2de44a0fb4fbbc9e33249a73dbe2d74eb27e2bea942baf80a4f9502042c8c55b | Triage

Sharing

General

Target

ea89cef767b32a7ccc16f27c41722f92_JaffaCakes118
Size

1.6MB
Sample

240919-egk3kszepm
MD5

ea89cef767b32a7ccc16f27c41722f92
SHA1

a6059e8f068d64121b28217cb4fb66d4fcdd8481
SHA256

2de44a0fb4fbbc9e33249a73dbe2d74eb27e2bea942baf80a4f9502042c8c55b
SHA512

da952f7e7678f421e4483b3eb19dae8fe13a347b22e3bfd5813595820db915c16fe6f3f9b33e8c5aaa80aa8aec414bd5629b480321d3805722cef2846a758c51
SSDEEP

24576:DnNGGtqknChWMtnOcAT85zzMl4Is+fF1WGIPpa6NAsujiGY1s5Dgxk:DnNpqNtOU5zzMa7U2nPCjips5cxk

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  ea89cef767b32a7ccc16f27c41722f92_JaffaCakes118
- Size
  
  1.6MB
- MD5
  
  ea89cef767b32a7ccc16f27c41722f92
- SHA1
  
  a6059e8f068d64121b28217cb4fb66d4fcdd8481
- SHA256
  
  2de44a0fb4fbbc9e33249a73dbe2d74eb27e2bea942baf80a4f9502042c8c55b
- SHA512
  
  da952f7e7678f421e4483b3eb19dae8fe13a347b22e3bfd5813595820db915c16fe6f3f9b33e8c5aaa80aa8aec414bd5629b480321d3805722cef2846a758c51
- SSDEEP
  
  24576:DnNGGtqknChWMtnOcAT85zzMl4Is+fF1WGIPpa6NAsujiGY1s5Dgxk:DnNpqNtOU5zzMa7U2nPCjips5cxk
Score

7^/10

discovery
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/DLLWebCount.dll
- Size
  
  28KB
- MD5
  
  0bdd7c6f1046ea4b42839f991ae53fb2
- SHA1
  
  cb9baefb10159b4a684fa1ee4372e7715865052d
- SHA256
  
  0a0019b2603dbc4505453c2501255ab0cc0b3c317ece4a6ce0cfb6a02a30907b
- SHA512
  
  96f41497f25d7bc81f51ab167f74243b4b767089c89c26f9752ef518fa60dedd2722c66ae87dad2334bcce1622bc12f7b9b892ae654ca58cecd9f35c9f1dc163
- SSDEEP
  
  192:OQoR7CK9FX/dVPWtJ/tXP88bSNwWW8+YdbDT:OQcWeJ/XPWtJxPFYi8nb
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/ExLicenseBoan119Page.dll
- Size
  
  44KB
- MD5
  
  0230f80fae228b4132df9dc8f35abc02
- SHA1
  
  31995846420bc4d6b941763640e34659c23ecb26
- SHA256
  
  2bcab8e380cccd5a6032851fedb7f583e3cc21bd86a242ea1af15ef1bc5b51e9
- SHA512
  
  beabb881e90aeb4da6d6d5bed85e88fd05c605881f49c49f79f6fa8220ac58d76b929fc35982bf5bf06dbed31001b2c2e2a31b4d3366e7685d5257cbb1ddf973
- SSDEEP
  
  384:w7+vXD0lJ57jNavOxJRjB9q8q0RMHDt82dv2JviXnTOg:w7gX0J5fNmYJRjBg8JejtU
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  14KB
- MD5
  
  eef9e469e8a30717974499f277d97e2a
- SHA1
  
  2d33c25984ebd9116beeb55cdde4c5c86c023e5d
- SHA256
  
  1f35bb6728237483c779005fc227e69fef51b0bafd32d15855d483948a337078
- SHA512
  
  d860132106a1c03dfa23f983b3c503f1216ac02f3d47833b96dfb333fb30bc8ab4d4fecd1f1f0a89f0c7f3586405461e2d53c26f282bb48970e549659b364b48
- SSDEEP
  
