Overview

overview

7

Static

static

3

d000e4eab0...18.exe

windows7-x64

7

d000e4eab0...18.exe

windows10-2004-x64

7

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...fo.dll

windows7-x64

3

$PLUGINSDI...fo.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

$PLUGINSDIR/w7tbp.dll

windows7-x64

3

$PLUGINSDIR/w7tbp.dll

windows10-2004-x64

3

App/Notepa...d3.exe

windows7-x64

1

App/Notepa...d3.exe

windows10-2004-x64

1

App/Notepa...P3.exe

windows7-x64

3

App/Notepa...P3.exe

windows10-2004-x64

3

App/Notepa...ng.dll

windows7-x64

1

App/Notepa...ng.dll

windows10-2004-x64

1

App/Notepa...ng.dll

windows7-x64

1

App/Notepa...ng.dll

windows10-2004-x64

1

App/Notepa...ng.dll

windows7-x64

1

App/Notepa...ng.dll

windows10-2004-x64

1

App/Notepa...ng.dll

windows7-x64

1

App/Notepa...ng.dll

windows10-2004-x64

1

App/Notepa...ng.dll

windows7-x64

1

App/Notepa...ng.dll

windows10-2004-x64

1

App/Notepa...ng.dll

windows7-x64

1

App/Notepa...ng.dll

windows10-2004-x64

1

App/Notepa...ng.dll

windows7-x64

1

App/Notepa...ng.dll

windows10-2004-x64

1

App/Notepa...ng.dll

windows7-x64

1

App/Notepa...ng.dll

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    d000e4eab0b1f857205a8453da688175_JaffaCakes118

  • Size

    4.1MB

  • Sample

    240906-vcqehaxgqg

  • MD5

    d000e4eab0b1f857205a8453da688175

  • SHA1

    427aca1b9f1a947578e056411cfd3beecef349a7

  • SHA256

    64e98237c52fa6f2b5ec17852d1fb10c079c036a6a95b3318ae45578520d89e3

  • SHA512

    5dccac81d55603d0a8f3c96950c4af6b3607c05c012052de645eb682b1f559fb998a8637bf5946de833c3430713e984bb0c624757ce21f0a05a1fb5ce638a8af

  • SSDEEP

    98304:bwje2uj1ayK5VFBk7R+fa2Rs4KqmOk7K3PFgcZOFV8IS:cv/AIfRs4KvKtgw5

Score
7/10
discovery

Malware Config

Targets

    • Target

      d000e4eab0b1f857205a8453da688175_JaffaCakes118

    • Size

      4.1MB

    • MD5

      d000e4eab0b1f857205a8453da688175

    • SHA1

      427aca1b9f1a947578e056411cfd3beecef349a7

    • SHA256

      64e98237c52fa6f2b5ec17852d1fb10c079c036a6a95b3318ae45578520d89e3

    • SHA512

      5dccac81d55603d0a8f3c96950c4af6b3607c05c012052de645eb682b1f559fb998a8637bf5946de833c3430713e984bb0c624757ce21f0a05a1fb5ce638a8af

    • SSDEEP

      98304:bwje2uj1ayK5VFBk7R+fa2Rs4KqmOk7K3PFgcZOFV8IS:cv/AIfRs4KvKtgw5

    Score
    7/10
    discovery

    • Loads dropped DLL

    behavioral1behavioral2

    • Target

      $PLUGINSDIR/LangDLL.dll

    • Size

      5KB

    • MD5

      109b201717ab5ef9b5628a9f3efef36f

    • SHA1

      98db1f0cc5f110438a02015b722778af84d50ea7

    • SHA256

      20e642707ef82852bcf153254cb94b629b93ee89a8e8a03f838eef6cbb493319

    • SHA512

      174e241863294c12d0705c9d2de92f177eb8f3d91125b183d8d4899c89b9a202a4c7a81e0a541029a4e52513eee98029196a4c3b8663b479e69116347e5de5b4

    • SSDEEP

      48:S46+/+lTKYKxbWsptIpBtWZ0iV8jAWiAJCvxft2O2B8m0ofjLl:zMluPbOBtWZBV8jAWiAJCdv2CmHL

