df9a20022998c7ac11af23fc69f5d42698ed187b4d03b75fa911570c648d9642

Sharing

Copy URL

Twitter E-mail

General

Target

da92b09f2491f7aab473e0086517f5ff_JaffaCakes118
Size

15.6MB
Sample

240911-r3vkcswgpg
MD5

da92b09f2491f7aab473e0086517f5ff
SHA1

1c95f6b0a0c71b76573d7844432e4bcfe8204099
SHA256

df9a20022998c7ac11af23fc69f5d42698ed187b4d03b75fa911570c648d9642
SHA512

eacfc3176c688d3a68f3b7cbf1533a49fc9d2e99ac3fc63480564e61cb007a3382140e46887f63059e7edd5e85e76e733aacfe5938a9fffe3fa902271288498e
SSDEEP

393216:OF2YzuAlJffgmfaxMuFw+1ecnv/899bRXGwoI:jvAlJfhaxMuFw+1ecX8VpR

Score

8^/10

Malware Config

Targets

- Target
  
  install/Au3Check.exe
- Size
  
  192KB
- MD5
  
  2868e341097eba28e5f2c68fb20719c5
- SHA1
  
  b00356e7e3bb7b6fad8b9940bd0f7cf76ced366b
- SHA256
  
  29961d25599beb991e131c9d5d53afa007273366a8bb3b50d380c165f4214ed0
- SHA512
  
  018c4d0fc3c783c2df0bd2e885ef3014ee6984f4177b33b5630538ca70cd8bd3622e03f3fb228d864629a1a2b0e19910a756e5f6394a9e1528a621780588bb2f
- SSDEEP
  
  3072:BfrV5EAVMczsELz7VBpTjGuX7GVdw3ELPU5+WYPwmsDx5T4XT3CAOA3Gei4:trLEoznVBtjGFPy8wjNADl
Score

3^/10

discovery
behavioral1 behavioral2
- Target
  
  install/Au3Info.exe
- Size
  
  152KB
- MD5
  
  0e74b9dc602e5c3540c3ce7e51c5717c
- SHA1
  
  83c139264b2ee2df8ecd698d1d079db5675c0c2e
- SHA256
  
  cd7660502ee43fab3e5af883f21e2f03f78e462912cf14d23d105c3de8e9d3ce
- SHA512
  
  4704bea34a5e572efd9198f80b1a0e26575d37ac307bda5653009645eb2d24613e5de2d2205920e00a695b5ac8d8ab8aecc757e95967519e19c0a2cc9b7efd84
- SSDEEP
  
  3072:7R5StHeHv5cyOZyW6RRWy4ZNC6ZraL3mUU:N5tbXWBZw6ZraL3mb
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  install/Au3Info_x64.exe
- Size
  
  172KB
- MD5
  
  600587fc345f0aad0e69ba989dc92029
- SHA1
  
  81ae8c4fc4fe487f24e866e135bfa946d58b8413
- SHA256
  
  085f9631058901ef4cf75c3b683c833edc46f0f57ab7ca274edfbd6f79aac13a
- SHA512
  
  f7c007dff8a33652d12c262e4db65b7b292111571b44ea2f4ec1eda10ce8c154a2520671525c70d35b5dd50cd62afbfab3b18b1bfd9bf1366d47cd4054336eba
- SSDEEP
  
  3072:rpQO9UKRGRLHHThgfQMdmFDCwpcGr/yryIdXRWy4ZNC9H:rKKanTOfZdmFDNS2aOpBZw9H
Score

1^/10
behavioral5 behavioral6
- Target
  
  install/Aut2Exe/Aut2exe.exe
- Size
  
  1.3MB
- MD5
  
  88d518a90f4187b4542618cd328d7a34
- SHA1
  
  fa5fd671f8aabce769f82b960634d54c4a27e502
- SHA256
  
  5affc1a22d87715d5da70bfddb081335ca0a382b9cc4a54e18263047a76d5d81
- SHA512
  
  a1ed751ba7518dcb2cf9ab821fa28690d8f4a41238e4b8d97b37c00eef5662147dea600c90a7192142808f6668f8d252372e0712415d0fb7b9d1faa53b2b7769
- SSDEEP
  
  24576:k30RJ529+RipvL1SXk1QE1RGOTnIEQc4au9NgxnHNnz:kE89+ApwXk1QE1RzsEQPaxHNz
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  install/Aut2Exe/Aut2exe_x64.exe
- Size
  
  1.3MB
- MD5
  
  b0f3d3d6dae61602d60085e896c2436f
- SHA1
  
  bf8a1a2792b0fb142e50bd8ce0674359783c9f03
- SHA256
  
  b9c6a21f8355ced2b0ee48c5e0b6cce05c9222a32cdec12b26c18adbb8cbb1fd
- SHA512
  
  e8b7bf2d8e3c9587add0fa3e09a8331b80f3fb55343c76555fde33b511b2be6ecbe8b1e35cfaa2910ee4a0ee2d36fe740b1a0c228f702e17da6ccf55cdfce8ad
- SSDEEP
  
