bd75ae822853ffcc0240a9435ef0d498d69f939c08c66baf4152ff81fd2fa038 | Triage

Sharing

General

Target

da4cc7857119f58f14ebad6849c905ad_JaffaCakes118
Size

17.5MB
Sample

240911-n5g59syfnm
MD5

da4cc7857119f58f14ebad6849c905ad
SHA1

f3a113ec3ca63d9c042abe7e65e9fa1e831c4bcd
SHA256

bd75ae822853ffcc0240a9435ef0d498d69f939c08c66baf4152ff81fd2fa038
SHA512

b1f2947684576139a7fd05d09e6fb363641fc3a72165c609f3ab2b3edf418c7104721ddec163cc59e8997a5f4172a2aa123cfc67f919fc5bba343b6bf55045e1
SSDEEP

393216:ErPcgj2JunPrZTxaR8fEg5lQZw+lsrwARFIpuCZoc0EDa7EiAt:ErPFXlwSfEeQy+EwARFIUCycxO7At

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  da4cc7857119f58f14ebad6849c905ad_JaffaCakes118
- Size
  
  17.5MB
- MD5
  
  da4cc7857119f58f14ebad6849c905ad
- SHA1
  
  f3a113ec3ca63d9c042abe7e65e9fa1e831c4bcd
- SHA256
  
  bd75ae822853ffcc0240a9435ef0d498d69f939c08c66baf4152ff81fd2fa038
- SHA512
  
  b1f2947684576139a7fd05d09e6fb363641fc3a72165c609f3ab2b3edf418c7104721ddec163cc59e8997a5f4172a2aa123cfc67f919fc5bba343b6bf55045e1
- SSDEEP
  
  393216:ErPcgj2JunPrZTxaR8fEg5lQZw+lsrwARFIpuCZoc0EDa7EiAt:ErPFXlwSfEeQy+EwARFIUCycxO7At
Score

7^/10

discovery
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  14KB
- MD5
  
  d8ccde4f7d6110f806c9c63b30bfcb8c
- SHA1
  
  7b8ef1099bb5eced652fa82278470a4dbb8a4e97
- SHA256
  
  7315ee331d39fbbb1b9e3b8c1d7ebb599b68d9916270add229dcabb59c975cc7
- SHA512
  
  068fcc59ccbdce8d01797df90185956485adbbeaab6859f87ecaef12203d7369f95d1834de7e5bf1221c0c1543ef5f69bf29cc1345e95ed046d2ecbc142312fb
- SSDEEP
  
  192:s4n3T5aK+dHCMR1aQR9RuZl3WWmU7WYZsw1JpVGnrjvK72dwF7dBOne:Fn3T5KdHCMRD/R1cOnrjv+BO
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  AutomaticUpdate.exe
- Size
  
  1.4MB
- MD5
  
  a68b9f10d6136973d9860d0abbb53c38
- SHA1
  
  cac51cfff1b62773e182aa87ca33b8e2ab862de8
- SHA256
  
  728d5003f2552e16913283fc3cac39cc59c4ea0122ef8c00b67c7fe65b190d6c
- SHA512
  
  713d086f823f37710af67b32f49bc352658f5244a203de7d6d4c80a8c09073d74db584f2a1697b2232b49eca2d573d98f047db0e060da95f2774c78fb711962f
- SSDEEP
  
  24576:6nbUFrrWeIvqsRDuf6jcDV1DsKKeAHZpFF3OELzOEL:yUxLsJVcLsKdOpb+ELqEL
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  NetworkAdministrator.exe
- Size
  
  2.7MB
- MD5
  
  b285a7ac14c9a8204f9ec1210d0ae3fb
- SHA1
  
  9d46a8a1766ac256b6b89466d39326aefb8bd553
- SHA256
  
  161ecda6345fad76bf8244b477cd6a89a0b9746ae88446a1faf74ea6f6a163e4
- SHA512
  
  73aa8110c992f63d21731fac38041f920517ad8d225ba6adda137f090ee963ca3678a434406f7430726d39d6678e2a7026ad317101339883b05f539fc24af7b2
- SSDEEP
  
  49152:ZLuFoWqdaDsLrbqb9WTaSLWWsHmnL6lxm6loreJ:ZzWjDsLrFOlxDloreJ
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  Plugins/Agent32.exe
- Size
  
  1.8MB
- MD5
  
  a108fcc78f8f162ff9efbc25918eedcc
- SHA1
  
  3211cb2f9d7dd45908fb58e26d27c027f8d9df43
- SHA256
  
  735bf932aceb213784c011d70bfac96b9d48aa447cf8bd8b3f7ccc684c2b5ce3
- SHA512
  
  1c6e1baa57114767c36db5cd8b06f77f5600f70ab8530e3bc917e16fa287fca0ebc226c36ae4c78d4066dcd7895cade5c1b27639ea5d0195406ef59cba06c0cf
- SSDEEP
  
