d9ccc2ca34b59d0a0e7e73a9aab832a697483ed1507edc861c28069b05481d30 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d121f052fd121bcc2a50774c33eddf15_JaffaCakes118
Size

7.4MB
Sample

240907-fnkk3awera
MD5

d121f052fd121bcc2a50774c33eddf15
SHA1

8dd8f832eec4ab461000fb52d3c2a5698758122c
SHA256

d9ccc2ca34b59d0a0e7e73a9aab832a697483ed1507edc861c28069b05481d30
SHA512

d110fcc2e2ee0ac930239d8866fc8be36e8f381fea674f8ee00bcaee3ca06894bbf9662e8d4d2604aeea10d3a95625d078e85e79a86f92b507984cca0ca9ff95
SSDEEP

196608:y1yXKA9d8QGmrGeRnXv/TaU5tlrCtE6UM0f:y1yRdDVyWn//TagtlOtE6F0f

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  yaotv-v3.4.1.105.exe
- Size
  
  7.4MB
- MD5
  
  7ace25e47c8f31587ecd62927311a2bb
- SHA1
  
  44db0533a33b6429b3402f960c28041665753084
- SHA256
  
  ce4ab447b369975c05df73feaa6394b261ef1fc67904968ff8ca33b41f4bada0
- SHA512
  
  6b941528cca4b519562bc863b78274b7213c7742c46a44e27a0b22b9d3cbc04df28b86afe227c9f0cc9e1090d41b5591827d64f22d1751471daabd62d4ddaf55
- SSDEEP
  
  196608:cDHwGEX/b741riUknwlDHow01H+2p1pOiv/zQ0efF4oa:srEz7sricDh2H+yHefW
Score

7^/10

discovery
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  14KB
- MD5
  
  0dc0cc7a6d9db685bf05a7e5f3ea4781
- SHA1
  
  5d8b6268eeec9d8d904bc9d988a4b588b392213f
- SHA256
  
  8e287326f1cdd5ef2dcd7a72537c68cbe4299ceb1f820707c5820f3aa6d8206c
- SHA512
  
  814dd17ebb434f4a3356f716c783ab7f569f9ee34ce5274fa50392526925f044798f8006198ac7afe3d1c2ca83a2ca8c472ca53fec5f12bbfbbe0707abacd6b0
- SSDEEP
  
  192:n6d+dHXLHQOPiY53uiUdigyU+WsPdc/A1A+2jPK72dwF7dBEnbok:n6UdHXcIiY535zBt2jP+BEnbo
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  11KB
- MD5
  
  00a0194c20ee912257df53bfe258ee4a
- SHA1
  
  d7b4e319bc5119024690dc8230b9cc919b1b86b2
- SHA256
  
  dc4da2ccadb11099076926b02764b2b44ad8f97cd32337421a4cc21a3f5448f3
- SHA512
  
  3b38a2c17996c3b77ebf7b858a6c37415615e756792132878d8eddbd13cb06710b7da0e8b58104768f8e475fc93e8b44b3b1ab6f70ddf52edee111aaf5ef5667
- SSDEEP
  
  192:7DKnJZCv6VmbJQC+tFiUdK7ckD4gRXKQx+LQ2CSF:7ViJrtFRdbmXK8+PCw
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/inetc.dll
- Size
  
  20KB
- MD5
  
  4c01fdfd2b57b32046b3b3635a4f4df8
- SHA1
  
  e0af8e418cbe2b2783b5de93279a3b5dcb73490e
- SHA256
  
  b98e21645910f82b328f30c644b86c112969b42697e797671647b09eb40ad014
- SHA512
  
  cbd354536e2a970d31ba69024208673b1dc56603ad604ff17c5840b4371958fc22bafd90040ae3fb19ae9c248b2cfce08d0bc73cc93481f02c73b86dbc0697b2
- SSDEEP
  
  384:rJBJ8VnX8K+uKn2WQJdxbs3aEUhU7ya4L60Ac9khYLMkIX0+GwNyEAG:3J8+K+uK2WQJdxbsqEUhUua4L6AG
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  $TEMP/3.4.1.105/Hardware.dll
- Size
  
  90KB
- MD5
  
  3e697ffac07956665e81975567d4b660
- SHA1
  
  6d851fb7ae284470b57473915a3ebe4b513d4349
- SHA256
  
  5a896341eb2662273a9c77a58f1cbaf8b6f1cb361453cc13c33ca7d83ebe2c2a
- SHA512
  
  8c836c300edb6930cd8a43960beb4e35b4a0d8c1a94a219b4b71f6e1aa919d21814204786682e8a7b0d1fed19d91a6bcb7da4a012d5980eafd650001fdb41424
- SSDEEP
  
  1536:PsHxlUV1doJKw51XX1gXRh+Tqgh6ACeIALB0i02UN4nLdOzb:PsH7aw5YKTxhpCeGp2MApA
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  cryptolib.dll
- Size
  
