853a22fbcdcdff08189f96dcf352d80e7fc7ebcb0b80db7ea5ef92bd7fb22349 | Triage

Sharing

General

Target

eac5755ac9ce32484212bb80979a6356_JaffaCakes118
Size

2.0MB
Sample

240919-hc4kxawaln
MD5

eac5755ac9ce32484212bb80979a6356
SHA1

6db81f38ae1e6c8099a4723c8b961bc495c9a48a
SHA256

853a22fbcdcdff08189f96dcf352d80e7fc7ebcb0b80db7ea5ef92bd7fb22349
SHA512

d28fda4b33ce3218ff075f8260344b93da8d5839e9881bdc1d0c618bc972d24ed476d8a2abfc787c573877b474468f37a8c509b817b00e16c7e13eaad9584166
SSDEEP

49152:A0W1r+cYeiVsBZfdPq7HfV2C3GFZRAYEyXQ1:TWVaei8TPq7HfV2DLRBC

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  eac5755ac9ce32484212bb80979a6356_JaffaCakes118
- Size
  
  2.0MB
- MD5
  
  eac5755ac9ce32484212bb80979a6356
- SHA1
  
  6db81f38ae1e6c8099a4723c8b961bc495c9a48a
- SHA256
  
  853a22fbcdcdff08189f96dcf352d80e7fc7ebcb0b80db7ea5ef92bd7fb22349
- SHA512
  
  d28fda4b33ce3218ff075f8260344b93da8d5839e9881bdc1d0c618bc972d24ed476d8a2abfc787c573877b474468f37a8c509b817b00e16c7e13eaad9584166
- SSDEEP
  
  49152:A0W1r+cYeiVsBZfdPq7HfV2C3GFZRAYEyXQ1:TWVaei8TPq7HfV2DLRBC
Score

7^/10

discovery
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  $COMMONFILES/SparkTrust/UUS3/LiteUnzip.dll
- Size
  
  46KB
- MD5
  
  1259c3b4bda98faf491bdfec7a147b36
- SHA1
  
  c8d0a31672ab51a9bda2def63a5830dbf59a92c1
- SHA256
  
  645fe3e7dc8ed3c2f363ee551f064986a10c36fdb9a37153b30ba5400cf738fe
- SHA512
  
  fdcdbb1042ba5dc2a365345bed123f317e8735dba5d9dbf3d6583d40a728049ce6c253e3311ce427c924ba3afc846f25dcd9241fff4b2b02380a457cb55c7b9c
- SSDEEP
  
  768:08zd/VxMu48xq5j+HW6D4nf6HSE53CtRGXDpD2F+8edR5xPa/JM:nd/VxMu48YQbtSE53cRGzpz8G0B
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  $COMMONFILES/SparkTrust/UUS3/UUS3.dll
- Size
  
  398KB
- MD5
  
  06ac7e5259b6f53981281234e6a32b20
- SHA1
  
  b47aba88718028a768aefb6b1ffb0075fa2af472
- SHA256
  
  d1ff447f35ed67a8e1396accab9304fbdbbc7d26d4b47942fefcc2dec3dec2c4
- SHA512
  
  e4697ebc21240cf6d21fc26ec7d37565e5ce26c53c4a591ba925b31c4fb883e35339a790707ed149e18d60e054c9ad70dd5b1448c42f140ab3ac0d5038d045fc
- SSDEEP
  
  12288:b/fHAeW9e/7FKKBpGDwJkChY/CCsU9okbBxB9:n7FKK/GcrY4U9ZbBxL
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  $COMMONFILES/SparkTrust/UUS3/Update3.exe
- Size
  
  1.9MB
- MD5
  
  4b15260fcda31054e6ac5a8db7a1de4d
- SHA1
  
  1bf462093f313b66b615daa0cd79dcbc4f141afd
- SHA256
  
  ed1701f6596fce88f565fd4a5973fd4a1d8bb95fb8a3004247199d4f25288427
- SHA512
  
  8008462d27ae1ae015604e42e62baf35ace85dfaa1b5cc4cb65ec788421f7488b7a7fbb3f74191047cc2ebb3b9ff1218eb232de3092ac632f0a4cb057b4e9d61
- SSDEEP
  
  49152:eYTDBxsF2Lci2he3z3/ucVlbDYXJEH7iHbT5Sc7Fxsdt7+B0XE+ehEcPS:Rz7Lci2hez/LlbMXJEH7iHbTSdIB0XES
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/AdvSplash.dll
- Size
  