  24576:fuioBBCnx+QJ529+RipvL1SXk1QE1RGOTnIEQc4au9NgxnHNnu:/4uxw9+ApwXk1QE1RzsEQPaxHNu
Score

1^/10
behavioral10 behavioral9
- Target
  
  install/Aut2Exe/upx.exe
- Size
  
  298KB
- MD5
  
  e9eacbb7ab4b3f66019e0a2f13a1dba9
- SHA1
  
  ae30894b29e52bf04afc4a54795d438fb910acff
- SHA256
  
  0c3dc789d0a46493bd097526b920d913d930d96b1052cb331eec3ac560c89996
- SHA512
  
  925445d20c93c65a282fc59f773551d824bff1f8e2623fd8ea0c587831a9550c400f121defb3d82c8f0401903fa69e3154dc98e29688d02af1d5d01247914a06
- SSDEEP
  
  6144:vZCWmlys014OqpXDXz7yIrozs0WuNd3ojusBdgnNW6r4F53ttuGENGFdVCLEYnPQ:hCWV7q9zGImAjJdcH4j3ttzFdVCLNSf5
Score

7^/10

upx discovery
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral11 behavioral12
- Target
  
  install/AutoIt v3 Website.url
- Size
  
  204B
- MD5
  
  7b6871ad1de81e0201386eeb8a71498f
- SHA1
  
  e9e95aa3569a6a970a4540332065c1a490f97fb2
- SHA256
  
  a8697c79934ff08407412d2c0c0492217709841638f1fd7fc6d8a68c105eed0b
- SHA512
  
  75f79510aa2953e04eebf4d339619c4e8a7a35cde7edc2c2c59b358f33e20b9329ae6e4cb9ee9aa4e34cf4a3c6d2191f88c78d36ebeeefc8487dd22b82dc9bd1
Score

1^/10
behavioral13 behavioral14
- Target
  
  install/AutoIt.chm
- Size
  
  6.7MB
- MD5
  
  b107a0f9fcb0c8b61ec28855a28121c2
- SHA1
  
  e48f53eadda2dbe99af964f596fe20a261949b90
- SHA256
  
  fd415b76d4c4d1a69911ffd87401fe33e759f715b0a2e7374a25a4779f8dd1bd
- SHA512
  
  3c1c5bedad53190c2b582a80dbe50c0dfba12c0db88693fb4dae166a0fecaac12c09aac1bcf486c974ddee23d99a9adaf127cff9f974a23585d61d8e35fbe590
- SSDEEP
  
  196608:ZhJWq0n74bnORjcbd0dbb5Av+IWEt5spQst:c74qRjMd0dB4+IWU5/Q
Score

1^/10
behavioral15 behavioral16
- Target
  
  install/AutoIt3.exe
- Size
  
  872KB
- MD5
  
  c56b5f0201a3b3de53e561fe76912bfd
- SHA1
  
  2a4062e10a5de813f5688221dbeb3f3ff33eb417
- SHA256
  
  237d1bca6e056df5bb16a1216a434634109478f882d3b1d58344c801d184f95d
- SHA512
  
  195b98245bb820085ae9203cdb6d470b749d1f228908093e8606453b027b7d7681ccd7952e30c2f5dd40f8f0b999ccfc60ebb03419b574c08de6816e75710d2c
- SSDEEP
  
  12288:6pVWeOV7GtINsegA/hMyyzlcqikvAfcN9b2MyZa31twoPTdFxgawV2M01:6T3E53Myyzl0hMf1tr7Caw8M01
Score

3^/10

discovery
behavioral17 behavioral18
- Target
  
  install/AutoIt3Help.exe
- Size
  
  116KB
- MD5
  
  eb39f039a6423a8b522775f264254385
- SHA1
  
  dcd0f04dbd48258aa255db7279f287fdc99641fb
- SHA256
  
  829aaead9e89b65f3905e64f73c362fcf58efd1a9cbec4917b75c92397186cc8
- SHA512
  
  16190506d707c8c496c2c29329ea753aea6256df976d3f5cf4a0be5ec0750d122341d5682434d49464d9539b05f3e1451d3e48e4fcf326629b3f43752a1846dd
- SSDEEP
  
  1536:VOgVKnwBvPlnJmlSO/PcO1PCTsWjcdTTZhQCbdSJqC3N0B/yoLDe0jkdYB78t:VAwBvmS0L5hQCbIJqC3CJyoDjyYB78t
Score

3^/10

discovery
behavioral19 behavioral20
- Target
  
  install/AutoIt3_x64.exe
- Size
  
  990KB
- MD5
  
  0c45b1af9f410771bfd1740f40dc4173
- SHA1
  
  b896091855905e152abf260a64ebdf8b0c38aeb4
- SHA256
  
  3f1a80889fc13d98a26b8b6ac034d8ff4a04a5e3fe6c41c994585f5ba3e32bb2
- SHA512
  
  b23e2cb50ed312cb261df84a87283520079cd479ca16c19079abfce4f5ea18cbc730a191af480431f99d5a062e4b853745140d5e9d40003395f16b5867a11d5e
- SSDEEP
  