    Score
    3/10
    discovery
    behavioral3behavioral4

    • Target

      $PLUGINSDIR/MoreInfo.dll

    • Size

      7KB

    • MD5

      bd393029cc49b415b6c9aeb8a4936516

    • SHA1

      c67fd92fffd18941bed41bfd6ac4f3b04fd123df

    • SHA256

      227a4fc9408a44faa5eca608a974bd536814f97b8a4d28b4cac479727167b026

    • SHA512

      3bb8e5cf4bea7e8adaa62196e58fff9031f49fd4efa78e5bd3e4b9c4e9ba1523864567521793053595d90abec719761a5964ff3abe04b93b24d52e5ffa4c1f96

    • SSDEEP

      96:LEjAlUFPxXJugoImuaKbkBSEPTpsxKaVQ4Ad:gjAiFPxXJugoImJKQk8yxKaVVe

    Score
    3/10
    discovery
    behavioral5behavioral6

    • Target

      $PLUGINSDIR/System.dll

    • Size

      12KB

    • MD5

      8cf2ac271d7679b1d68eefc1ae0c5618

    • SHA1

      7cc1caaa747ee16dc894a600a4256f64fa65a9b8

    • SHA256

      6950991102462d84fdc0e3b0ae30c95af8c192f77ce3d78e8d54e6b22f7c09ba

    • SHA512

      ce828fb9ecd7655cc4c974f78f209d3326ba71ced60171a45a437fc3fff3bd0d69a0997adaca29265c7b5419bdea2b17f8cc8ceae1b8ce6b22b7ed9120bb5ad3

    • SSDEEP

      192:BenY0qWTlt70IAj/lQ0sEWc/wtYbBH2aDybC7y+XB9IwL:B8+Qlt70Fj/lQRY/9VjjlL

    Score
    3/10
    discovery
    behavioral7behavioral8

    • Target

      $PLUGINSDIR/nsDialogs.dll

    • Size

      9KB

    • MD5

      ec9640b70e07141febbe2cd4cc42510f

    • SHA1

      64a5e4b90e5fe62aa40e7ac9e16342ed066f0306

    • SHA256

      c5ba017732597a82f695b084d1aa7fe3b356168cc66105b9392a9c5b06be5188

    • SHA512

      47605b217313c7fe6ce3e9a65da156a2fba8d91e4ed23731d3c5e432dd048ff5c8f9ae8bb85a6a39e1eac4e1b6a22862aa72d3b1b1c8255858997cdd4db5d1fe

    • SSDEEP

      192:oRsHeylO012En8pqHtcE0PuAgkOyPIFc:sATI0d8pUP0WAgkBPIFc

    Score
    3/10
    discovery
    behavioral10behavioral9

    • Target

      $PLUGINSDIR/w7tbp.dll

    • Size

      2KB

    • MD5

      9a3031cc4cef0dba236a28eecdf0afb5

    • SHA1

      708a76aa56f77f1b0ebc62b023163c2e0426f3ac

    • SHA256

      53bb519e3293164947ac7cbd7e612f637d77a7b863e3534ba1a7e39b350d3c00

    • SHA512

      8fddde526e7d10d77e247ea80b273beae9dde1d4112806f1f5c3e6a409247d54d8a4445ab5bdd77025a434c3d1dcfdf480dac21abbdb13a308d5eb74517fab53

    Score
    3/10
    discovery
    behavioral11behavioral12

    • Target

      App/Notepad3/x64/Notepad3.exe

    • Size

      4.0MB

    • MD5

      237ff68a5e3a823622cfd8248f7ac011

    • SHA1

      9d45b6eb111c248be0396dc85e5d2cfccea584ac

    • SHA256

      97dc2355b05664402b7d600eeb48a8c99b71f48092e030319636d6b2364727e1

    • SHA512

      a37a6c4ad298ad4a8dd16c0f30161a7ada90088557871ffcbed5d69eee66191016bfd1376545f7c54d59920a51491d41b84e927cde842a48919175d2d05cbf0a

    • SSDEEP

      49152:0f9tWdgbQledmwFhuSJwoog5J8qugXOydrb3++++++z9ZijCgY4rF:fOh3vIEXtxjiZ

    Score
    1/10
    behavioral13behavioral14

    • Target

      App/Notepad3/x64/grepWinNP3.exe

    • Size

      1.6MB

    • MD5

      0e72798bee39bcef2d7ed382e30b00d8

    • SHA1

      c23c46e7bb9d5fd6ba5ee339dc2f5a081efdf263

    • SHA256

      ee3b6d283795be2c11951c59f8050e3586bcd44366e571f55246f0e74e006015

    • SHA512

      5a99bea1cfc40e615b3cb437703b001dd0d2e70cf2edbcbac6d5ed859f5bc181cbce20a0f02bcedb21948f5f44818542a97f89a779207680887d09f2a7e1df1a

