176ec51dc7874bd97619357a037915ffe50c6726fa327f84bbe99ea70bbf52e9 | Triage

Sharing

General

Target

df25e66ce5ec0eba910aae3d82d7f50b_JaffaCakes118
Size

1.6MB
Sample

240914-aj61lsxdqg
MD5

df25e66ce5ec0eba910aae3d82d7f50b
SHA1

023a80ca162c81a46361347f5594b516f5f0241a
SHA256

176ec51dc7874bd97619357a037915ffe50c6726fa327f84bbe99ea70bbf52e9
SHA512

fcd66d33c47df9c3730885ea3489ae39d1e8b76430051d29f34f9a12edcb65cb03d5e0250d6d35f84c2c36ce273a972393d7ea66a73a06f41c25034a71d71fa0
SSDEEP

24576:CxCe5ZC70V2UiCTW8kSLoTWiEq20JLugWogn5GgoLvf+w/0KlZPtc5Ez:oZpV2El4/LdlcAIw/vb1caz

Score

7^/10

discovery upx

Malware Config

Targets

- Target
  
  df25e66ce5ec0eba910aae3d82d7f50b_JaffaCakes118
- Size
  
  1.6MB
- MD5
  
  df25e66ce5ec0eba910aae3d82d7f50b
- SHA1
  
  023a80ca162c81a46361347f5594b516f5f0241a
- SHA256
  
  176ec51dc7874bd97619357a037915ffe50c6726fa327f84bbe99ea70bbf52e9
- SHA512
  
  fcd66d33c47df9c3730885ea3489ae39d1e8b76430051d29f34f9a12edcb65cb03d5e0250d6d35f84c2c36ce273a972393d7ea66a73a06f41c25034a71d71fa0
- SSDEEP
  
  24576:CxCe5ZC70V2UiCTW8kSLoTWiEq20JLugWogn5GgoLvf+w/0KlZPtc5Ez:oZpV2El4/LdlcAIw/vb1caz
Score

3^/10

discovery
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  13KB
- MD5
  
  b4ae88873b8f735cce21f4f280b40e75
- SHA1
  
  32b2f6929645821adb3f63952de63805838f6172
- SHA256
  
  e8c6b3e917d708756e67fd709e5b78f333490be49532d85b1fa02cc844c7913f
- SHA512
  
  a109f3ba291e1d34b6c07d1e270c2d7f7c78a5e1e0fb1bb494779564f1608fe53d919d68a72a2b9aaaf0e23744fe16082a4e4833adf5a8edb499481ca5970ff8
- SSDEEP
  
  192:Mb5dzuNj+vzHKn5ihJiiRHxt2jaKdCRy5xyW6Wj5D8W2wvGJU/FVRQuC2M:Mb5yj8WiLNLD0C0CW6WND8W2wv/KuC
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/KillProcDLL.dll
- Size
  
  4KB
- MD5
  
  c1e153f9fa1001eb9fb34bbc4a3f3927
- SHA1
  
  dfca2dcce9b0486114692a23776191627b0c9839
- SHA256
  
  e594544cc4b4a0a5439a2b9a79db14e580d815c87e353781c47d4eab5e313b8e
- SHA512
  
  d2a7c2853b56f60f710dcea27c346dbd22593c98e5c000c22650613851f26e505b12260bcfc050473e97c2796a91c94a3c201785dad4d95de0b4e2de35c3a41f
- SSDEEP
  
  48:C4ojqpOxUcbslAR1k5eKv8rbvHMgiqCmZuwJQ7TLSMXaIYatzbgAa4l5YAZ:SEeFslARoeK8rDHMgTCmj/MqoRb+4l
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/MyInstallOptions.dll
- Size
  
  13KB
- MD5
  
  1bb274d32dd6262ee7811e3f6333ab62
- SHA1
  
  e0b29b12fe2d4d642020c187e18ca32d8ca853f9
- SHA256
  
  09573ad4c5302d74c9ded2fdab44fc2f8953d8dad705f96ddc25f71913129104
- SHA512
  
  57ed40047bf30a179eb51333db38d58fe928b5149e9d8d92417f034422a398529b2d083e14f541f26c510b8ad4e88d6341e4dbd8257a24bbfdccf6cfc78cd0e3
- SSDEEP
  
  192:KDjiezhqQ//gmwIC6AYKhMdJEyaSYt4z1NqWElsu5Q1KSKoLa58iFVRrum1bc:KDjikhqQNwGAcEUlJNqWEG2rf6afxub
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/ProcDll0.dll
- Size
  
  17KB
- MD5
  
  ef99723c660986e8cf7e93015f35dad4
- SHA1
  
  7d19fa8c902f5b08f39be648d54827f01a090f27
- SHA256
  
  736898b335d77b931a91bf40abdd1aa79a8614440ed1f21ea3e5383817ce5a94
- SHA512
  
  4d2ba358aa008e821c66c91664db85cb0e36277d0db5d00c9aeaffa07385f80e5e34936a57ba2135428757a2012147afb00aa340757249bd26eeec545e4d5a9d
- SSDEEP
  
