3f0437143cd7af722488c08b8492a4fd604eabfefa5b72d6771ffe03f90a6398 | Triage

Sharing

General

Target

ea76821341cbd2d4283d3a017118d91f_JaffaCakes118
Size

225KB
Sample

240919-dhc8paxela
MD5

ea76821341cbd2d4283d3a017118d91f
SHA1

300304dda3a06c115e70aa3464df9cce5736519d
SHA256

3f0437143cd7af722488c08b8492a4fd604eabfefa5b72d6771ffe03f90a6398
SHA512

6e529b56854244dce061767cfe11806268351ab3a6a39b8498c038def7c9f06cf32f29d2313bf5109a9e37e78d50c10bb0124d9dd0939a26433e23705ec7ff1d
SSDEEP

6144:KCl05Yc8aUrN6GXIki3ovp0+FS3eHMIrBj22Ubau/NYx+Nwc:KCy5t9UrNvc3Up0+tHMIrBj2JbFNBNf

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  ea76821341cbd2d4283d3a017118d91f_JaffaCakes118
- Size
  
  225KB
- MD5
  
  ea76821341cbd2d4283d3a017118d91f
- SHA1
  
  300304dda3a06c115e70aa3464df9cce5736519d
- SHA256
  
  3f0437143cd7af722488c08b8492a4fd604eabfefa5b72d6771ffe03f90a6398
- SHA512
  
  6e529b56854244dce061767cfe11806268351ab3a6a39b8498c038def7c9f06cf32f29d2313bf5109a9e37e78d50c10bb0124d9dd0939a26433e23705ec7ff1d
- SSDEEP
  
  6144:KCl05Yc8aUrN6GXIki3ovp0+FS3eHMIrBj22Ubau/NYx+Nwc:KCy5t9UrNvc3Up0+tHMIrBj2JbFNBNf
Score

3^/10

discovery
behavioral1 behavioral2
- Target
  
  $APPDATA/Internat Exp1orer.qnk
- Size
  
  1KB
- MD5
  
  9ffaab5f197ee38cf1fe65e19d4bb217
- SHA1
  
  39ee57d785cb31b75fe79879ab5dfed14eb1a28e
- SHA256
  
  6a1bfc7b4d0b3c749f9a5737f7f0253c634bdd62fe812948807c6beae039ecca
- SHA512
  
  eaa04c6437eac713912a81b2e11f97cfdc38d5d5bb459d7f4ae94d140b2bd4d74685cda43697f00b6803b1b58da3bef78ca3d9d6a4b9f5e4278ff2451aee512b
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  $DESKTOP/Internat Exp1orer.qnk
- Size
  
  1KB
- MD5
  
  9ffaab5f197ee38cf1fe65e19d4bb217
- SHA1
  
  39ee57d785cb31b75fe79879ab5dfed14eb1a28e
- SHA256
  
  6a1bfc7b4d0b3c749f9a5737f7f0253c634bdd62fe812948807c6beae039ecca
- SHA512
  
  eaa04c6437eac713912a81b2e11f97cfdc38d5d5bb459d7f4ae94d140b2bd4d74685cda43697f00b6803b1b58da3bef78ca3d9d6a4b9f5e4278ff2451aee512b
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  $DESKTOP/ԱմƷ.qnk
- Size
  
  1KB
- MD5
  
  3801cf5240ef322de5fb53224f763068
- SHA1
  
  e4286f9b6e5986b6a237bc70fdc03e8a36287e11
- SHA256
  
  23dde6d591dc39c8b7901a49ce2edbe1591ef2b68d69700a4c81fd741f2d714e
- SHA512
  
  3d26058c20050e236cb78533485dc2dd02ed6be0ab7037e8eac5916b75abe189d38f57ed45899787cbe69318ec4d6763633d1a8a96600fd0b20b83aaa9f03ef4
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  $FAVORITES/Ա.lnk
- Size
  
