965c03c1440a12d996905d6c365b4aac7ba463e5a7b3add65be68ec6af460993 | Triage

Sharing

General

Target

bdc62f758022ed765f9b2435ca4ca280_JaffaCakes118
Size

1.5MB
Sample

240824-b619bayhpa
MD5

bdc62f758022ed765f9b2435ca4ca280
SHA1

dffa990417808cfe0871d21a0daf00ae084271b3
SHA256

965c03c1440a12d996905d6c365b4aac7ba463e5a7b3add65be68ec6af460993
SHA512

9aa7b1cf99b9c7af71404fe10a20dbe1a6786aed462304bc02fc1112b16b5cee714cb2cb3fee8b9a5f67da9133a287ff0f15f6f30de1feaab4ecf1b2e1af1a04
SSDEEP

49152:NYOYs+LmEN4Y+BoCcLapGQl31u0s/6i0SaxO7Qt9tk:WOYs+/N4TcLwGQl1uN/oSaxOMt9tk

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  virussign.com_0532721416019225b0b3b38c22ed6196
- Size
  
  132KB
- MD5
  
  03e74ad9e2f82054d940ce00d3e512a6
- SHA1
  
  42122f0b2c7f30a1b5fa315b03d23d4fab173ef0
- SHA256
  
  19befd4405a3eeca065ed893c29bfdf4238b6d49a5bff3267798459b88176846
- SHA512
  
  40a8a714292d1fb277125933c3a00d74e413c460a9d11edc77c9c35993b833454ac73cf5522d1c721ee706ea2c276d32241da7149d5efc8b061802493a44f96f
- SSDEEP
  
  1536:I0zWbxaVYljVqkAnWjACXWTTBmlyQAplmwuy1/8Wu3As5wGlBtK7qjh3rmKPN:IuQVqkYT9YMpPzJFJGlBttjZqMN
Score

3^/10

discovery
behavioral1 behavioral2
- Target
  
  virussign.com_05f7f56a545e52ac853f988629953034
- Size
  
  214KB
- MD5
  
  035092f5c7d84ba03cf9d35d853c130f
- SHA1
  
  a3aace7fb445223bc5ea83cc5a2dee4852c109f8
- SHA256
  
  6e5f2dd63e046d77e2404ef8caf3863ee9d2d49dbb1d9a3db9d61f190b10c232
- SHA512
  
  779bcc5df993f0f2ab3fba4e7e146fc3be31aaf9dd79e9745ad7ef1181d82dfb255a04e177ab9528346d236a019d330cbb49505ce7cde2361fdf3aedc6d33be4
- SSDEEP
  
  6144:rmJIK+h5aRQuMulRZ5HiXsMrBjcKi1y4rJGzOp9iH4Bi:rmJB+h5SmulRmcMVjWddGzQ9iHr
Score

7^/10

discovery
- Executes dropped EXE
- Loads dropped DLL
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  15KB
- MD5
  
  6e663f1a0de94bc05d64d020da5d6f36
- SHA1
  
  c5abb0033776d6ab1f07e5b3568f7d64f90e5b04
- SHA256
  
  458b70e1745dc6e768d2338ccf3e6e86436488954ca3763472d8ffec4e7177e4
- SHA512
  
  2a037c39f3a08d4a80494227990f36c4fef2f73c4a6ad74dcc334317a1372234c25d08d8b80d79e126881a49fa4b3f2fffe3604c959d9ceceb47acc7192cc6a5
- SSDEEP
  
  192:VsIZHdT9uwYX94kYd2iCzHR+yK7imphLAykycpKPd5mj8ozxGUWumle:VsUHd9GN2d2iwl0impATIPdAj8Ov6
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/ProcDll.dll
- Size
  
  348KB
- MD5
  
  7c86e1f6b310fc8035c87386b8d2ed04
- SHA1
  
  cd25fe27443fc172d581f6eec26291218d66b5ff
- SHA256
  
  fae6ead8f70b1d7d5cce53a6875a3c83916bb06c6fd6dff12e859857d56547a1
- SHA512
  
  ed1f005cf44aec6ff3ce280924fe30e288377e6c619971ed50ce46a6c6935b9c6617e7ba88710be18637fbc02e89567f743af169ff8506a188cc114bb8b494b0
- SSDEEP
  
  6144:6ycMQ8WEijuWOv5iRB09RJwr6mWI5wlXe3Tsl2:TmEdWnRS9jVmWI5w5
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  virussign.com_05feb66af4b599544ec30d35c4b208e2
- Size
  
  133KB
- MD5
  
  7da884a3a469e63668849916c1099053
- SHA1
  
  13860d53a579f76427545e60eab870923065ec7f
- SHA256
  
  13cde81b212acc3314cf406e8b22bf641e7fde481365f982ebeac3bd8094c26e
- SHA512
  
  25a15d85cd8cb7ab96a6433a46bcf5e4e9388055290a730878b84a01b71d3a3167ac7f7f745942e1d729db87ea4d66a4b76f7cd3d6999bc2433c47272155824f
- SSDEEP
  