  384:MjtJef12fbWLisKdkzXjs70ZIiurlsJ1gKW08:MJUUzqj4CI1sjK0
Score

7^/10

discovery upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral10 behavioral9
- Target
  
  $PLUGINSDIR/QQDoctorHelper02.dll
- Size
  
  60KB
- MD5
  
  ed6c1e5ee15f8fa1bb3544c7f81c94ff
- SHA1
  
  12d5512b826086d88b04369b4f6f62aa8d0a61b3
- SHA256
  
  39007973cf6ae8763cbf3cb72beafed92d32adaf79e293599cdc553a4e23d446
- SHA512
  
  298d268d01981d9b2f8afa0cfd36ab0890378a5cae852249e1cc5b71071fd358176bc10ab15efcb52c6d59bc25ed9a241d907c8f5e9cab25de48dbe37a3fcff3
- SSDEEP
  
  768:QNfwa7SBFJlxT3VHqJovuLzm/+aCvoSBAziB9PCBeLNlV4xosbgo9NiI9:QtwKGlxT344uHm/+joCuoVKcojiI9
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  $PLUGINSDIR/QQDownHelper.dll
- Size
  
  48KB
- MD5
  
  be3aca1d4f6b2c185dfb6b6a4c74148d
- SHA1
  
  9894b0ce263012b3bea51f42e81ffe5e8b2c3321
- SHA256
  
  1b866c330696bfdc8df9e9a28472e8a2558c457a482e2108804a7ce20ecb915f
- SHA512
  
  4a51aa6cb0da94ed751952f7ff9dd541097372341f8c46c2eea1add11f4bbc280c6ab0a6b6bb00497a5624ac6b4303c0869316c1599cc52323214135470bf670
- SSDEEP
  
  768:AJSH0HZWXWGw6YbtxaaB5VEXHqImSv4JXztTtKx1hk:AJtHZWb+xaaB3EXKIeXzt01hk
Score

3^/10

discovery
behavioral13 behavioral14
- Target
  
  $PLUGINSDIR/QQUIHelper.dll
- Size
  
  48KB
- MD5
  
  05462e9a205f4e6edb3ab84fc0e86619
- SHA1
  
  a72e31163af7bb98ee1c90d0b27fd273ab12d883
- SHA256
  
  26f212971191e926d006e29cf1307a4b47eb370444cecde4e4c29997d268763c
- SHA512
  
  bd920947b767f3829a069f94ec3950760ad9f6568a6031db4d9551026809e1864f49b5e92b2787694d036bd3c6c475983838ddf8f33258b3da75b8157fd8c1cc
- SSDEEP
  
  768:ediTRYg5lrgb2BXllmwaFTalLK6kx/8oO2ZR:qiTRB5p37aFTku6RoP
Score

3^/10

discovery
behavioral15 behavioral16
- Target
  
  $PLUGINSDIR/SysHelper.dll
- Size
  
  96KB
- MD5
  
  f85e641f74d923b55a0d610525bb28c9
- SHA1
  
  f725487a58e56405c07cce5935faef99f4f86be8
- SHA256
  
  a494b3b27c96a417c18119cd97ecbb4b643dc37054637dd0e6fa02bcc8caa0b6
- SHA512
  
  ac77d45917047e6ae4fbfc9687191de2a2621f973522bf853f0f3d75ddb3852cc993bcb05c5559b5202bfb495146c11497c295dda844765e386680a17c879b6f
- SSDEEP
  
  1536:8aX8PoceSmnsImERUTm3LlaLfQ13U/YybonwZs:8RAJHRhwA+Yybonw
Score

3^/10

discovery
behavioral17 behavioral18
- Target
  
  $PLUGINSDIR/SysVer.dll
- Size
  
  44KB
- MD5
  
  8d3e6a5c864c293f78721ab5168cc3b3
- SHA1
  
  a198b2857b38d931bfa11def2340181450b94aaa
- SHA256
  
  e17cbc42ef349ea63bb580fd5dac326f49969bb0d757334e0429362e8e5d6fbd
- SHA512
  
  a61aceeea173a577d4b30f089f7cfab4841036a06a0b1530041400e9378afb4c825f1a1370d263a382fc6655ed4ead062b68121131cfbc529c656969acfe96c9
- SSDEEP
  
  768:eAYTPnqrlhoOk0Io3bGvgy9DYup0shvD8oc:1YTPnqrvw0KFDdpnhgo
Score

3^/10

discovery
behavioral19 behavioral20
- Target
  
  $PLUGINSDIR/VerDll.dll
- Size
  
  5KB
- MD5
  
  539ec6d5456e17ed6c144770d1748aaf
- SHA1
  
  9746a5023f2752aa5f4537dda731c306b69d7942
- SHA256
  
  89eb71d2a255648eb1e8517cdfe43ad2bd6f816d6ae69db159ac8e10db5b1dbc
- SHA512
  
  16b57a2376b7b6be1721f4e9cd38341051fc8bc6589ed4a71e63deba9406d1d6323ad1d353ec0b7b03c9fbf52b52442425300dcbfe81d90c5770b96d2a5a37e0
- SSDEEP
  
