aa63d723e0fde39bd468725d9ab31e22fded6f389399dc31f1ccf8bf87bee110 | Triage

Sharing

General

Target

c7a10c92e93cb847bac8537977071600_JaffaCakes118
Size

15.5MB
Sample

240828-znh7savhje
MD5

c7a10c92e93cb847bac8537977071600
SHA1

5b5a206bef5d16c7b3542be809cf7b5ec2b18067
SHA256

aa63d723e0fde39bd468725d9ab31e22fded6f389399dc31f1ccf8bf87bee110
SHA512

205a14d9b8f1b3cb336337cc783e3416700a781806971aef9d6aec804f054cdf32880fde402f0631b8ee3019320d76d8a05fc7f8068c5402ed0c3e4fe3b25abf
SSDEEP

393216:A+r+bygmIDk8Ed+D+U6IfWgflcNTTBu+9C6ubw4WOzC7vR+pR:A+r++RIDk7DrIfWQlUMbwAq8R

Score

8^/10

discovery

Malware Config

Targets

- Target
  
  c7a10c92e93cb847bac8537977071600_JaffaCakes118
- Size
  
  15.5MB
- MD5
  
  c7a10c92e93cb847bac8537977071600
- SHA1
  
  5b5a206bef5d16c7b3542be809cf7b5ec2b18067
- SHA256
  
  aa63d723e0fde39bd468725d9ab31e22fded6f389399dc31f1ccf8bf87bee110
- SHA512
  
  205a14d9b8f1b3cb336337cc783e3416700a781806971aef9d6aec804f054cdf32880fde402f0631b8ee3019320d76d8a05fc7f8068c5402ed0c3e4fe3b25abf
- SSDEEP
  
  393216:A+r+bygmIDk8Ed+D+U6IfWgflcNTTBu+9C6ubw4WOzC7vR+pR:A+r++RIDk7DrIfWQlUMbwAq8R
Score

7^/10

discovery
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  14KB
- MD5
  
  046074d285897c008499f7f3ad5be114
- SHA1
  
  159040d616a056ee3498ec86debab58ef5036a55
- SHA256
  
  254c5ccbce59ad882f7f51d0bf760cabde8c88c5af84e13cc8ad77ba0361055c
- SHA512
  
  ab7436fda44e340dd5909ddec809c6b569a90d888529ef9320375e1aae7af85afcab8c1c1618551d3fe8d6ae727f7dca97aa8781b5555da759d501d2ccd749e1
- SSDEEP
  
  192:+Gs+dH4+oQOTgDbzuNfrigyULWsXXZF/01JJijqK72dwF7dBEnbok:+GvdH4qMebzPY2Vijq+BEnbo
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  10KB
- MD5
  
  0ff5120f1afd0f295c2baa0f7192d3f8
- SHA1
  
  bde842d5d11005dcb4ff1d4ea97da31865477697
- SHA256
  
  4ca5bf1beb4b802914c4d3e2f37861f6ba5ecf969cfeadf5855edf58f647a721
- SHA512
  
  e049ffd7aace8d136eee007ee4f8dbc2ae8f3dce79d1c633d9654392240f8215787df8a6d08085257db51f28ff2a8023a13333dda3ea7f9bdc8b9c57b605f0a0
- SSDEEP
  
  192:Xv+cJZE61KRWJQO6tFiUdK7ckD4k7l1XRBm0w+NiHi1nSJ:Xf6rtFRdbQ1W+fn8
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  CORE_RL_bzlib_.dll
- Size
  
  56KB
- MD5
  
  6e5097a380c5b7fae5418d63bf96e989
- SHA1
  
  fb3b8cd3a512d837be642c637aa409ad8493a283
- SHA256
  
  a25397c87922879ea904d1d736f5436c7407cff33e7b9783cc5ce75cc05901b2
- SHA512
  
  435acd69dcde5636369156656cdaca2db899e69e806f556c4031e2a8c36cb0c0c12985cbbb6fa69a5a6e0325fbf1acd63ece2fa88a4cd9a7cc4c255f6cb402a9
- SSDEEP
  
  1536:t+/LAPbYoO5uCgiOvGr1Li1ifGsyYOUagW8CoekqwM8Ch8irA0dWQ522cSCCaSlr:t+/LEYoYuCgiOvaOwOKbIRRw4l
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  CORE_RL_glib_.dll
- Size
  
  2.0MB
- MD5
  
  c6ca0153180ad6ca1ba81dd1c71fad0f
- SHA1
  
  b30ca955ae0a9e91557db7029d29e8a1639a00a5
- SHA256
  
  74ab7dbee05151b6871c0f3d8f575cf4c9cc35205f8c07294006b5bd75dbe405
- SHA512
  
  22af37ceb89b9ef84ece0ddf2edccdd51de2e2d8984e5e416e42126b591ea6777d3597d761bfe5b067f1e58b7b30b0a31d1cfdb8366b1154a80cf69809fb0059
- SSDEEP
  
