18cbce91c14fd3a56e22df3928d04ebe7e327102781395a95e2223ceb565ee10

Sharing

Copy URL

Twitter E-mail

General

Target

d5abd4a8110749b4ff2fe04ce329bbbd_JaffaCakes118
Size

8.6MB
Sample

240909-fc9e2sscrm
MD5

d5abd4a8110749b4ff2fe04ce329bbbd
SHA1

a6d6cec77bf46b8b5273babbf4a7b8780f825839
SHA256

18cbce91c14fd3a56e22df3928d04ebe7e327102781395a95e2223ceb565ee10
SHA512

7dd5781ae1b55c92d368eabe68f3af5b4fdca704885708de14f95576fdca3a2f7f2c6932b63dce8002a2177d4d46cd88412d944f5e200b725de96c5a235ac82c
SSDEEP

196608:B1cdMsQFYOqktQbJtX13JOmFMCUk80YP9WBSkyTiJ:B1cfaWX3FMNkJfBSkyT8

Score

6^/10

discovery execution

Malware Config

Targets

- Target
  
  Application/AASearchCompanion.exe
- Size
  
  51KB
- MD5
  
  4ce2c2ba0e62026589da47d60d006fcf
- SHA1
  
  dfd4fbd69cefd7da829b6a01e333a0a8e8bf1b07
- SHA256
  
  c5afe380ad8d0e59945f8f26ba85b02c3556afe15f1d98de36beeb4348882ce2
- SHA512
  
  6ce0b9966de5ec1fcae61f9f3c68274b3357f88bd1af69f2143e0680dc4ef21ee41639e041c2ad415f3d740f58231cf03b78cfe6068a66d605cbcd8897ca3b62
- SSDEEP
  
  768:EYoZ35vUfgGapyLQ/hNyElx6lxy5ZFjar6os3AmuqkX:yPWgby8/vyElBZNamUmuqkX
Score

3^/10

discovery
behavioral1 behavioral2
- Target
  
  Application/Ad-Aware Web Companion.exe
- Size
  
  117KB
- MD5
  
  42d6f3b65e385c35b32ef7c042e79940
- SHA1
  
  d1525bd2aaa314378a7babb99bb65aaae7b6fbe3
- SHA256
  
  7b3473881391445da4bf0f3cb3448cc1533bd4e3882df252c085aec7032b6216
- SHA512
  
  cf94137a4f47e1238a52c498396afe2c998983e6246a3cf96dac502462c6253caff59237ee4a763865ecf4b89bae4a64856993be56e6c0dd2b3d3e1481ea85b4
- SSDEEP
  
  1536:ak9WXMp4oPAdDB/OKriggdx+/ckIsNsWjcdUc3V0Uat3DZModmuqk:a1cpzAdDBSdx+zyU6V0UY1MoAuqk
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  Application/BCUEngineS.dll
- Size
  
  3.2MB
- MD5
  
  4e14208ce46ae46f95c9137f8d7449d5
- SHA1
  
  aae681a496278dc71f73d692905640ec999b033b
- SHA256
  
  a1ceda054bc1d4024f874f3b65341d597c0739e5f2f0938f55e15fd6176d74c5
- SHA512
  
  e454b4b4d04ad89f39e54d54e83c7485032c200beac137171d3ffd1d01e35d862104cc0193566a7a5e628a90abaeb2e17ede983857846613a7dd980d4e9198fe
- SSDEEP
  
  49152:Ky9jC5327LeAyDW06K6mBzsITo59wpGlU+2StoJrtf5inkY:KyjO32fyDW0Gm5sIToTwYTghi
Score

6^/10

discovery
- Checks for any installed AV software in registry
behavioral5 behavioral6
- Target
  
  Application/BCUSDK.dll
- Size
  
  701KB
- MD5
  
  dd71f769270d21bda3a5780767437007
- SHA1
  
  35d2706ae37338b5093f46c14837d1a6716fbf3a
- SHA256
  
  5def7d73f0f381640d93871a7739962aedbb1b95ca0b6f410350999a990e2fdf
- SHA512
  
  dba3c614bb84fb6b450de0ea7b4cb64b53bbbf5f0a71a063b344248b1e11a2ccf293b2179ac249e34130ee57c3154e50b91f8badb07b64aaafca3bc4ea10909c
- SSDEEP
  
  12288:POtZcbZXzrsk548VyK8SbMAfQBM6LDkzOZYv3JSGeizoyDDk:POrcbZT8AYBpLMO8SGHoys
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  bootstrap.js
- Size
  
  593B
- MD5
  
  edb5c68ecdf9e165cfd3ccf52c999a51
- SHA1
  
  841bf3ad8b1169c3694ce08e1fe18e858067da61
- SHA256
  
  44bc62edc9ab7473d338b1542fc72148c76928e1fad0bcdf07a37d4476c6eefb
- SHA512
  
  bd98bd92499017139603ea6687a911a84c9dcdb9c3c747c77c1400e8be1e5af6e06dda717520420b845a0199dca282c2aa53f6fd3ac9eb08e0a7f9ec615d96e8
Score

