2f60b08077a40c342fc950af1046a3b01e467059709e938a204bf148f3a5f7c2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e11f716f657e5608382be26bbffe21ca_JaffaCakes118
Size

3.7MB
Sample

240914-1wqghaygrf
MD5

e11f716f657e5608382be26bbffe21ca
SHA1

acb0ce181684fb80926aabd2872e29f8c37789ae
SHA256

2f60b08077a40c342fc950af1046a3b01e467059709e938a204bf148f3a5f7c2
SHA512

99ab1c39ae24896b29aa65d07959c4660ba785c1b2c77981f7862660adf251543bddf4f2cc708fa316103bcd2df3334dd4a63844ba0d88ade237cc2ab60178f9
SSDEEP

98304:VYsazUchZCQH+7maqN9hnC49PyRvOQeKq5gVvArwooTUkwsnR:VYO4B+K7N9hCh3qsBTUDsnR

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  e11f716f657e5608382be26bbffe21ca_JaffaCakes118
- Size
  
  3.7MB
- MD5
  
  e11f716f657e5608382be26bbffe21ca
- SHA1
  
  acb0ce181684fb80926aabd2872e29f8c37789ae
- SHA256
  
  2f60b08077a40c342fc950af1046a3b01e467059709e938a204bf148f3a5f7c2
- SHA512
  
  99ab1c39ae24896b29aa65d07959c4660ba785c1b2c77981f7862660adf251543bddf4f2cc708fa316103bcd2df3334dd4a63844ba0d88ade237cc2ab60178f9
- SSDEEP
  
  98304:VYsazUchZCQH+7maqN9hnC49PyRvOQeKq5gVvArwooTUkwsnR:VYO4B+K7N9hCh3qsBTUDsnR
Score

7^/10

discovery
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  12KB
- MD5
  
  9aff00ec14e6cb71a13451011c580077
- SHA1
  
  5972140e4a0addb9eac685fe6037da7479f23ecf
- SHA256
  
  cc8145683ad8fd77bd5cca193e84188e40d6d03a0a0d1d00e2bdbef91be96bb3
- SHA512
  
  311abd4e9927c1424d794ba401f3935ad3b108a2124e58e0d29aa946514c7a1d62b9b08b013699f4f90796bdfb6c07211daddbb521c1d20ccee771f6ea43b110
- SSDEEP
  
  192:zCCxNg+SdnWKZFzReF6KOgEpoAlwYmjspWnlAb2bG7F1QuIp:+Cxazn5aF4N2AWpZy2Ru
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  9KB
- MD5
  
  afd989ef7eec6bf952bedfce541fe236
- SHA1
  
  5654b71c5b1089c2cec6381d8da5bd14a14e1a37
- SHA256
  
  5e97602008ba004c72d58f71e77ffe0a0ea01103867eb12a9ec0f28e72f440d8
- SHA512
  
  f4e3d88477d39218667dd482a08904b2b69435db7d1fdd492380544aff83895d393a288c329da69074b69c68f51db45f694dfea81fc12fa2042ed43b3d06440c
- SSDEEP
  
  192:XZNEnGTkTwat3s8pXqrpxwvcq5/pZquJKeS:y3nX/N/P9JJS
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/UserInfo.dll
- Size
  
  4KB
- MD5
  
  419d642fe3436fda8bb22eea9c37a6ca
- SHA1
  
  c1644131b880c6e03f14de3c79efd27093a77908
- SHA256
  
  25c4f65b02eca4ad897d7a623b3ca1290bac836e98ab5ee5f6c527dfb6a41dd7
- SHA512
  
  29df088e3b5189efd6fbeebc2f23c5850303d40fe5331cd336bb852d986f9ab66f7bcd963ebf8c4e4eea7d49a6590027490d651a3e4781024c7983a2c456a337
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/spd.dll
- Size
  