  3072:lRnLy8MWmJiv1inJRqxlffsSFNJz9SuaKC8Dr:lpZ9OJRyf/HIKC8n
Score

7^/10

discovery
- Executes dropped EXE
- Loads dropped DLL
behavioral10 behavioral9
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  14KB
- MD5
  
  32aa6334fc543e70ef0f792bb9a0c45a
- SHA1
  
  54be1f5004f7e5afe7c9ba160495076ea2a4d60c
- SHA256
  
  610e54bcfc2831d4f9d7030ceb16d35ee33006403d842f01b6e75bebea0083e2
- SHA512
  
  ac92116821a032de8df64bf9aea9c6ba4040467eebaa4e028c2bf031f1c81bb69531288b9d89d951b952fe0b4ecccade874a5ae76d04db8b4dee2d13c486f9ae
- SSDEEP
  
  192:V6JaVGQ+xI5EeuyvMmGpeWH2J5xprN+AxTwK72dwF7dBdcQOz:V6JaVh4I5rpPbTw+BdhO
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  virussign.com_06063b4bc5d2171ba7c4c8f78dbd6b39
- Size
  
  1.1MB
- MD5
  
  7dd2bef0b60ad70afb3f6bb5933f9aa7
- SHA1
  
  9a7572e9dbb4796b93b7dc53c76c1e2020230556
- SHA256
  
  2637076529a6a634dd988076a81bf169159765ebc22ede78d28b1002e41b031d
- SHA512
  
  0c8a12a4407ffbbbd3c2d06047d1cb25966cd97849121ae88660fe270734f6b0482a33245ae27571a2f1b519104a0414983c29121e1dbfb00d4b0bba0f5f41b3
- SSDEEP
  
  24576:+9Hkr1xhwjvzWz5vsxwSoPdVoBjCvuF17+2NdJfiOgUv+FtibXL:5hwbCLSoPdVoXiOgU+FtibXL
Score

4^/10

discovery
behavioral13 behavioral14
- Target
  
  virussign.com_28aa9bb3da4444f3714dd50d126f058e
- Size
  
  36KB
- MD5
  
  6297bf8731b99a33f34c5a498c4661d0
- SHA1
  
  47e343941f168b625fcaeffdf69d4c36b66e260b
- SHA256
  
  2acc1ef2427724bb9a62502a94c47f601b260c1af5f5bcf090d65033d32ba76d
- SHA512
  
  a59c4e35f0585320c4a5c953d16395afcc130ee48ea9d326582f26f7f8009931b7bf0357de4ab4f4df4a8e5a47cc1e8d199ba2ab99fd07173f3ccab0c35349e7
- SSDEEP
  
  768:twdVVPSLAuDeGJiqrmehiVSrmaBP39VU:twdz7qjh3rmKPN2
Score

3^/10

discovery
behavioral15 behavioral16
- Target
  
  virussign.com_2b58a1c5a7b7c67361923e63dd9afbf9
- Size
  
  141KB
- MD5
  
  cde6e5d41c9c58dbb3c8bce35037948f
- SHA1
  
  eda64d36ef8a7410dabd976a91e2388c36bf427e
- SHA256
  
  727539f134fb6102aafccfda1d91ef40c860850972a3eb140e9ea8689dc58b80
- SHA512
  
  e0e117743fb221cb8bcc30fc27efd0f10ece664534a3667da8c779c95f55a76069c12b4232f18526de793e59ae183b1ca550777562512f72bf25b432534d573f
- SSDEEP
  
  3072:AM8hxeCZ+CW0oyuPuNh5zc0Ik/UdA03XREsD3cnbPn+knCBxdILTqk0kU+J:aTnjNh5zcO/U2yRDsr+k+ILd
Score

3^/10

discovery
behavioral17 behavioral18
- Target
  
  virussign.com_2f8700ff031cb55352593b15ce1c6de6
- Size
  
  8KB
- MD5
  
  a7277ed69b93ceb0b42f026c4d64bd9b
- SHA1
  
  08abbb92bfa100d9610c77b05d1b6a407f70258c
- SHA256
  
  aba8de04543d6d46a59e3ca5b96dffbbc3512a93832e0604facac98801eda18a
- SHA512
  
  798e5dfae46251cd17676f26256b65b73a6ed47ba5d11c2d83ed3556cbdf844960b69a38335411cbfaf955308d0b096027bea0eb8687864d0536a47cc0372b90
- SSDEEP
  
  192:Ew8dHabRDEgtHyl0NSypWak6HVdW3yWak8QjdW3w9:cdHad/N20IypWak8dWiWak8EdW
Score

3^/10

discovery
behavioral19 behavioral20
- Target
  
  virussign.com_32d34d016f811a09e453dd6026de957c
- Size
  
  8KB
- MD5
  
  a7277ed69b93ceb0b42f026c4d64bd9b
- SHA1
  
  08abbb92bfa100d9610c77b05d1b6a407f70258c
- SHA256
  
  aba8de04543d6d46a59e3ca5b96dffbbc3512a93832e0604facac98801eda18a
- SHA512
  
  798e5dfae46251cd17676f26256b65b73a6ed47ba5d11c2d83ed3556cbdf844960b69a38335411cbfaf955308d0b096027bea0eb8687864d0536a47cc0372b90
- SSDEEP
  
