82d50f8fee3af588a3981e4b0ece5ec5e2ee07f50bd6949eb618bb6b0523bb44

Sharing

Copy URL

Twitter E-mail

General

Target

e0c0c02af5787c3c063f3beb85d96295_JaffaCakes118
Size

241KB
Sample

240914-wvg2hsxgrn
MD5

e0c0c02af5787c3c063f3beb85d96295
SHA1

8b9494a77773405a232ca527c80426850cf5f947
SHA256

82d50f8fee3af588a3981e4b0ece5ec5e2ee07f50bd6949eb618bb6b0523bb44
SHA512

26162326907aaa15c2f27ff13cdf703cb1876372182ffdf5b67c4c5d0566c91df070478eed8fd004b826dfd1148eaabbe7fef5b99724f51e76b8c7f8b27ee59e
SSDEEP

3072:dS17XJiDxmJFeqgKJ+BCeum4Vc1U9zWMiPzCjn38FIb6BwrdZo9cxqXdSB82wqPD:dGiSgKCuQoWMiIwvIoK4X48rqPIE

Score

7^/10

Malware Config

Targets

- Target
  
  e0c0c02af5787c3c063f3beb85d96295_JaffaCakes118
- Size
  
  241KB
- MD5
  
  e0c0c02af5787c3c063f3beb85d96295
- SHA1
  
  8b9494a77773405a232ca527c80426850cf5f947
- SHA256
  
  82d50f8fee3af588a3981e4b0ece5ec5e2ee07f50bd6949eb618bb6b0523bb44
- SHA512
  
  26162326907aaa15c2f27ff13cdf703cb1876372182ffdf5b67c4c5d0566c91df070478eed8fd004b826dfd1148eaabbe7fef5b99724f51e76b8c7f8b27ee59e
- SSDEEP
  
  3072:dS17XJiDxmJFeqgKJ+BCeum4Vc1U9zWMiPzCjn38FIb6BwrdZo9cxqXdSB82wqPD:dGiSgKCuQoWMiIwvIoK4X48rqPIE
Score

7^/10

discovery persistence upx
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Adds Run key to start application
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  10KB
- MD5
  
  7e3c808299aa2c405dffa864471ddb7f
- SHA1
  
  b5de7804dd35ed7afd0c3b59d866f1a0749495e0
- SHA256
  
  91c47a9a54a3a8c359e89a8b4e133e6b7296586748ed3e8f4fe566abd6c81ddd
- SHA512
  
  599f61d5270227a68e5c4b8db41b5aa7bc17a4bbe91dd7336b410516fa6107f4f5bf0bbb3f6cc4b2e15b16bf9495fdc70832bab6262046cb136ad18f0c9b3738
- SSDEEP
  
  192:LO6dJA/ruAFEiUdWWE6hsD4YUdJfbub1awgMO:SKAFERdlxhTYUzqZaw
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/nsDialogs.dll
- Size
  
  9KB
- MD5
  
  f8d73e6c35f053856e23146405550b37
- SHA1
  
  88ca02327f3c421e8eea9ce4044c669ddb09c937
- SHA256
  
  26e774dd67c362992bb2412be34c27b5e6dd0a24ef7f274f598c7d6cb2a658d1
- SHA512
  
  1b019a2e426b8dc509813d9d5489162a2933e9bac97e6b4956792466a21e6f146ec0c7d5108db1c827c24bc0a84d761b40098d7cf1de6f11452b7585002adce7
- SSDEEP
  
  96:az20b56S03smw/SK5bUhkRuiKkwhJkEIGEoOcxzKMyB0r53HdYnndXxV:n/Syw/SDViKkWJhEoOd0r539Gn1/
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  filefinder.exe
- Size
  
  83KB
- MD5
  
  1073fce728d8e30ed976fdea277d4682
- SHA1
  
  50eb7ae5a8bd1f17e6fcd34e40e189b4882f527b
- SHA256
  
  e18c5caaa9ea42043708c185c1fb0387dcba91246b42f8f6dc0e7649310699ae
- SHA512
  
  5e0649c2b949e8d0fa8687d4e3a65527026bd9e6db9bc8d6faf0227fca8ae073179656d31904d9e950843b5eac6d55bc3806db5f9ac471c16d3f9f225bee01ca
- SSDEEP
  
  1536:9zdkwlMCvZ1zSz/lg1DJHGNZkAoxNA97Guj78VKuHbjefIBANyZ1lOpTkrIxM:9zd5h1zIgPmNGLI9njQR/dBANyZ1Mg
Score

7^/10

discovery upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral7 behavioral8
- Target
  
  filefinderuc.exe
- Size
  
  71KB
- MD5
  
  76998c0facfca0781d4b5c991d588d7b
- SHA1
  
  23ce343a2c7daa12aac60a52f62d31aa3dc412aa
- SHA256
  
  58040d292d0a1265fa6e15b7a0d350f094f34916abc501be839c14be529af928
- SHA512
  
  24e6ad71187c8cbbb4580916b03402b2f4fce34977dcb7f70bfa670700108863343943920397ff0d7c9084d02155014f5fff75370c2499c2c481f53c98e9db4d
- SSDEEP
  
  1536:OL1Sx9UL6FxESYincrT7aIE/IM9bWyHgGZPt0hox+yZ1lOmokDxq:OLe+TTAI7+bdAGXN+yZ1T
Score

7^/10

discovery upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral10 behavioral9
- Target
  
  unset.exe
- Size
  
  17KB
- MD5
  
  6533d789f8961fe03276eb72288f189b
- SHA1
  
  a5f9dd7f0daea03a7f946bbf10f76c009e264767
- SHA256
  
  77b15230bf3d28c6f4d01017fc43ad712608a7b06cce011fdfad5ccdb2c19d52
- SHA512
  
  9d38c2c05a3fdc6e8e5e34f510bcde0a40ed63ee08f157a9daa47a051b3d5cd2d614b76445ac3d0c80e86457d0c0899fe99a95609322d8004071d8ac14665dc0
- SSDEEP
  
  384:BkAaH3FkqiFIAiXvlwcPfycgCeG6xbi+GHmOEQjCDT53JYJLZ:+AaXipp8vxjQi+pOED2L
Score

7^/10

upx discovery
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral11 behavioral12

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Executes dropped EXE

Loads dropped DLL

UPX packed file

Adds Run key to start application

Checks installed software on the system

UPX packed file

UPX packed file

UPX packed file

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12