General

  • Target

    d6259cad7dba6846db26cae312080a78_JaffaCakes118

  • Size

    647KB

  • Sample

    240909-mq46tatcqq

  • MD5

    d6259cad7dba6846db26cae312080a78

  • SHA1

    c8fd90bae4d99f500bd988be4fa704d93f0c5725

  • SHA256

    3df8c6397421ca385bf7a48e87e5c9c90ddb922b6abc36443fc4fa7475815f5d

  • SHA512

    2385bd582d409398a1cf35aace08cc483c14cc5bf7fd792f17d3075a4a6d528041b8735b83c841b252c149da7773fb2a4c981535e67080c6640b8b3068726402

  • SSDEEP

    12288:QEdfhvF9L92SyaQCN85OsgC1qBcVUfnTa7v:QElJ92RzCNFDC1qBcYuT

Score
7/10

Malware Config

Targets

    • Target

      d6259cad7dba6846db26cae312080a78_JaffaCakes118

    • Size

      647KB

    • MD5

      d6259cad7dba6846db26cae312080a78

    • SHA1

      c8fd90bae4d99f500bd988be4fa704d93f0c5725

    • SHA256

      3df8c6397421ca385bf7a48e87e5c9c90ddb922b6abc36443fc4fa7475815f5d

    • SHA512

      2385bd582d409398a1cf35aace08cc483c14cc5bf7fd792f17d3075a4a6d528041b8735b83c841b252c149da7773fb2a4c981535e67080c6640b8b3068726402

    • SSDEEP

      12288:QEdfhvF9L92SyaQCN85OsgC1qBcVUfnTa7v:QElJ92RzCNFDC1qBcYuT

    Score
    7/10
    • Loads dropped DLL

    • Network Service Discovery

      Attempt to gather information on host's network.

    • Target

      $PLUGINSDIR/AnimGif.dll

    • Size

      9KB

    • MD5

      11e94fedb34f46458f9dc773a91f2770

    • SHA1

      791cf30880c74df9d6f7c1e637e4fdf5fa88b38a

    • SHA256

      54ccdcb42fb3e63b7a55e8c0e7d12182a0338ea38b106b793ca048000a189ab5

    • SHA512

      57dd38bebdd7d8fbc4b3daeecabc5c2617d4f5b2f6ad2396a702f1da362bc72deacfea2dd1550b0e00269188676324e1b7dd6ed372211c8bf664af824ac8d950

    • SSDEEP

      96:kVh/i//UrWWXMAb+6aNqRjTwUWo5zFyRH0aTyZekTIVCAEHZNKNy0p:uh/Bl8AIQR/bWSMRH00yQBEH

    Score
    3/10
    • Target

      $PLUGINSDIR/NSISdl.dll

    • Size

      14KB

    • MD5

      254f13dfd61c5b7d2119eb2550491e1d

    • SHA1

      5083f6804ee3475f3698ab9e68611b0128e22fd6

    • SHA256

      fd0e8be2135f3d326b65520383a3468c3983fa32c9c93594d986b16709d80f28

    • SHA512

      fcef8ac5bd0ee6e316dbbc128a223ba18c8bf85a8d253e0c0877af6a4f686a20b08d34e5a426e2be5045962b391b8073769253a4d9b18616febc8133ccf654f7

    • SSDEEP

      192:t5ZTobBDJ68r67wmsvJI5ad9cXzFOVu+mZ/P3p+57CvpVqDxVp01Dwn2GRYgsfA:fBo/680dCI5adOjFOg9//p27uNw2bo

    Score
    3/10
    • Target

      $PLUGINSDIR/inetc.dll

    • Size

      20KB

    • MD5

      134b93f8bd1f82cd2f1b06c878580703

    • SHA1

      29cdbce7a2caf1f7e4d2a139c42336d490074665

    • SHA256

      45153adf50541316468e2b189a0f8127be9fb29e2f920e7eeaa6aceb438db8c4

    • SHA512

      f970c38debb6631dab7369e2bc96237f16a8fd328d9d35a2b54cb688e1807f62cc6d63230afe89ce5c3945097ae4466872c72929a9623adde3ee57bddf54b692

    • SSDEEP

      384:EBQCxl9oGPZsw1v6yBIgktbBYeTeXMK5HQ/0lR+Tya4LV0Ac9khYLMkIX0+GBxgU:goGFghBZTeXMK6cVa4L