  1KB
- MD5
  
  62d588bdb74e4e2e5d1689fa9272ce39
- SHA1
  
  9d0db515d8f65e57353381d707060f7343a74da7
- SHA256
  
  248402dd02a096f9721d61fe867fac5cacf4dc9001fa2aa6a50a59f7405606ef
- SHA512
  
  cbb47f7e4227177ad39a1c914e00e0ca13209fe0839d13819299ad203572b69026c541d71c5101e4cdddbcf7786c6adf339af3e4b0aab65cb188614f646a893e
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  14KB
- MD5
  
  107737e3282fefd85684f2fa3df6d1c3
- SHA1
  
  3befbcae116a644ae28cebdc1d7dfe6be5c8ca5f
- SHA256
  
  21042be362d4073053bffcc90511b3ecf77902243525b56bb159581b5ece43a0
- SHA512
  
  439ac2f3066902e08d63dc3061f55063089857e765feb29fe47ba5819a9bebdff3fe2fe55fc8bfcfddb729d340f006ee95b5aa4422d712f9dcc07cc02ec410b4
- SSDEEP
  
  192:FTmFxiXTQdQbg9FkGuz9lBDpO5DwbgUojcA96lK72dwF7dBG0N1:FTmriEdYQFkGUlI6vojj6l+BGE
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  10KB
- MD5
  
  0ae9c427fe7bbbbf1368c1c6d3933ae7
- SHA1
  
  c8e5131613302531c88512dada29a18886259268
- SHA256
  
  49437f4b9fd38007f3b2735f0a8a12830b995305c75118b440202980183d5c6a
- SHA512
  
  59b76b00f2b0d6242dc5bc3cb36d3ff78867445f502e34cea890c6f493c2adf9b97cec539963204ddd1c641e1a77139f46fc33dec4dc636f4b06d2edffffec6d
- SSDEEP
  
  96:vCCshwlpqUsYghN/9uvZ7CLWNCSiiVTQYBGVXRvuBDlSriklbuba1iLc+cEyzo7e:BzqUuh/uLCXIkYBGV9uVlSblbubbwtl
Score

3^/10

discovery
behavioral13 behavioral14
- Target
  
  $SMPROGRAMS/Internat Exp1orer.qnk
- Size
  
  1KB
- MD5
  
  9ffaab5f197ee38cf1fe65e19d4bb217
- SHA1
  
  39ee57d785cb31b75fe79879ab5dfed14eb1a28e
- SHA256
  
  6a1bfc7b4d0b3c749f9a5737f7f0253c634bdd62fe812948807c6beae039ecca
- SHA512
  
  eaa04c6437eac713912a81b2e11f97cfdc38d5d5bb459d7f4ae94d140b2bd4d74685cda43697f00b6803b1b58da3bef78ca3d9d6a4b9f5e4278ff2451aee512b
Score

3^/10

discovery
behavioral15 behavioral16
- Target
  
  $SMPROGRAMS/Ա.lnk
- Size
  
  1KB
- MD5
  
  62d588bdb74e4e2e5d1689fa9272ce39
- SHA1
  
  9d0db515d8f65e57353381d707060f7343a74da7
- SHA256
  
  248402dd02a096f9721d61fe867fac5cacf4dc9001fa2aa6a50a59f7405606ef
- SHA512
  
  cbb47f7e4227177ad39a1c914e00e0ca13209fe0839d13819299ad203572b69026c541d71c5101e4cdddbcf7786c6adf339af3e4b0aab65cb188614f646a893e
Score

3^/10

discovery
behavioral17 behavioral18
- Target
  
  $STARTMENU/Internat Exp1orer.qnk
- Size
  
  1KB
- MD5
  
  9ffaab5f197ee38cf1fe65e19d4bb217
- SHA1
  
  39ee57d785cb31b75fe79879ab5dfed14eb1a28e
- SHA256
  
  6a1bfc7b4d0b3c749f9a5737f7f0253c634bdd62fe812948807c6beae039ecca
- SHA512
  
  eaa04c6437eac713912a81b2e11f97cfdc38d5d5bb459d7f4ae94d140b2bd4d74685cda43697f00b6803b1b58da3bef78ca3d9d6a4b9f5e4278ff2451aee512b
Score