3^/10

execution
behavioral10 behavioral9
- Target
  
  index.js
- Size
  
  15KB
- MD5
  
  876cc0915949c4f29f4f7abe7c225506
- SHA1
  
  bc7447cc53f1290844a9316ac550a41c7d112a20
- SHA256
  
  0c1879a183fae6575d9b5e7144baee76905cf29c95c735ec4facafe710595d11
- SHA512
  
  5e62a273978e448b0011b449b619341f34523e402690ca3b7417087866252466e798e24d9ae9c46a4602646ef74ab382df22e5074391224f17cbb8f9d267c9ba
- SSDEEP
  
  192:U+acnokGl8TRAgaXii9mjr8FQXXq5ZFKmTvkxSHKfkNVsXuaVLStezyAMI9yXwOD:scok68dAggh9mv8ymz0lLStezypdn
Score

3^/10

execution
behavioral11 behavioral12
- Target
  
  lib/md5.js
- Size
  
  777B
- MD5
  
  f2a9c6cedd8f7cbafc9d61c810bcf60a
- SHA1
  
  cbbe0ce835ecf6852dd8cb6aae418d2b5d437bb1
- SHA256
  
  28039d1ea80c67ab157c0b4ad6de65655988f096ca4c45b5a1ef0a98f7455272
- SHA512
  
  eaf6dbe1fb820d836cb5efe4692ae7d1f5705373552244ecaac11c85c5519db1fab10c70a456f28d74b44bab43d6cdb6c23347eaed914ff1a44fd78c3cd3df4f
Score

3^/10

execution
behavioral13 behavioral14
- Target
  
  lib/requests.js
- Size
  
  2KB
- MD5
  
  6ae0091fc924fa3cffde3fcedb1851d0
- SHA1
  
  2165bc25762410f77d0034fefaee587bb8b09a51
- SHA256
  
  29c2b1aad5f97a8b22df21124dbbe915906410426f5730c683ac4002a87e7a87
- SHA512
  
  b76471285a048aeb23e48aab1119fcc1e72ac46315f67a79d1a4153a10bf46239da68b960deca995fd91f23a7ffea82ed808a0e207d84a17865772c1bf3681fa
Score

3^/10

execution
behavioral15 behavioral16
- Target
  
  lib/utils.js
- Size
  
  4KB
- MD5
  
  5f8119593931b41e170c9ee8a13b587b
- SHA1
  
  a15aa1457d9827e8db5b631825593de3abdf2ea7
- SHA256
  
  0d7366a000b29c3cb07dcfe2d0352677c2bc56690de24d71018687630e71e8ed
- SHA512
  
  0820b8c6d75a12055a9cc6944840f80a572fee80b8e5e5392422818c77c27fd15f7094eb2bb1982fb5732c914663fffdd69ac5c11781c688d2603de6a3969de2
- SSDEEP
  
  96:AuXOF74AQBaxDxMuTF74AQBaxDxJQBGCxMQBfxSEZd7dbsFbQB+HQbQHHQKjYY:AuXOdxUawuTdxUaVUGTUnZdpbsWmQKH
Score

3^/10

execution
behavioral17 behavioral18
- Target
  
  Application/ICSharpCode.SharpZipLib.dll
- Size
  
  199KB
- MD5
  
  0971fd5d9434ca0d5051dac3d075d511
- SHA1
  
  55968ab15b681fc835a7fef7f68b8f26f0e550f9
- SHA256
  
  7405270ebe6b09af9992a387a3487d58287d0f78687a6814e231b99622cea422
- SHA512
  
  fa47831ddfa33ba72a77855bcb44e1fee9b8222fee571b06816808d2f12568e39d933817c181464aa3b06c039224646d8108341df919d113a3aa64545dc81b12
- SSDEEP
  
  3072:oK1c/KCOAUXk31Vv91GOtJJKuE1iA5mGPB8qd9OTymIpn+64kRAclDwRNG95ZI4z:te9OAQsFtJrGPBnmIRZ4U
Score

1^/10
behavioral19 behavioral20
- Target
  
  Application/Interop.IWshRuntimeLibrary.dll
- Size
  
  51KB
- MD5
  
  83c6b15194437ae17dbe94923b161fa1
- SHA1
  
  835e20f068c7494d4913b9171ac0cee6ce60ec0e
- SHA256
  
  dc22e284b10764876d2d538d014f415c9b60f068d5ba1fc5f0de51f500610316
- SHA512
  
  c720af224165714de218f32fc37dc042c46f35ce4da8a22248fdb9ce75bae627c805782f14afaf050414bc0835f026602fa44bba208825e98b377c1630fdeaed
- SSDEEP
  