  4KB
- MD5
  
  8bb77ed61759966728b7cb065e0081ee
- SHA1
  
  b2f1407daf21b301abea7a20cdb7fd181e3ff042
- SHA256
  
  ab5496eef3b68e865ef79bca1a88813876589d7d63bc76808d6df38a88eaeb80
- SHA512
  
  419541ad425373dab928f00e60bf83b19d53268e6d151d467a13dfabdb7a6a179b93c3f51c7fce394b062d619fdfcac587e3c7110ce1582c9d5e7ef85ec4cdf3
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  $SMPROGRAMS/Sony Pictures Games/Wheel of Fortune/Visit Sony Pictures Games.url
- Size
  
  271B
- MD5
  
  670b79e630ab09290b765d60060db142
- SHA1
  
  31bbc2ed82621ce102d09eb4fc55864d67e3b0c7
- SHA256
  
  bddb56665b5e6ec89cd53e7bb648eeeb9409de7b9404ff2b0d7c9a48c10ca954
- SHA512
  
  567b02c880f4bc7c669b993dc0540d0c03a70c0881a54e920b62f5cf7e7a361107e0cfd7b40fa7d91eeb798e154276aaadf5c449a89c8c21e4b528d81ab85bfb
Score

1^/10
behavioral11 behavioral12
- Target
  
  About the Game.htm
- Size
  
  9KB
- MD5
  
  1be54fc973a1667d1f3afed72d9fadce
- SHA1
  
  e3e1d778e5a93d00b768676dd7babb98542d57fe
- SHA256
  
  54bb10d06ac4005d2b0670f499ee65d711c547aee87c4511486430e674c33543
- SHA512
  
  d3b34389eb2b5f8a99ca215209da03bc16a5ad19549e8ade92d434ab268f59a5257ee5938a1c5e2ddb1246da42e0111d9d33bfa4671460d885db5155223ff83f
- SSDEEP
  
  192:nYBysQXnENKjY7iE7MUkJWnON+jwN1f0IEf2kMT5c46d9T4MXn1jz:nYY78QBM0fAP
Score

3^/10

discovery
behavioral13 behavioral14
- Target
  
  License Agreement.htm
- Size
  
  16KB
- MD5
  
  dff9e061ca0cbe9f428c382152a8fd2e
- SHA1
  
  4394b6db510582da03738cb8ff7ce76f200b8dfe
- SHA256
  
  36adde3f43a4a2ab46fbca5dd4bd7972982617ca9b5afd6e632d994d48cd56c3
- SHA512
  
  3093ac306a459a03771f78f5650b370e746847af429460f049a6c963936cbbfd6329f2719502ce6eb7e5ae6bf9ef719f72fd0637f7f630826ed44389ce11d7f7
- SSDEEP
  
  192:nYByumX4zaX3Hr2IVOoLG8eobQrHnhXc0qT8oJAEC4dZ9/Inday54pvG46XCuO:nYRzaHyDoLVbU1p1Ygnoy54VG46XC9
Score

3^/10

discovery
behavioral15 behavioral16
- Target
  
  Uninstall Wheel of Fortune.exe
- Size
  
  59KB
- MD5
  
  71970ce7a4dd3424e656930506459311
- SHA1
  
  8c5de5aadd81695495badb022dcf7c5f8c34f2a8
- SHA256
  
  c1e50c418732207509d2ec297cae88b9e6e03f8799e5da8d2a2f03d9626fbf05
- SHA512
  
  cd3f9e1ed69dd45e4b7ef344dba1089dd894f81e4178e4e0421e3720f76b56b7957453b4adf7de5bff4d0378cc6de9a6bd992b624d56abc116d910ee5a230d10
- SSDEEP
  
  1536:UG0Db1wJdBREzA01xVubM8JMLeAyBdgsgmimq7:IDb1wHBe6bM8JgeA4CsI7
Score

7^/10

discovery
- Executes dropped EXE
- Loads dropped DLL
behavioral17 behavioral18
- Target
  
  $PLUGINSDIR/UserInfo.dll
- Size
  
  4KB
- MD5
  
  419d642fe3436fda8bb22eea9c37a6ca
- SHA1
  
  c1644131b880c6e03f14de3c79efd27093a77908
- SHA256
  
  25c4f65b02eca4ad897d7a623b3ca1290bac836e98ab5ee5f6c527dfb6a41dd7
- SHA512
  
  29df088e3b5189efd6fbeebc2f23c5850303d40fe5331cd336bb852d986f9ab66f7bcd963ebf8c4e4eea7d49a6590027490d651a3e4781024c7983a2c456a337
Score

