61a433daaaa4698cf96d4a78237d99556a3a7d22091f833f850f184b7bcea78a

Sharing

Copy URL

Twitter E-mail

General

Target

d303b0321e658aab9c8594d4a9a47e30_JaffaCakes118
Size

683KB
Sample

240907-2166gszgkr
MD5

d303b0321e658aab9c8594d4a9a47e30
SHA1

1d12fee4b6791451d2368155998c9229678f0741
SHA256

61a433daaaa4698cf96d4a78237d99556a3a7d22091f833f850f184b7bcea78a
SHA512

a32f2faa21cc76bb2ab77e2e82cb10294c185cdca013cc77ad6ee394d86ae01f1fc531fc7888bb10dcf52ee90f9d4b9ca934cf0b6ea495909bd30b580c3fd08b
SSDEEP

12288:G5TtW0xVQASIn+taO5cxJNSOZlInsF338u9+a7ZBpdNO/6JWrVJ:G5E0xCdIn+taO5cxPSOTwW3sNCcrVJ

Score

9^/10

Malware Config

Targets

- Target
  
  d303b0321e658aab9c8594d4a9a47e30_JaffaCakes118
- Size
  
  683KB
- MD5
  
  d303b0321e658aab9c8594d4a9a47e30
- SHA1
  
  1d12fee4b6791451d2368155998c9229678f0741
- SHA256
  
  61a433daaaa4698cf96d4a78237d99556a3a7d22091f833f850f184b7bcea78a
- SHA512
  
  a32f2faa21cc76bb2ab77e2e82cb10294c185cdca013cc77ad6ee394d86ae01f1fc531fc7888bb10dcf52ee90f9d4b9ca934cf0b6ea495909bd30b580c3fd08b
- SSDEEP
  
  12288:G5TtW0xVQASIn+taO5cxJNSOZlInsF338u9+a7ZBpdNO/6JWrVJ:G5E0xCdIn+taO5cxPSOTwW3sNCcrVJ
Score

9^/10

adware credential_access discovery persistence spyware stealer upx
- Credentials from Password Stores: Credentials from Web Browsers
  Malicious Access or copy of Web Browser Credential store.
  credential_access stealer
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Adds Run key to start application
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/CheckInstalledKB_15-02-17_3_1.dll
- Size
  
  78KB
- MD5
  
  d2098d2c2d7d35c0d3c396ef6206b867
- SHA1
  
  10d7bcdf07c9b3fb784dc0d6a6983d6846422e9d
- SHA256
  
  92d2e4031540c2db9938f257e4c25fd61f3d8fce9397a6a7a83a6604a40c0c8c
- SHA512
  
  61a2b45382feaae5ac75f2a9a250d2c2098918c2f89f53eb0ecfedcb63f7db87b72d27ab3c3602e62f6ec7a8bddce287cd49fa74688eeb6387ca4cbdc796436f
- SSDEEP
  
  1536:qbTMRUnE8Yc506eYYh20inHOVxcoG5iX7UXqI:6dnElcu6eRdVxTG5g7aq
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/CheckInstalledKB_15-02-17_3_2.dll
- Size
  
  78KB
- MD5
  
  d2098d2c2d7d35c0d3c396ef6206b867
- SHA1
  
  10d7bcdf07c9b3fb784dc0d6a6983d6846422e9d
- SHA256
  
  92d2e4031540c2db9938f257e4c25fd61f3d8fce9397a6a7a83a6604a40c0c8c
- SHA512
  
  61a2b45382feaae5ac75f2a9a250d2c2098918c2f89f53eb0ecfedcb63f7db87b72d27ab3c3602e62f6ec7a8bddce287cd49fa74688eeb6387ca4cbdc796436f
- SSDEEP
  
  1536:qbTMRUnE8Yc506eYYh20inHOVxcoG5iX7UXqI:6dnElcu6eRdVxTG5g7aq
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/Processes_2015_02_11_2_1.dll
- Size
  
  56KB
- MD5
  
  0dc4361cc10bf4609baae53cca018a58
- SHA1
  
  b69e3ddb534f4ad10b6a532c9125b372ac73abc9
- SHA256
  
  d8d618d75d0c01c39bfc0827d1414c2aeed299cf541d3387322d0fd91bfd06a7
- SHA512
  
  1745d39ebcdb898fa752e2015356131e53bc064e79dad04c9b2917aa237088110291d8ca813e67ea71aa6c03614194a9c52285bfe7f18abe5c8b862b8520c293
- SSDEEP
  
  1536:J0wO3mVw8a7HzpyHrHhQl27ssSsVK5bamG:f6UimSsVK5mf
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/Processes_2015_02_11_2_2.dll
- Size
  
  56KB
- MD5
  
  0dc4361cc10bf4609baae53cca018a58
- SHA1
  
  b69e3ddb534f4ad10b6a532c9125b372ac73abc9
- SHA256
  
  d8d618d75d0c01c39bfc0827d1414c2aeed299cf541d3387322d0fd91bfd06a7
- SHA512
  
  1745d39ebcdb898fa752e2015356131e53bc064e79dad04c9b2917aa237088110291d8ca813e67ea71aa6c03614194a9c52285bfe7f18abe5c8b862b8520c293
- SSDEEP
  
