496e2ce2cd547220993e14276081e30c3069da1cb3055116fd20424b0668d53d | Triage

Sharing

General

Target

eaa75dbd974169462e0727a037a00198_JaffaCakes118
Size

3.8MB
Sample

240919-fyccfasemd
MD5

eaa75dbd974169462e0727a037a00198
SHA1

35a043f66063e844bc2a5edc761863a97771e9a5
SHA256

496e2ce2cd547220993e14276081e30c3069da1cb3055116fd20424b0668d53d
SHA512

07fef0e78b33d8cfaad2833c80d0fa07c1d60ed50132d0ce1b4277639f9e1a73a1a17345365c420587d3cf66ffd657855df10cc70962e6d083f0c6982f442383
SSDEEP

98304:7hFBxV1m5VtG1gVXXLv8jArF9nBFYN8/0oTzkomaCJRxdfjzN:bBxG5VtlJbkjUF9yD2Yd9JXdLzN

Score

7^/10

discovery execution upx

Malware Config

Targets

- Target
  
  Tradutor Binary Domain pt-BR baixesoft.com.exe
- Size
  
  3.8MB
- MD5
  
  de44cc672373fafe303d8b4605e70a3b
- SHA1
  
  cb38a5e738322567d7399e3981f126f2a51d6c3e
- SHA256
  
  fcb3c3154b9a317644c73fc6345100531489194dd3244ca980ca828a3109e1f9
- SHA512
  
  e2c50db5d6e4778a5327bc01171d33f867fb8155796cefb0b7d7698d0cc8f1b497fd05ee84b6e1cd62b663610dab566cc69fa390112e42530b2c19c10510b569
- SSDEEP
  
  98304:zFv7VNm7P/yh6VXVz1U7ADv7NBpwT+dysjzSKcIyVRdVfjzB:Rv7m7P/f91i7Mv7it2+1DV/VLzB
Score

7^/10

discovery upx
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/Aero.dll
- Size
  
  6KB
- MD5
  
  5c7408c25f1076eb96908e5bba521bb5
- SHA1
  
  46df8dfd93593360b9b6d2e4ab1892843246228d
- SHA256
  
  ab864a3c247e9016414a4a8b26155942b7c3814cc99be6a59b86c456bd22c061
- SHA512
  
  9eebf8378a0eab0ab66e70f20aea185392ce0de36e63a37c07ccd93a5d1d8fe95a2ed8c428c63d6aa8c0a5b424e53e412fdeb0e5be2ee57f9eceafa19e03062c
- SSDEEP
  
  96:+k+RX2Fg54iQrKWX09fODXCPbnV767ZJG:8X2FA4iyXNm7Ve7ZJ
Score

7^/10

discovery upx
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/Delay.dll
- Size
  
  7KB
- MD5
  
  4602d9a9ed82d646522ead08a58536a9
- SHA1
  
  b070bad90e13e85c97bd4e530ca7958c22e36a5a
- SHA256
  
  b6691bf37f13e37bfc07d45990092fd9398f7eff8cb1bbad05e528def0307c4a
- SHA512
  
  5ebad4e83d411799a25b1e462ac3c7683dd0c973f131eed29131af7a240f92f55e6c60b78f96388bf7c4134941353794d79ef6c91476e8def7e5c803544afec9
- SSDEEP
  
  96:fkcYhKlqWFeJ9DekCN3jPpP4DyGE3qLNf:cXKMJRC5BfGE3qLN
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  11KB
- MD5
  
  c17103ae9072a06da581dec998343fc1
- SHA1
  
  b72148c6bdfaada8b8c3f950e610ee7cf1da1f8d
- SHA256
  
  dc58d8ad81cacb0c1ed72e33bff8f23ea40b5252b5bb55d393a0903e6819ae2f
- SHA512
  
  d32a71aaef18e993f28096d536e41c4d016850721b31171513ce28bbd805a54fd290b7c3e9d935f72e676a1acfb4f0dcc89d95040a0dd29f2b6975855c18986f
- SSDEEP
  
