20cb81dee086f39aca1b60dcf082297b77ceae9979478d056da7324db9215f2a

Sharing

Copy URL

Twitter E-mail

General

Target

eab4224a915b61070a26486434011586_JaffaCakes118
Size

809KB
Sample

240919-gkgwfatgln
MD5

eab4224a915b61070a26486434011586
SHA1

a4c426072b4b2307261a58960f1ce52506db37a0
SHA256

20cb81dee086f39aca1b60dcf082297b77ceae9979478d056da7324db9215f2a
SHA512

0d69db6a37016b1b3d9a3a8b62391846dcc7e89616d7418d362363d048a865ebde3fad7fd7989fe58bdf71b45e32222561007d3e0b80fc895e17da7a4cb204f1
SSDEEP

24576:z+B9nGDOTcVKtrQjUFqVhPbwrirJhOLWyRR:yB9GDOWKBl8hDLJO

Score

7^/10

Malware Config

Targets

- Target
  
  eab4224a915b61070a26486434011586_JaffaCakes118
- Size
  
  809KB
- MD5
  
  eab4224a915b61070a26486434011586
- SHA1
  
  a4c426072b4b2307261a58960f1ce52506db37a0
- SHA256
  
  20cb81dee086f39aca1b60dcf082297b77ceae9979478d056da7324db9215f2a
- SHA512
  
  0d69db6a37016b1b3d9a3a8b62391846dcc7e89616d7418d362363d048a865ebde3fad7fd7989fe58bdf71b45e32222561007d3e0b80fc895e17da7a4cb204f1
- SSDEEP
  
  24576:z+B9nGDOTcVKtrQjUFqVhPbwrirJhOLWyRR:yB9GDOWKBl8hDLJO
Score

7^/10

discovery spyware stealer
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/FDMClient.dll
- Size
  
  222KB
- MD5
  
  b8d9503e3c0ac31fae05382a2cc6197b
- SHA1
  
  f6085be74247af30c2aa79a63e8bd1f9667951df
- SHA256
  
  e57ec829e42342a1a0826c45a52e76b5cf038d3074f88b64b41dd75a367979c0
- SHA512
  
  8b926afbd47b42541e51e3eed65eaa7dffab3295d0ee1350174b187995e0d232e2c5b76e426407577c590d6a2418ef12e37bddc15438c1eeaed1e134feda8f6d
- SSDEEP
  
  3072:Ip2FoR4ViIWPLmeRq9CuT3HNEFybbQVcQYI3xsMhgl3Z71PR+LQHB:IQpePLmeY9jTXNEMlQYkxseglL48B
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/Failed.htm
- Size
  
  5KB
- MD5
  
  dc97ff133e028759df5f5cb1614252b4
- SHA1
  
  67ab60e8bf101176f62007558a4063deb5b0f993
- SHA256
  
  31126e10bb189aa23ad62f61dbe8ac09abdc47c4065a44fac97918da5bbc14c6
- SHA512
  
  2102a8508175bd387aa75388a56b66e97558ea855a57a195ea5d2786661176018a796ec5d5ffaa86dcdd5d8b560ad1f998138c3382a8a90715136886ffbccb88
- SSDEEP
  
  96:7rBd6l1WOVLKTBOIHMVtZTk/fOvPY0QINWjfalZNpRWr:/BA1WmLKgIHwbTs2vPYLIRZNz6
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/FirefoxHandler.dll
- Size
  
  42KB
- MD5
  
  89299f2e807a795737d82926b076e570
- SHA1
  
  ab503dd7ac9028d35a45113fad14ca35b2b0ebd1
- SHA256
  
  68b2c80193a1b96c02bd6cf8b30210ed8d8c185855fe99b06ee6d70257e1e58a
- SHA512
  
  e8e7bda3f04657e7f36bef52d9d4309d45bb958f5829479ce3f36d39982d9122f9e770c5870301f7e1dc6596d842ed7a2e926a8a77639b213c5ed6e566cb4ecd
- SSDEEP
  
  768:g92TwvrKHG8lvQdxk/+IX19elUSrMQLisawIUqoULdAOfK+2+ZIG6DepE3:82kvkyxkWIF9elU1+ALWOfZZE0E3
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/NoneSilentSuccess.htm
- Size
  
  4KB
- MD5
  
  6f8fb0c5d03fc536b6333ed5e3241a1b
- SHA1
  
  f60c6da4c05a8c210cbe351a00cb755082d9319c
- SHA256
  
  8ab394c1ba95cb5f83646dbb99e2aa81050ae7fa11fce7a3c9684efddfb22dcb
- SHA512
  
  8b7f962b81c72754eec6201ee0d799b7d081947efd5fc6a3d6dc256bb2ac7e7b254f7a37d3b5b94e58ce8d90395428fb85aa9b4f67d6c93b360198e1d1f70945
- SSDEEP
  