  1536:J0wO3mVw8a7HzpyHrHhQl27ssSsVK5bamG:f6UimSsVK5mf
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  11KB
- MD5
  
  b56556a129ab99dee768c15dd7fcfa2a
- SHA1
  
  3bacd77144ee06732fc0e595c7f1635382c9b6ba
- SHA256
  
  72830b70d5758a90713b4f0f5c7138a4fe5b78a82a25ede01d6adb5e55e96798
- SHA512
  
  8b5899f8c14bb2b5de0cc6e6a8b2bdfe6f6161f4cc80c9f01fa49155f3ac72022d3a27ec7a7cc0dff7b699974df688cff1cdc61496d04f21119c9a7b06e41511
- SSDEEP
  
  192:2muTUV6D5KgWuDGY/nV2kU1ZH460axh+aJNPtHx3JyVt8SRx9Lo:2/HYglP/nVCFvAMXRw
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  $PLUGINSDIR/System_1.dll
- Size
  
  11KB
- MD5
  
  2ae993a2ffec0c137eb51c8832691bcb
- SHA1
  
  98e0b37b7c14890f8a599f35678af5e9435906e1
- SHA256
  
  681382f3134de5c6272a49dd13651c8c201b89c247b471191496e7335702fa59
- SHA512
  
  2501371eb09c01746119305ba080f3b8c41e64535ff09cee4f51322530366d0bd5322ea5290a466356598027e6cda8ab360caef62dcaf560d630742e2dd9bcd9
- SSDEEP
  
  192:vPtkumJX7zB22kGwfy0mtVgkCPOsE1un:k702k5qpdsEQn
Score

3^/10

discovery
behavioral13 behavioral14
- Target
  
  $PLUGINSDIR/System_2.dll
- Size
  
  11KB
- MD5
  
  2ae993a2ffec0c137eb51c8832691bcb
- SHA1
  
  98e0b37b7c14890f8a599f35678af5e9435906e1
- SHA256
  
  681382f3134de5c6272a49dd13651c8c201b89c247b471191496e7335702fa59
- SHA512
  
  2501371eb09c01746119305ba080f3b8c41e64535ff09cee4f51322530366d0bd5322ea5290a466356598027e6cda8ab360caef62dcaf560d630742e2dd9bcd9
- SSDEEP
  
  192:vPtkumJX7zB22kGwfy0mtVgkCPOsE1un:k702k5qpdsEQn
Score

3^/10

discovery
behavioral15 behavioral16
- Target
  
  $PLUGINSDIR/UAC.dll
- Size
  
  14KB
- MD5
  
  4814167aa1c7ec892e84907094646faa
- SHA1
  
  a57a5ecbdfa9a8777a3c587f1acb02b783afc5ee
- SHA256
  
  32dd7269abf5a0e5db888e307d9df313e87cef4f1b597965a9d8e00934658822
- SHA512
  
  fb1f35e393997ecd2301f371892b59574ee6b666095c3a435336160481f6ef7ed5635c90ce5d2cf88e5ef4a5affb46cb841b7d17e7981bd6e998531193f5d067
- SSDEEP
  
  384:3A7q72y8XYDSDJe7H+KXKKK2KRKuKZrjVo787foI7:3sygyraXjQ7Zl99
Score

3^/10

discovery
behavioral17 behavioral18
- Target
  
  $PLUGINSDIR/UserInfo_1.dll
- Size
  
  4KB
- MD5
  
  d1e37112390e6bcca8362788d61becf5
- SHA1
  
  d97888f0f69d34de202e7c68b8ff5b2c2fec4c5f
- SHA256
  
  77b40d42606d48f817b901f1e5abea114b4288b344b8c193bf3e3c52e469a926
- SHA512
  
  04121e5241ad14890095a6cf5e698979820fa97d911918b9b77f2064a713e20f4827f72c057d5da1789bc340d63f391872fe5dfbb79e6c33d3995f82c37fa51f
Score

3^/10

discovery
behavioral19 behavioral20
- Target
  
  $PLUGINSDIR/UserMgr_2.dll
- Size
  
  55KB
- MD5
  
  74813d238f84d5c0f5328bd7ba79537a
- SHA1
  
  5aeecd94f0902bad1572fd2cceada9ad44af6725
- SHA256
  
  54a9ab4ac127d950ad293a71f5a496af3ab09b70aa73839fd0f1c9cbaf35f70e
- SHA512
  
  ac7fb85c6375bc3e0e76b535550b604cbad31e69696030314f34e41d3bb5c04411ec826c89885c30556649961d45061f501db6a37a23bb419e4f1e7cea34deff
- SSDEEP
  
