Overview

overview

8

Static

static

7

e5f76f8f4f...18.exe

windows7-x64

8

e5f76f8f4f...18.exe

windows10-2004-x64

8

$PLUGINSDIR/7za.exe

windows7-x64

3

$PLUGINSDIR/7za.exe

windows10-2004-x64

3

$PLUGINSDIR/Aero.dll

windows7-x64

7

$PLUGINSDIR/Aero.dll

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...sh.dll

windows7-x64

3

$PLUGINSDI...sh.dll

windows10-2004-x64

3

$PLUGINSDI...ec.dll

windows7-x64

3

$PLUGINSDI...ec.dll

windows10-2004-x64

3

$PLUGINSDI...dl.dll

windows7-x64

3

$PLUGINSDI...dl.dll

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e5f76f8f4f4752fed844121887363f7e_JaffaCakes118

  • Size

    1002KB

  • Sample

    240917-d2sgqasfln

  • MD5

    e5f76f8f4f4752fed844121887363f7e

  • SHA1

    b0c08ac1807664785220db048eec52010040e324

  • SHA256

    3420348ce2c722c8a05d31159f84540d4d484db3c3d439f5b3e73562fafe13f6

  • SHA512

    c84bc95086645e4407c6810c491eb695792f95087d9ea8422d9ad8c36419b5d961919cd469f9cb86278645630b15d31657c9481003d8ca2a6b3daade0273c921

  • SSDEEP

    24576:OGbVDOIBEaftjvJmyCcDeDOxg9KRrEyPSocvgH:tocDSOUKrPeve

Score
8/10
discoveryupx

Malware Config

Targets

    • Target

      e5f76f8f4f4752fed844121887363f7e_JaffaCakes118

    • Size

      1002KB

    • MD5

      e5f76f8f4f4752fed844121887363f7e

    • SHA1

      b0c08ac1807664785220db048eec52010040e324

    • SHA256

      3420348ce2c722c8a05d31159f84540d4d484db3c3d439f5b3e73562fafe13f6

    • SHA512

      c84bc95086645e4407c6810c491eb695792f95087d9ea8422d9ad8c36419b5d961919cd469f9cb86278645630b15d31657c9481003d8ca2a6b3daade0273c921

    • SSDEEP

      24576:OGbVDOIBEaftjvJmyCcDeDOxg9KRrEyPSocvgH:tocDSOUKrPeve

    Score
    8/10
    discovery

    • Downloads MZ/PE file

    • Loads dropped DLL

    behavioral1behavioral2

    • Target

      $PLUGINSDIR/7za.exe

    • Size

      574KB

    • MD5

      42badc1d2f03a8b1e4875740d3d49336

    • SHA1

      cee178da1fb05f99af7a3547093122893bd1eb46

    • SHA256

      c136b1467d669a725478a6110ebaaab3cb88a3d389dfa688e06173c066b76fcf

    • SHA512

      6bc519a7368ee6bd8c8f69f2d634dd18799b4ca31fbc284d2580ba625f3a88b6a52d2bc17bea0e75e63ca11c10356c47ee00c2c500294abcb5141424fc5dc71c

    • SSDEEP

      12288:myyKdVnyNhXCV4EkP7AIfzNXZ0b5NrnkcAqIV0A1caRI:mKvyNhXCV4E8BXAfrnkcAqU0A

    Score
    3/10
    discovery
    behavioral3behavioral4

    • Target

      $PLUGINSDIR/Aero.dll

    • Size

      7KB

    • MD5

      2329db4688b46b8cde1297575a8fc94c

    • SHA1

      dcaf28dd61992df3ffc64468e1ff487193d83ad8

    • SHA256

      2c58ec428c767ce05e3b2c18ef1e1d9be0d6cd3a97c9f33c95666ea9a66caa9b

    • SHA512

      1e6571c14faab22e6169c21867862bbaacd17bd0d8b589d8403150c62cf022b137428b681d5cffc51b6c772cc04d1213a142f1781dd3a38892daea93e2241994

