General
-
Target
eabe80335778b6495bb615345c9dca08_JaffaCakes118
-
Size
13.9MB
-
Sample
240919-g1qtaavbmf
-
MD5
eabe80335778b6495bb615345c9dca08
-
SHA1
d17229b14e5f7d3ff1a47f8ac8a3188b4195c987
-
SHA256
8e52ead6497719ec558f7f3e93095fd35185f00f4c39aba85135fffc24f58f40
-
SHA512
24585da42c03bafa8d4d61c846d197d41be3287489b59da5ba21bf19aab1b045e80015dab619d93aad84b78131dd2ce0d2ac031e3977a2eb6fbdb158412183b3
-
SSDEEP
393216:RrXBq/rJ19uYoOgXWimA5TPwAAkXHg+ncj92Nqy1j:RdC3FA5TYe3gWQ92Nqgj
Malware Config
Targets
-
-
Target
eabe80335778b6495bb615345c9dca08_JaffaCakes118
-
Size
13.9MB
-
MD5
eabe80335778b6495bb615345c9dca08
-
SHA1
d17229b14e5f7d3ff1a47f8ac8a3188b4195c987
-
SHA256
8e52ead6497719ec558f7f3e93095fd35185f00f4c39aba85135fffc24f58f40
-
SHA512
24585da42c03bafa8d4d61c846d197d41be3287489b59da5ba21bf19aab1b045e80015dab619d93aad84b78131dd2ce0d2ac031e3977a2eb6fbdb158412183b3
-
SSDEEP
393216:RrXBq/rJ19uYoOgXWimA5TPwAAkXHg+ncj92Nqy1j:RdC3FA5TYe3gWQ92Nqgj
Score5/10-
Event Triggered Execution: Component Object Model Hijacking
Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
-
-
-
Target
$PLUGINSDIR/FileInfo.dll
-
Size
118KB
-
MD5
8a9d5a3fd88e9c063c2012d05d3810da
-
SHA1
67e18733c396e224d0458ccc26058ff58b381424
-
SHA256
900002e96c907dcc569ae694ac36594fba6b42f3a17a71dcc316997b39abd9e3
-
SHA512
0e11a8070e997841440d117219de997831674241d53b5ddf6b08c937a0fab0f7edeb9e605ca79ae643daade2422aec23b07549eda784c44947161b03c30364a3
-
SSDEEP
1536:nuS+ho3wr5iBRN6ZZHSnbZy1M7MgYOza3EBNxRha+11cdsWjcd3mEMpDlwjJjvuD:n5/wrqN60c1M7VX6My+113mEMpDuJDuD
Score3/10 -
-
-
Target
$PLUGINSDIR/RCWidgetPlugin.dll
-
Size
1.2MB
-
MD5
3c19a198540b34ad04bf30e86ac3e62a
-
SHA1
9ba37429b42bebce7e2947a3d38cff0fa6a09ad9
-
SHA256
321d5e65f3018fffc0d11d48aec9fba4f3c275d71f30201cbfacd25c2c33578b
-
SHA512
878b70f91ffec9244f1ca201a1aadc2af7a2ca40814d15385026b8ecedc607dd1529405d7be5d2a27466cdf8db0cafcd6baaf1f9ce38b9f4e3acd2a80eb59fa0
-
SSDEEP
24576:ugk66cLn3PuVb6G9vE65mElzaG3uSAuUsacJqUsacJ2bO2kjX:uZ6KvEIHaG3GSasK
Score3/10 -
-
-
Target
$PLUGINSDIR/System.dll
-
Size
24KB
-
MD5
d04c981ca61dd94bf18a9da01741a988
-
SHA1
c21ee686ca461874b3c418aaa27c604dd67762b1
-
SHA256
7cdd2eabc521adb8e7f0d44f747aaa6a5892bb237048172eb78ed4183f91abf3
-
SHA512
fe3625f615373e6732b274f4df6bb82c9a4ab93f8151f2bc4b74caf4a61d338c7a4f4825aee6bfa3d9270e61102d35250ef3811f67503c78352848788a94ced5
-
SSDEEP
384:/JoiO8V2upW7vQjS/4VndpkEYPLnKyzJotS:/JzO8V2uovQjtVIEviiS
Score3/10 -
-
-
Target
$R0
-
Size
6.2MB
-
MD5
fb7da9d8c450a58b383ff42d94ebe23a
-
SHA1
06a106efccf80560ac0fc848b8082916a7574081
-
SHA256
79107685d8d6adadd68decf5d34739b6519c2467687896ce698f9188a4b6dca4