  192:7DKnJZCv6VmbJQC+tFiUdK7ckD4gRXKQx+LQ2CSF:7ViJrtFRdbmXK8+PCw
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/WebCtrl.dll
- Size
  
  5KB
- MD5
  
  f134448c6531c16271d776cdc930cff8
- SHA1
  
  6fa6ae69ee46486b33b41f08719319aca5d0382f
- SHA256
  
  f7e1e03c140cc86bb7b259f1882b4b461128d70213e7f030360a9c76d6c51884
- SHA512
  
  c83db0d30e51d5dba4fe4abab562fde9358f9970b32aef729f326f394e744698b936b134e8718afd9a2ac970daf287278b2685b77566c50f733f58897fd0c16d
- SSDEEP
  
  96:EPR9lrwXckwd7NLLd8e1+A39Lji7juoxiApV3ii:EPR99tZd8e133xjkuri
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  $PLUGINSDIR/newadvsplash.dll
- Size
  
  8KB
- MD5
  
  7ee14dff57fb6e6c644b318d16768f4c
- SHA1
  
  9a5d5b31ab56ab01e9b0bd76c51b8b4605a8ccce
- SHA256
  
  53377d0710f551182edbab4150935425948535d11b92bf08a1c2dcf989723bd7
- SHA512
  
  0565ff2bdbdf044c5f90bd45475d478b48cdbd5e19569976291b1bdd703e61355410c65f29f2c9213faf56251beb16d342c8625288dad6afc670717b9636d51f
- SSDEEP
  
  96:qD5UDaGxZH52QhtZafDP9BTS9nPg83UniV/zRzGEl1DMl1zN6LmeYt4dO:W5UDaGxZH5T0j+9nl3BzG0IZ6LqN
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  $PLUGINSDIR/nsDialogs.dll
- Size
  
  9KB
- MD5
  
  c10e04dd4ad4277d5adc951bb331c777
- SHA1
  
  b1e30808198a3ae6d6d1cca62df8893dc2a7ad43
- SHA256
  
  e31ad6c6e82e603378cb6b80e67d0e0dcd9cf384e1199ac5a65cb4935680021a
- SHA512
  
  853a5564bf751d40484ea482444c6958457cb4a17fb973cf870f03f201b8b2643be41bccde00f6b2026dc0c3d113e6481b0dc4c7b0f3ae7966d38c92c6b5862e
- SSDEEP
  
  96:hBABCcnl5TKhkfLxSslykcxM2DjDf3GE+Xv8Xav+Yx4VndY7ndS27gA:h6n+0SAfRE+/8ZYxMdqn420
Score

3^/10

discovery
behavioral13 behavioral14
- Target
  
  $PLUGINSDIR/scroll.html
- Size
  
  22KB
- MD5
  
  c72424f1826536ad0f60b08cc6e35ce4
- SHA1
  
  8792db36f8e01b5197681e29ffc5908e4e553ca0
- SHA256
  
  de324067675b39b96711b09263cc69270c685d6ac3bc611031775ae236348d5f
- SHA512
  
  eac150ee3948d32f2adb4fa16ec7023da8620205f61f56e5dbe40028cc74722f624585e69693a6a6c4baf59d561443b00efbdf3e891b4c402046d8ea79e80771
- SSDEEP
  
  192:UB8178T5+KHxCHoN+TEMBSX4dOjUNOKi7KRd6ITKzLHxvXtX5GtAPCJza2Aq0Fa0:4y78TsXjY5IAWMFB3
Score

3^/10

discovery
behavioral15 behavioral16
- Target
  
  $PLUGINSDIR/tr_data/cred.html
- Size
  
  33KB
- MD5
  
  9726c08e9cc36923743434a44e4f24ba
- SHA1
  
  7b2b1a64a5cf6bf89a853aa770fba4a33d829104
- SHA256
  
  f6f9c61553c94a8134a4c0a1f104aca6cabbb5f5b410aa957a94a5fa228592d9
- SHA512
  
  dd95ffd5a21ae5e4c17448b01580a740fff1a54ef43e31502c7c8e9f00d46411fad0b39a8903b96a9d7888efb3767340eb84166e45e3d8ac9fe51766872bccb0
- SSDEEP
  
