5
  
  ba01137a9e2ebc78c344e3d6585b4424
- SHA1
  
  f742447835ab0a6a942b1da7c0e4ac474afa696d
- SHA256
  
  fcc14813f9ec0ed12cdf7da8598263756aaf480d4e934535a8ae7368a337bc34
- SHA512
  
  16f4a456254d26825bec61b87d3da7a85762ae24b310a6e24fc8469e8ad4acd0fb320d670523719eb83b4dfba8b5c7ae9d967b0a2f359b5062cd883390fdeb97
- SSDEEP
  
  98304:+TBRigK0YYn8xQySdkow8nlR5yexIYQhCqjHwvLzBK1mXfGthHucbNNtSCmOlR5i:+1TKBYpySPHnlR5yt70DzBfG7HpxNnJs
Score

7^/10

discovery
- Executes dropped EXE
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/ExecDos.dll
- Size
  
  11KB
- MD5
  
  77856a02074076ce80b75d196bafb73a
- SHA1
  
  6e098a79322376651b6b4474f2f443a213fbb373
- SHA256
  
  0980dafe7f9723fe4c8254b597a76c399c8209985fc28c4e5ba85f82926c69dd
- SHA512
  
  51aae4300fc27283073e4901d34158ae20c565837ace388710e8a9b240de92c8ea67b1e50b7bc32cc39fd4b950ad320f45e6dc1c50f239227521d9744f2bfd56
- SSDEEP
  
  192:H7BaNHpFCDuiWuhtRPrMgb3C8GRVu7lnSgh/q6Y6m:bINDOZhtRPzIRc7lScHY
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/LangDLL.dll
- Size
  
  5KB
- MD5
  
  8e806ea2e205dc508a2fb5adda3419db
- SHA1
  
  21beab4e309b139fdcca7dd708df8dbbfd2dd5a3
- SHA256
  
  86a55734b8802051bbbd0e8c9c506d0ca985bc5c99113e99b309469046133937
- SHA512
  
  6b362bdadd6801ceb6106485015a4ae6d227dc04c1397a730ac8fd44b00649876ee7cbd0d7690b41dcaa8451c94e9f5838daa9fbc21f7306740de89667468cc1
- SSDEEP
  
  48:aTT4WeApYxYlxamAWHN+EuWkGWBBWAGr9SdLB8maofYZVSA:bWGSxamjHNDuWRWBBWvm6V
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  11KB
- MD5
  
  b9f430f71c7144d8ff4ab94be2785aa6
- SHA1
  
  c5c1e153caff7ad1d221a9acc8bbb831f05ccb05
- SHA256
  
  b496e81a74ce871236abcd096fb9a6b210b456bebaa7464fa844b3241e51a655
- SHA512
  
  c7ce431b6a1493fd7d1fe1b1c823ad22b582c43c8eb2fb6a471c648dd9df9953277c89932c66afd598d43ea36f4a8602e84cd175115266943071cbc8ce204099
- SSDEEP
  
  192:hClej3uzvJwqJMQKN4GbeWZksMI4ETWcEbcBZ8ep2Kra7yOG:hCm2HgN4GbeWmbI4Eybogia7yO
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/UserInfo.dll
- Size
  
  4KB
- MD5
  
  351b802508ee5462cbf7f35454a9dca6
- SHA1
  
  7b9a1bc758e10af02124143680f636853b421da1
- SHA256
  
  39275ee1767aac3ae0929a3e67a84a921610b45d5cfff3db1641893504d5c78d
- SHA512
  
  6b0a4a500597fefaceb5eab79737d4f8dd253bb6bf8c263699314deda417763857b4407457d877b28f7a9c1f40a241d378ccae80c68541ff3f102eac8a6ff8d2
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  $PLUGINSDIR/nsDialogs.dll
- Size
  
  9KB
- MD5
  
  7823fc560926dcd8741de6f0b900083f
- SHA1
  
  93dc0a704bc0b8f90668548e36daf459be0ae10a
- SHA256
  
  ca869d6c6752aa4a8a6c874a694b543442992d7e854d0c48a1b60bca01a8c8c6
- SHA512
  
  c79509cd306638ea9badec64ed9f7d0690e46fcab7ac77f25134065b628e76d2812f2d874ea2cc4283685c567b613a39d27b9fc4a6de2d4b9d30131f3161c4e9
- SSDEEP
  
  192:SzQhZDqlJcKISw99ioU3MSfwLF/+nhHUVsdz:SzoZDGKYw9goWyFGBU4z
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  $PLUGINSDIR/nsisos.dll
- Size
  
  7KB
- MD5
  
  9625309a9aa1109cfd3dd2fd10f37a3c
- SHA1
  
  6e19ca9e47f762d54b85f4d180887533206ffe9d
- SHA256
  
  d19101fc059662010b527feac6f996d4752da27c26747be0a1cafaee109b9afc
- SHA512
  
  6cc3c99d7fd923d100804822b0e7cb7ee29d8f67adc2c84df2fbaedb07938ab020f724f3278cb39e843eebb23f3de04c9912319c7e9a777c82a40cefb6e66ccd
- SSDEEP
  