  24576:uomUFhNcmLFj4svqaShRsUiTfjo5ya8j8k:uCGmxj4svqaShRibza8T
Score

3^/10
behavioral21 behavioral22
- Target
  
  install/AutoItX/AutoItX.chm
- Size
  
  195KB
- MD5
  
  09e305b53e04d12e29b094d31673a14d
- SHA1
  
  77b60f2f5327bc584786946729ea6fd62de9534d
- SHA256
  
  200b6b8ccd5d97981b6d895c674fa39586a0eac25e84c51913ce07b408106c84
- SHA512
  
  2558db1a1c2e1d52f2ea8f7ade728d30ff29e2680b24900c38aa20e3359b44dd1dea52acacf6f3dba2c7efaa4bacf75511e595ca2e130258ad798dcfcbbad0d1
- SSDEEP
  
  3072:NTr62wZwfS23A0cPXN3gWeJvdFxCZs0eEmqmYodPrCI99LQopJ+WkTL/QyhfQ2:NIZwfS23A04g9PwZsvkzO9ySJ+WrsfQ2
Score

1^/10
behavioral23 behavioral24
- Target
  
  install/AutoItX/AutoItX3.Assembly.dll
- Size
  
  41KB
- MD5
  
  23f67d2ff7aff4e499326eafba4d7612
- SHA1
  
  4da41e66d014aaf5cb3ebf1f89de1e8b676969da
- SHA256
  
  1dea214ca49c826af7c8222ea902564adb37978d6ae15880dba0113f1fbf3dd4
- SHA512
  
  b2da7fa6894a87438b8f3875e9ad77be6d37afabef32f9943f6dfc44f9fd4b4250d484d9dfb4351a99898a16ea148cb0d45f53cd8c82e9fa4d7bd9e00a1c2cf9
- SSDEEP
  
  768:OOSZdWS2PC9+9335uJZk442iPtuSVn8uYozk7s:ykupTiPtuAzos
Score

1^/10
behavioral25 behavioral26
- Target
  
  install/AutoItX/AutoItX3.PowerShell.dll
- Size
  
  50KB
- MD5
  
  7806e150b581f2390deea25e8aa32ed3
- SHA1
  
  30791cbeded48fba94ac7916cfc27c1a608f694d
- SHA256
  
  e4555a793e3bfa6279cb3165598b7bcef36405aff0e5226c946569cda8c9ef51
- SHA512
  
  e5bf631d1e180865bc4e1a9a6719b1d3b49849b7c5f14a3d81d9c06afc2f51f36e50c59eaf22c22e0f988b4e5a07e770faad832f3cdc4f170ffcfc7c557ff524
- SSDEEP
  
  768:9KacsccCFKPXThyKfIxT1Xyj9WmKWgdmkitdQVn8bAnJXDi:ZczREsKfET1BmDCXitdyldDi
Score

1^/10
behavioral27 behavioral28
- Target
  
  install/AutoItX/AutoItX3.dll
- Size
  
  454KB
- MD5
  
  eb86fb3ad4445983f7d2b7e11ef7fc21
- SHA1
  
  f4442e19970cd6fa82659855f49972648eb34801
- SHA256
  
  80e7e298e1d1a9cbaa30b34a896d71018779965d1e03be621d974a64a680668d
- SHA512
  
  3cf84ea50498ca897fe77515c17e02385beeee153aa6d2b62dcd89b97eda134d387ed55d62753919e2b299f0658611a991c66a70c96d3c31f6a915912d9743c3
- SSDEEP
  
  6144:tFD9Tj6MoGKP0GJ+iCnHpGXqIs/cJojGi35AOS6ItdIa5f2o7/Us:v9Tj6MzKP0r5IjHi35EtdIaf//
Score

3^/10

discovery
behavioral29 behavioral30
- Target
  
  install/AutoItX/AutoItX3_x64.dll
- Size
  
  512KB
- MD5
  
  f11ae50df86a3bf2aa00625e54d7ebb4
- SHA1
  
  9812f16df2b0d1eeb75931348096128448d1179d
- SHA256
  
  5c1acd56bf432462e59e05e72d486fad670c4dd7c556df3d3270b827d1bbc555
- SHA512
  
  6e6ea547a758e95d75952164ebe5e928dbf46da3875c5aba7332755f5e6a5a98587226cf278ad99f4155f39e42f96f2ece0740554e0531f1293fc762a36bdc01
- SSDEEP
  
  12288:rqlTSwWo+9Ma61G0I+r0AYODI8u1zTJsQoHoJtdM5Jca+3E:r+FWo+9eIArFcE5Jca+3E
Score

5^/10

persistence privilege_escalation
- Event Triggered Execution: Component Object Model Hijacking
  Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
  persistence privilege_escalation
behavioral31 behavioral32

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Event Triggered Execution

T1546

Component Object Model Hijacking

T1546.015

Privilege Escalation

Event Triggered Execution

T1546

Component Object Model Hijacking

T1546.015

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

System Information Discovery

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

Sharing

General

Malware Config

Targets

UPX packed file

Event Triggered Execution: Component Object Model Hijacking

MITRE ATT&CK Matrix ATT&CK v13

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32