  49152:dP4nLmF++cLkAlSoQ9AlSRKAvmevmk2dAuVmU:dP4LmF++cnlBiDRKymOSd
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  CORE_RL_lcms_.dll
- Size
  
  237KB
- MD5
  
  c8b4b2ce2292d2fad37bd26f3cc7c93a
- SHA1
  
  dbd4c9ac223c8e9047013a0a9a727772c426e761
- SHA256
  
  0ea7ac4f7f83ba9ab598c5666056026fd6c4064f465225338ee18f55963cad64
- SHA512
  
  d3eac3a59aaae3a9bf018231a917f8c1b345c924930285b9335adb3167770b17c773a3d685b0842a96d9efe4e8c045429b6b797f689eeb52d7f032e3a803f156
- SSDEEP
  
  3072:ju5C+SRrfwyLqtuYM6ap9gspEEtxwJlB4VpvjB48NHYvm6IdBQi/LW+cWWOgaNZJ:G33q9gspdtaTBgpL/fuiJc5aNZIv2
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  CORE_RL_lqr_.dll
- Size
  
  47KB
- MD5
  
  e556f65969ec92623710b682ff3c0549
- SHA1
  
  b2daaa93f47401fa372fa932286b84d9c7387b78
- SHA256
  
  c00039535f0f3c44c77b3fda41fe496a63fe8f10708617d8ab4caa055008f276
- SHA512
  
  fb8f541ec32ea40048a331e1ed29009753f203d9d4b61a718c7d99e38d1104373c2cef59c9fb46598ab0e8f6421e00d9441408cd4c68af590921e20dff26ebb2
- SSDEEP
  
  768:zqOAGrWtFl21S0LNvSpSpTr+2tV9ITrA2/GUneZyRkVgY3n13zRSPnx:ccOl2rpSpSpTr9V92U2/GEkVd13zRGn
Score

3^/10

discovery
behavioral13 behavioral14
- Target
  
  CORE_RL_magick_.dll
- Size
  
  1.4MB
- MD5
  
  119ae6c2b7eaf72bc8f942b46e420ab9
- SHA1
  
  f1e4650a5c45091d3776205bdfd25e426ba5cdca
- SHA256
  
  7acc814a334ad8d94d3b66bec315ce7c22b6b918a3c59f040e4876436537a6e4
- SHA512
  
  140f9d1c912c75863e197d3b1eeba6705786a063065051fea5b78ecf2c1c9fe3ec0a17ad2e9e0f772fccc9c2f30312f2a00a6cadacaecceda1bcc5cd9a2ba6f8
- SSDEEP
  
  24576:OMcKdiE46nJ2j0sP4Y3MUlfOPmGs0ro4c33QynDVfT3/M4FCG2NZt6/xkYzNW:dS/nnEtx
Score

3^/10

discovery
behavioral15 behavioral16
- Target
  
  CORE_RL_ttf_.dll
- Size
  
  454KB
- MD5
  
  e3e12e401c417b7757bb3c2936b6f920
- SHA1
  
  a44ccf7fd934140204c6d951064748da3065fd9c
- SHA256
  
  ee480ee4390c3e4c001216f745175f479567204ad45b94c9cebe909bfddc797c
- SHA512
  
  9e57791a080a1ddfd4ccea6a459a692953208115fb22bb1eba257a613f56c901536cc45635b52771931b1a187f683bc84ade5d2d7f979d376d49236ac9185e05
- SSDEEP
  
  12288:v5MITAFfB+oMbRMSCqDed7mv1a4HLxVQHMmRXvVykHfEWmc2:pUhvpdCDVRmRXvUZc
Score

3^/10

discovery
behavioral17 behavioral18
- Target
  
  CORE_RL_wand_.dll
- Size
  
  669KB
- MD5
  
  1e44e0511d64d248d1cf26985004776b
- SHA1
  
  47f6a552a3427c6b1641e8e3d099c1508cec2f5d
- SHA256
  
  5542a59dc1d59d86a530fa1b1a7197118f3d2ebcb26ae324eb0b8cfab29bcd89
- SHA512
  
  6f893e24e719ef305b279fbbba6922696895d3a17bfc824dd5e7c7785e388fa3ee822275e9bd35d9d25ea5fe52a5c622ba6e9d509185ce56117601e8ba6cb89a
- SSDEEP
  
  12288:MRBHS7FZWXxK1lnUHohctB3tv2LWzUFuyPmDFheceGXq2oK9CmnYAsOQm5eRUgj3:Mf2HyK1lnUHohctB3tv2qUjPmDpC8QjE
Score