  96:V9WOHLKTBGHMVtZTk/fOvPL/ALINWjXxZiXpZr8Y:V9WOLKcHwbTs2vPjmIdX3N
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  $PLUGINSDIR/StdUtils.dll
- Size
  
  25KB
- MD5
  
  bf1e3eeb30508a5ba86d912268db28df
- SHA1
  
  6b46253c42c1caa010e23a9c5dc8e372247d394e
- SHA256
  
  8d40af42ac73079369704eb366963d454993b1f7081ad7ff98d75aa867635c31
- SHA512
  
  37e1ab08b6fea28dbecf11adebfc8aff30fa5ec4a712c143cfe879328e32fa44f70e0727e3e888c12b2850141751e920eea763ab4b06d199be19fe38916fb746
- SSDEEP
  
  384:vl2pZK7DtDHCi6erpVpRC+GBcdmJwa0kBj4nYPLD5Xk+eMpsZ:vcpgPtDHCi6M7CY2c6mZ
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  $PLUGINSDIR/Success.htm
- Size
  
  4KB
- MD5
  
  7555c8d6a61a987c47e26c2f491ce7a0
- SHA1
  
  ef8956efabe63f5c95edbb142c588ef432b3fe99
- SHA256
  
  91a4f307110729d83671dd4ce05dfea53eb15ea258ab9d4a79a249d08bcb2724
- SHA512
  
  ce88a23b4f3fde0ea6cbb282eb36e66db39bc554010c0eb76c8de8fb1c5135da840c6982536c4bad9f64f57e89dd2965c7822d511ab8c7b5db8f88ce8e1b09b4
- SSDEEP
  
  96:V9WOHLKTBGHMVtZTk/fOvPEEOINWjl2iXpZr8Y:V9WOLKcHwbTs2vPEdIKX3N
Score

3^/10

discovery
behavioral13 behavioral14
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  17KB
- MD5
  
  62008374a494afeea2ee2ae9eee4c8c0
- SHA1
  
  94808fcf0748c437f4d7ffa4d540e054cb014fab
- SHA256
  
  9c4affddfa97b268b07c00ac28a2fe617dda806bf55088ccf348da149ee76c1a
- SHA512
  
  f584ed647b69ff8ff80450be8f0b267ebb3c97826dbf01d078165ea94b43afd1f00fc58b91d9e8f4d78465d70312c1b1a6ac66583ebdc009b0ce471a6cf149a0
- SSDEEP
  
  384:yJoiO8V2upW7vQjS/tnYPLD5Xk+eM0A/V:yJzO8V2uovQjq6N9
Score

3^/10

discovery
behavioral15 behavioral16
- Target
  
  $PLUGINSDIR/WelcomeScreen.htm
- Size
  
  5KB
- MD5
  
  54bbb668f02441624af5d536ad9dfd05
- SHA1
  
  6a4a1e9522658a725c3f4d2864a2087d33368db6
- SHA256
  
  ed7a47c63626fb0ad11635421592b3e805937ea04a94ca39f6864edceed708fc
- SHA512
  
  b7cd133b796af24a17345ba578bd03ea1de659f83f7b7d2b29bcf44ccbca376611d35fd0ec435083c8719f2e35cbab2d1afb2d9fdec89a3ef4302fcd715d439c
- SSDEEP
  
  96:V9WOHLKTBGHMVtZTk/fOvkHanGgKyzjAQINeX0XpiXpZr8Y:V9WOLKcHwbTs2vkHanRKyzjXIwX3N
Score

3^/10

discovery
behavioral17 behavioral18
- Target
  
  $PLUGINSDIR/manager/init.html
- Size
  
  97B
- MD5
  
  cda38dc637a00d09272d0e1d8e08a63b
- SHA1
  
  a8b9f973bf6cd39352ba6796cb82332f25a5d2f6
- SHA256
  
  b363c46a7f3c4f972910be6622a72346370c961cabc17ec43dc76f541701069c
- SHA512
  
  6c4a1033ddec627f34adfb4bc294e5a89d447c6c348105a0777fb450385042c2ffd4161353da77a9e17c8f9d5fa26e7d1139196edfcc4a2434a842e658693f08
Score

3^/10

discovery
behavioral19 behavioral20
- Target
  
  $PLUGINSDIR/manager/manager.html
- Size
  
  328B
- MD5
  
  18cca826ea1c82d66ffff240197e8970
- SHA1
  
  7e0f6e50bac9b22104634ed6efd71f0a5a5469c9
- SHA256
  
  cc91201e3162e0b209123789cd1ce2982d356075a1ec3f527d83e6a0c976b782
- SHA512
  
  485238751cbb774b61f6312506b8dbfbeb8f9ccd1aeebcc729a7205c4221816643eb20f7f02953f8e2542b2aa7d540fa6f82cbe4970053fbcf967250880d558f
Score