  12288:T5k8EboALw8o9SI9y2alkuG7ezKOjEBM70mTg7rTBxsrAJrMG7pEeTrS8EPdwSFk:W3HLLeQlkb7eUHpJEeTrAOGOipqiUb
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  Plugins/Agent64.exe
- Size
  
  2.2MB
- MD5
  
  049863c871bd851dbfa6bc3c0761dfbf
- SHA1
  
  97297b0b7070c2eeeef629436d32432c467ec445
- SHA256
  
  1da55ed11081ac906d7d93d13d44b39d4608dcfb1f0a82e4e949d5c129e74768
- SHA512
  
  5871d38579cfdd057f9930bab128f99222e1c60e87a152f9c3b2f7ef1e1b13ad7a7e15342b7945da36618da62ebec0ffc8933196a0f7c8e339fee600f693ac56
- SSDEEP
  
  24576:jK1GRt91xkwJxkCEnRiW/3kaTp6wuigXIEvTjbTK8iYAD8GOipqi:SUowJxvEnRiW/3Lpdu9TxVGOici
Score

1^/10
behavioral11 behavioral12
- Target
  
  Plugins/AgentBuild.exe
- Size
  
  1.3MB
- MD5
  
  4edca0f00dc8ff3ab42441004913c717
- SHA1
  
  cb767735c99e8fae9eccd662d2c3fea70c11ad1d
- SHA256
  
  166828bb55a0aedf3d2678aeca28d7d3fbfae6b2c9d3fe7b545959a66779532d
- SHA512
  
  c093616a3bc9f577579640dffa0b11f546d65a61fd064eca6911819fd844c2ec4b30b3c909f4817ab41937a82458507139e933cb0a2294fa9419390bbae99d92
- SSDEEP
  
  24576:OA3uefBG6LGVhduwAm9WYk73x1BUSfMUSbnmpjnc6f:XpGn7U3x1GSUUgunl
Score

3^/10

discovery
behavioral13 behavioral14
- Target
  
  Plugins/AgentCAD32.dll
- Size
  
  173KB
- MD5
  
  321f0d505adc707789a1e25f533863ad
- SHA1
  
  476e5d379fbfb94a7b8dbbc39ea9d9e5fb5f50c1
- SHA256
  
  690eb353130bbb2e3bf33dd4e953c178b96ea41e04453d6ddb17ce168a33147d
- SHA512
  
  e9dc1a052ef0a3fcc8aa581443fe1036beb0b289a690612f283f65debd8941181b6ac7873ea3622a655d54e07de941dc666c47f58e4b16cb60577b8247c99e81
- SSDEEP
  
  3072:as3Xw5SBg5nNMf1Pi5nSedCDCbAqYlRTBfi0Tkh57/oaE:7GBCwStCbZYlRTBK0Tkf/o
Score

3^/10

discovery
behavioral15 behavioral16
- Target
  
  Plugins/AgentCAD64.dll
- Size
  
  192KB
- MD5
  
  86035915327ea78abc7661ebbe231b5d
- SHA1
  
  870712c0e9aadb4920ad058a80eebb1f8b12fbbc
- SHA256
  
  4a5f1a1c20051d3b2e30ecb63731b3391f105bd5532006e6c893c967644f38a0
- SHA512
  
  bf3983dd8a422b3f8ed094fcefaaa9db0b63302c8992674dc3a7da4aed2ec029796f1fc1286c099d177a15a9568bdecd42ce5544ee9d11326c2aee83094ed016
- SSDEEP
  
  6144:6fQ+S4yXmDDJDbctjjbzKUNLa/ZHzcTiUTBgJpndmD:6fxQSJDbmiUT2Ji
Score

1^/10
behavioral17 behavioral18
- Target
  
  Plugins/AgentHook32.dll
- Size
  
  113KB
- MD5
  
  9d8fb5017fa6840a88ca60125e73aad1
- SHA1
  
  f18310f046420e2605a43cf5cc900fdd43ab5402
- SHA256
  
  b3e2e436c4e4bbbd4eee18586f3ccc441550af5d95a3fbc5824d4268dca99e43
- SHA512
  
  5616b251d5250747b6f1a1e1f697217e3d1f0ade9378d9e590b85c1351e149262ee35cab9353a7b12c98610dde761f472896c3efa67d008afc801a64f62033bb
- SSDEEP
  
  1536:Fu32JGYriSui1RdciH9ld+j+yoZ1k32TfLhnjoiluN9S4A3YzJy5Up/eHFl:o2JROgh/Ht8U9CilTuy5Uls7
Score

