25163fdcf3c723cf4c8b987cc02bda9883d3227d528591ce6e4b8bd3576d06d6 | Triage

Sharing

General

Target

c80c434258edf6baf7d47ba1aa68264d_JaffaCakes118
Size

1.3MB
Sample

240829-clkaqszgnq
MD5

c80c434258edf6baf7d47ba1aa68264d
SHA1

d12bb02ca4cfd242650cc87dbd58f074347fcb85
SHA256

25163fdcf3c723cf4c8b987cc02bda9883d3227d528591ce6e4b8bd3576d06d6
SHA512

d041ce8f453f94eb8923b3b38033875cb968e77cf2a301b4bf7832920426d07288db58bf5392bc8d12f4c0c877f2b8877bd888d66508dec34e876f2dccf9f233
SSDEEP

24576:t073xJ3Ge8ME1668ZKb7BIZGqp6O8J0KUqRLEzCxU5sX0IN5hiBxx+6:tGZVE1CKb22z6KU2U5S0OhiP9

Score

7^/10

discovery upx

Malware Config

Targets

- Target
  
  ezmsetup.exe
- Size
  
  1.4MB
- MD5
  
  81d0ef502e45826a03b689201d6e9c90
- SHA1
  
  591cd20947aad97c34ad277d744e2708ea3cb1a4
- SHA256
  
  d492da1c5b6d451174de346d8f21edc23fbce3d37d0174b236697d9053451abe
- SHA512
  
  e77fd0e40678c8ddd3384c59be2300cf94b45842a1354d0fb0661ba4545d6e7655538e173b58f53ab44757651454bb100fd949adb3b5449b3506a2b57b4f4c35
- SSDEEP
  
  24576:UC99h7sFCGEBKBS3tqi5psq1zKzTqXOjJUZOiRTcTAfZKNhT+L0/AEO6YUqE:UCBskpUkpsq1KzTriRQzNhVL1j
Score

7^/10

discovery
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  12KB
- MD5
  
  f407939127208a009b9a825cb77ed3c7
- SHA1
  
  051d7fccf3fb544acaa8ab6be590bb4bc79cef82
- SHA256
  
  191fab998e58b66a2416873b06062166b547eb3ba06b1326a4a785a566aaf76d
- SHA512
  
  d45d08823ac7667f071b21d238b7fda43115db3195a442cb17d880d147e8a930374403c970afc31f676f01a83fb9c63e3be047de7e16718a08a1fdbe4b690901
- SSDEEP
  
  192:hzixixDOHhG9db9rd+oSVPECMlh3I8tqDyn/7hwbbHF1QuCb:hOx0DOHqrdwTY6+n/72bbMum
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/StartMenu.dll
- Size
  
  6KB
- MD5
  
  740bd475a180892e4cb98acc14cd360b
- SHA1
  
  f71ea3c855d3a0f96c3dd1a2776d21fa273833c6
- SHA256
  
  adf51f6f088f3bed7d88350cc77812d9c19a575ec0d477bbe6d744dd9cea06cc
- SHA512
  
  b8a51cd72acfdc3e589f5baa941537d4e51cfb6f73572f228651208aa89bcfd737beb7a8675e235fd0327a19516dbcd393fb8e6c5faee5a879cca28f46da840b
- SSDEEP
  
  96:mLJdRZk8OkmE+WHw0FMXF6CWhFxKpKsWQhEfP0:mLjPk8OT30FFAzCP0
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  ezmp3c.chm
- Size
  
  24KB
- MD5
  
  ef63777091aa2f90e0d45004dbb9f4a6
- SHA1
  
  5e20b4aa3a0698720154684f001b2b98886bd672
- SHA256
  
  6159b2ad77cf7671ca38fec92714806023717dd9c2496ab32f4de101cb110ae8
- SHA512
  
  c9da5be39e809930c4d10fa4e274b373a49398d5b5da8cc57c4102fd91b2e71bcafbfd76842af38e6f892b5afbf8d8be229ed16f10df92700e483ea2e730fcdb
- SSDEEP
  
  384:kDzugNExsO9RuzGd7IBaxsFQuqpqVJzk+R1zzE3d:kDzuBsg/dcasFQu3fed
Score

1^/10
behavioral7 behavioral8
- Target
  
  ezmp3c.exe
- Size
  
  309KB
- MD5
  
  aa48b11cc56b1126f652276ad8463b33
- SHA1
  
  3fbe2cc6ec9a3d70d4596c4c52dd4aefc7727a4a
- SHA256
  
  017629911a4fedbfaaa599256718e15d95ee1f380e05dbbc7f49d07845fea265
- SHA512
  
  89a30f283e52b5989da0764b5708a0ef2657c86afb6e4557170f58051b8c45903aa610fc0c1ebe91ca2731e41771989902acf6615526787ec428c63eef3a5d21
- SSDEEP
  
  6144:agc5l8qNyA02H+ZxdSyAdUkwJSNnVWs7IeGkg3sEHmDkaYb:Q5XGoExEysU7WVWs70kghHhb
Score

7^/10

discovery upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral10 behavioral9

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10