3^/10

discovery
behavioral21 behavioral22
- Target
  
  $PLUGINSDIR/manager/scripts/WebBrowser_embedded.exe
- Size
  
  37KB
- MD5
  
  fc63714527aca09e610de9b4d820b558
- SHA1
  
  8f146589072c425bffa6aa3e95a0ef6e1d2b4300
- SHA256
  
  ba998650808297fb9e79fea57556776317ca6ea3af6c7cb68b57ef62907fbb9f
- SHA512
  
  b0f29bd0a31c0b91dc0350117425711edf3d5460aefc82dbe93a94de591be7eba5648f389c7c199dfd17ac72e83b9a057e933254c16629e1d74fef222935f278
- SSDEEP
  
  768:LDWdFYu0oycO631SC12iKyyqrsA5IOON1/3X:ixO6UC122BON1PX
Score

3^/10

discovery
behavioral23 behavioral24
- Target
  
  $PLUGINSDIR/manager/scripts/gplay.js
- Size
  
  27KB
- MD5
  
  ed06e9374a6e34238ae5453061cff1a0
- SHA1
  
  31bb54a7080884d4cd2e73fe86c7f4030dfcd85e
- SHA256
  
  51b269d0b5116f3c67810f24879d25afb5b8d097a49df1634b911ca50e535a52
- SHA512
  
  1f11bdad4f6e746f53881c52d4ffc88657398dd1546ed9160e5a8241f9e1db918573b250cc6a21979de46c4ae56e9a3760b0ef9872eff5100f69696f6e9b05a0
- SSDEEP
  
  768:Qxx9PKwvl/c2ZjvbSR750GoEx2AfJYxfvEiDeV/2:Qxl/c2ZrbqoEQWJYxfvEit
Score

3^/10

execution
behavioral25 behavioral26
- Target
  
  $PLUGINSDIR/manager/scripts/jquery-1.10.1.min.js
- Size
  
  90KB
- MD5
  
  33d85132f0154466fc017dd05111873d
- SHA1
  
  161b78ec52f28657a835e4a5423f03782fd35806
- SHA256
  
  4837f7e1f1565ff667528cd75c41f401e07e229de1bd1b232f0a7a40d4c46f79
- SHA512
  
  5c73f7416de3af23384625ac9913eff11a8931ed8bf611bee49503354cb7de793d1997d309ed20e56fdb5bed4a3d52bdeeddef4ab09a10c20140137e4d68c00b
- SSDEEP
  
  1536:84TCgi8RzmZFX38J+L0kJQsYb+5k/QRZdC/RtfDwnv+p0WzH/IoSE7qABZnu0sFv:84AkTtU2p0WPSIDrstfam
Score

3^/10

execution
behavioral27 behavioral28
- Target
  
  $PLUGINSDIR/manager/scripts/manager.js
- Size
  
  6KB
- MD5
  
  3fdff21d0312634d1bca4fb95fe26125
- SHA1
  
  41e34b41211a4f0f199684b1eec1f304bdc7805c
- SHA256
  
  a123d5524138380aad21f70ff43bd824cdee03afad2701779049dcdd541033a6
- SHA512
  
  950fc6ea210a4b4e6af7931f8fe401947742c6d69c9787ee7bea005d6b89bebd44c1ae81c3180c62e61a8265e2f707d564473f4522f7acb010b9e36cc46055ec
- SSDEEP
  
  192:9J6wLsQ1LsRIv5u6zXxLRyDsELpR+pSkQQQcQzQ77QpQGQrksu+wbVelG:9vAQ1LsRIvU6TUTR+pQQQcQzQ77QpQGh
Score

3^/10

execution
behavioral29 behavioral30
- Target
  
  $PLUGINSDIR/manager/scripts/sharedWorker.js
- Size
  
  296B
- MD5
  
  b92cc101edc798297590ff9243a42bac
- SHA1
  
  ef1f595e09d9a88b3288d382406550097732f2b1
- SHA256
  
  e201cb0cafd742fa10c01b846ecd6ac3d18a44bfd87641de0a4a3cbe61893043
- SHA512
  
  618fbbc38fcd8a47eb2741647b9695ed27eaae3a7cd81b49fb7b5a15f1ada0e266b83e18b2534fc00141c3fc86435c38118e58b783123b53e766320b5992caa0
Score

3^/10

execution
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

T1059

JavaScript

T1059.007

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Unsecured Credentials

T1552

Credentials In Files

T1552.001

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Data from Local System

T1005

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Loads dropped DLL

Reads user/profile data of web browsers

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32