3df8c6397421ca385bf7a48e87e5c9c90ddb922b6abc36443fc4fa7475815f5d | Triage

Sharing

General

Target

d6259cad7dba6846db26cae312080a78_JaffaCakes118
Size

647KB
Sample

240909-mq46tatcqq
MD5

d6259cad7dba6846db26cae312080a78
SHA1

c8fd90bae4d99f500bd988be4fa704d93f0c5725
SHA256

3df8c6397421ca385bf7a48e87e5c9c90ddb922b6abc36443fc4fa7475815f5d
SHA512

2385bd582d409398a1cf35aace08cc483c14cc5bf7fd792f17d3075a4a6d528041b8735b83c841b252c149da7773fb2a4c981535e67080c6640b8b3068726402
SSDEEP

12288:QEdfhvF9L92SyaQCN85OsgC1qBcVUfnTa7v:QElJ92RzCNFDC1qBcYuT

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  d6259cad7dba6846db26cae312080a78_JaffaCakes118
- Size
  
  647KB
- MD5
  
  d6259cad7dba6846db26cae312080a78
- SHA1
  
  c8fd90bae4d99f500bd988be4fa704d93f0c5725
- SHA256
  
  3df8c6397421ca385bf7a48e87e5c9c90ddb922b6abc36443fc4fa7475815f5d
- SHA512
  
  2385bd582d409398a1cf35aace08cc483c14cc5bf7fd792f17d3075a4a6d528041b8735b83c841b252c149da7773fb2a4c981535e67080c6640b8b3068726402
- SSDEEP
  
  12288:QEdfhvF9L92SyaQCN85OsgC1qBcVUfnTa7v:QElJ92RzCNFDC1qBcYuT
Score

7^/10

discovery
- Loads dropped DLL
- Network Service Discovery
  Attempt to gather information on host's network.
  discovery
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/AnimGif.dll
- Size
  
  9KB
- MD5
  
  11e94fedb34f46458f9dc773a91f2770
- SHA1
  
  791cf30880c74df9d6f7c1e637e4fdf5fa88b38a
- SHA256
  
  54ccdcb42fb3e63b7a55e8c0e7d12182a0338ea38b106b793ca048000a189ab5
- SHA512
  
  57dd38bebdd7d8fbc4b3daeecabc5c2617d4f5b2f6ad2396a702f1da362bc72deacfea2dd1550b0e00269188676324e1b7dd6ed372211c8bf664af824ac8d950
- SSDEEP
  
  96:kVh/i//UrWWXMAb+6aNqRjTwUWo5zFyRH0aTyZekTIVCAEHZNKNy0p:uh/Bl8AIQR/bWSMRH00yQBEH
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/NSISdl.dll
- Size
  
  14KB
- MD5
  
  254f13dfd61c5b7d2119eb2550491e1d
- SHA1
  
  5083f6804ee3475f3698ab9e68611b0128e22fd6
- SHA256
  
  fd0e8be2135f3d326b65520383a3468c3983fa32c9c93594d986b16709d80f28
- SHA512
  
  fcef8ac5bd0ee6e316dbbc128a223ba18c8bf85a8d253e0c0877af6a4f686a20b08d34e5a426e2be5045962b391b8073769253a4d9b18616febc8133ccf654f7
- SSDEEP
  
  192:t5ZTobBDJ68r67wmsvJI5ad9cXzFOVu+mZ/P3p+57CvpVqDxVp01Dwn2GRYgsfA:fBo/680dCI5adOjFOg9//p27uNw2bo
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/inetc.dll
- Size
  
  20KB
- MD5
  
  134b93f8bd1f82cd2f1b06c878580703
- SHA1
  
  29cdbce7a2caf1f7e4d2a139c42336d490074665
- SHA256
  
  45153adf50541316468e2b189a0f8127be9fb29e2f920e7eeaa6aceb438db8c4
- SHA512
  
  f970c38debb6631dab7369e2bc96237f16a8fd328d9d35a2b54cb688e1807f62cc6d63230afe89ce5c3945097ae4466872c72929a9623adde3ee57bddf54b692
- SSDEEP
  
  384:EBQCxl9oGPZsw1v6yBIgktbBYeTeXMK5HQ/0lR+Tya4LV0Ac9khYLMkIX0+GBxgU:goGFghBZTeXMK6cVa4L
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/nsExec.dll
- Size
  