  5KB
- MD5
  
  41be2441ee7c684eaa76a62d4223b4c7
- SHA1
  
  05de8220e296db1025f7bd4d9de1f44370018162
- SHA256
  
  0990902460ec38bcd605b518bffa081942c6f4c5fe1828a61ba3965bbf15d8bd
- SHA512
  
  fec074a2196141e497334b57563dc7863a0b949d348164aec8c4f21d1b3c4ed795e03fd6e5726a2e90da7015abfbb4e28102647c0e343e84a707e99271a1a938
- SSDEEP
  
  48:i/UYdq4ThVJttIETQ1lk+MfSvZcLLefNDpXq65wtBpuRNanZNA6zu6cv9n1MFM0C:qvTFfSc+0OeLLefNDE6OuXaZq6VG6MJ
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  $PLUGINSDIR/FindProcDLL.dll
- Size
  
  31KB
- MD5
  
  83cd62eab980e3d64c131799608c8371
- SHA1
  
  5b57a6842a154997e31fab573c5754b358f5dd1c
- SHA256
  
  a6122e80f1c51dc72770b4f56c7c482f7a9571143fbf83b19c4d141d0cb19294
- SHA512
  
  91cfbcc125600ec341f5571dcf1e4a814cf7673f82cf42f32155bd54791bbf32619f2bb14ae871d7996e9ddecdfcc5db40caa0979d6dfba3e73cfe8e69c163c9
- SSDEEP
  
  384:1NWlNdqdAnhTKMLE2oIM05fnqCiWg3Yy9kflIinokN:1NWtqdihTKCldkYwkdpnoy
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  $PLUGINSDIR/KillProcDLL.dll
- Size
  
  32KB
- MD5
  
  83142eac84475f4ca889c73f10d9c179
- SHA1
  
  dbe43c0de8ef881466bd74861b2e5b17598b5ce8
- SHA256
  
  ae2f1658656e554f37e6eac896475a3862841a18ffc6fad2754e2d3525770729
- SHA512
  
  1c66eab21f0c9e0b99ecc3844516a6978f52e0c7f489405a427532ecbe78947c37dac5b4c8b722cc8bc1edfb74ba4824519d56099e587e754e5c668701e83bd1
- SSDEEP
  
  384:3rYz6grZodORNWATt4TBmlk5ooyzFh7BukAUdJoUtSOSR:3QggDWATWNCFh7BNddJoxO+
Score

3^/10

discovery
behavioral13 behavioral14
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  11KB
- MD5
  
  959ea64598b9a3e494c00e8fa793be7e
- SHA1
  
  40f284a3b92c2f04b1038def79579d4b3d066ee0
- SHA256
  
  03cd57ab00236c753e7ddeee8ee1c10839ace7c426769982365531042e1f6f8b
- SHA512
  
  5e765e090f712beffce40c5264674f430b08719940d66e3a4d4a516fd4ade859f7853f614d9d6bbb602780de54e11110d66dbb0f9ca20ef6096ede531f9f6d64
- SSDEEP
  
  192:sRer7uivwq1XpKs4FVWSjMd8tIg2cREbyCsZ8q2R4Sy+Xe:s67Xws4FVWig86/5eCBqSy+Xe
Score

3^/10

discovery
behavioral15 behavioral16
- Target
  
  $PLUGINSDIR/UserInfo.dll
- Size
  
  4KB
- MD5
  
  d16e06c5de8fb8213a0464568ed9852f
- SHA1
  
  d063690dc0d2c824f714acb5c4bcede3aa193f03
- SHA256
  
  728472ba312ae8af7f30d758ab473e0772477a68fcd1d2d547dafe6d8800d531
- SHA512
  
  60502bb65d91a1a895f38bd0f070738152af58ffa4ac80bac3954aa8aad9fda9666e773988cbd00ce4741d2454bf5f2e0474ce8ea18cfe863ec4c36d09d1e27a
Score

3^/10

discovery
behavioral17 behavioral18
- Target
  
  $PLUGINSDIR/nsDialogs.dll
- Size
  
  9KB
- MD5
  
  f7b92b78f1a00a872c8a38f40afa7d65
- SHA1
  
  872522498f69ad49270190c74cf3af28862057f2
- SHA256
  
  2bee549b2816ba29f81c47778d9e299c3a364b81769e43d5255310c2bd146d6e
- SHA512
  
  3ad6afa6269b48f238b48cf09eeefdef03b58bab4e25282c8c2887b4509856cf5cbb0223fbb06c822fb745aeea000dd1eee878df46ad0ba7f2ef520a7a607f79
- SSDEEP
  