  192:Ew8dHabRDEgtHyl0NSypWak6HVdW3yWak8QjdW3w9:cdHad/N20IypWak8dWiWak8EdW
Score

3^/10

discovery
behavioral21 behavioral22
- Target
  
  virussign.com_37b2b3bc9a3e0eaa8f63475d1594aa63
- Size
  
  8KB
- MD5
  
  7adcd6d8a075613e34de0969c934dea7
- SHA1
  
  4c8671e23db757d4ac19e1e801cd2c9309c44b77
- SHA256
  
  6c749936737c519370792b522c8c8e299896becd3555ad81ba17396ef71ccbe4
- SHA512
  
  1affebcf6499c3a06e0e8beaf0e451d96b31b60bd079d33502f98817daf302fd6c576dea4a84d57b39174732fff279d4915c0edcb1babb4161277703c7fe695a
- SSDEEP
  
  192:+1mjfw8dHabRDEgzHyl0NSyFWakiP84dW3qWak8Q7dW3o9:+8jhdHad/z20IyFWakC84dWaWak8cdW
Score

3^/10

discovery
behavioral23 behavioral24
- Target
  
  virussign.com_387a46d6d648a83761497a71ed16e848
- Size
  
  36KB
- MD5
  
  fcba6f7bb058a41cb2f4ae075d0174c0
- SHA1
  
  4f99ef5f564b81806f53f5f166309fb11a12f8da
- SHA256
  
  06cfa799d1b4de08765598dfaeddc151e814e05dd5a8adb8385884142ee6dae1
- SHA512
  
  732700ca22c5bf6e218566080f17f74df49054d81a206d3caf43086381f45fe7ea987f2ac0d1273b551b6e158c5f63ceeaf42e81b08cf08996accb2a34e242b7
- SSDEEP
  
  768:elWe0rTURiupUe7vROeM5C74txb3m8y1u121+C:elWe0A1b7keYC7A7y441
Score

3^/10

discovery
behavioral25 behavioral26
- Target
  
  virussign.com_3b5751e80475d7f0256909c120c6d0ad
- Size
  
  82KB
- MD5
  
  3ac2fbe3d48dfdf1397b178b0a916225
- SHA1
  
  4588dc8de795f5fadd893935568724e86c3dc8cf
- SHA256
  
  8350ddfd30fd1550ba21bdb19ed615310b47bc995cfc8d7f7aceca578958de89
- SHA512
  
  394c482777c7ef0f17010b16a8f729e746ee44a78e952355e9dfa9b7f01bec19f81f618c576de2b657c6c62f3184034bb8912184dc583dca5d909bd7ff7165a2
- SSDEEP
  
  1536:afE+EenJ66gVt8VYG/Ocjl/acHhDBFuPwtMe:cE+R6eJOAl/JBDBkPI
Score

3^/10

discovery
behavioral27 behavioral28
- Target
  
  virussign.com_4a88d1db50eb7ff5eceb056b82a36287
- Size
  
  239KB
- MD5
  
  269189e8c93969e8ef4d28a5289e1e12
- SHA1
  
  16973f6140e3480fc58fba1085eba656e552f5a3
- SHA256
  
  d579216769046642f22fab9bd07a840f3ffb5d0566f2cfd3215845865c91d7de
- SHA512
  
  eef0b3e233bf875107cfb0432ef3b4f30dd351a48ce3dcdd6530cb321104db1b6e93725b27ff09acad4d03f10aa84a9b5b6fa1d5fd5c2736982f1ced925104bb
- SSDEEP
  
  3072:d6ii7HuBqspk2hMllwGQo2qPWG4fBHHvAsTt8M7yLPQQh41bslBUfDlxiGj9Mhx:0BHsuyMvwX4+iMGtzOSy8
Score

3^/10

discovery
behavioral29 behavioral30
- Target
  
  virussign.com_5bead59d62f321d368bcdc1cfaa4c414
- Size
  
  25KB
- MD5
  
  9d8df1d16b944c476843928d499e39a7
- SHA1
  
  481b581337890b117442a45fea1a88866797cfa2
- SHA256
  
  e3d13135099c1aa63cae6147cbca5148662258ab6f47d9e5b5894864c22c6a24
- SHA512
  
  30a1ec73671b5e1ec284f8379b776e24210813c90a872e58250d817fc9a6eae95266690ee56497eeb1fe5f2a34052496e9f07cd7cbdd8e16da9ff8b51913386c
- SSDEEP
  
  384:+AlrzpehNkXYJSpFtp9fp/ffSoiASarb0HgNNEPhZFpXnDYV+gSzJANm4Y:bzpehNkX1pFb/3CAd0HaNE5p6YAkn
Score

3^/10

discovery
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32