  138KB
- MD5
  
  435145d5835e2f2f92e4e50aa3cdf9aa
- SHA1
  
  00840de68696a8553f41408e3f18cd3a69bd0715
- SHA256
  
  26dd0c5a5d2b6e0ff72e861f6852485b662bdfb7e402ca6368d569962c4eb2c6
- SHA512
  
  0b534ad7d3b98189e9228ebae7cd0611cb9077b6efa1136d7683eed22f0e0ed1d7c1f18156a3d80e5e62ee41c825071e15578cac3b7dc32873382883b9d842fc
- SSDEEP
  
  3072:CIrC8UZAvVkeSeOeDzfliwH2hL8ECR4NlsX81D88dMqqDLy/I7CI:CIrAIWjeOHhlCksXqzOqqDLu
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  libvlc.dll
- Size
  
  99KB
- MD5
  
  7ebdfc02b9e698acba658fa4204abce6
- SHA1
  
  4ab97e4fbe5d1c0ebcf4db61973a61861509ece1
- SHA256
  
  1f520961ca5a1003eaf2d1d4823dcb75c2cc4cf9305b5db77599137a01080653
- SHA512
  
  17d29f54909481223827e48e5e4867592879b141ad8323167920cede8661a54868d2a876319fa3fce5f14db34e56a33f4a63fa6646817d50453587c55222d71b
- SSDEEP
  
  3072:2/iC08D2XFOPdDJ0JJUYg6+x+VA8LlN6:26ccUYg6xVtLlN
Score

3^/10

discovery
behavioral13 behavioral14
- Target
  
  libvlccore.dll
- Size
  
  2.2MB
- MD5
  
  c90976c653fecc24f668f57da0a1cb61
- SHA1
  
  ed50eeb0c4d2c6582358d65a4bdccc0e3f95e53c
- SHA256
  
  8dbbd2dd4561268e286a7ae468dccd7a0c045122191847ff15cf633ff7d984da
- SHA512
  
  0631e35b3a065330e9219ca471877e967c142d05fa3d4b80a466d192757bd6576ce9aac891d8cf8c1ec4bae135e49c6abb5099d44ca19194f24c3c60d11dd1a5
- SSDEEP
  
  49152:zhEQ5ZuHhisrBplbwHKxqiKjD6z3xNpad4KRcBAUZLY59MpGaXYQKuHQ:zhEQ5ZuHosrBplbX06z3xNUcBAUZL5
Score

3^/10

discovery
behavioral15 behavioral16
- Target
  
  plugins/liba52_plugin.dll
- Size
  
  35KB
- MD5
  
  2ab7345625baccaf99655d30759ba268
- SHA1
  
  191b8afedea3d3d5f99bb40c1888ce702b5358d4
- SHA256
  
  fb678b7f1e42d370f2bc5826487ca166d0cf36b2f1e883092339933ed7d8ab5f
- SHA512
  
  ae98271aff778a7cff1932cfb54c654c25e70d106bbd3780f3495400a44375819a32cdf1d449fd9295494c550a3b34597fb30f1a94e65ae482bf65a17c00d268
- SSDEEP
  
  768:Hxpb70NoNK+3ljxPMkKK8gv1BulOrO+Vox/6pMs:Rpb70NoRHPMfK8gClUO+Vo96pMs
Score

3^/10

discovery
behavioral17 behavioral18
- Target
  
  plugins/liba52tofloat32_plugin.dll
- Size
  
  64KB
- MD5
  
  e0d81e1d14a9304a528320272848a550
- SHA1
  
  9bb312fec98169ed5e727f721254eca36b9d08d0
- SHA256
  
  1a719281d8d5828c85f4dce2c4761ae81db56128b8156f73c0e33958022fbd53
- SHA512
  
  227276b342104a0ed4a0037d5740af89a197232026690e6faa3cf3d2d9019ec63659b37e4bd3978b8988779b8c192aff0170ebd86a8913d15d8fe85c53db1961
- SSDEEP
  
  1536:0iZ8DS/nqz2I1+AsMaK6gulQR+VL9czog:07+fm24V6guuR+VL3
Score

3^/10

discovery
behavioral19 behavioral20
- Target
  
  plugins/liba52tospdif_plugin.dll
- Size
  
  30KB
- MD5
  
  2a3a97c74d50526c3d690312f453cca2
- SHA1
  
  7228281c55eb4a156eb343bc8b99f1c658449472
- SHA256
  
  b5a7748e73735699864e9678992cd69f6c0f95a48d53c1f85740f57b64f63a6e
- SHA512
  
  83dbbe88a4af34bedd70516cf6a10f6803b2a15dc886ea04cfa8b58408645c83573ac92fc44461df659c2843f8f78ded6fc68df0592e841721d8dbd7001e091a
- SSDEEP
  