  6KB
- MD5
  
  e54eb27fb5048964e8d1ec7a1f72334b
- SHA1
  
  2b76d7aedafd724de96532b00fbc6c7c370e4609
- SHA256
  
  ff00f5f7b8d6ca6a79aebd08f9625a5579affcd09f3a25fdf728a7942527a824
- SHA512
  
  c9ddd19484a6218f926295a88f8776aff6c0a98565714290485f9b3b53e7b673724946defed0207064d6ab0b1baa7cb3477952f61dbe22947238d3f5802fa4f4
- SSDEEP
  
  96:57GUb+YNfwgcr8zyKwZ5S4JxN8BS0ef9/3VI9d0qqyVgN532E:VKgfwgcr8zylsB49Ud0qJVgNQ
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  $PLUGINSDIR/nsPerl.dll
- Size
  
  8KB
- MD5
  
  9fbdcc2cb3091c971e51212fc7e7a88a
- SHA1
  
  1bc182d2ef4eca262545bf1396e0606a87145470
- SHA256
  
  02bf98fab06aeff739d5182e147f5f5585be11f94eaca683eda495d5435d9ac9
- SHA512
  
  b270278b9ec39232eff74dfbed2b2a36a3bd3755a99c5e35aa85d217a4e72bd9b2ee0de5e3c7170c7f06a4c559dfd252a6d351f79cdc41059053770806ac8e9c
- SSDEEP
  
  96:p7tyNdAau2RIkBcmQrA5JTKvXrtQLDWyUDN4Vlx09QyMZI492rkIgDsO/IJtn3:dSdAaNyA5QrIUk9UDWVnIPiIbrk8Jt
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  $PLUGINSDIR/nsisunz.dll
- Size
  
  40KB
- MD5
  
  5f13dbc378792f23e598079fc1e4422b
- SHA1
  
  5813c05802f15930aa860b8363af2b58426c8adf
- SHA256
  
  6e87ecb7f62039fbb6e7676422d1a5e75a32b90dde6865dcb68ee658ba8df61d
- SHA512
  
  9270635a5294482f49e0292e26d45dd103b85fe27dc163d44531b095c5f9dbde6b904adaf1a888ba3c112a094380394713c796f5195b2566a20f00b42b6578e5
- SSDEEP
  
  384:KExN66Yf2xL5Q4IsjuUjUZfqRDpImexpf88FwHxXvjX3hwlHt6oIfESxSHoOO8n9:O2x64GcVpI3xC8ynToIf1SIOhW4
Score

3^/10

discovery
behavioral13 behavioral14
- Target
  
  NSN-restore.pl
- Size
  
  3KB
- MD5
  
  d116d9c222147aa625c203d55d2969ce
- SHA1
  
  fc3b02149a479331edf2f6c1e25524e6aef176b8
- SHA256
  
  d3bf2f89546960a9ec463234563e690efbadaffe3c84850b4e7c734a0b7c88bd
- SHA512
  
  adfee11ba5b8fa14f1f5311e7bfc6eae14a6990ef35cf258e761df85fa2a6b3fbb28dbadb370906f2183444f35f851f55f345c635c2357fff334e3c8c8231f18
Score

3^/10
behavioral15 behavioral16
- Target
  
  execute.pl
- Size
  
  1KB
- MD5
  
  3ef57804b192f3db2d3719fb51215fc3
- SHA1
  
  2a83e8cd7cc787be523464717e4fe34e529845d5
- SHA256
  
  27622608410d149210c39ee51b48fd3f0999f3640616d0d984367b5f157aac64
- SHA512
  
  9b31f0152aaa556d1ecef38406a177284b4fd366bbc3e04714d9b15587fc6858626124d280135730da0516c580378a37b733874f1f8519420a61e6c53842b5be
Score

3^/10
behavioral17 behavioral18
- Target
  
  perl58.dll
- Size
  
  784KB
- MD5
  
  d6fec475513d165261d38743a490dfc1
- SHA1
  
  b593136ed5bc0167e6715a41c7abf70603f40361
- SHA256
  
  fa9cd43d0b09f2352063f2790a49af51615ebe735eba53417129fc04dd5e7b73
- SHA512
  
  5f56183f1b3b919d526d446b590d70f2e75338305a1b373ed04cd6a1388a345aa99667527f74ab08b651109d41e150d8ba639fa540381372f5578c8fee3c9e0b
- SSDEEP
  