-
SHA512
17c0e3bc0614886c9dd2da7965f96b1c4726388d8e6248b8429515026abed9f7327c09c7154d2e6e989a55c4eabed189c49067d5a14451a85b2957784a876475
-
SSDEEP
49152:Q8GH9teLBY922SM9c50Iq0ikQXvnxC262mGldjoAYkVTIGRGB/Ar95VpeOOQ1KT:xM9bYAUsxYOOyKT
Score7/10-
Event Triggered Execution: Component Object Model Hijacking
Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
-
-
-
Target
2345BatchRename.dll
-
Size
197KB
-
MD5
f8418e84ab32e5598a16507b2f9e4e67
-
SHA1
040832463219b6e1ad81eaccc5d4de6670c2ef2d
-
SHA256
6d1c415987a27876ee59ed4916fb09f65ee3eed56edb06d35c9da08ba01c3957
-
SHA512
1d886793ecadfce47972b7b5fe1c0484b62c9f2eefa6074a8c90a24e4632a5605282eb1b9ddf3d8c942a7b46b04a8f1ec487498b05d15e4a91f0bb292bfc3add
-
SSDEEP
3072:rh+NgmCcz8s2+Ccw+cLYqxFTFNJIJmcWcYvS36M0HJ85a+ITJ:rh0ucz8s2CYYsxLcf361HKy
Score1/10 -
-
-
Target
2345EditorApp.dll
-
Size
2.2MB
-
MD5
236c6f1976174fe4e52c4b5e62519389
-
SHA1
a8969c2d33579f7123686be89ead1cbfb246a527
-
SHA256
c34295a60e28659b036aa5f7d0206526b66d40b9747806cdde7234bfcb5a0a2a
-
SHA512
dc0ca639f2f143fe1cb4687f698ae13af114beb1d5e34a10dd92f0e8cb562060f210fe5ad7a7e0615451993c3bbe8b29b38628fde935e9a7e92b40234fb6c150
-
SSDEEP
49152:Me+M1aZHMI6hBvB4zfNbnJcvdPwaKLqtHaqaz+l80kxxqGI2C+Pyz:Me+UIfNbnJvq/
Score1/10 -
-
-
Target
2345Extract.dll
-
Size
536KB
-
MD5
c655f3817ecfab674091fa72b036d24d
-
SHA1
df5f3638454fc7dcffbb66f340ab543c68c727c3
-
SHA256
4e8de7add31a605eba8adc18418a1c06204a3f5cb07c9df85018eaa1cd87c387
-
SHA512
158399f994b0bd8f4fd5a9dac630f088718cdfa63a2f1fa3e49f1eae40c7a8081c18909c4281307affdb35dca504592af256bb3fcdc0f0ae8cd77e50b43b379a
-
SSDEEP
12288:kEiaxhBLhxd47lmcyyqMEuqh4Jl2Aql1d:kE5bdElmxyqnPhal2Aql1d
Score1/10 -
-
-
Target
2345Image.dll
-
Size
2.5MB
-
MD5
fdbea9b6295b55d76fc1b6867bc0f940
-
SHA1
048dc23a2d5ff8aa5df681809087c711042a3983
-
SHA256
312179d504eb7727c19a11ba2128a014302ec73edc139679471fe7fbc44bae58
-
SHA512
8a47a2bd060de70dbbe756ebcfaeebb476a6bb3ffc836e583a9cc59f76eff09e26a223742f08ae07cf42353e9647a3a40cb6edb895c1dacbc1fbd359a0c305e4
-
SSDEEP
49152:sW6gtGR7Cs6z8/qerNMx4RTe3CJwKT0O9xmTVJ:sW6ws6z8C4Ma9x8
Score1/10 -
-
-
Target
2345ImageApp.dll
-
Size
4.4MB
-
MD5
871a2e124307827d83b630045f9201a4
-
SHA1
9980644dbd86690cdfaaf7da70fc4548fa2b6c4f
-
SHA256
8d94aea66dc4de4c00435460f87319a2cc24c7207bf9f3fca923f64cb1931db0
-
SHA512
8c7edc1d79b3dc5bd6f2ab4cd78cbd98f21ff07eca33ae64f4b03c59df96b045d59d4ef2367cf03119fbe580249e6f10f0f95d57e6df93827afbdd6931102a3d
-
SSDEEP
49152:MQ4Vi7eHVrM0DXPG/YQWQLRuEy9p1qm3cTnbnbMDc4l3eY2KLPTx5i7oBu00EMsc:fne1rtQWeRuEUqmMTnbnQJF9vu009
Score1/10 -
-
-
Target
2345ImageCapture.dll