  384:lq3K+bOJ3WiSX6i6ix2K1FxyEOOMGoQrb7LehygBmIRlsG6v3/92mQE2llwbDT/v:qK+yJ3WjxxPMGoK6gv1JelCre+V3x/b
Score

3^/10

discovery
behavioral21 behavioral22
- Target
  
  plugins/libaccess_http_plugin.dll
- Size
  
  86KB
- MD5
  
  ebc817ab465eabd8102be2a738441f67
- SHA1
  
  267ebb18213fd680cbfd5fae845999f3e830d969
- SHA256
  
  c70530d14c76b73a7982a58939982d8f7c09fac8fc7f2c8b6b97973359ff6fa4
- SHA512
  
  26556228b84e05ad211e8374e907d84ae1eda887ebd2195cf8ca64529cc6efe9b71d4f25d597dba5bee2d02edda81dce63a98735b2c9b7455344b60fda1d6895
- SSDEEP
  
  1536:8mLn6JUrMdeWL9vxhPfzw9ZfMfhNOXcSMmKXgylvu+V/9Qd5S0KIOpnToIf7jL:8yWUwZLxxhP7qpH4pXgydu+V/qdoBTBf
Score

3^/10

discovery
behavioral23 behavioral24
- Target
  
  plugins/libaccess_tcp_plugin.dll
- Size
  
  31KB
- MD5
  
  801d69763b18a6e0d0ded755a278cbd3
- SHA1
  
  ea970917c6a4cd903a01d33b6473ab455e825c76
- SHA256
  
  ef67792b4621b7411880e55f41d1b8a74379bb78db366463303109bcd0eb9cf2
- SHA512
  
  3e763f34dad91d3bba3aa39a180db0b443f7a962851c006b39608b8b19393c49e7b7897b5a1bb6babbebdd926fea7337fd5b5d620e8bf7abea997cdc55332111
- SSDEEP
  
  384:En66wK+8gDlCx2YaixGK0FAEOOMzWQrb7LehggBmMRlsG6v3/9CHIE2llRbDb/9t:ZRK+PJIxkMzWK8gv1Qml/DN+V1x/Ugs
Score

3^/10

discovery
behavioral25 behavioral26
- Target
  
  plugins/libadjust_plugin.dll
- Size
  
  48KB
- MD5
  
  93579eaa6777082ff639e1d86a34a512
- SHA1
  
  3f9203ddeaf99c4acda6ec354422d4dc95be7129
- SHA256
  
  50af4699aa8635f4e0abdd8f0065d747e58544141ed36d126134ff4cfddddd1e
- SHA512
  
  0136f0b78bdda212d44373c74f71c6e25f63a9bde4d100290b36251fc5d93d9c683fc49528477fc69da1e5a5f98b5fdcf90d15be1c4e06216ff1c4d24702a896
- SSDEEP
  
  768:ODT3Cvsn1nwZ/K+XmIxcMfqKxgv13ElGTN+VIx/rP/:yn1wxjcMyKxgWl0N+VI9L/
Score

3^/10

discovery
behavioral27 behavioral28
- Target
  
  plugins/libaiff_plugin.dll
- Size
  
  33KB
- MD5
  
  f0beb1ca73cfc08d533f36431957e748
- SHA1
  
  99b3bd14c18f2b19d570b852eb9a5294e3f9330f
- SHA256
  
  dd453b831c9ab1cf9f94884e09fde1800dab607b7c995f8bc2fd4448a09d9bf2
- SHA512
  
  ba05559e0560de74e79cf94872b468c3803a5fb5c4fa3366fbbc23d677c254dd7f9b311af825c9cc96201676101cd8eb69b17282c228dc95c253e65e5b8d8b86
- SSDEEP
  
  768:Dj3K+z4SoxkMDmKz9gv1X/lfbOC+VF3x/N+:Dv+kMiKxg5lT1+VF39N+
Score

3^/10

discovery
behavioral29 behavioral30
- Target
  
  plugins/libaout_directx_plugin.dll
- Size
  
  45KB
- MD5
  
  7a6789a0941836c34ce39377d2e07320
- SHA1
  
  ccf0c35bc5f64cde91d3c4f215ca16bce59aa2e9
- SHA256
  
  e121cfd2f74119931a4c4840b2b2fc299afeb7e6683a66b7db63cecdfd6b5ccf
- SHA512
  
  f4842c5cd921129403669e5fa8c2e4851017e2bba4ad66e47e38c9bf3b4b69e5d374a15fdca2e3f199963996ab2d4df31845ef62418946cbc25e96a29775d5d1
- SSDEEP
  
  768:QBnsIaAL0R5GK+UBunxTM1AKPgv1dd3lxxL3+VLx/3TcHe/uoR:KnsI/0epTM+KPgX1lH3+VL93z/uo
Score

3^/10

discovery
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32