  768:g8n55828G5y5J5W5CtUt4qDF6BHkseGLcBHP5eMHtueMaE/:g4jHdULcWqDF6BHkseGLcBHP5eMHtueW
Score

3^/10

discovery
behavioral17 behavioral18
- Target
  
  $PLUGINSDIR/tr_data/legal.html
- Size
  
  26KB
- MD5
  
  2e524a71ac033c0619db0594856ba6d5
- SHA1
  
  450941553b685e48d6fab7b601b4d940ec73337d
- SHA256
  
  228cd4bbb92734f1ee76daf0cded20902fb9b7d3ebff857f21ba60a798f3a511
- SHA512
  
  444a7bd0d4a2e11675a7b43accda32932b16b727ff31daff56293014d37f0f081480c32034db9603999e7d3223c4407f67b05af577a66e17e3a3ee0df1c32ead
- SSDEEP
  
  192:e78T5+KHxCHoN+TEMBSX4dOjUNOKi7KRd6ITKzLHxvXtX5GtAPCJza2Aq0Faemkd:e78TsujY5c5zJAWoJxly59V
Score

3^/10

discovery
behavioral19 behavioral20
- Target
  
  $PLUGINSDIR/tr_files/scroll.dflt.js
- Size
  
  171B
- MD5
  
  46903025390c7274e546ddcf50526cfa
- SHA1
  
  c8cf17d978275fbeb42e040bb0538d212ce28654
- SHA256
  
  fb295cf92b819f9e7d95b62495aeb15e12cd3291add18093c946184127411984
- SHA512
  
  94230f5826b8ce67e0b914687224387fe31187c59ecb20e6f1ad8189e6d3bea76de3c7f505b0c2373b2b5c37257e89a3db6d9c544b5b19cfd2c67995968f3ba2
Score

3^/10

execution
behavioral21 behavioral22
- Target
  
  $PLUGINSDIR/tr_files/scroll.html
- Size
  
  4KB
- MD5
  
  fa5e9eb978e1acd9cb8e6cbe2ba76510
- SHA1
  
  a08920b5c81bd559a859757f6555863b1b0b804d
- SHA256
  
  1d55105e632396f76b046513f1805f8144b8d2dc2a0d75dd78b37cb771be705c
- SHA512
  
  8a156d805f20029ce06e9a78922f21410c0a2b99ec6b9f7d8c26bbc69efefa221c8c9c3c7264a544405eaccac54c259ddeb77384b9ac826720d60ee5a3ef1757
- SSDEEP
  
  96:QD9KskjS+e0nOJOJ3nctYcoUV1FzTOKKInCBsHSM4imf2fy:89LkjS90nmm3U3PFPOCnHmf2fy
Score

3^/10

discovery
behavioral23 behavioral24
- Target
  
  $PLUGINSDIR/tr_files/scroll.js
- Size
  
  641B
- MD5
  
  451adb9f6bed8859cee8ffe17a356dc6
- SHA1
  
  7606b460525934d666b19c6159167016bfa4ecfa
- SHA256
  
  83c74fe20d8cd134c900bc18231311a307fe9d40508bb0a4a3c008333f4755bb
- SHA512
  
  db4fde5819bef93f4c7709aaeee6ae79c87ae6d8283f408fd420847495ef618da5313b71e2da4afd6e3239b9d6e184856a8694ef201b3cc2d9de08074a6cfb2f
Score

3^/10

execution
behavioral25 behavioral26
- Target
  
  $PLUGINSDIR/tr_files/scroll.tpl0.js
- Size
  
  1KB
- MD5
  
  39133e190f144254ac4a3ba40d8863a6
- SHA1
  
  adb69965c2f4b76b10d029761e5eaa60dee10a5f
- SHA256
  
  d61df469c5484d3c20ad027e741321dd1921285142cc8acf73cf363d7798e310
- SHA512
  
  1c877ed7c7d76d858f79e1058181b4e77ccede55f782118f1c189dfd9d1a45e6c610154270f026c7c83fbbcd79e3fd96d3d12a3890508e9e420475a38157f36d
Score

3^/10

execution
behavioral27 behavioral28

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28