b684d7b94d15a92fc72447b87e2d95763dea4c0e091f696ddf6676c62d56fc36 | Triage

Sharing

General

Target

dc3126c76c2d8ae142f71b15a5dfd7d1_JaffaCakes118
Size

2.9MB
Sample

240912-l9vk2s1hrc
MD5

dc3126c76c2d8ae142f71b15a5dfd7d1
SHA1

45fa63ca708677c19392b23283b8de0a04f4e1f6
SHA256

b684d7b94d15a92fc72447b87e2d95763dea4c0e091f696ddf6676c62d56fc36
SHA512

c1a4a63c6abba8d42fac6a291a490a14a7c220bf78b066673c204fe42f0210cc412d7eafae054b59df703ea52fe3bb3f86f9d16d5b13700fa76dfff55c992d9d
SSDEEP

49152:P83TEd039VC0V/L3+g4jY6vuEJzEoU6JSQ9DiaM7RWXWCUMmgDwMdo5MJ/yOrVxa:P8jr39Y053+gszGqooU6wQ9DBM7UXVpy

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  dc3126c76c2d8ae142f71b15a5dfd7d1_JaffaCakes118
- Size
  
  2.9MB
- MD5
  
  dc3126c76c2d8ae142f71b15a5dfd7d1
- SHA1
  
  45fa63ca708677c19392b23283b8de0a04f4e1f6
- SHA256
  
  b684d7b94d15a92fc72447b87e2d95763dea4c0e091f696ddf6676c62d56fc36
- SHA512
  
  c1a4a63c6abba8d42fac6a291a490a14a7c220bf78b066673c204fe42f0210cc412d7eafae054b59df703ea52fe3bb3f86f9d16d5b13700fa76dfff55c992d9d
- SSDEEP
  
  49152:P83TEd039VC0V/L3+g4jY6vuEJzEoU6JSQ9DiaM7RWXWCUMmgDwMdo5MJ/yOrVxa:P8jr39Y053+gszGqooU6wQ9DBM7UXVpy
Score

7^/10

discovery
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/ExecDos.dll
- Size
  
  5KB
- MD5
  
  a7cd6206240484c8436c66afb12bdfbf
- SHA1
  
  0bb3e24a7eb0a9e5a8eae06b1c6e7551a7ec9919
- SHA256
  
  69ac56d2fdf3c71b766d3cc49b33b36f1287cc2503310811017467dfcb455926
- SHA512
  
  b9ee7803301e50a8ec20ab3f87eb9e509ea24d11a69e90005f30c1666acc4ed0a208bd56e372e2e5c6a6d901d45f04a12427303d74761983593d10b344c79904
- SSDEEP
  
  48:6jOBtU/BXN8kUByyy/Aklkcrkyg7Vg5RibGoTCTo0gqVeeaeQqzM5rv774YRljmB:y/DMy4ncrkyg7tbpQFLUEYRxe
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/LangDLL.dll
- Size
  
  5KB
- MD5
  
  9384f4007c492d4fa040924f31c00166
- SHA1
  
  aba37faef30d7c445584c688a0b5638f5db31c7b
- SHA256
  
  60a964095af1be79f6a99b22212fefe2d16f5a0afd7e707d14394e4143e3f4f5
- SHA512
  
  68f158887e24302673227adffc688fd3edabf097d7f5410f983e06c6b9c7344ca1d8a45c7fa05553adcc5987993df3a298763477168d4842e554c4eb93b9aaaf
- SSDEEP
  
  48:iV6pAvmNC6iMPUptxEZK65x/AmvycNSmwVsOYJyvrpXptp/JvR0Jlof5d2:2811GED5ZTvycNSmwVsTJuftpZR0Sd2
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  11KB
- MD5
  
  c17103ae9072a06da581dec998343fc1
- SHA1
  
  b72148c6bdfaada8b8c3f950e610ee7cf1da1f8d
- SHA256
  
  dc58d8ad81cacb0c1ed72e33bff8f23ea40b5252b5bb55d393a0903e6819ae2f
- SHA512
  
  d32a71aaef18e993f28096d536e41c4d016850721b31171513ce28bbd805a54fd290b7c3e9d935f72e676a1acfb4f0dcc89d95040a0dd29f2b6975855c18986f
- SSDEEP
  
  192:7DKnJZCv6VmbJQC+tFiUdK7ckD4gRXKQx+LQ2CSF:7ViJrtFRdbmXK8+PCw
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/UserInfo.dll
- Size
  
  4KB
- MD5
  
  7579ade7ae1747a31960a228ce02e666
- SHA1
  
  8ec8571a296737e819dcf86353a43fcf8ec63351
- SHA256
  
  564c80dec62d76c53497c40094db360ff8a36e0dc1bda8383d0f9583138997f5
- SHA512
  
  a88bc56e938374c333b0e33cb72951635b5d5a98b9cb2d6785073cbcad23bf4c0f9f69d3b7e87b46c76eb03ced9bb786844ce87656a9e3df4ca24acf43d7a05b
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  $PLUGINSDIR/g/PRFA-Chrome.exe
- Size
  