    • SSDEEP

      192:M6nmPtvco460e35M76v9gTnDg9ZLbG7ChBsZ:UvcoIYKnDg9xhs

    Score
    7/10
    discoveryupx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral5behavioral6

    • Target

      $PLUGINSDIR/InstallOptions.dll

    • Size

      14KB

    • MD5

      3e277798b9d8f48806fbb5ebfd4990db

    • SHA1

      d1ab343c5792bc99599ec7acba506e8ba7e05969

    • SHA256

      fe19353288a08a5d2640a9c022424a1d20e4909a351f2114423e087313a40d7c

    • SHA512

      84c9d4e2e6872277bffb0e10b292c8c384d475ad163fd0a47ca924a3c79077dfde880f535a171660f73265792554129161d079a10057d44e28e2d57ebc477e92

    • SSDEEP

      192:d4n3T5aK+dHCMR1aQR9RuZl3WWmU7WYZsw1JpVGnrjsK72dwF7dBOne:Wn3T5KdHCMRD/R1cOnrjs+BO

    Score
    3/10
    discovery
    behavioral7behavioral8

    • Target

      $PLUGINSDIR/advsplash.dll

    • Size

      5KB

    • MD5

      15d8eee287329e2030c34c6bb3e62c87

    • SHA1

      1de23c0883f7a80a489e140c55b16970dd0264ab

    • SHA256

      9bf33690090655e91389469beb5dbdd45942192f2e2486c9fa82fa6d74a0f88b

    • SHA512

      6ee495dcefd131ca490d6f3077643f49598184c3a49f1f66ed7a6d1559ebb9266c8c87cf49c06cdde8a6cd0643fb46f83d13aa5f27ba0c90de4791cb8bad29c0

    • SSDEEP

      96:XqNXqwK188CgAtXvZBkjDf0yf9ysrtWpywol:XAqrg1XvZB6kYtWpy

    Score
    3/10
    discovery
    behavioral10behavioral9

    • Target

      $PLUGINSDIR/nsExec.dll

    • Size

      6KB

    • MD5

      b5a1f9dc73e2944a388a61411bdd8c70

    • SHA1

      dc9b20df3f3810c2e81a0c54dea385704ba8bef7

    • SHA256

      288100583f65a2b7acfc0c7e231c0e268c58d3067675543f627c01e82f6fd884

    • SHA512

      b9c8d71b5da00f2aff7847b9ec3bd8a588afeb525f47a0df235b52f7b2233edb3928a2c8e0b493f287c923cc52a340ad6fee99822595d6591df0e97870de92a8

    • SSDEEP

      96:p7GUxNkO6GR0t9GKKr1Zd8NHYVVHp4dEeY3kRnHdMqqyVgNQ3e:lXhHR0aTQN4gRHdMqJVgNH

    Score
    3/10
    discovery
    behavioral11behavioral12

    • Target

      $PLUGINSDIR/nsisdl.dll

    • Size

      14KB

    • MD5

      41f557e065b405f94d0ece8b5727233b

    • SHA1

      c6d1704eefbdfe0a7d4a03c65acc70cdde883598

    • SHA256

      9de492995d2180635aa3194b88ce6dd94e0c2b001af5952a73d4a84fbc32b6ab

    • SHA512

      43b35b2366ba54593087c8c9127da5acc8efb45ebb84603138027692877173294b7478f8c6308ed9b168813c7b6d5f2b8dd261b75e58d0c97440baa4d0fbe493

    • SSDEEP

      384:4ck76gi51kE5aYOMLDC4UnDp9B0Jc5HNw2rE:4ck76gibLCMLDLCx04HNVrE

    Score
    3/10
    discovery
    behavioral13behavioral14

MITRE ATT&CK Enterprise v15

Tasks