3^/10

discovery
behavioral19 behavioral20
- Target
  
  Plugins/AgentHook64.dll
- Size
  
  120KB
- MD5
  
  7eff38ce60a599246153aa5a745a6ff3
- SHA1
  
  72492db86e329ac053c5806731d3781b91f624a8
- SHA256
  
  9c2d0ff94e2086edcc1c1a1efcb2d8c3868ae85f6ef01598379d405452c8287c
- SHA512
  
  ac594329f776de9cb45e0b3940874ef50c9ba116c93c6176726b6a07e32ab71a54d5ae13a7d3bae20774b7d1c292453bf5c2f5c3e87a2efc06bd7e836cb908d7
- SSDEEP
  
  3072:7tcBsO2YPik3+hB11fZXFXhcTkJ5xmefR:7tQdj1OhB11f9FXGTkNmef
Score

1^/10
behavioral21 behavioral22
- Target
  
  Plugins/AgentSettings.exe
- Size
  
  1.8MB
- MD5
  
  93bf031c79ca1453050cf30cbf0a5f14
- SHA1
  
  736d29425c8d14a798b0b0e8a3b149712b3c6ecf
- SHA256
  
  a85523a28e3e486c54718d03cad54ffc8fecca69346480202ad93ce8f259750c
- SHA512
  
  20abf85b98abe7ef575054d5b03c41638ae6d270064325043ba573ff6a9de98163719c79f386bec69e424baecc64c7278d89efc191535ac0e918badefa0cd144
- SSDEEP
  
  24576:x073aQfBLTrIdpzo64OVGrq5U476+BOS9h7gfY3SfUXGT:xFEXIdf4W16+AS9RdSMGT
Score

3^/10

discovery
behavioral23 behavioral24
- Target
  
  Plugins/AgentSetupWizard.exe
- Size
  
  1.6MB
- MD5
  
  b2829ba58e289d492f988934809a1d53
- SHA1
  
  b9f3b9d1eaa7da642de79949ec1a8950fed2d81e
- SHA256
  
  2f071d45487842181b0ba6b9b4b477b1b1e218357a12da7923ae0b99bde9be04
- SHA512
  
  b067db14673c8e4d41cd553d09730cd700a228ce4c2aba8335244e3ff73ec6164b55b807274a2c94c30fe02941e020b5ae432127f2452159e5a1e9904cba6686
- SSDEEP
  
  49152:m3I8S5l043eaSC9nTqZfRWGMF1EDkzMP:m3zalp791
Score

3^/10

discovery
behavioral25 behavioral26
- Target
  
  Plugins/AgentTray.exe
- Size
  
  1.0MB
- MD5
  
  ebb56ebad056938c84bfb04ae0b1028d
- SHA1
  
  9a588d7789ef8bac46e73fcea3d529c844da6d56
- SHA256
  
  1b0f9e5c7d3a53f79f78a41edf19167d9560815df73c7017ec20f6a59fcbbcc2
- SHA512
  
  446d296f1619a792783074fa0b71f297ff5ac8462e5745ad5c41de6d89a2c3c8f8743ba369e9dbc925771508c3ec88279b2724d0f68a69859f6a07d87eba3906
- SSDEEP
  
  24576:sgqrgzE70Ca2HGf0STvBfS6SamMcmGd2KFcKTW7RSBj5B:C0CsTvZSAcmGd2KFRTW7MBj5B
Score

3^/10

discovery
behavioral27 behavioral28
- Target
  
  Plugins/AgentUninstall.exe
- Size
  
  987KB
- MD5
  
  0750f88abc4ed1360e4b0ad0f28b5a3b
- SHA1
  
  9a5fe04d4dfcfe6140b65c93ec114a42925ffbfa
- SHA256
  
  1ee000e9cd1ecde51f2fc19305ea03d4bd0a0395d9a7b803cfb6e59de869b9dc
- SHA512
  
  3c67eb26a7fb8dfc527dd3ef5d08c69f0a3048da3cd773052f1185c9c27d79e7d36399d6598c8f8c4e25b4ee4c1d9b04530c0bf594755519568f14ea0cccd42c
- SSDEEP
  
  24576:66Ymf//QdmukIG+S6p6BbSmVcXyKuB7qFXNojmxn:6RUlSJgBOFdojmxn
Score

6^/10

discovery
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral29 behavioral30
- Target
  
  Plugins/Change Network Configuration/Script.dat
- Size
  
  1KB
- MD5
  
  77fb264226b46be4ec84e469316545ce
- SHA1
  
  8d1c6fee06071a175c4fbbb174c44c907c206d26
- SHA256
  
  6fd1a661d5239be0a3f28af23f04869e6682d8be79aaeae4eb8daad59b291d12
- SHA512
  
  bd1a2e367e457ce4bac83d5b065650a6f10cf8dc712e2f4e270808f409c60c77ff68511d91535aa12bf79eae5af3254e2bea2b394c6bba995647b9f9e7a56c72
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32