167e69ad30fc65bd1f671655bb9d7b65f4576d6ac250424c27d0cb0be623d1a1 | Triage

Sharing

General

Target

d04c9364de03fff6580f04865c7206f7_JaffaCakes118
Size

4.9MB
Sample

240906-x5ql3sthrh
MD5

d04c9364de03fff6580f04865c7206f7
SHA1

4e0945402533a9ce95c1aaf4626805623180c31c
SHA256

167e69ad30fc65bd1f671655bb9d7b65f4576d6ac250424c27d0cb0be623d1a1
SHA512

018e7f487d880726af88d8babfa26eabba3e8f012c73c3ab835e5339ae373d681458bbbc9fdc9d73401f08dda51b741a0e461e8da7f49eb74f82eadbb68d800e
SSDEEP

98304:/VMyTpUxdICi112FZLLhIScRnOp+ONsizbKTW8rfXaq:/V/9Ie31C5IJcp/NnyKq

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  d04c9364de03fff6580f04865c7206f7_JaffaCakes118
- Size
  
  4.9MB
- MD5
  
  d04c9364de03fff6580f04865c7206f7
- SHA1
  
  4e0945402533a9ce95c1aaf4626805623180c31c
- SHA256
  
  167e69ad30fc65bd1f671655bb9d7b65f4576d6ac250424c27d0cb0be623d1a1
- SHA512
  
  018e7f487d880726af88d8babfa26eabba3e8f012c73c3ab835e5339ae373d681458bbbc9fdc9d73401f08dda51b741a0e461e8da7f49eb74f82eadbb68d800e
- SSDEEP
  
  98304:/VMyTpUxdICi112FZLLhIScRnOp+ONsizbKTW8rfXaq:/V/9Ie31C5IJcp/NnyKq
Score

7^/10

discovery
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/BgImage.dll
- Size
  
  7KB
- MD5
  
  a3f29d638d38fa62fbc099353631c25e
- SHA1
  
  30fd4b815b925e1cf94015bc1e0a8f1101660e0b
- SHA256
  
  0ccabc3733a75c5b7e0d2b6dd9fd2ba5712dbce823424187d89b719d830ae570
- SHA512
  
  ca4dda8368b01b356a9f1ddf190b31a07547bb4e04ec08d13beaaf919b6b97ecfb343d559a7b714bcbd64848eaefb81f01c6dbdd5e1058e25305727bff969170
- SSDEEP
  
  96:4uJQGDD6lKsLcLGRpHZwlkxYWaSsZL5JRjn1zDUsc:4umGDD6BgLGR4ZLjl1Usc
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  12KB
- MD5
  
  3c19f79ce11facc2fc4d3351dbb263e0
- SHA1
  
  17f4bf4b18ea7700f70ac7d825dc997be0d25f71
- SHA256
  
  cfaba712ad640ce2b4890005ffcf03ed9e2a18a6cf9075295f3aaea1478896b9
- SHA512
  
  05c9ac861e4fed610171fcb5fad40abc30cbf90e9c7cb13c758f52cdff568af0fdd6af968db4fb143a748c77f21c353c7cffea28cbcbd2ad17157038ab490273
- SSDEEP
  
  192:Aq6dnSzJb/WHM9Vm8/FlW8pMFEi49xpkpIURnPehwbbHF1Quhcb:L6dnYbuH+3FlcmzWnW2bbMuO
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  10KB
- MD5
  
  725145e8caa39635cab9899c47c72eda
- SHA1
  
  30478c907551bd920bf359638b091fc5c10b5a53
- SHA256
  
  1759e4f7777fb8c9ed356a7d4dc237a90e0760061685d44ea02d40ca9e359ceb
- SHA512
  
  de31286ea10321f762a3b6e7c6c82177d5b6f45a82adc936fcbbc23105708cbbbec903ba94ba94e7723e80f1828393e5395ef575b37136b19de7535e74e24547
- SSDEEP
  
  192:lOSsJI/rqmIDNLU0dq51EgAiNbubv6pLZ:jHQQ0d01Egbq76p
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/UserInfo.dll
- Size
  
  4KB
- MD5
  
  1178db8f35343834993d79887aa12350
- SHA1
  
  dab6309d66b84b6656c12c83aa8506f1c10b5e09
- SHA256
  
  6f64f1311a633ce83abd6f9e08dea53ba8836fb7239f889a7a74e80d70f48b87
- SHA512
  
  45196d63701037bcf55e0801f6d027844037cc799dbc847be579a04db0bb522e4c7c85b89a7ad15a5b0cf4d7d9d306fa3a36515bc554dde9cf1e82fbff0ad24d
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  $PLUGINSDIR/cpudesc.dll
- Size
  
