48254bfde00c8a7e45c71e063ee689ef3c59fb765e44abbad5d75011940593c8 | Triage

Sharing

General

Target

dee70e18ca72a77169a6f9c0123f9ca2_JaffaCakes118
Size

1.6MB
Sample

240913-zx5r5syerk
MD5

dee70e18ca72a77169a6f9c0123f9ca2
SHA1

bf827ede4939b001e9637ec6a97368fe275192f4
SHA256

48254bfde00c8a7e45c71e063ee689ef3c59fb765e44abbad5d75011940593c8
SHA512

d018e346094423a1107dbae9120a4a81c156db71cfb98184acb9305e15b10edcb9b8f11f30b2a3b9d3396700f585e2df4144a7959fd6f735b8966e6af6b633a5
SSDEEP

49152:zXo8MPESiibc52HPKMX1XsfItn9hAHv7gN2vUPLJ:svPJms718fIWYLJ

Score

7^/10

discovery execution upx

Malware Config

Targets

- Target
  
  C60DOSX.DLL
- Size
  
  47KB
- MD5
  
  095a57520f8f9271812231089dccf79b
- SHA1
  
  96b39cd401775294e1ee9c00f1e1e20462e84f61
- SHA256
  
  2362961549b00d260c4e234ec300d98381aeed8413433b8b692e29c0dd12bf0a
- SHA512
  
  8b3eae1591d02ccd3a52bcf306777d1ef7b38def7c3bd7e2fba4b6dcd1e65426017768034657004bd27263d5c651994684160021483364a0eaa8cbe666cfa822
- SSDEEP
  
  768:k/dNDsn7UkXCvThWwMnT4hpUDTqGI22nJLSilySjDUU1vBfu4u5T52xO0b:+1sntXAVWwMnT4XUD2GKgCuuO0b
Score

3^/10

discovery
behavioral1 behavioral2
- Target
  
  C60OLEX.DLL
- Size
  
  61KB
- MD5
  
  1bc65039376450a0b580b4feb2f4d664
- SHA1
  
  f028a50110fd6e528ace2108600b61c472206901
- SHA256
  
  6ae0725f167f0cc78acd9d92db8b2a0f9388b6184321839236bcd61c5643a065
- SHA512
  
  cccd2008382b3c93a53de6046ba124f61cd14ce11994fcd61ac682bf7830c3b18a94957a277d19356365aeeff2860b764e1f28362f3c1202451ceaf1b3f11a18
- SSDEEP
  
  768:RethC2WhlG+iA8Xsd20amMzCt/pxZo+hgQYO5LiYKnE6AS7rDM7COUVEYn7Wkt8O:Egf6Kb7gKLhJ6R7rYDG7p8NwPuu9L
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  C60RUNX.DLL
- Size
  
  1.1MB
- MD5
  
  9d97c8268f430a5cdc0b9f66bb74252d
- SHA1
  
  d98060d39e30cd36f5f7f3259882047676a3cbcf
- SHA256
  
  352ce6338bbcd253c1705b2909cc257c3c083fa30e69d803b2c2843287e102ff
- SHA512
  
  e878d21eee4ad676765e99c09e6c9f988c47577fec474e87c4430cc06f7b97b22325211d462cf80afe2d9cccc30e044028d6aaac314776538585c5b5c9100f07
- SSDEEP
  
  24576:1WQ0EcYzxNMGNOJGqhJC49IENNrrMtKwJwSA5QQ/RfVya9:oCMRIqhJLulSga9
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  C60TPSX.DLL
- Size
  
  93KB
- MD5
  
  ea6e8fdfc9804d1034ce7fd8370ac45c
- SHA1
  
  7ef0e5fcc34ce51159532b24bc9f2ac94b71dfb8
- SHA256
  
  bceb61f6f32b8522d11a8a2668836a40351e9a70302ea751a2c2909968fca56c
- SHA512
  
  46fc71f71c22a0eccf5ef94390f3bc846a17a6b3dda3991ccc76836a50c71541467ddfc22bf7b0c78f4fa289fe91a70795a3601ce70a05c2e082baad571456b1
- SSDEEP
  
  1536:+aWWORbuPAnwFwS5DlmDgl9VBUFw3XbbYvEQTUNSzbtZ5IjwUiFqYohlyeaejZot:+aWWOYiQwSdlhVBUFwn3YsfChw/iFowD
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  gb_ems.au3
- Size
  
  7KB
- MD5
  
  b5a56545c55c3ab035ca86ef80d13e41
- SHA1
  
  c27d474d286efd7941a04f0a6c096ed7993b23b0
- SHA256
  
  7c8dc066872f75c653c401913104a25fc0b52d5f9dd94c5b6b38599b0b76057f
- SHA512
  
  16f1a7cb28375c11d9cfb5f47382253de2190e44d5456679ef71c312f092be1bb7bd9bb78dcb57a24d8ff57276263dbce911a3df7822078b4bcdfa1574c9b871
- SSDEEP
  
  192:RZ7adjaTaBtrJDoyo6JDCmLcZsQLZALGVHkLzuLYNjL9ULA/WZkNR9iOmoKbRvE2:RBwjk010yosOmoXFAqVE/usp5UcnNVmx
Score