-
Size
336KB
-
MD5
bcb8a837ecad26c31d609be26a83f8f8
-
SHA1
ecd5a18db8b28b5041acf6fdda23c51c0bfa7587
-
SHA256
abe4ae6484ecad450d6550d6b14b7271cb2a44f278d71fe66980e06dc44023d4
-
SHA512
19baafb7744db7eede1bee1222ef41f2b41bf8cfd189d2f3de1b2abf4f36444aa0abffd22c1beb7a2917090feb071271bb89c81e7158ec7033e622e371142144
-
SSDEEP
3072:7EnWDYILq/a4rGaR1vdu+IhXb9lrggggjDPHnrLxacLVjXPc9/:eWIa4ZR1ctPrggggfPHJnVjXu
Score1/10 -
-
-
Target
2345MiniPage.exe
-
Size
769KB
-
MD5
2a4e9ca094057f5b46396e76b717ee46
-
SHA1
827974614e5a69b9ec10854038e149564bb9f43b
-
SHA256
b5d924ae58cade8582a17f3353e99d85e2f37ac6a9c8a797de6fa39ce670c968
-
SHA512
5a421b793226060cfc206dad4c1d776c95a5e2294de3441867113990dd0ef2b1d79784e7916f3e9216a5545cf08ed37b548895b27ada37773a13519133e4a632
-
SSDEEP
24576:0hMks66HYPeAikjIjqmko6vRn8qO6ZB1QA4:UpwHYmqoW8qO6ZB1Q9
Score1/10 -
-
-
Target
2345PdfApp.dll
-
Size
5.3MB
-
MD5
50215e7ea2000461e6c5da38e8a09af0
-
SHA1
eeb72c62d43ca9f0777fe31bf185e196a12963e4
-
SHA256
e2380bed0f05779070a53425775a8e60ce46f4dc3d8d7458be1fcd5f4707ae96
-
SHA512
ef8c175170d6933568cbb8dd0076f97949fb9ad18036df9e4f390313a4d96ba24a79f7f2cdc8a90abae5d12f36ce1514de9acb82c948db8416639d4d2510092d
-
SSDEEP
98304:+mzcPxCOOSIlyrOmUSXEQC5PJ9cRnQUrBlin9BCkyCFCji:+mzUxzZstSYBKRnVl29BCkyCFCji
Score1/10 -
-
-
Target
2345PdfReader.exe
-
Size
227KB
-
MD5
373e4b98c4b7dad19e8949753937d33d
-
SHA1
b2c0328b10aa11ed5b2ce6a177acf616d0936ac5
-
SHA256
63fca522c83028ae3f3cad18b3d08f81637cfcc2f0dafb635b9ded1fe7cbe2e1
-
SHA512
71b21208af9ba703ebb80b559a3868af40643871e59fe68285eaca6adbf8f30cc3525866fdb17df5f572220b7c3208fedd4c98ab0e692eab9ca4768d66364338
-
SSDEEP
3072:o6c5Pa1caqMRVyyOuy8Xo4MOqkgqErm7/1dQ88+qIYqw69Cs8BkTlVLb1:o95Pa1caqdyOuxY4zqZkWobwg86RVl
Score1/10 -
-
-
Target
2345Pic.exe
-
Size
257KB
-
MD5
3104080edbd5b6a8e9160f6a5405904d
-
SHA1
9dea9b3ced455533ad0c4cef58f2fb9854f2be0c
-
SHA256
9fac60d0b0563e0fd85ffef48194b4dd1e7da750ce027f894afda3d1e8f600f2
-
SHA512
d9231afb8dd98776a2e5d349d015d6c401d152acee16ed93a26be4a7fee5ff346c0289e1f688219b8fb5302109330f7af7d23f400541e99847ecedfe17c7f115
-
SSDEEP
6144:osYHq9ESyFyFhRjAzlLl4KXwoFychAb8iLGRVQg:oIZEl4KXwchAb8iLGRVQg
Score1/10 -
-
-
Target
2345PicEditor.exe
-
Size
232KB
-
MD5
3261d313cf1405da78b513502d9f8eab
-
SHA1
9c9a0e2793cad74de8e37efeb8ef95506b29bdfd
-
SHA256
728758df3ab8aac2df6088f05accf875557d67925255f50ae863a5c5bd6dab20
-
SHA512
52a52d687b213672eca689fe8e373c423e5a218cde489d468d51f78abc87842334028394021a6a8b9d49540808170f697da8da8222031c362068d9dcdf9ea03d
-
SSDEEP
6144:ozeLK9ESyZaFhRjAflHlOezwLn6mSTesqpNQRVR:orZMlOezwu8sqpNQRVR
Score1/10 -