  563KB
- MD5
  
  9341392aef629d21f94be538830ed7ee
- SHA1
  
  c935f77dfb055deb5118a157fa526b4efc1cd3d3
- SHA256
  
  7dedf4ac72b35c13e5921c42adf46a8c3aafffe15768be4cf13bf30ae498f079
- SHA512
  
  b5cf73a5e976791312af5ceb1f718de03b0b003f6e0dd497e5cb970d781140a6056d283410edf94dbb6c951c85f0bf88df3d4b6d7ec1dd51f0c0c0f1c8a8963b
- SSDEEP
  
  12288:3mt6ciOkXAQjfbE2YCyz+/UcYyOk3jFZcngtv9e+z:Wt6NOIo2xy6MlTkuCle+z
Score

7^/10

discovery
- Executes dropped EXE
- Loads dropped DLL
behavioral11 behavioral12
- Target
  
  $TEMP/googleupdatesetup.exe
- Size
  
  549KB
- MD5
  
  01e1716a03b513f6538e022dd0ec6ea5
- SHA1
  
  9bbbf3b31340f4b049fd97ccfd34b2a03ac4ec39
- SHA256
  
  d31b7c8cf3207b19e18e899523a3d7caabf8fd1ac5cca38a4bada87516333091
- SHA512
  
  ccf065518cab5f34001f61f2e7f5350862c75b1b8cab7a8697712bbf4fb28789496229422a7cddaa68befb7d93afab3c37e799d4b267c300d56333f5a15cada6
- SSDEEP
  
  12288:LxTKk7QjSbE2xSyz+FUFYkOu3jgQcngtK7++T:lbY20y6qeVuqCCNT
Score

3^/10

discovery
behavioral13 behavioral14
- Target
  
  $PLUGINSDIR/g/PRFA-IEToolbar.exe
- Size
  
  218KB
- MD5
  
  ba294f93108cf238ecb91c394049f8b7
- SHA1
  
  486d16aeddf402e1f3be54cb6590ee1005fd92db
- SHA256
  
  1dd6831dbbacc4aa90af67637132e49948e810d0f0d7e2c108061474ef346cb2
- SHA512
  
  79707ce0aa72c9e6a0774dd10129942336cd420c3cfd0b6299b56b5fdc8b1c4594acb55c2d9106780826c18edce4aff31a2f3028c2f490001eac6401599b8e61
- SSDEEP
  
  6144:se34BlrCbgd//kfNahpVCbEh1RdP/ScsHy:glWslsizCAFbqy
Score

7^/10

discovery
- Executes dropped EXE
- Loads dropped DLL
behavioral15 behavioral16
- Target
  
  $TEMP/googletoolbarinstaller_stub_signed.exe
- Size
  
  196KB
- MD5
  
  bc67002cc524050eafdf18204c22c538
- SHA1
  
  9fdddaa5fbe1eeaec2b34938f0aff33766224453
- SHA256
  
  b31b4fffddc25735f8429a56d166c15187682a6010797e9a707534d09e4fc8fc
- SHA512
  
  c6d5fd4cc0d8ccff2288c721dfbc0ef35d946fa2790306fb189d0a40da0b38bda095e105c6ad95a7040780c367f300b0571a7e8072b9d83617416125f5ec8b27
- SSDEEP
  
  3072:naiSFHQ392Jk3jNxvMFc7KhXrpVCjPWSZh1+gKWN8XlaM6neWIY4Fif5T5jH5C:na1FHQ9bNKhpVCSEh1RdGqeWIY4Aff5C
Score

3^/10

discovery
behavioral17 behavioral18
- Target
  
  $PLUGINSDIR/g/gcapi_dll.dll
- Size
  
  62KB
- MD5
  
  f6400e8bdca118c6b5170c172fcbc06e
- SHA1
  
  992d2d0ee1f1621dd6fc0452d26ffcb65c30a95f
- SHA256
  
  c66dedc708c1ff94b16c46951570887f528e542bbb3e5574ba314fbb736a9cb4
- SHA512
  
  15fb3eb080e91284709d759b9b051051f64f47850b2a108d7c8f9b334237a630573c5c96eaee2a70b635ce74eabeb46c53178f1986e985819140d8fe88b3f143
- SSDEEP
  
  768:ozZ68lZ3rnZg8akat6Nn4gHyMsBkX1wM1zROnIaxHHyQPHKOEkmmX:oIorha56BrHNsCwqzRKIaVSQfdEkme
Score