3^/10

execution
behavioral10 behavioral9
- Target
  
  gb_ems.exe
- Size
  
  341KB
- MD5
  
  73297cb9d103702a1dd20bc6e2c324ca
- SHA1
  
  a84609a02bb075e4fec338532cfd60b7f3e9ac86
- SHA256
  
  a918a9bc2ba0ea9fe444a8ed97de3552aec55554f20bb7a5b253de36aca96d6c
- SHA512
  
  ac701cb2b3d32f7c3d1d4a8676fd8d5012f84a2599d94510a0e1efe120ff870771232fc5c50a4be878dc09de60a7a2a6577871c01e0ea889296d42814d99aa8b
- SSDEEP
  
  6144:Q1db49+rEg024fpLZazEjvE/rbay19tSt4bO2BaDmeBJe59kIlbf3F8+Kw:QjkArEN249AyE/rbaMct4bO2/VVbvS+V
Score

7^/10

discovery upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- AutoIT Executable
  AutoIT scripts compiled to PE executables.
behavioral11 behavioral12
- Target
  
  iQxml.dll
- Size
  
  201KB
- MD5
  
  d03d1bb362a227feb52db38005708497
- SHA1
  
  57b1a3ab3887f457dbf1634b7452f7d3714095be
- SHA256
  
  23e46ff93b401b12be2cb56115dbeff5236dfff46dd71058ef67a5ada9b6b027
- SHA512
  
  ef8ddaa62b47de16a964b30be5a8c8e93b3d82909d773dbb089885d73adbd4aab2924507a1dba24550c8b60e82c014930d321f108299fe45c1274660c85052f3
- SSDEEP
  
  3072:HgNUTnAL2Y5jMFViR5H4kodZuXle9CQb/:HaUg14koN7
Score

3^/10

discovery
behavioral13 behavioral14
- Target
  
  license.rtf
- Size
  
  39KB
- MD5
  
  37e589de46ff186440ee383abc1dc563
- SHA1
  
  4d5dedf42474567ee43d2c46548f4993b2422ee2
- SHA256
  
  cff641e1620777017989052c1844e697f4406e28b70767843ca2c8cd53420306
- SHA512
  
  659664dbf70967f457c29d33711b136164f5725b45190ce6c28b89605a501e9e52d0f705545632a910489ab30e1ae687ff9d27219b1e61fa9dc2249b63c1eea4
- SSDEEP
  
  384:zpJkpvJvcDp/7hdt1CPFr+4Tt8LGQfHnkTVMHeo75Y3kmA31dv61Qyq:zpJmqt1CBjjZrS14u
Score

4^/10

discovery
behavioral15 behavioral16
- Target
  
  sender.au3
- Size
  
  6KB
- MD5
  
  9c447be80663ddd008c64b77999150c9
- SHA1
  
  9ed473d2e86189fe8a64bb9c009b905ea6b506e8
- SHA256
  
  69edd459402b66c0e6da30967c43a42413f9eb4c987cd00b0180e4f20172b2df
- SHA512
  
  f7186f44af707c9cb21ed69d8773169d43fcc26c08c8cc0af4d85883cb3b33d86825a90daab654b61503adeaf9d30d7f097ba95fe56cafe6c965f1eff98b3dfd
- SSDEEP
  
  96:9QxF6sinA2HJ2Jnihucu1FVIK0RmPm39gSwIbXkk3tDfN/cHOhti:exFo1cf1FVZju3kkH/M
Score

3^/10

execution
behavioral17 behavioral18
- Target
  
  sender.exe
- Size
  
  303KB
- MD5
  
  a8f066f692efdeca0b8651136e2395cb
- SHA1
  
  85342d79f9bc8d77870c27abeb6700aa59e75d6d
- SHA256
  
  fe32163b306f970243800f257b439e6fcc9eb1a7fc4f2e37af8cac613c2cfa3f
- SHA512
  
  3350975181a3520f2107f8d419704a9442b1939f73f0d3abcbdb311cd8fb08ff6f89bd234534d2d3a9b6fbb7cc2ce8ae38eb61bd441ca329e7fecbefc2bca7c9
- SSDEEP
  
  6144:puzYwKuEcWPawThMeOhMzm5UKaxxmYrNmIAUxRbLIehweJ369AFKaAI5:UzYwKuEYUhoMO+xxmYrkwDDV69XG
Score

7^/10

discovery upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- AutoIT Executable
  AutoIT scripts compiled to PE executables.
behavioral19 behavioral20
- Target
  
  tracker.exe
- Size
  
  762KB
- MD5
  
  ace46e05df8bdbeb0a7c6aee4cc492b4
- SHA1
  
  758fecab9126b0d307fec0a5f17b40a8fb49ce52
- SHA256
  
  f277d9aab1920f612c3f7cd1b5e5c06f57c8120e355e40cd1c15b6b0e9b4171f
- SHA512
  
  1f1f4887b912b3dbb9aef39041ad610845e99079f46ae90ba177da13e069affcac1fd7ad80f268bf22db7b3fd2ffb90b7bd33748b64010a161864566f9408079
- SSDEEP
  
  12288:1e0kpHfpyYKXsBHn0zDCIzH/QiGAW+Xe7aLUcns+/9:iBUzDnTYiDWc9
Score

7^/10

discovery upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral21 behavioral22

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22