Overview

overview

7

Static

static

3

df7e384c46...18.exe

windows7-x64

7

df7e384c46...18.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...in.dll

windows7-x64

3

$PLUGINSDI...in.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$_10_/msacm32.dll

windows7-x64

3

$_10_/msacm32.dll

windows10-2004-x64

3

Languages/...o.html

windows7-x64

3

Languages/...o.html

windows10-2004-x64

3

Languages/...er.exe

windows7-x64

1

Languages/...er.exe

windows10-2004-x64

3

StuffPlug3.dll

windows7-x64

3

StuffPlug3.dll

windows10-2004-x64

3

Uninstall.exe

windows7-x64

7

Uninstall.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...in.dll

windows7-x64

3

$PLUGINSDI...in.dll

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    df7e384c46ca96cdbcceadfbd6232c8b_JaffaCakes118

  • Size

    1010KB

  • Sample

    240914-e3748swhkl

  • MD5

    df7e384c46ca96cdbcceadfbd6232c8b

  • SHA1

    171310984e2e4fb3ce151080d09b6ea66407dcaf

  • SHA256

    6f7e864cd7744ca7fdffc203fffe9e07283bddddcdcaaf3d625e853de1a6ed53

  • SHA512

    c80a9f31ec1daadf6db91f3fe4d3cd75b17097fc4920de42bb25baadf56b66995d8e67288834fa9e558ed83b8d850822691fc63190aaaf8ed741878e3768a538

  • SSDEEP

    24576:cMGuvoHzkAc9BfXM0jpac0R2sQHUnjXjKvpNOlr:cMGuvERucWpN0R2sQHUjzezO1

Score
7/10
discovery

Malware Config

Targets

    • Target

      df7e384c46ca96cdbcceadfbd6232c8b_JaffaCakes118

    • Size

      1010KB

    • MD5

      df7e384c46ca96cdbcceadfbd6232c8b

    • SHA1

      171310984e2e4fb3ce151080d09b6ea66407dcaf

    • SHA256

      6f7e864cd7744ca7fdffc203fffe9e07283bddddcdcaaf3d625e853de1a6ed53

    • SHA512

      c80a9f31ec1daadf6db91f3fe4d3cd75b17097fc4920de42bb25baadf56b66995d8e67288834fa9e558ed83b8d850822691fc63190aaaf8ed741878e3768a538

    • SSDEEP

      24576:cMGuvoHzkAc9BfXM0jpac0R2sQHUnjXjKvpNOlr:cMGuvERucWpN0R2sQHUjzezO1

    Score
    7/10
    discovery

    • Loads dropped DLL

    behavioral1behavioral2

    • Target

      $PLUGINSDIR/InstallOptions.dll

    • Size

      12KB

    • MD5

      29459d9ee2bce32ed937fb1f965f9d5e

    • SHA1

      8fff45ed45f3af8f8c248eba9a1c02c9c5fc911d

    • SHA256

      ad07968b7d93ef19e10e1deb52e0c912e96dde30c0a49a0239daf176fd4c9ef5

    • SHA512

      d4ef4eadb0f53e7086a1d242bf7f745ad79d83d9ecbfaa283cf0dd499271a804589a575040bb20d5c98e86197cc65ca05ab1a358c556ea82a3e297d0255015a6

    • SSDEEP

      384:oKlm7i+c3QW6ckPhyDEaLnH2bbBBIXwZ:dqi8BcyhEhLWbbTI

    Score
    3/10
    discovery
    behavioral3behavioral4

    • Target

      $PLUGINSDIR/NSISPlugin.dll

    • Size

      14KB

    • MD5

      33fadb8e64ef565bd86c8c38001c4af6

    • SHA1

      444dfd7d2bb902c00a621a39ac375e34fa15694b

    • SHA256

      8587d47b584ea1bc5837710161f6f9ff528501746a72f45468894a938856d456

    • SHA512

      38cf8927110e3345de854cd8a0ae2ad257a44e9887bed3272fdee280677fb543c77f0132bc5c7264c0715a1ebfb01d8412ed9cfd3b6acadc58fc5fb1a24b9d93

    • SSDEEP

      384:eom6hxGCqF06r7psoCQpJR2g0aLskxnr2ROL:eXCqa6BsoCQpJR2glHxnr2ROL

    Score
    3/10
    discovery
    behavioral5behavioral6

    • Target

      $PLUGINSDIR/System.dll

    • Size

      10KB

    • MD5

      05e52213cfa17dee760186462a9645ed

    • SHA1

      f6d5e82080bbba65db7d54e89250c95af833aae3

    • SHA256

      d9d3ffa4c7d7a152f435f4777e72aa1b6a6c0555f277e59eedebc587c3b66ba5

    • SHA512

      586eea0bec6345b437667ce528bc2396427dd444a396456e38046a8962e92a52e7ee62b9f6c97f41bc1fb4a1b3905a302d6f7055e26b84e60709ba3b416ad172

    • SSDEEP

      192:GOShJI/rmOAIPkWpUybQ9WhP4t5Rwc89XbubZav5:X6OAOkWWycGP4XRwc2qFav5

    Score
    3/10
    discovery
    behavioral7behavioral8

    • Target

      $_10_/msacm32.dll

    • Size

      10KB

    • MD5

      aa1ec80085d72d3d228dc881ced83325

    • SHA1

      cf93a4c24b4a48037a92a298892a4cd2cd6fed62

    • SHA256

      49dcc6d9a7806c6c9299992c08e7da71ab2fc944d37e9e4544c845cc50276322

    • SHA512

      8eccd26a562fa8132651ecaaeaa4380b54f352417fc584188701dd32ca8e16ff6273c1b1f278c2818cad3e23cc34826cae9179c40e3aea2b3350b4f3a35de1de

