Overview

overview

6

Static

static

3

155�...վ.url

windows7-x64

1

155�...վ.url

windows10-2004-x64

1

EULA.html

windows7-x64

3

EULA.html

windows10-2004-x64

3

Lz0/Keygen.exe

windows7-x64

3

Lz0/Keygen.exe

windows10-2004-x64

3

Readme.html

windows7-x64

3

Readme.html

windows10-2004-x64

3

Setup.msi

windows7-x64

6

Setup.msi

windows10-2004-x64

6

Sharing

Copy URL Twitter E-mail

General

  • Target

    d58f6f2e492430fa693cdcd61cb899ee_JaffaCakes118

  • Size

    7.5MB

  • Sample

    240909-dmfvdaydkn

  • MD5

    d58f6f2e492430fa693cdcd61cb899ee

  • SHA1

    b1999ae976afe17903669bf35f6010d52bed0e53

  • SHA256

    f3352de9109077b51a05dc54ff8568f8f55090fc54c4cd33f347c109ee2f5405

  • SHA512

    d12f7b66d4439c4a2e3765130a2ff64c5b3f785287630eefcf90c7f085b9421da5a45a5a64cc97895a4ca978f4695402a057dd29a77f1a699e9e419e39a3530f

  • SSDEEP

    196608:HQaBJkN0vtyo5ykGd7V1qnEEvRL2ER2LFpNU1MMPSJ7KRn7wXkZ2HY:HrBJkN0sGykGzOvRmLFpNUeZQw0ZEY

Score
6/10
discoverypersistenceprivilege_escalation

Malware Config

Targets

    • Target

      155ɫվ.url

    • Size

      253B

    • MD5

      339618361ad360eeeb6efbaaee579a3c

    • SHA1

      875438658dc1bcb56510e4493456a8474ced4d45

    • SHA256

      827fe1155ce21a373c023c82b229be6152237ef532ea2aa5b589b4b3d4345a5a

    • SHA512

      1a84a9adae0fdbcd17b3309b5e9a134853c6ad7f4a6bf7a8f42e55ced8e43e7b7a3990858bf3191327fb135f5b1e06625169d1d550eb933e3aed29ee02095130

    Score
    1/10
    behavioral1behavioral2

    • Target

      EULA.html

    • Size

      19KB

    • MD5

      4b038a677e474de59753679a68042367

    • SHA1

      aa7c1f069ad2928e99e0c33ad961b41f4a2d1657

    • SHA256

      89af93aff1d694604b0834f62abce1c6ca9e00bcb718b88306a9333372831168

    • SHA512

      2f85398fdd608e93f91a4bd97226cb14bf11b7895058ba48d0e0747e69e837b7109fdc2d865d660da4564f58e218871cb607caa66e66e1c3c871b1f3b8ddfefa

    • SSDEEP

      384:4foDkai4c7UV+GaQPY6ipTdQdgf2w6cRp1jcPahl2vZT:kqu4pQT6dRW1aa3mZT

    Score
    3/10
    discovery
    behavioral3behavioral4

    • Target

      Lz0/Keygen.exe

    • Size

      505KB

    • MD5

      4af0374378a6b05b17f2cfcb0df3cd33

    • SHA1

      30f87e08e28f9dd40d11124bc97151f8cfc3de65

    • SHA256

      d37dee4a4268c1a6237b772bd4cb2127e98ccf6b8e410cba8277814771eb0e09

    • SHA512

      a1be60761eee29d782cf0622938beeee2f813b49c2ad13f026f15af0cf4765a840b05947158fc41e95f6527bf4fb89a2356350044add20ec190cb249ca789763

    • SSDEEP

      12288:VkAMcvuIvPvFQd/W5uNoy0gfI7V8WXwCclY7N4cG1uciJkX5e:VkANZvPdQZigZBC8Ra7m

    Score
    3/10
    discovery
    behavioral5behavioral6

    • Target

      Readme.html

    • Size

      73KB

    • MD5

      1e387030e7940855a50298127aa9eac0

    • SHA1

      20f5777a4ea8cd4cec4a31540ce7370a7ade6f97

    • SHA256

      b5285891e4d2a8f92cc6292fd5f6c4542fee3f2fb7d9657fdb29f29129053a7d

    • SHA512

      e3ea8ebd81ee3f672eb3bf6efefa6f7279818ccae83d4d9e449b31445b7ec0cfe0a8070c7275fd1dde89f4b379855c393bd51fc3bc4e605f384a3914d1e34744

    • SSDEEP

      1536:AT46cPr49hDkz7BDgsvcdnyo38Yg42kf9nmEnVEZmYu83JIo9cdDL84xqfaOOyuG:AT46cPr49hDkz7BDgsvcdnyo38Yg42C6

    Score
    3/10
    discovery
    behavioral7behavioral8

    • Target

      Setup.msi

    • Size

      7.3MB

    • MD5

      560a8e2842ffbdcb9c438ed98c3c7ea2

    • SHA1

      ab0ec461c63a755c81fa3a1ccc534205a3292d74

    • SHA256

      88c3274ceb62c11ee714fcb93e1e43d15ec00f7d2fef0098f2099143b7c7b4a1

    • SHA512

      4f345ff29fb1d7d21ec453e4cf6d1cb58804730ae55eac7372c2ccb3d82faaba42b4158b724b0066c04b39ada94dcfd3c6bffc169148d955e9755e02e938e625

    • SSDEEP

      196608:WQLJ4AtkYDsrLGPlpI0NRqw+ArPcqAcF3Ms2g6me:WQLJ4H6srLx0NRqwrPcqZ8fm

    Score
    6/10
    persistenceprivilege_escalation

    • Blocklisted process makes network request

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral10behavioral9

MITRE ATT&CK Enterprise v15

Tasks