    • SSDEEP

      49152:6MN+++gBhalHRacDRGydI2qkN+B2TbnrZDC:pBhazDD+dkwmC

    Score
    3/10
    behavioral15behavioral16

    • Target

      App/Notepad3/x64/lng/af-ZA/mplng.dll.mui

    • Size

      139KB

    • MD5

      6a75a4ca60e613bc34d073f4c2e8c547

    • SHA1

      f6e37f34c4cf459acc13b2d8276f9cb195e802b8

    • SHA256

      ae457a312e50c2579e4f655af5f9fa0ae18e09e019bcd5da4b79370ce728bf11

    • SHA512

      17a5deab9fe90520f556b006698042b627714589d6953dc27766b5144dd2a386f1e308ab338dc9afb4865649101cf5f6d60a98cb288d87f4ddc9734190987485

    • SSDEEP

      1536:ZBFckMLfcPnc4iRHSs43JN+2rdenEGBG9x92QD4RFJjWxf6jKy:Zo3YcDaZdennmx9nkJCxiZ

    Score
    1/10
    behavioral17behavioral18

    • Target

      App/Notepad3/x64/lng/af-ZA/np3lng.dll.mui

    • Size

      316KB

    • MD5

      e13f3a919c863c00f9aede00cf9422e1

    • SHA1

      da7bb6c4fef008a4ed04f8308616fb14444c08e6

    • SHA256

      288a51b087ab69637c704c0dd8caa7b313f15ae169cdd9fd03b1c0d42f3ba752

    • SHA512

      6ba3617bfcd1caa3bfdab4af0d9c9bb10d7e439c32f2fbcf7d4751cbc1093516438544b5c685dc64e4eb659e5c524c45dd56ba1b7fd016dd6c1e797b93d0992b

    • SSDEEP

      3072:dd9pjsyHrak16Q1qr0xBcnzEIspx8TNxR:PXpWBr2c

    Score
    1/10
    behavioral19behavioral20

    • Target

      App/Notepad3/x64/lng/be-BY/mplng.dll.mui

    • Size

      138KB

    • MD5

      bff6738cf45c166a243eff606c2905cb

    • SHA1

      d40cfe0fb7daafcdcbbea126d2d40e6b4dc08238

    • SHA256

      bd5b001f1d125befd3ee10f8c0395f728dd001402e9832bc6f4f8acf13fa73ae

    • SHA512

      94670688dd76cf8ed5453eaaaf5382e80acfe024da39ff4189714ee584249ad9458dff819e4aa185f4f1c856301f653ba35989a89b25800b79f31406641b8d64

    • SSDEEP

      1536:jBFckMLfcPnc4iRHSs43JN+2rdenEGBG9x92QD4RFJjWxf651:jo3YcDaZdennmx9nkJCxiH

    Score
    1/10
    behavioral21behavioral22

    • Target

      App/Notepad3/x64/lng/be-BY/np3lng.dll.mui

    • Size

      317KB

    • MD5

      d7e4a732a5e938e5d5d5773111e42c28

    • SHA1

      1e9fd0fdb8118b0fafb7e23c53b3b8c919d0477e

    • SHA256

      cd39ec2d3465e53bca5395912ac05cfee4e44744d711a20818090261fe2dfedb

    • SHA512

      9b0bec68a943b5168b9cc4f1f6e2237576d47227d4ba40e26cf368c370f14935f4e55e17384e9a4f78eef0d42cd79ad030a052ce3fa36fadcd6849fad1fdb245

    • SSDEEP

      1536:FzukJKI99Sc9J9bwynXXrazo1FOhQ1YTgqqF4+4FrzElUxufi84gxTcFx:Z9pjsyHrak16Q1qtFt8dhy

    Score
    1/10
    behavioral23behavioral24

    • Target

      App/Notepad3/x64/lng/de-DE/mplng.dll.mui

    • Size

      140KB

    • MD5

      04e5883713ac527a1d50499cdd18dfc8

    • SHA1

      1b41ba0e3e4f2e71f0168f47dc411c11d4d67c99

    • SHA256

      53c4e8e50bbcfda2be71d3f61c4876e8e39d4906c386653411501698e7a6141c

    • SHA512

      32938536c5f4455dd245422b61c5b6c2c05fd0b1d7862050532acfa53187c9e233ad5d95b9f237efb8e3c5a852d1a48baee7a62c11ca9b67ea700b217f19673d