    Score
    3/10
    • Target

      $PLUGINSDIR/nsExec.dll

    • Size

      6KB

    • MD5

      e54eb27fb5048964e8d1ec7a1f72334b

    • SHA1

      2b76d7aedafd724de96532b00fbc6c7c370e4609

    • SHA256

      ff00f5f7b8d6ca6a79aebd08f9625a5579affcd09f3a25fdf728a7942527a824

    • SHA512

      c9ddd19484a6218f926295a88f8776aff6c0a98565714290485f9b3b53e7b673724946defed0207064d6ab0b1baa7cb3477952f61dbe22947238d3f5802fa4f4

    • SSDEEP

      96:57GUb+YNfwgcr8zyKwZ5S4JxN8BS0ef9/3VI9d0qqyVgN532E:VKgfwgcr8zylsB49Ud0qJVgNQ

    Score
    3/10
    • Target

      $PLUGINSDIR/nsPerl.dll

    • Size

      8KB

    • MD5

      9fbdcc2cb3091c971e51212fc7e7a88a

    • SHA1

      1bc182d2ef4eca262545bf1396e0606a87145470

    • SHA256

      02bf98fab06aeff739d5182e147f5f5585be11f94eaca683eda495d5435d9ac9

    • SHA512

      b270278b9ec39232eff74dfbed2b2a36a3bd3755a99c5e35aa85d217a4e72bd9b2ee0de5e3c7170c7f06a4c559dfd252a6d351f79cdc41059053770806ac8e9c

    • SSDEEP

      96:p7tyNdAau2RIkBcmQrA5JTKvXrtQLDWyUDN4Vlx09QyMZI492rkIgDsO/IJtn3:dSdAaNyA5QrIUk9UDWVnIPiIbrk8Jt

    Score
    3/10
    • Target

      $PLUGINSDIR/nsisunz.dll

    • Size

      40KB

    • MD5

      5f13dbc378792f23e598079fc1e4422b

    • SHA1

      5813c05802f15930aa860b8363af2b58426c8adf

    • SHA256

      6e87ecb7f62039fbb6e7676422d1a5e75a32b90dde6865dcb68ee658ba8df61d

    • SHA512

      9270635a5294482f49e0292e26d45dd103b85fe27dc163d44531b095c5f9dbde6b904adaf1a888ba3c112a094380394713c796f5195b2566a20f00b42b6578e5

    • SSDEEP

      384:KExN66Yf2xL5Q4IsjuUjUZfqRDpImexpf88FwHxXvjX3hwlHt6oIfESxSHoOO8n9:O2x64GcVpI3xC8ynToIf1SIOhW4

    Score
    3/10
    • Target

      NSN-restore.pl

    • Size

      3KB

    • MD5

      d116d9c222147aa625c203d55d2969ce

    • SHA1

      fc3b02149a479331edf2f6c1e25524e6aef176b8

    • SHA256

      d3bf2f89546960a9ec463234563e690efbadaffe3c84850b4e7c734a0b7c88bd

    • SHA512

      adfee11ba5b8fa14f1f5311e7bfc6eae14a6990ef35cf258e761df85fa2a6b3fbb28dbadb370906f2183444f35f851f55f345c635c2357fff334e3c8c8231f18

    Score
    3/10
    • Target

      execute.pl

    • Size

      1KB

    • MD5

      3ef57804b192f3db2d3719fb51215fc3

    • SHA1

      2a83e8cd7cc787be523464717e4fe34e529845d5

    • SHA256

      27622608410d149210c39ee51b48fd3f0999f3640616d0d984367b5f157aac64

    • SHA512

      9b31f0152aaa556d1ecef38406a177284b4fd366bbc3e04714d9b15587fc6858626124d280135730da0516c580378a37b733874f1f8519420a61e6c53842b5be

    Score
    3/10
    • Target

      perl58.dll

    • Size

      784KB

    • MD5

      d6fec475513d165261d38743a490dfc1

    • SHA1

      b593136ed5bc0167e6715a41c7abf70603f40361

    • SHA256

      fa9cd43d0b09f2352063f2790a49af51615ebe735eba53417129fc04dd5e7b73

    • SHA512

      5f56183f1b3b919d526d446b590d70f2e75338305a1b373ed04cd6a1388a345aa99667527f74ab08b651109d41e150d8ba639fa540381372f5578c8fee3c9e0b

    • SSDEEP

      12288:axMQYulkUYSdnezsl3CHp+RaFBj/Ac1J3jA/pF2OUHlEbweMFex5R:0cYez034EicoTIcOUHqfsexn