  12288:axMQYulkUYSdnezsl3CHp+RaFBj/Ac1J3jA/pF2OUHlEbweMFex5R:0cYez034EicoTIcOUHqfsexn
Score

3^/10

discovery
behavioral19 behavioral20
- Target
  
  test-Fw-NSN.pl
- Size
  
  1024B
- MD5
  
  7feec4b8cb54b161be0163caa57e95db
- SHA1
  
  5a08ce204f6f2bb9c42aae6f0619518a12cd2b0b
- SHA256
  
  0db68ac2f0afe6c6c893644b32b7ac30b597721b540fc1d0e8c56aadde596df4
- SHA512
  
  56f536ad37314e573db374c1001e10aa0de4b9d7e90668a24350da49defd193a8f584449a2f27196b409c189f6ae1697ba38192cf1a98a974876fd583f54bb2a
Score

3^/10
behavioral21 behavioral22
- Target
  
  test-Fw-chin.pl
- Size
  
  1KB
- MD5
  
  821106ab3d240786a360847f39f85a91
- SHA1
  
  76ce8274f4029b14e381e7cab618ca8b6a285cc6
- SHA256
  
  0af4a3b26012ed2563c9fa40c77fd5dd3185350a8bfcfed6b8aaa214eb241b12
- SHA512
  
  dfb91517e1f6e7ddff123b51d726a3377d2d4598330436d2a0cd8f09a0c02e0b73bf9a41b13fc0ee2c2dde177ae6860bd0778535b52547388c9f13321edd98bb
Score

3^/10
behavioral23 behavioral24
- Target
  
  test-Fw.pl
- Size
  
  1KB
- MD5
  
  ce9ce2f413a63d058750005152b49d52
- SHA1
  
  dab94cf504e549d8cc534e555824a701b3daa890
- SHA256
  
  e123e9251269d26b1a984770201c2f1d14c37440c83626b9060778b62a810207
- SHA512
  
  73f03ddbb8452c9e384a55f49826d409653c25de70019c0c8f32b894c5b775dd94f34ed4e6b4065a002f26ed512efd0b5315e8a95b9b1ec2b3b275720b2f1bac
Score

3^/10
behavioral25 behavioral26
- Target
  
  tftpnew.exe
- Size
  
  92KB
- MD5
  
  dca92cde5391e1ba0405aad5407a005f
- SHA1
  
  1019d8fe649888afedc7970601f0e26e9ee70632
- SHA256
  
  51d2d1fbf6420a8059bdc46ba6874271618d3728ead90c0d3e6dfcfbd561f522
- SHA512
  
  524aa84974afba7f68369e44ac0878c4619c6155823ebf2eb64fdd84084dc13ec6908d3fb3815b0b67277cf73da95d008fd8c6a96bc0e7bba91fd9c40f91748f
- SSDEEP
  
  1536:tBhzM1uuV5SrSvrq6biKiIp0lm3lsmC77dshTqK8JlClf5pmO/lr:HpCVYaJBimeZfeqnG5pmSlr
Score

3^/10

discovery
behavioral27 behavioral28
- Target
  
  wget.exe
- Size
  
  159KB
- MD5
  
  f9f8d1c53d312f17c6f830e7b4e6651d
- SHA1
  
  6b3eb6069b69fbcfa6e1e9c231ce95674d698f51
- SHA256
  
  bedfbfe249b4a2be35bbfb1cf166d2119e132ee7c608909d34238e9eba6c9749
- SHA512
  
  ceb9b35ea3876ab57a6e0213afbb6914f8e5d448189e5e3caa7ea1709153596ea90f5e7c2031bc0f6f0b45771dc7f9721c5337c8665fc3d1ed1cef4ae8ab964a
- SSDEEP
  
  3072:ICYY5GI4sq0pdF4H1ZsfI1wcCaIWdekqFEiJoFKEeB6FP7iG:WYk9F0pqRwRseIiJ8KEeB3
Score

3^/10

discovery
behavioral29 behavioral30

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Discovery

Remote System Discovery

System Information Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30