b1dd524d8cc9084acbf2057efc5f98032517d0b856aed973442bdabb109e28e1

Sharing

Copy URL

Twitter E-mail

General

Target

dedf392c227fd37c5bd491375256906b_JaffaCakes118
Size

2.4MB
Sample

240913-zkxk1aydme
MD5

dedf392c227fd37c5bd491375256906b
SHA1

5a79bb0bbff907185953f18c1afe587e39ae1529
SHA256

b1dd524d8cc9084acbf2057efc5f98032517d0b856aed973442bdabb109e28e1
SHA512

7b5544dadbacf9b84ef38a46b6a0b151aa6bad2a845f07146573276278db5b9103352d032f5e972fa3ee9d3508a4be9bfa70e9af3b452ee9842ca3f67a6fa56a
SSDEEP

49152:/gwJP9KYHG0q+gAEf+rxQwo/i/EjJF2DaQyCgM2YytSBvkRcp6+J:4wJPXG0q+gAIdR/i/EVEDaQlXot3RcYS

Score

6^/10

discovery persistence

Malware Config

Targets

- Target
  
  Wa0Desktop/Wa0Desktop.exe
- Size
  
  525KB
- MD5
  
  eac92247ece5e57d976c6951700c5c29
- SHA1
  
  ec34cdc7f1b60711e788b27f9195dbcac9944cd0
- SHA256
  
  1107b0d261e6ab09de3f2a8d4c4d9962c24f283fbe49bf8729678d6d23f6c5b7
- SHA512
  
  3531746634da6cacbed719cf8e6b0fd44741a74da0e3f7bbde5c06a56139db493195de42f6c585c52f4dffaadea0dee98afd716e0b748b784415975fc79f2715
- SSDEEP
  
  6144:+zFqcN1ybYbW4woDLFugjyp6FsGig4Rtwv/IP:dcLyydHDEgjyp5c4sv/0
Score

6^/10

discovery persistence
- Adds Run key to start application
  persistence
behavioral1 behavioral2
- Target
  
  Wa0Desktop/res/dlls/wa0web.dll
- Size
  
  64KB
- MD5
  
  06644abecb8596af6c5b7c73027f2010
- SHA1
  
  38f8880a8652825e8efb7674d6abb162b0cb1a66
- SHA256
  
  4c6598c4de743cfaa536093f40b5c5fe65fbcbd0b0d2acd2000a965be62cbb7b
- SHA512
  
  75be2dabf04b5f8a353a3e75cf0aecb794890248f6448af0852d5ac829502d70ddbd7ff5c4376d03c3e12d80f2c48308ecd68461627c60e860a8a1ed62f92a05
- SSDEEP
  
  384:bLS5a8hFRjah/rzEMyppEJEECazf3SYpNZVMqfPxwUbsdgnt6QPcrr8t:4bRjc/rzE3pp1oL35pzVrfGUzvPY8
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  Wa0Desktop/res/plugin/timer/fsplugin.dll
- Size
  
  13KB
- MD5
  
  195110809e3daf81ae779cf07fd75277
- SHA1
  
  b2862d8d7359fdf6565952c9a3369e1a883b7e54
- SHA256
  
  c7b34f3c7455b85f65c10d89943eb2afadc6d5f68211287ccf551093a07d3e23
- SHA512
  
  c704f7d31257a140edc4638f9dce7c5f9c7cc6e93689ba493d3c56fcf8630f174aaecbece23ed1e3ed121551bc83180db6ed7990a90e0f8b97034d98ae39b44d
- SSDEEP
  
  192:+svDB83a8gG1gTZ3kVj7vOPZx9HcnUierOR3X+Eqx8Apw3Guw:+sLcknTxkVj7kPNcnDUOtudG2j
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  Wa0Desktop/res/plugin/webClip/fsplugin.dll
- Size
  
  19KB
- MD5
  
  0fa5d90b866c8c08233c6b4744f095af
- SHA1
  
  9f0c868582fcb8bdcbccd855bbf7f0b1b21f4f83
- SHA256
  
  0b69462359e2594358be193f03bbe17e68049ea7353027d902d645e899b3a943
- SHA512
  
  ca6fa7e4f61af66b61f82aa175700cde97a74e84abd72a2960d8d00f5d478240de67d37df8edc9a651419b52821bc3b92a7b7abe352b75a8c78282f14776619a
- SSDEEP
  
  384:Myf7dxoc5y/m0Dl3PVja4/XDs+Otue6VLlZw:RS/9J3P9pDs+OtKFlZ
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  Wa0Desktop/stop.bat
- Size
  
  41B
- MD5
  
  4302de2a361e9dff1df9c11f2af9479f
- SHA1
  
  1c6734e09404bb86a306c1ed6413026ddc885549
- SHA256
  
  e465002e66bdd4d8673dd1730a7161e546c35acffb6836e4fb3f8ed567396edc
- SHA512
  
  230f85beaf56bbf507c79af0be1be30232734f73176ab46c6e47bc9e9811e89d40edd7b30d34f13d86b31484f1f7d46c8aaae463197a66eae6451807aaa0ae27
Score

1^/10
behavioral10 behavioral9

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10