    Score
    3/10
    • Target

      test-Fw-NSN.pl

    • Size

      1024B

    • MD5

      7feec4b8cb54b161be0163caa57e95db

    • SHA1

      5a08ce204f6f2bb9c42aae6f0619518a12cd2b0b

    • SHA256

      0db68ac2f0afe6c6c893644b32b7ac30b597721b540fc1d0e8c56aadde596df4

    • SHA512

      56f536ad37314e573db374c1001e10aa0de4b9d7e90668a24350da49defd193a8f584449a2f27196b409c189f6ae1697ba38192cf1a98a974876fd583f54bb2a

    Score
    3/10
    • Target

      test-Fw-chin.pl

    • Size

      1KB

    • MD5

      821106ab3d240786a360847f39f85a91

    • SHA1

      76ce8274f4029b14e381e7cab618ca8b6a285cc6

    • SHA256

      0af4a3b26012ed2563c9fa40c77fd5dd3185350a8bfcfed6b8aaa214eb241b12

    • SHA512

      dfb91517e1f6e7ddff123b51d726a3377d2d4598330436d2a0cd8f09a0c02e0b73bf9a41b13fc0ee2c2dde177ae6860bd0778535b52547388c9f13321edd98bb

    Score
    3/10
    • Target

      test-Fw.pl

    • Size

      1KB

    • MD5

      ce9ce2f413a63d058750005152b49d52

    • SHA1

      dab94cf504e549d8cc534e555824a701b3daa890

    • SHA256

      e123e9251269d26b1a984770201c2f1d14c37440c83626b9060778b62a810207

    • SHA512

      73f03ddbb8452c9e384a55f49826d409653c25de70019c0c8f32b894c5b775dd94f34ed4e6b4065a002f26ed512efd0b5315e8a95b9b1ec2b3b275720b2f1bac

    Score
    3/10
    • Target

      tftpnew.exe

    • Size

      92KB

    • MD5

      dca92cde5391e1ba0405aad5407a005f

    • SHA1

      1019d8fe649888afedc7970601f0e26e9ee70632

    • SHA256

      51d2d1fbf6420a8059bdc46ba6874271618d3728ead90c0d3e6dfcfbd561f522

    • SHA512

      524aa84974afba7f68369e44ac0878c4619c6155823ebf2eb64fdd84084dc13ec6908d3fb3815b0b67277cf73da95d008fd8c6a96bc0e7bba91fd9c40f91748f

    • SSDEEP

      1536:tBhzM1uuV5SrSvrq6biKiIp0lm3lsmC77dshTqK8JlClf5pmO/lr:HpCVYaJBimeZfeqnG5pmSlr

    Score
    3/10
    • Target

      wget.exe

    • Size

      159KB

    • MD5

      f9f8d1c53d312f17c6f830e7b4e6651d

    • SHA1

      6b3eb6069b69fbcfa6e1e9c231ce95674d698f51

    • SHA256

      bedfbfe249b4a2be35bbfb1cf166d2119e132ee7c608909d34238e9eba6c9749

    • SHA512

      ceb9b35ea3876ab57a6e0213afbb6914f8e5d448189e5e3caa7ea1709153596ea90f5e7c2031bc0f6f0b45771dc7f9721c5337c8665fc3d1ed1cef4ae8ab964a

    • SSDEEP

      3072:ICYY5GI4sq0pdF4H1ZsfI1wcCaIWdekqFEiJoFKEeB6FP7iG:WYk9F0pqRwRseIiJ8KEeB3

    Score
    3/10

MITRE ATT&CK Enterprise v15

Tasks

static1

Score
3/10

behavioral1

discovery
Score
7/10

behavioral2

discovery
Score
7/10

behavioral3

discovery
Score
3/10

behavioral4

discovery
Score
3/10

behavioral5

discovery
Score
3/10

behavioral6

discovery
Score
3/10

behavioral7

discovery
Score
3/10

behavioral8

discovery
Score
3/10

behavioral9

discovery
Score
3/10

behavioral10

discovery
Score
3/10

behavioral11

discovery
Score
3/10

behavioral12

discovery
Score
3/10

behavioral13

discovery
Score
3/10

behavioral14

discovery
Score
3/10

behavioral15

Score
3/10

behavioral16

Score
3/10

behavioral17

Score
3/10

behavioral18

Score
3/10

behavioral19

discovery
Score
3/10

behavioral20

discovery
Score
3/10

behavioral21

Score
3/10

behavioral22

Score
3/10

behavioral23

Score
3/10

behavioral24

Score
3/10

behavioral25

Score
3/10

behavioral26

Score
3/10

behavioral27

Score
1/10

behavioral28

discovery
Score
3/10

behavioral29

Score
1/10

behavioral30

discovery
Score
3/10