  768:WThBSJtwQegACHpCygw5eKeK/B/viiTRvTkujLWf2UEHzDSZA7yM5jt/BJE4lW:aSCQeLCHpCyNV9ZTRbkuOQzyMVt/blW
Score

3^/10

discovery
behavioral21 behavioral22
- Target
  
  $PLUGINSDIR/inetc_17-05-09_1.dll
- Size
  
  35KB
- MD5
  
  51843d1334d3d9e751622541bbc76131
- SHA1
  
  a900d1d1ce76187ebc5b743c08de7f77a6a2ce7e
- SHA256
  
  af1bc66bcf117b5ba88ed3be3676928eb527c98c50156405ddebe73db1f26e82
- SHA512
  
  db2326f56811efb67b2c1a7855a2fdf4145bdacaa1cc3bdadfc586eba4b39eaef4ea95ea4e67fe0d3659dc37ce74da7f18479b016bfa4b602649ef5b61f90a6d
- SSDEEP
  
  384:30iWwxLQMUUwnbwG1pIXzLGfnEtVrr9LbQ0Ac9khYLMkIX0+Gk0d4yekRdX+:3VWsQMNw/1iXnGfnEvIWX
Score

3^/10

discovery
behavioral23 behavioral24
- Target
  
  $PLUGINSDIR/inetc_17-05-09_2.dll
- Size
  
  35KB
- MD5
  
  51843d1334d3d9e751622541bbc76131
- SHA1
  
  a900d1d1ce76187ebc5b743c08de7f77a6a2ce7e
- SHA256
  
  af1bc66bcf117b5ba88ed3be3676928eb527c98c50156405ddebe73db1f26e82
- SHA512
  
  db2326f56811efb67b2c1a7855a2fdf4145bdacaa1cc3bdadfc586eba4b39eaef4ea95ea4e67fe0d3659dc37ce74da7f18479b016bfa4b602649ef5b61f90a6d
- SSDEEP
  
  384:30iWwxLQMUUwnbwG1pIXzLGfnEtVrr9LbQ0Ac9khYLMkIX0+Gk0d4yekRdX+:3VWsQMNw/1iXnGfnEvIWX
Score

3^/10

discovery
behavioral25 behavioral26
- Target
  
  $PLUGINSDIR/inetc_17-05-09_3.dll
- Size
  
  35KB
- MD5
  
  51843d1334d3d9e751622541bbc76131
- SHA1
  
  a900d1d1ce76187ebc5b743c08de7f77a6a2ce7e
- SHA256
  
  af1bc66bcf117b5ba88ed3be3676928eb527c98c50156405ddebe73db1f26e82
- SHA512
  
  db2326f56811efb67b2c1a7855a2fdf4145bdacaa1cc3bdadfc586eba4b39eaef4ea95ea4e67fe0d3659dc37ce74da7f18479b016bfa4b602649ef5b61f90a6d
- SSDEEP
  
  384:30iWwxLQMUUwnbwG1pIXzLGfnEtVrr9LbQ0Ac9khYLMkIX0+Gk0d4yekRdX+:3VWsQMNw/1iXnGfnEvIWX
Score

3^/10

discovery
behavioral27 behavioral28
- Target
  
  $PLUGINSDIR/inetc_17-05-09_4.dll
- Size
  
  35KB
- MD5
  
  51843d1334d3d9e751622541bbc76131
- SHA1
  
  a900d1d1ce76187ebc5b743c08de7f77a6a2ce7e
- SHA256
  
  af1bc66bcf117b5ba88ed3be3676928eb527c98c50156405ddebe73db1f26e82
- SHA512
  
  db2326f56811efb67b2c1a7855a2fdf4145bdacaa1cc3bdadfc586eba4b39eaef4ea95ea4e67fe0d3659dc37ce74da7f18479b016bfa4b602649ef5b61f90a6d
- SSDEEP
  
  384:30iWwxLQMUUwnbwG1pIXzLGfnEtVrr9LbQ0Ac9khYLMkIX0+Gk0d4yekRdX+:3VWsQMNw/1iXnGfnEvIWX
Score

3^/10

discovery
behavioral29 behavioral30
- Target
  
  $PLUGINSDIR/nsDialogs.dll
- Size
  
  9KB
- MD5
  
  83cc33553a3b7aaefbfb7af4aa97ab08
- SHA1
  
  484ddfb9bde560fe354e5c101701c78564ab6ff8
- SHA256
  
  518c3bb40f6e7c37beb3483284c12ed44038ae2a56bfe1604ffea6330f31b0d6
- SHA512
  
  109ad559efb49fea41d39b49852c0d4ce5f611c75ae137e489231a3c260ba79a17918e71efc2d65d9e18cebb697044159784369bed32ee442c496716e63bf1bd
- SSDEEP
  
  96:yYPLOGJbpWd8k74+PAIfbGn0JOu4YTnqJ3yd1vrwcJG/05sVarU+TvQN:TaGvu8k74+PPymqYTK+rwcdsVatTv6
Score

3^/10

discovery
behavioral31 behavioral32