3^/10

discovery
behavioral19 behavioral20
- Target
  
  $STARTMENU/Ա.lnk
- Size
  
  1KB
- MD5
  
  62d588bdb74e4e2e5d1689fa9272ce39
- SHA1
  
  9d0db515d8f65e57353381d707060f7343a74da7
- SHA256
  
  248402dd02a096f9721d61fe867fac5cacf4dc9001fa2aa6a50a59f7405606ef
- SHA512
  
  cbb47f7e4227177ad39a1c914e00e0ca13209fe0839d13819299ad203572b69026c541d71c5101e4cdddbcf7786c6adf339af3e4b0aab65cb188614f646a893e
Score

3^/10

discovery
behavioral21 behavioral22
- Target
  
  $TEMP/remote.exe
- Size
  
  67KB
- MD5
  
  71c0a16bad347349ea62d30b76bcc326
- SHA1
  
  841087fc28fb4812e0c2898ec8ac9049d3bcf593
- SHA256
  
  235d9e96c68a262c1d6093fa499c8ffc14f41cca8c79dc289bdb27d70b7411d3
- SHA512
  
  7d4ddb4e70d49cc1c221abf68b71f579200adefb1d79fdfd414494b32f11a004aafb3715e8131e382c61277a99abbc374ec7448f176d235bd2da581d71610fc5
- SSDEEP
  
  1536:Mppv5CNE2E/n/fn8lvOvNOH4KJJ6CR4Romu/BsKO+sqCZnAucg8s:Mppv5CNEhf8FH4KJJ6045y5CZ9Is
Score

7^/10

discovery
- Loads dropped DLL
behavioral23 behavioral24
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  14KB
- MD5
  
  107737e3282fefd85684f2fa3df6d1c3
- SHA1
  
  3befbcae116a644ae28cebdc1d7dfe6be5c8ca5f
- SHA256
  
  21042be362d4073053bffcc90511b3ecf77902243525b56bb159581b5ece43a0
- SHA512
  
  439ac2f3066902e08d63dc3061f55063089857e765feb29fe47ba5819a9bebdff3fe2fe55fc8bfcfddb729d340f006ee95b5aa4422d712f9dcc07cc02ec410b4
- SSDEEP
  
  192:FTmFxiXTQdQbg9FkGuz9lBDpO5DwbgUojcA96lK72dwF7dBG0N1:FTmriEdYQFkGUlI6vojj6l+BGE
Score

3^/10

discovery
behavioral25 behavioral26
- Target
  
  $PLUGINSDIR/NSISdl.dll
- Size
  
  14KB
- MD5
  
  01776e92060ac00338d0367e49518384
- SHA1
  
  928f7d41e59a1f9fefadeea6226c5a223ebcd699
- SHA256
  
  f144d17060052ce6205fdf717a647f6b4e20c268fea14e81efc26356d00bbaab
- SHA512
  
  2da8cb9c0cb7ff983b137d321f48f5ecf24600c1b52570691ed527531cdb61c98f8b2cf0c53446cb4e7f98d571f8e2591a3f3570ac9722abbac25648866d9881
- SSDEEP
  
  192:SpM3f5sTMzoU7Fs0+/tcDm0tzailQvzwTaoxs+/rH6hqCeHtpflVp6kn2VgsTwp:SpM3xcMzRF4/Gv+H+D6hqbgk2rTwp
Score

3^/10

discovery
behavioral27 behavioral28
- Target
  
  $TEMP/sobar.exe
- Size
  
  101KB
- MD5
  
  c51202c73fb0ce3056d0c01a3bf8f68b
- SHA1
  
  9195a2da229f08051e766dd323c3d194175a87ab
- SHA256
  
  f7109dcd62c383ea8701b879faea473e36014431491a07ca32bf01ffdffc28b8
- SHA512
  
  64df4240bf0692dbfd2b5d6650bd7b57eb11404ccfcde3aba6e9ca96a048ccb651d62d5fc82edbfd43774246af47a29c85d95fad12655cddcf5d1b486de3e11b
- SSDEEP
  
  1536:VAbk8OFzTqbkJ5qw/qzrzlXHu+TVj3Q/fClD21Qr6etqrlm7SZeDU7az7:VMCFnqbkJwZzrp/RLQoaQr6etOlkDfn
Score

3^/10

discovery
behavioral29 behavioral30

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30