  768:1x3LY+sPhWVJPsedLVDUYlkXrSXVteUdzttJ2z9IkCBcQtcNgaqD:3L9nVJEetVDUxSpvJ2z9IDc3gaqD
Score

3^/10

discovery
behavioral21 behavioral22
- Target
  
  Application/Interop.LavasoftTcpServiceLib.dll
- Size
  
  47KB
- MD5
  
  e6272921931877d28e2de54074d50654
- SHA1
  
  2bea36be53e5252bc53081beca5d2c555a2dc0ab
- SHA256
  
  967fa11712973f4d2d3720495e8f8284517b7fa6163b855e48cec4b77d31d203
- SHA512
  
  d70450db6bd837bfd893be390ea513445b9b4bfca3d69787fa95a369b0ab81e7f07c848a2c5522be16a65a2b9a0a8714dcb845ed0d4ab477e8967058101b51ef
- SSDEEP
  
  768:2dKVoSyxH33PyGaEVDTOsNpgw3wIcAlJCP5ymDqa:0D/y9E1TOsR3lJ6Dqa
Score

3^/10

discovery
behavioral23 behavioral24
- Target
  
  Application/Interop.SHDocVw.dll
- Size
  
  155KB
- MD5
  
  61e9a74ebd46fb79b5176c737839513e
- SHA1
  
  0497fd46b4e1eaa357e84271e4a4cd5e81ac1a92
- SHA256
  
  ce194735eac70b37d2ec52aa5ca5503fb9257c86333dc93a6cc6a7e62d0d67a8
- SHA512
  
  2beb054f1f4672d86297f4c888e66e5b4e224140dca1f25c086a0bcfe2c9f701610a268555878fe8634376b0c8fd8eabbe2c5abc3562756cc55e2d6fb7e0133b
- SSDEEP
  
  3072:KadMZC3fkpOTItC3MhmLwF62I5IfO9cjSBgn2FUraJYv+NMzCRw3mVE7KZo/ud8M:KadMZC3fkpOTItC3MhmLwF6n5IfO9cj4
Score

1^/10
behavioral25 behavioral26
- Target
  
  Application/Interop.Shell32.dll
- Size
  
  51KB
- MD5
  
  c030fed2e4ddebfbbc3ad2ca364acc27
- SHA1
  
  4297383fd43d0530daa191fbb28ae5ac3199e910
- SHA256
  
  27d5a2089c499d6ab1d3d7769def90952dc60f642742fde362c94dd7d41be9ec
- SHA512
  
  f534c9ba2ea277bfe5734ef2b167f413f0dc5825d68534fa9c1e3182f2043edc29014b6da7c2cb9fb5de87b1016bf5f3a5c96cac311ea3354305389b3d09fb3e
- SSDEEP
  
  768:hexl81nX6ZxlvUAa7KoBv7epginbCe7AXjuw9tL0Duxj7tr+BrIxFSiqP:hexl81nK34PJepgqcVzAiqP
Score

1^/10
behavioral27 behavioral28
- Target
  
  Application/Lavasoft.AdAware.dll
- Size
  
  9KB
- MD5
  
  2d7ea188625ae3ed4afb6c283189862b
- SHA1
  
  cf4473e7ee8ed5304099d88c7add6bc36f110cf9
- SHA256
  
  d75930978df13e7e461c0772120d95ca020c7b7815c8ca19ac84aab235b108c7
- SHA512
  
  08ab93496aabde119f94edc1eca4d805232ac4dc45b75d544c4b554da0133a855d6ab95b4db4ba9c23871e763e57c28b8f3e11966ce8c55d0ad8b40838f2eee6
- SSDEEP
  
  192:Hxbz1/RimaT09fsbyFfpoOMOy3cF5j6MoJviKwPqac:HnYmaTryvxMOy3cFhTqEqh
Score

3^/10

discovery
behavioral29 behavioral30
- Target
  
  Application/Lavasoft.ArrowHelper.UI.exe
- Size
  
  38KB
- MD5
  
  ca2458c7375853b229d848c535c9958e
- SHA1
  
  987c9b0e27fb1ac8ebb7871da378ea3e01a1b098
- SHA256
  
  bfd453e10c45110a96bfc74dd1a9518bb5dfb85d410abb488f324fae1a6c6bcb
- SHA512
  
  be3949d0b6c9495d8d0f3290b02aece4aa1f18765e1f2e20d2099081a50278b8777144c3644eb23a21951156c9d98e0b335f2ba81d460f740daa4a1da899c6c5
- SSDEEP
  
  768:E4zVo/nkf4eWFrlS/LQXe49M+lMV2jExyo6NqrwH:E4ZoPkweWFrgme49MlVsNqMH
Score

3^/10

discovery
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

T1059

JavaScript

T1059.007

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Subvert Trust Controls

T1553

Install Root Certificate

T1553.004

Credential Access

Discovery

Software Discovery

T1518

Security Software Discovery

T1518.001

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Checks for any installed AV software in registry

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32