  48:CzsLy3XKTysjTCZGIifyl+6RtYcnybzSVVgJkHqYWPpmR:MsLyqFqZGIifyl+6IY+z9JkHzWPp
Score

3^/10

discovery
behavioral21 behavioral22
- Target
  
  $R0
- Size
  
  45KB
- MD5
  
  f53ac3535a49a12a3c26a45f544686c5
- SHA1
  
  550c19bd2330d33c8ece8097cdb74395afabec62
- SHA256
  
  8e2a59c5cdc7552a397b804b1f9c80dd47c72c955d03439a29aec72bd80b24fb
- SHA512
  
  c4b4307ff33545f8772457e423e7330b0b63c1fa63e41e830fb3d3d360e267e41312c8579c0ba13833eff4b401e91a259db0cc5160b00d3447c1b82d6329f128
- SSDEEP
  
  384:llu+Bl6l6FQhhDGO/duEr/G/yZNfYG0vMIFx6X+kvzEEldRat1YmfYvqyUiOYJLK:lw+BQnhFX2/Amx6dbE2at1YmfoVLXbap
Score

3^/10

discovery
behavioral23 behavioral24
- Target
  
  $SYSDIR/msvcp60.dll
- Size
  
  397KB
- MD5
  
  1e7679dd8ca873a36f4b33dd612c1f3a
- SHA1
  
  11d783aaca07e3ea03daa35fcb356388c7eda391
- SHA256
  
  fb7bc68c10c7cb90347a3a1908eeec66283a2050de3cd39d914267083636b563
- SHA512
  
  1794d305c0ed53ed26c8b7edcd53133fc8932ac874307b8388d1c7985efc04f4d0d44fd6de85044310a89a0a6d77f0db523faabf888d8c22ed8d150955193306
- SSDEEP
  
  6144:dy8RghtgAVTaRqkjufD+oA1E+GdNQ3fq3OoxHkCmXyf1lO:U9htNVTaAkqf9a7m+fq3OoxHkC5fC
Score

3^/10

discovery
behavioral25 behavioral26
- Target
  
  $_39_/Riched32.dll
- Size
  
  9KB
- MD5
  
  ff4a24319c9b3ce9ac049cec01197c47
- SHA1
  
  e589719b5507638f7c8f4daf7c71f6b9b818a6e3
- SHA256
  
  02e7c977a48b15df2d1096c74f07a46dab46a4d6cee2267c8d7ab58c6dfaab19
- SHA512
  
  c488d32219a48ee315789d61a52093f046304287536f6d1c4c9aae6d7df0b4b441dfd1268a6a8fd668e018ff15c0cc16e32e55060d0075d92e5a2b378608d62c
- SSDEEP
  
  192:hzAe1WivWI2yowJL/aMjGwP7gMWNDVRG+ebMZnaMgjQQ:hzWivWrYJLW/NpqbEQ
Score

3^/10

discovery
behavioral27 behavioral28
- Target
  
  $_39_/riched20.dll
- Size
  
  411KB
- MD5
  
  c87ebe4e54a41907e12fb561c5229d78
- SHA1
  
  c20cb94e4638ab5a26d7876b7c4c3809af7e0792
- SHA256
  
  fa14736d21ae9dbcfa75f9b5b2f76c757712aaea5b4d13943e7268f7dc678375
- SHA512
  
  12d83b7a4267efa052458fbe04fb9467de6b99ba0bdf3ad4580e94dba39e40633ca452605e38d1c6bc683e54f0a0d3d66f704e9ebc8664ae57e0020fad8655aa
- SSDEEP
  
  12288:s+MX88dRuV8iIYoQ38BTe3P2Obur51ORd6c9MElP6In2:DMX88dRagg2OburXoYpQ/n2
Score

3^/10

discovery
behavioral29 behavioral30
- Target
  
  Mfc42.dll
- Size
  
  977KB
- MD5
  
  8d027ed84993536761799d4c57691e61
- SHA1
  
  8d68b588eff18f23de72111248ec3577101b4df3
- SHA256
  
  7659ca8f79757c6f606ef3f8e9acced28f9ec21321345c03d4e19895b2010f80
- SHA512
  
  1512916d6bb084569e5302f90b7c0e1f66fffa5e8af2835f8d7d11a4b9fdee633d45b5046df81ce584004cb84ae181edd6f8d92c6d78d6c19f76e65315d178cb
- SSDEEP
  
  12288:/Jyv+KLWq4g8qtBdNoMQ45lipw2sSKYpqeUCuuOD8yBDsmT6ORi8IiN:RyVWLhM6wyKYpp2zgoDtlN
Score

3^/10

discovery
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32