    • SSDEEP

      1536:fBFckMLfcPnc4iRHSs43JN+2rdenEGBG9x92QD4RFJjWxf6a3/Y6ZmAF:fo3YcDaZdennmx9nkJCxia3/Y6ZmAF

    Score
    1/10
    behavioral25behavioral26

    • Target

      App/Notepad3/x64/lng/de-DE/np3lng.dll.mui

    • Size

      320KB

    • MD5

      78925dfbe7860ebc6d8cc61715036f16

    • SHA1

      4a67ce7a7be682bc8d80f8683efeda97745166a4

    • SHA256

      8e93fdb4337935604bb49a22986b573b61ffbe2df79795d2057f8e77b8f1f068

    • SHA512

      e8fb8f8780a57bc4cf759035aa3028b6939f94d287095de3f214c2effb41e57f454b6cf83fd62700bcd35e0c47b5844a0533d06e2231602b90cbae0326ade56f

    • SSDEEP

      3072:49pjsyHrak16Q1qtllt2+eoqZ9rqRR++2d4f4G3FPWeRTLFyx1+HrKS6cOktGgPd:4XpWBlLL

    Score
    1/10
    behavioral27behavioral28

    • Target

      App/Notepad3/x64/lng/en-GB/mplng.dll.mui

    • Size

      138KB

    • MD5

      fc60154f09b52f53b6e7bd125efc910e

    • SHA1

      c42a5886545fc3dd62f8a29acb24e83824d6889b

    • SHA256

      d4970978a4eb3f43283f266b674fa8d9a31646bfd7caa053179eadbbc59a65a3

    • SHA512

      48abd236a64d1d4436dc2f67917d1e4cada38660e80e84447e902ab2ff4907eb83a9ad621f9b1f61c243bdc7cdbfd791209107a7f7171d3f16f7b2f409935cd0

    • SSDEEP

      1536:gBFckMLfcPnc4iRHSs43JN+2rdenEGBG9x92QD4RFJjWxf6IZikgebK:go3YcDaZdennmx9nkJCxi7kgebK

    Score
    1/10
    behavioral29behavioral30

    • Target

      App/Notepad3/x64/lng/en-GB/np3lng.dll.mui

    • Size

      313KB

    • MD5

      b7b88ce07288a6ff5c0dc49ca9a87bb4

    • SHA1

      3a9e2d2399103586a6f2e6ea170289d6164c1e46

    • SHA256

      8829fc05c51e2a7d87dc0b0052db1131927dbb506ad2f8cf3bf5ca7ee8ac3181

    • SHA512

      8fdf110daa0cbb0132099413bbef9c6f8c783dac8a4485606496bac5ae55eff3ccfd2bb50240077cee1c1658df00af6a256b264ebd02f45bf4225438c6606926

    • SSDEEP

      3072:d9pjsyHrak16Q1qlLPdBd6DqU1zD2r9OoXqSyQVj824/80L0T6zPWh1:dXpWBddj81oUIj

    Score
    1/10
    behavioral31behavioral32

MITRE ATT&CK Enterprise v15

Tasks

static1

Score
3/10

behavioral1

discovery
Score
7/10

behavioral2

discovery
Score
7/10

behavioral3

discovery
Score
3/10

behavioral4

discovery
Score
3/10

behavioral5

discovery
Score
3/10

behavioral6

discovery
Score
3/10

behavioral7

discovery
Score
3/10

behavioral8

discovery
Score
3/10

behavioral9

discovery
Score
3/10

behavioral10

discovery
Score
3/10

behavioral11

discovery
Score
3/10

behavioral12

discovery
Score
3/10

behavioral13

Score
1/10

behavioral14

Score
1/10

behavioral15

Score
3/10

behavioral16

Score
3/10

behavioral17

Score
1/10

behavioral18

Score
1/10

behavioral19

Score
1/10

behavioral20

Score
1/10

behavioral21

Score
1/10

behavioral22

Score
1/10

behavioral23

Score
1/10

behavioral24

Score
1/10

behavioral25

Score
1/10

behavioral26

Score
1/10

behavioral27

Score
1/10

behavioral28

Score
1/10

behavioral29

Score
1/10

behavioral30

Score
1/10

behavioral31

Score
1/10

behavioral32

Score
1/10