3^/10

discovery
behavioral19 behavioral20
- Target
  
  CORE_RL_zlib_.dll
- Size
  
  68KB
- MD5
  
  9534c7bb9dd57df50c4420f52d90d0ff
- SHA1
  
  7ff46652d2f534477f5cbd11dd741f09a3cda4f8
- SHA256
  
  162bd60634dec63aba07b9815010d9424097dd6f7284178069a61f8496bc156d
- SHA512
  
  39803e4108e52c35d2f1a4ef48ae50ed0a178989e370d96fd3931a7f5e29730d1002bc1fec8d62deaa11fe4604c38903b235555974814e2c201c79868af7166a
- SSDEEP
  
  1536:6D8x+ue7B+yVh9TOW6A1vgg4kXXqHqsnToIfNIOQIOJUBXbR:H+/B+k1d4WqHqATBfHGJUBXbR
Score

3^/10

discovery
behavioral21 behavioral22
- Target
  
  glib-2.dll
- Size
  
  1.0MB
- MD5
  
  19cb46368123720cb38f2bf66c328b6e
- SHA1
  
  39a2ba50a86bc3180085450f125ba9297fea1dad
- SHA256
  
  42a86dfa0ccdb83c173bd8d88f7f78323376b30502778ab813a6f2866219414d
- SHA512
  
  2ed7da5fb74bd9fabbde85e47da4297beae6c49644f584779e879f70aba31c9b4d7d1995ac799e87e2103710edd02136dc89125854435ca98193cbc0769b706d
- SSDEEP
  
  24576:16THxdu1yyGiV2ZCrxSbpLTl4mX+fpIDeXGVmDSBX:WHzyhiMAbpLTemX+fpAVmOd
Score

3^/10

discovery
behavioral23 behavioral24
- Target
  
  gmodule-2.dll
- Size
  
  14KB
- MD5
  
  45463c3d6965ede13d7f5d2adad13ae5
- SHA1
  
  f853e280ab490f7edfed739c394747a8839279d2
- SHA256
  
  ad8ca522ef5cf3cfe7891b6010cd514910b9afcc6254b5d7cc026d9085ea1183
- SHA512
  
  67ddc4b88ca5ce1088276b01a9fd0f0a670cdecd1022fb09337cbe569b241450b2b9649373a1002251e75dc39ac4389c0f94a7bcf9c9164059b7b68139c26252
- SSDEEP
  
  384:cvi8h+s71FfY1787ooDCXot2af8mjVYmiiE7:cpR66xmKZjPi
Score

3^/10

discovery
behavioral25 behavioral26
- Target
  
  icudt56.dll
- Size
  
  23.9MB
- MD5
  
  67757a4c6c7d33f13fce4caa742d16c2
- SHA1
  
  ee1b2dc14b7b0465cac896ae1de7c9a566c90ba7
- SHA256
  
  3ba98aa7fad3af35592b4029442b45f43526d6b3273c75f3857fb28fed6b64f3
- SHA512
  
  0be3cab49217239aa901aaf44d9158c0650ea2dbaac01e7cc1850971e5e8230ca5baa734cfc1c389aeefb8ed0c7e1836be6e123a3b628702f4ad3151805a29e3
- SSDEEP
  
  393216:QKAzeR31BwiFvsiXUxew+fWhl1MUl2noOg9Wbkxy0MS/FT437T/0rPO2zj:IG3M
Score

1^/10
behavioral27 behavioral28
- Target
  
  icuin56.dll
- Size
  
  1.7MB
- MD5
  
  c6858c924ac6a177b84903743ab18636
- SHA1
  
  8c3faf779105cfc55ffc2027911aa957981e696e
- SHA256
  
  3103d78ba7b2f733058520039a9f25483fe0a39badf1759f3228b883defdb928
- SHA512
  
  89e50c56bee29ff923c071eaf929592b5d0044a30706db3f29489e653f2f1a754a0234211e933b2dbf0a0d07c244c3bda0e6b73df602669c3e6ac00a3357205c
- SSDEEP
  
  24576:5+D6OGoVLpzhXa6Jkbv6+sP0uQCtg8wUBnStKwwKOvAnH:5+D6OGoVLpv2j6pvQ9UFStKwhHH
Score

3^/10

discovery
behavioral29 behavioral30
- Target
  
  icuio56.dll
- Size
  
  41KB
- MD5
  
  320ef357ae6453dffdd5efabdf4d6dc5
- SHA1
  
  865dff4e339361c6e564f9a7a9af1283727542a9
- SHA256
  
  6f98cf147c3b695f488a1c7257644c68200783b5ab4c8e3f2a2b5319d4b4244f
- SHA512
  
  788cdc6f326ce71c5d2ed55c4db2b23b47fbf265fd5b0232a1b12510657d43333c746bfdad20cf5941c027d857075378d88bf3769bd2dd7d79f0d73662ffa29e
- SSDEEP
  
  768:1HK3+/aI/IbZjQlAP4HmkmmTtv1zb3K116O1TleBDCuVPnGxcu:1HK3zIsQlamRRKHlTleBGuVPnGx
Score

3^/10

discovery
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32