3^/10

discovery
behavioral19 behavioral20
- Target
  
  $PLUGINSDIR/spd.dll
- Size
  
  4KB
- MD5
  
  8bb77ed61759966728b7cb065e0081ee
- SHA1
  
  b2f1407daf21b301abea7a20cdb7fd181e3ff042
- SHA256
  
  ab5496eef3b68e865ef79bca1a88813876589d7d63bc76808d6df38a88eaeb80
- SHA512
  
  419541ad425373dab928f00e60bf83b19d53268e6d151d467a13dfabdb7a6a179b93c3f51c7fce394b062d619fdfcac587e3c7110ce1582c9d5e7ef85ec4cdf3
Score

3^/10

discovery
behavioral21 behavioral22
- Target
  
  Visit Sony Pictures Games.url
- Size
  
  271B
- MD5
  
  670b79e630ab09290b765d60060db142
- SHA1
  
  31bbc2ed82621ce102d09eb4fc55864d67e3b0c7
- SHA256
  
  bddb56665b5e6ec89cd53e7bb648eeeb9409de7b9404ff2b0d7c9a48c10ca954
- SHA512
  
  567b02c880f4bc7c669b993dc0540d0c03a70c0881a54e920b62f5cf7e7a361107e0cfd7b40fa7d91eeb798e154276aaadf5c449a89c8c21e4b528d81ab85bfb
Score

1^/10
behavioral23 behavioral24
- Target
  
  Visit Wheel of Fortune.com.url
- Size
  
  268B
- MD5
  
  291c4e06bc778f5f3d44175679aa2c2e
- SHA1
  
  72e252f500a561bc3cdb878ebc26991b675b8432
- SHA256
  
  39e6c0d1f885e55e62d7f635379eef8e882803a651c150761ebad6f2d679b5a6
- SHA512
  
  bc388df95dc2371edd4d8ab246e3390cfcb53aced054bb8226b9339736d53a6862640dc12b46cc53c65c007fa5e82f08d27d10ed609348cb35ff46f18a2f3b7e
Score

1^/10
behavioral25 behavioral26
- Target
  
  Wheel of Fortune.exe
- Size
  
  1.3MB
- MD5
  
  ab6eb6d3325c2d2870c5345c7874060b
- SHA1
  
  4d15506cc84644b8b3bc0ca5cc3bc1c70179c294
- SHA256
  
  bfd2e4dc719a6943f9d46bb2814d02d9265ebcd4819e6fa1eacc5648fa241cdb
- SHA512
  
  0f595cf43a843d22c59875d3eea331503fe6cc6a9f0e818bacdba32e45b5f14c44968ba340f758bf37b385c73088b4dc3fb42376dab77213a66e6d41ba0287f3
- SSDEEP
  
  24576:04iYMCxV2YCPFhhOzof/ZNSZfoL7AKI1gxMV9iRswVzipC:04haFhcWZNSZf0XCgzzMC
Score

3^/10

discovery
behavioral27 behavioral28
- Target
  
  aminstall.dll
- Size
  
  76KB
- MD5
  
  40f396e59502dfd850afb1ab4223aa6c
- SHA1
  
  bfa196250b6d3434bb86d80d1c62a1d42b309270
- SHA256
  
  049ebb29e03d704780f8e588ae2bccc4b074b29bd1e57e182149779257b2e4d6
- SHA512
  
  8b8245dd4a97248e899ddee9ec22692dd7bde9ee4dcf299c4e3bdcdc416a591f73b2c5c5ddd3da942c1fe8bc275713dc5942d1e4182ddf737f51463f1e7145cb
- SSDEEP
  
  768:SNV5rhiqaZ1V7V5yytiCLqmfTKeqvi8NT7jypjGZ1wZgH1Y10BlnkE52zGnApuxM:Sf5hgVXyy1luTXyVMwW1NkEQGnAp1cS
Score

3^/10

discovery
behavioral29 behavioral30

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30