  192:y1zQhZDqlJcKISw99ioU3MSfwLF/+nhHUisdz:ozoZDGKYw9goWyFGBU7z
Score

3^/10

discovery
behavioral19 behavioral20
- Target
  
  HTML/0_days.htm
- Size
  
  2KB
- MD5
  
  c4adffb03bfc3e5ab85ce974632e4648
- SHA1
  
  32576cea157f19554ae16bde2d46648f25f98e07
- SHA256
  
  c63cd033fa4ac6b0616505ca49cb44307f4c0f7f5b156cf7e85d4fb204034e8a
- SHA512
  
  6be6cd1b0f365b81e4f6fece205757663b26bc924f1b70969e8f4d9a53819fa2ad83ac7ecae0cffd6f1208e48c9f121d79f2e68a02adc700277eef311c00b0d9
Score

3^/10

discovery
behavioral21 behavioral22
- Target
  
  HTML/15_days.htm
- Size
  
  2KB
- MD5
  
  b81bb5124e7ed3ac0c168484f75d1f79
- SHA1
  
  82013887218c47fe855fb11418c4d691fee710b4
- SHA256
  
  136fdf29aa928a273d10b95a255185a386c9db115d428c4634fe4a06a55a8a5d
- SHA512
  
  f9f12d59b705b76459dace63beeafbfe42cace48f792f34f9808f2e8b49ac29f49f32c28e186a5a44802ef9b990e8d648cb6520e9e5f6ad84c246b3e5db4f353
Score

3^/10

discovery
behavioral23 behavioral24
- Target
  
  HTML/1_days.htm
- Size
  
  2KB
- MD5
  
  a51f5eee3288feb5be244849cc3e839e
- SHA1
  
  15cfc3ba7aa3e13dbd9aa82c45bd27beb2e79ad5
- SHA256
  
  16cc72351c5fba41db3ea91ed8f457f39b103e5a4f54e0666d226ab62eae8b95
- SHA512
  
  26370ae6227fd2094da688ee2f9cc2bb2f8fcfd902319f99b9335ce918e011c2ec9c8fa0bb884bae6276e6e140545d3516074d7125ddc796a437bde65117990b
Score

3^/10

discovery
behavioral25 behavioral26
- Target
  
  HTML/2_days.htm
- Size
  
  2KB
- MD5
  
  1633d3f9b3892cd4cf4633d13519bb55
- SHA1
  
  abc3d56ba192054365da62623b273e8bff19b5b2
- SHA256
  
  9385c330cb9f4dd4157f5c3c6c390a26da30db700086c37668832190332144c9
- SHA512
  
  092ff369e04674d7cb5b059d06503dd39e9f5fa76263d380ab2630196301af75ad123b8c222fd20d2b11ee2dc6403878cd3baf468276b670208da82df6e9a181
Score

3^/10

discovery
behavioral27 behavioral28
- Target
  
  HTML/30_days.htm
- Size
  
  2KB
- MD5
  
  8b70663589c6442786062be7c14201f3
- SHA1
  
  362e18d88bc2b5e26d4959a56376b551e2320775
- SHA256
  
  93f7dc1557cea9d5f12cf75375b9265c9bce6b4e920b8f1fbbc20800a3d94057
- SHA512
  
  a7524d489ecf17879bb8cb3e786b12dbdce5ab10b6c9c486d4cf4d8260344a96ef8d9a714347764cfb1d4bf24608ee7be126bd75157ab61f146a3357560fa148
Score

3^/10

discovery
behavioral29 behavioral30
- Target
  
  HTML/5_days.htm
- Size
  
  2KB
- MD5
  
  88eb76dadfb6feee08f0b0420447e855
- SHA1
  
  8ea86f02e72503080db84bc63e6d9f2dcc91571f
- SHA256
  
  44d3d520494089d2806c8ea5ca024c650131546955a3aa7cc00c92ad5ce263d3
- SHA512
  
  579ce476cf87bd337e505c66f1b79eb8693565f185b310825186134df31f5fc40ac6516833c54877ea909de1fbe1e9344df5698b31fa40a16d54506b6511dfa4
Score

3^/10

discovery
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32