  192:8np6d+dHXLHQOPiY53uiUdigyU+WsPdc/A1A+MTjK72dwF7dBEnbok:8p6UdHXcIiY535zBtMTj+BEnbo
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  11KB
- MD5
  
  c6f5b9596db45ce43f14b64e0fbcf552
- SHA1
  
  665a2207a643726602dc3e845e39435868dddabc
- SHA256
  
  4b6da3f2bdb6c452fb493b98f6b7aa1171787dbd3fa2df2b3b22ccaeac88ffa0
- SHA512
  
  8faa0204f9ed2721acede285be843b5a2d7f9986841bcf3816ebc8900910afb590816c64aebd2dd845686daf825bbf9970cb4a08b20a785c7e54542eddc5b09a
- SSDEEP
  
  192:qADKnJZCv6VmbJQC+tFiUdK7ckD4gRXKQx+LQbVUSF:qAViJrtFRdbmXK8+WVUw
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  $TEMP/nsisos.dll
- Size
  
  5KB
- MD5
  
  69806691d649ef1c8703fd9e29231d44
- SHA1
  
  e2193fcf5b4863605eec2a5eb17bf84c7ac00166
- SHA256
  
  ba79ab7f63f02ed5d5d46b82b11d97dac5b7ef7e9b9a4df926b43ceac18483b6
- SHA512
  
  5e5e0319e701d15134a01cb6472c624e271e99891058aef4dfe779c29c73899771a5b6f8b1cd61b543a3b3defeaecaa080c9cc4e76e84038ca08e12084f128eb
- SSDEEP
  
  48:6EyuygeHCfxwU5x+6kx/k1gONv27oBc2OkIrHHl:VeHCf2762kKsu7oGjkIrn
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  Boan119.exe
- Size
  
  5.4MB
- MD5
  
  dfbb612a851978d0f1524a66cb5236a2
- SHA1
  
  f890de9c8d37442a4f0e326b65d251075d689207
- SHA256
  
  c154c544182c6be535b1fd9d5c6d8ba2890cee33772af43aa852e9cf40ff44f2
- SHA512
  
  5c3506ff590c3374dac7f413929301d985969ec6d653694024f64f358a124515c7bfcf9df5c0169ee712d8bdb536d50d0260aa105b8fecfd8be77604926cbf5f
- SSDEEP
  
  12288:yjaO0RK5bsmCbSmSyU9L6Lp232qfQ+bDV1x7o7PlhoWnmnxukiskfqm8Vk:yuO8E63+bDy7Plaxukiskfq
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral13 behavioral14
- Target
  
  Boan119Mon.exe
- Size
  
  771KB
- MD5
  
  e34c307c556c36d8b47471d7bba68b8f
- SHA1
  
  0d875af70f110e1270126a2c464e37cce05c25cb
- SHA256
  
  6ba4bb7ad22fc85fb6b2ab185754bfa815eaaef7e425b8d6fc5a5b832c68e762
- SHA512
  
  cc53d11f6e2a183fa36ccda3d1d84ab2d37c021d77a3092b22532ef090c690620d20130afdf84aff3d06ca1b89a30b3a0ebab4674b1de454d9de480796afb78f
- SSDEEP
  
  6144:D9l42kJmcpqlXIsCi0k+JDFPQU/u0L4wCRDAzvAxxzUO:DI2kJ00kuN/u0/CRD4vA7P
Score

3^/10

discovery
behavioral15 behavioral16
- Target
  
  Boan119cfg.exe
- Size
  
  1.8MB
- MD5
  
  180a5e6bda2ff60bc0b42a77c7baefc5
- SHA1
  
  d18b4a4617d046f2f8e2eed82640fc1acf08db41
- SHA256
  
  b9a6537b067e742a87cf99850220f5ef1cbadbb22fa187ab8e93525401d2ab4b
- SHA512
  
  2b44d53438482bcf63c8ba96b73ced4bf3af7ce57f231e83bb357e59b474bab39431ac12793e8013106b5e2ec84f179c46c00c15a6bf2d6375f4d6634fb34fbe
- SSDEEP
  
  49152:cbjdYowuStPlW4DopNSylUdhEmoHlxxgtMxM:caowltPs+opNSylU/EPlHgtUM
Score

3^/10

discovery
behavioral17 behavioral18

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18