  96:rXnQdh3z1etpwgow140hYQrKAyEwqA/xCt:rXnmwIwG0hYoDyEwqAA
Score

3^/10

discovery
behavioral13 behavioral14
- Target
  
  $TEMP/HssInstaller.exe
- Size
  
  202KB
- MD5
  
  21408ad6b76009f6ad5171aa11dce7f2
- SHA1
  
  4edb67491e48543a5aa29a2c9fcb809ad74207ae
- SHA256
  
  a92924e260482a42c0c2cec38ce09f65079c084eb2aef6c7157b146d75dae2ae
- SHA512
  
  99dc845c433e0d60dd5f617ffcab7f7d67ba88239f716f7b0b03289c2d959eac5f347df246e9ceffdb54494abdaf6693b71d8f99c352a9f6ab3664e4cc0e5ec6
- SSDEEP
  
  3072:+6OJca06Vy4DTY/1ixrN9LcBz7t5pruoMqqDLy/pqSReHvk3G:+6OJPL1k/Yxr3Lcl7peqqDLup+Hj
Score

3^/10

discovery
behavioral15 behavioral16
- Target
  
  $TEMP/tapinstall.exe
- Size
  
  83KB
- MD5
  
  fb0602484ec5fe03518d6688f00bb300
- SHA1
  
  67d9ba661fb85bca4885db7a5c11513492fd00c8
- SHA256
  
  5cbc33bbad23e6c0ed3877b8f28a99033c0d715f8c65bc2ece8d61498e8ddf16
- SHA512
  
  dded0ccd35e1490eca8c61bfc5c199a91165708247321743cc88e4423903f4097a67d701f211ddcbe541b604e281f62c236f4512201c797de21328e03e07843e
- SSDEEP
  
  1536:neAlzBufRv3YPKlm52Qe2NhtUnN1ssF4O7W2m:9lWva8Q2oNXUNeSRW3
Score

1^/10
behavioral17 behavioral18
- Target
  
  HssWPR/HssInstaller.exe
- Size
  
  202KB
- MD5
  
  21408ad6b76009f6ad5171aa11dce7f2
- SHA1
  
  4edb67491e48543a5aa29a2c9fcb809ad74207ae
- SHA256
  
  a92924e260482a42c0c2cec38ce09f65079c084eb2aef6c7157b146d75dae2ae
- SHA512
  
  99dc845c433e0d60dd5f617ffcab7f7d67ba88239f716f7b0b03289c2d959eac5f347df246e9ceffdb54494abdaf6693b71d8f99c352a9f6ab3664e4cc0e5ec6
- SSDEEP
  
  3072:+6OJca06Vy4DTY/1ixrN9LcBz7t5pruoMqqDLy/pqSReHvk3G:+6OJPL1k/Yxr3Lcl7peqqDLup+Hj
Score

3^/10

discovery
behavioral19 behavioral20
- Target
  
  bin/HssInstaller.exe
- Size
  
  202KB
- MD5
  
  21408ad6b76009f6ad5171aa11dce7f2
- SHA1
  
  4edb67491e48543a5aa29a2c9fcb809ad74207ae
- SHA256
  
  a92924e260482a42c0c2cec38ce09f65079c084eb2aef6c7157b146d75dae2ae
- SHA512
  
  99dc845c433e0d60dd5f617ffcab7f7d67ba88239f716f7b0b03289c2d959eac5f347df246e9ceffdb54494abdaf6693b71d8f99c352a9f6ab3664e4cc0e5ec6
- SSDEEP
  
  3072:+6OJca06Vy4DTY/1ixrN9LcBz7t5pruoMqqDLy/pqSReHvk3G:+6OJPL1k/Yxr3Lcl7peqqDLup+Hj
Score

3^/10

discovery
behavioral21 behavioral22
- Target
  
  bin/tapinstall.exe
- Size
  
  83KB
- MD5
  
  fb0602484ec5fe03518d6688f00bb300
- SHA1
  
  67d9ba661fb85bca4885db7a5c11513492fd00c8
- SHA256
  
  5cbc33bbad23e6c0ed3877b8f28a99033c0d715f8c65bc2ece8d61498e8ddf16
- SHA512
  
  dded0ccd35e1490eca8c61bfc5c199a91165708247321743cc88e4423903f4097a67d701f211ddcbe541b604e281f62c236f4512201c797de21328e03e07843e
- SSDEEP
  
  1536:neAlzBufRv3YPKlm52Qe2NhtUnN1ssF4O7W2m:9lWva8Q2oNXUNeSRW3
Score

1^/10
behavioral23 behavioral24

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24