3^/10

discovery
behavioral19 behavioral20
- Target
  
  $PLUGINSDIR/g/gtapi_signed.dll
- Size
  
  71KB
- MD5
  
  61bc40d1fad9e0faa9a07219b90ba0e4
- SHA1
  
  5b5c3badedba915707000d2047eaf13f27b8925e
- SHA256
  
  89e157a4f61d7d18180cb7f901c0095da3b7a5cc5a9fd58d710099e5f0ee505a
- SHA512
  
  fa341aa975c471082b4b6c380f794d1e9ab3939382972cfb9e1dbb3491f68296ad1cedc8f03736921c8e133f62432997de29642e223c2a97f1cab5ce91d68af9
- SSDEEP
  
  1536:/J6IYeD05jIx9A1jV0PAy/DTPJocNmk8SwD3QVS9JBhp9:/JL3m0l/JocNmowD3QVS9Jx9
Score

3^/10

discovery
behavioral21 behavioral22
- Target
  
  $PLUGINSDIR/g/gtb/toolbar.html
- Size
  
  1KB
- MD5
  
  710e195c62e071083ac9670370128ae0
- SHA1
  
  03bb8f527234594e8013ee858e00541f4e28eeb7
- SHA256
  
  684a5f12b74a6e6bdecf8b91c4d6db418fd1a056063d8d681afeab2f38590788
- SHA512
  
  7a61eafeca722e36d28afdcc659db8ec7bd5457fa910b47e93cc82527be68e27b96edde63ec8d6ba3d332598b0894d51a64592cf576f4a6fcb8e963aa7ecc1b1
Score

3^/10

discovery
behavioral23 behavioral24
- Target
  
  $PLUGINSDIR/g/pfLC.exe
- Size
  
  37KB
- MD5
  
  f0884f1aced37d66c4b8431c17073de2
- SHA1
  
  83491e15aa082b710ca0f4a4c577e82ca83b5b3c
- SHA256
  
  3884331e8b828b6a2f3d1ea0a9b806f3455c4f5c054e76fe033878241f68d21a
- SHA512
  
  abeebe9820974c483e3dd4730563b842413d9c206e588590561d2633827a8af6c7e17427776a52d00d8df6bd6a7ba9efeba03c402254b27edd2af6880fcd3df7
- SSDEEP
  
  384:IACB1SxmqTDe7wtSaLoMX+Y9KxhzANnDzR+HuVyM8fXRFCky4qSByjDdTDOubgrU:WB1qyNaLovhzqnD2uMcky4riDN6Pi++5
Score

3^/10

discovery
behavioral25 behavioral26
- Target
  
  $PLUGINSDIR/inetc.dll
- Size
  
  20KB
- MD5
  
  8d8fdad7e153d6b82913f6fdc407d12c
- SHA1
  
  aabbeed33cd5221e4cb22aab6e48310df94facfd
- SHA256
  
  e727c8bba6686c4814602f2bc089af4b4cf3498d1dbe1a08d8c4732da5ba046b
- SHA512
  
  42bc0ce1aca63904c34025307fd4b1d9f480ae47e42e7dfa48bbbf8286d947de2989435ad7a748951291307949217afeebcd31d10a1356c9366d3187085773a2
- SSDEEP
  
  384:0B/JF+HUI+LzlKSYWwgdHEINlWya4LL0Ac9khYLMkIX0+GBxgW+x:WFo72lvYWwgy8Fa4LX
Score

3^/10

discovery
behavioral27 behavioral28
- Target
  
  $PLUGINSDIR/nsDialogs.dll
- Size
  
  9KB
- MD5
  
  c10e04dd4ad4277d5adc951bb331c777
- SHA1
  
  b1e30808198a3ae6d6d1cca62df8893dc2a7ad43
- SHA256
  
  e31ad6c6e82e603378cb6b80e67d0e0dcd9cf384e1199ac5a65cb4935680021a
- SHA512
  
  853a5564bf751d40484ea482444c6958457cb4a17fb973cf870f03f201b8b2643be41bccde00f6b2026dc0c3d113e6481b0dc4c7b0f3ae7966d38c92c6b5862e
- SSDEEP
  
  96:hBABCcnl5TKhkfLxSslykcxM2DjDf3GE+Xv8Xav+Yx4VndY7ndS27gA:h6n+0SAfRE+/8ZYxMdqn420
Score

3^/10

discovery
behavioral29 behavioral30
- Target
  
  $PLUGINSDIR/nsExec.dll
- Size
  
  6KB
- MD5
  
  acc2b699edfea5bf5aae45aba3a41e96
- SHA1
  
  d2accf4d494e43ceb2cff69abe4dd17147d29cc2
- SHA256
  
  168a974eaa3f588d759db3f47c1a9fdc3494ba1fa1a73a84e5e3b2a4d58abd7e
- SHA512
  
  e29ea10ada98c71a18273b04f44f385b120d4e8473e441ce5748cfa44a23648814f2656f429b85440157988c88de776c6ac008dc38bf09cbb746c230a46c69fe
- SSDEEP
  
  96:M7GUb+YNfwgcr8zyKwZ5S4JxN8BS0ef9/3VI9d0qqyVgNk32E:eKgfwgcr8zylsB49Ud0qJVgNX
Score

3^/10

discovery
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32