  4KB
- MD5
  
  d25102051b33f61c9f7fb564a4556219
- SHA1
  
  c683964c11d5175171bd009cb08f87592c923f85
- SHA256
  
  e58e5d1d8da2ea526d0d754b4faad3773021166b0720723efb7b30f1f5075398
- SHA512
  
  8828eec31926251d7e51b5bf1050c3519c9b7fca4f978fb6ee0bf18f9642c3460687f10ff79e5892100ecadbf49725711567c348e1dfccb3644bd9ef992a92f0
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  $PLUGINSDIR/nsExec.dll
- Size
  
  6KB
- MD5
  
  05d80bc376fef439fb7d2dbb004aa662
- SHA1
  
  e83904b91cee7a9b93ed84591bdcf2bb700edd88
- SHA256
  
  c49f3d805e87f6df15dc0410770dcec4df09f73b20f6d88b44f55223da64c96c
- SHA512
  
  87b9e1ee7382654d3568dd0a0e59d3f2175372358b4f815e4f42657b79fd3f852203cdf26a73606f1b5d4ec9daa3d4d61952eaf494cf9bb00036741ac6b3fac8
- SSDEEP
  
  96:hVIu5NEOmRR1ucf+8eZetJfHhe3QY2Y2yYjs01HyJ:hCwmn1u8+8eZAfHuQyYjs6S
Score

3^/10

discovery
behavioral13 behavioral14
- Target
  
  $PLUGINSDIR/nsisdt.dll
- Size
  
  5KB
- MD5
  
  df4795dfabe3bc9278a73d496cc4b40d
- SHA1
  
  2648ded47e29ecf3e1a1cc20c631e83caf566897
- SHA256
  
  2261027077f23c8dba6b72af28862832aaa059740d0f5634b46cabb14326dd10
- SHA512
  
  013d9712c3d699a7f41ab3e55931c9abb421fb2eda3542da5a4831ad2f073a1b0643120cc78147db0bfcd01df98ade3045ecb2f1e252fff1dc40be845e5ae303
- SSDEEP
  
  24:etGSyYi61xyMmuEwv61OVXOwr+t5blXgO8ELnD3TPrHjf7Xz5CY1aeBEW58q6TvK:6y2xyNuEwWwU5blmPeB958xTvT7L/
Score

3^/10

discovery
behavioral15 behavioral16
- Target
  
  7za.exe
- Size
  
  460KB
- MD5
  
  632f81520aeef635c2e86a7ebd032131
- SHA1
  
  fdc663954b7926f90f0626801c3eb821f91d9e42
- SHA256
  
  dfa9dc10c2e18009cba21d219ff6792b908b5a3c0946bac162265b461c02d6be
- SHA512
  
  b30abe7f17561da6083f00791b5d1f0607fbc030c5dc496c1cdd1271bf1036c74f778cc7d29fd93d70ca5e149988b8e87b63e9f6fdc68440179495dce4c36007
- SSDEEP
  
  6144:i5z1Yp9CdfvG0gTwg+HYEO02xesfrpCO/VHo1Q1k4dFuZE7HvcjlZdi3718:i3eFqHG0fAPdFuZE6lj
Score

3^/10

discovery
behavioral17 behavioral18
- Target
  
  Uninstall.exe
- Size
  
  87KB
- MD5
  
  8df58f296e0b1a3d0e69fd804ef44c81
- SHA1
  
  ee37897fb20df46e6a9aba42976edab2dcd1a6b3
- SHA256
  
  727efe8953380a29b8837878bcb6a6e18c9702810914032808bc1d59f65c090d
- SHA512
  
  0e65753417725a785c5d591fa4eec797f9ca6b1f55d0d8f9103ed4bdc5e33f0a34246cd025708f550f018958b0a40d70093b5b64aa566082b6e4ff624eab049e
- SSDEEP
  
  1536:Tspe3RDckBV0DdkJOHR83d0cpdXwyNLIAW35pSkeVS9XaxIdPa6:Ta1DdkJoR85pdXnLIA8p3eVS9XT
Score

7^/10

discovery
- Executes dropped EXE
- Loads dropped DLL
behavioral19 behavioral20
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  12KB
- MD5
  
  3c19f79ce11facc2fc4d3351dbb263e0
- SHA1
  
  17f4bf4b18ea7700f70ac7d825dc997be0d25f71
- SHA256
  
  cfaba712ad640ce2b4890005ffcf03ed9e2a18a6cf9075295f3aaea1478896b9
- SHA512
  
  05c9ac861e4fed610171fcb5fad40abc30cbf90e9c7cb13c758f52cdff568af0fdd6af968db4fb143a748c77f21c353c7cffea28cbcbd2ad17157038ab490273
- SSDEEP
  