    • SSDEEP

      96:E7DnAyH0HCSkuLBoMmbST9Di1fqgtlPcit8LuuLH+VXvridGRzCroBDzsNo3kS3m:A3UTDmORD93r1SyujCk0gK

    Score
    3/10
    discovery
    behavioral10behavioral9

    • Target

      Languages/Translate/Howto.html

    • Size

      6KB

    • MD5

      2c612f25697a61d3330066ce4f37ff0b

    • SHA1

      b0331212ac6705b78d44c8f02516575161a320e0

    • SHA256

      bacf5c868b639027a3c7e1a1fc43236b9302a3f3ccb654b09ece82ba4846679a

    • SHA512

      b85ab5be9019831d548516da359c7387ea3c787c30bdad33b70e78b49867985df165aa9ae26e6f5ce4873d94b80ea22bc43067b13c65b80829ddacafcffe3288

    • SSDEEP

      192:A4w4E6Ppi8CBWiPr8XWCOxl1VKtQvbnpYkBunpqp9pX/Hnpqp9pg+8KVQWRRpIsi:xw4fhi8C5P4XWCOxsIHVPZn

    Score
    3/10
    discovery
    behavioral11behavioral12

    • Target

      Languages/Translate/SPLngEncoder.exe

    • Size

      176KB

    • MD5

      a1d27ce3a266a242871d77004933f943

    • SHA1

      2e5de490540d6c1055da8dae1c9fd74757c533e6

    • SHA256

      51ff4a45580fd7f885fb38f6273ad006ca3b144c40ae685eee47b7c40468ed3a

    • SHA512

      a6ca75ce9f8de2be028b6ce6e3139227003c6fde80fd93d971407ddbe747ee2713612d192fbfc15f0327676e4512ff0b2f6d8e5799c11e38c9f188152cce4e99

    • SSDEEP

      1536:nLOJVhVwjyPapeldBeuumL+0rlgFzbbGdZWsjItbTeKmgAWYXi6/AvvrRnToIf7k:mkgGjosFzbMNvvZIvr5TBftRHAvtp/

    Score
    3/10
    discovery
    behavioral13behavioral14

    • Target

      StuffPlug3.dll

    • Size

      784KB

    • MD5

      d0a5ff4907b10b17189f5e5995744ad8

    • SHA1

      5c78da2f826a21398c7015e8a5792b3005d892cf

    • SHA256

      a68b379e89c75ea0b9102a4e1ba7f1e7f51bb262d386e806a49772388c73b226

    • SHA512

      851e8ec57ffe781a72113c6a03572efbd2640eb6ec57b84b6aaf2fa5f8d14193f6d0adc5a258fdf9ca581043360d55d8f18af43cb6e971f1a1e658f2efd130ca

    • SSDEEP

      12288:4i+R3yB6rR/wT9/uPLvPPFKNFTMqRncHb:hw3yIrK/svPPFwFTVkb

    Score
    3/10
    discovery
    behavioral15behavioral16

    • Target

      Uninstall.exe

    • Size

      105KB

    • MD5

      b1ea71554eeb7b0693cd4cdd8db4bfef

    • SHA1

      4d486d1a10ff54cef309e100eab2d5d157755bf4

    • SHA256

      7ef9a842cf7198cf654ce9006e3f9fd2d1e1dd684376dad52a6c143337bb8848

    • SHA512

      96396302596fcff4bb999bac994af4082733aace2284cbb9e7a11bf19c05f24a99c60a67106b2dfc2a39a81bcf86d67c1b9df736d535a04fb66391f0fde11975

    • SSDEEP

      1536:8jae1wYxmBBoskJJPjCEuOtiASezmkfi+KiMi:8meDmBqskJJPjCjOhm6Ati

    Score
    7/10
    discovery

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral17behavioral18

    • Target

      $PLUGINSDIR/InstallOptions.dll

    • Size

      12KB

    • MD5

      29459d9ee2bce32ed937fb1f965f9d5e

    • SHA1

      8fff45ed45f3af8f8c248eba9a1c02c9c5fc911d

    • SHA256

      ad07968b7d93ef19e10e1deb52e0c912e96dde30c0a49a0239daf176fd4c9ef5

    • SHA512

      d4ef4eadb0f53e7086a1d242bf7f745ad79d83d9ecbfaa283cf0dd499271a804589a575040bb20d5c98e86197cc65ca05ab1a358c556ea82a3e297d0255015a6

    • SSDEEP

      384:oKlm7i+c3QW6ckPhyDEaLnH2bbBBIXwZ:dqi8BcyhEhLWbbTI

    Score
    3/10
    discovery
    behavioral19behavioral20

    • Target

      $PLUGINSDIR/NSISPlugin.dll

    • Size

      14KB

    • MD5

      33fadb8e64ef565bd86c8c38001c4af6

    • SHA1

      444dfd7d2bb902c00a621a39ac375e34fa15694b

    • SHA256

      8587d47b584ea1bc5837710161f6f9ff528501746a72f45468894a938856d456

    • SHA512

      38cf8927110e3345de854cd8a0ae2ad257a44e9887bed3272fdee280677fb543c77f0132bc5c7264c0715a1ebfb01d8412ed9cfd3b6acadc58fc5fb1a24b9d93

    • SSDEEP

      384:eom6hxGCqF06r7psoCQpJR2g0aLskxnr2ROL:eXCqa6BsoCQpJR2glHxnr2ROL

    Score
    3/10
    discovery
    behavioral21behavioral22

MITRE ATT&CK Enterprise v15

Tasks