  192:Aq6dnSzJb/WHM9Vm8/FlW8pMFEi49xpkpIURnPehwbbHF1Quhcb:L6dnYbuH+3FlcmzWnW2bbMuO
Score

3^/10

discovery
behavioral21 behavioral22
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  10KB
- MD5
  
  725145e8caa39635cab9899c47c72eda
- SHA1
  
  30478c907551bd920bf359638b091fc5c10b5a53
- SHA256
  
  1759e4f7777fb8c9ed356a7d4dc237a90e0760061685d44ea02d40ca9e359ceb
- SHA512
  
  de31286ea10321f762a3b6e7c6c82177d5b6f45a82adc936fcbbc23105708cbbbec903ba94ba94e7723e80f1828393e5395ef575b37136b19de7535e74e24547
- SSDEEP
  
  192:lOSsJI/rqmIDNLU0dq51EgAiNbubv6pLZ:jHQQ0d01Egbq76p
Score

3^/10

discovery
behavioral23 behavioral24
- Target
  
  $PLUGINSDIR/nsisdt.dll
- Size
  
  5KB
- MD5
  
  df4795dfabe3bc9278a73d496cc4b40d
- SHA1
  
  2648ded47e29ecf3e1a1cc20c631e83caf566897
- SHA256
  
  2261027077f23c8dba6b72af28862832aaa059740d0f5634b46cabb14326dd10
- SHA512
  
  013d9712c3d699a7f41ab3e55931c9abb421fb2eda3542da5a4831ad2f073a1b0643120cc78147db0bfcd01df98ade3045ecb2f1e252fff1dc40be845e5ae303
- SSDEEP
  
  24:etGSyYi61xyMmuEwv61OVXOwr+t5blXgO8ELnD3TPrHjf7Xz5CY1aeBEW58q6TvK:6y2xyNuEwWwU5blmPeB958xTvT7L/
Score

3^/10

discovery
behavioral25 behavioral26
- Target
  
  WackyBirdHunter.exe
- Size
  
  4.6MB
- MD5
  
  8e3b1281bc806c281fc19c16150fc636
- SHA1
  
  3f40dc0bd951dc01a57fed47308884b42e707804
- SHA256
  
  04a39bb1801482b3d212b39c95f1d5cb43b08029d9d4132dc33d3c3172972ff9
- SHA512
  
  b86dd4452497ed690a1cfe4d6042badb5485534703306d2b83602fe19e4162300599122e87599b0cea75bf90863ec041268b9b9e0bbe0b9d85f591b280d4be4d
- SSDEEP
  
  98304:YlXyRqNP2kI1ueAGxhd6hMR3iLzRYzQiXx7sOwgJl:KCIBc1iCdCS3EzYxwE
Score

3^/10

discovery
behavioral27 behavioral28
- Target
  
  aminstall.dll
- Size
  
  76KB
- MD5
  
  1355477b5c55c14e7e9afbcd85b9f90c
- SHA1
  
  ec698ea604194fe4c4563d289f176ebbee84188e
- SHA256
  
  70275894c9fa5286b344add663882434216caf45b101584e6755ca297e1b2a22
- SHA512
  
  f3b37e5b099485f7fa9575408f81710f49c9309aa02c6ddd4ac2afdc9942d2c321f187be64cd00a1f883e45af4b6bbd3c1d5145abe939e81c1282d5c1eaa9776
- SSDEEP
  
  768:1NV5rhiqaZ1V7V5yytiCLqmfTKeqvi8NT7jypjGZ1wZgH1Y10BlnkE52zGnApuxQ:1f5hgVXyy1luTXyVMwW1NkEQGnAp1cm
Score

3^/10

discovery
behavioral29 behavioral30
- Target
  
  Readme.rtf
- Size
  
  4KB
- MD5
  
  f48b1c6feb2a69b3bc567c79999a5862
- SHA1
  
  7d9c9b8296f3fee40151228f302a5c9c82a8ad15
- SHA256
  
  be9d95460a750f3ad4a5e75b4122868cdea2ea65cd2f42141b217bcc546e8281
- SHA512
  
  9b32cc9b60f32c23f08857299d653f46fe1b6b06e425006550ea42f76a0753b5fe17cf31f6de2d27d03c961a48512d698717c88fb437d479d9b560d704d7d7de
- SSDEEP
  
  48:fR3c6uCUdaSd5olWzWBtcqAddAo+7dvSzVAU6ZzEHiieH2do0fHYwZjJ0oUr4frn:fRktdpeE9/YbsDFm/exmw0m6nblAMs
Score

4^/10

discovery
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32