43efb0b5f59b614a355ba8e6c8db2b6cc36363a253a0bfbb8026d2c2f8712b77 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f6f06d77b86631548ee3c10610bb7cbd_JaffaCakes118
Size

3.7MB
Sample

240925-1xdt4azemr
MD5

f6f06d77b86631548ee3c10610bb7cbd
SHA1

45877dfa03b65940c85b35de5cbec406eca4259a
SHA256

43efb0b5f59b614a355ba8e6c8db2b6cc36363a253a0bfbb8026d2c2f8712b77
SHA512

cfd3e167dceb3034666af32288f622324590c40b2e0d1797266691b1d16fd15de99c23d01aed7b8cefe44a3dca0bd7b26121b99d81ac71f6f48cbe510e59f23c
SSDEEP

98304:5ZUp9QLIeIdPH8tOwdIg2DlE1MaZ+lGGOFJ50Y:5up9x1cIwdEuwA9

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  f6f06d77b86631548ee3c10610bb7cbd_JaffaCakes118
- Size
  
  3.7MB
- MD5
  
  f6f06d77b86631548ee3c10610bb7cbd
- SHA1
  
  45877dfa03b65940c85b35de5cbec406eca4259a
- SHA256
  
  43efb0b5f59b614a355ba8e6c8db2b6cc36363a253a0bfbb8026d2c2f8712b77
- SHA512
  
  cfd3e167dceb3034666af32288f622324590c40b2e0d1797266691b1d16fd15de99c23d01aed7b8cefe44a3dca0bd7b26121b99d81ac71f6f48cbe510e59f23c
- SSDEEP
  
  98304:5ZUp9QLIeIdPH8tOwdIg2DlE1MaZ+lGGOFJ50Y:5up9x1cIwdEuwA9
Score

7^/10

discovery
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  11KB
- MD5
  
  0ff2d70cfdc8095ea99ca2dabbec3cd7
- SHA1
  
  10c51496d37cecd0e8a503a5a9bb2329d9b38116
- SHA256
  
  982c5fb7ada7d8c9bc3e419d1c35da6f05bc5dd845940c179af3a33d00a36a8b
- SHA512
  
  cb5fc0b3194f469b833c2c9abf493fcec5251e8609881b7f5e095b9bd09ed468168e95dda0ba415a7d8d6b7f0dee735467c0ed8e52b223eb5359986891ba6e2e
- SSDEEP
  
  192:eK24sihno00Wfl97nH6T2enXwWobpWBTU4VtHT7dmN35OlASl:u8QIl975eXqlWBrz7YLOlA
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/UAC.dll
- Size
  
  13KB
- MD5
  
  3fa5491c158c30082b42569cf4f54381
- SHA1
  
  a2d92f2c7a1b7c468ab14bd3ae03e2574baebc1a
- SHA256
  
  560ba0a768687a5b8643062b6183991e4d8e172b870e3c0a8a8847043ce32c86
- SHA512
  
  d12c67773d21cc8e827685feeb5805ca421ff1f5826471739909d6785d33b7ea21f41289ba063d58205918099efd4464523d8f90558f647e182d4cefb156d10a
- SSDEEP
  
  192:ppdvfthwGLUIcl2K7ExOhNyqyxzONcnTpI0S342aBgfqo:ppNoGLUBz7E4emcnTpIu0q
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/nsDialogs.dll
- Size
  
  9KB
- MD5
  
  d6c3dd680c6467d07d730255d0ee5d87
- SHA1
  
  57e7a1d142032652256291b8ed2703b3dc1dfa9b
- SHA256
  
  aedb5122c12037bcf5c79c2197d1474e759cf47c67c37cdb21cf27428854a55b
- SHA512
  
  c28613d6d91c1f1f7951116f114da1c49e5f4994c855e522930bb4a8bdd73f12cadf1c6dcb84fc8d9f983ec60a40ac39522d3f86695e17ec88da4bd91c7b6a51
- SSDEEP
  
  192:oWa8cSzvTyl4tgi8pPjQM0PuAg0YNyZIFtSP:DaBSzm+t18pZ0WAg0RZIFg
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  $R0
- Size
  
  110KB
- MD5
  
  96033c1016cf10b70b34cd79788af67b
- SHA1
  
  c34dc953542530a30e5222538a03481acb2e2f66
- SHA256
  
  826d4349561def04af90910efc817a73618be4f07f7649cdb0f6e63d38d7dc9e
- SHA512
  
  edec1457275af9810184fbc61ed15066cbaed28c61947afee16d834e72523f6bd439e25a18078c05cf48ac7f9d6479de337805caa4152265593be9e998927fb0
- SSDEEP
  
  1536:AS9BQsy16mHr0GEMErAt/xKg/LRks41mEFmg5l4ZLfjnKibK4:AS9Wsyw4zErAtGoYmg5l4ZLfPR
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  Query Syntax Help.html
- Size
  
  13KB
- MD5
  
  6e20c974ab77d1efc5d416adb57dddaa
- SHA1
  
  fb6359ebd325ed11ac1bff34399bfe56af3738d5
- SHA256
  
  9eb9474f79c0843952138f08ebb89d6a55c586cc60ea4e02c17ddc14dd992a8b
- SHA512
  
  60eb1bb760c99a64eba2c7d403b00f5a4a9d57abf04a195731ab76338d9cbac62ff317ebe944f4068f00153a67961c7a6d29714cbe139ec2c3fa77ab19c770b9
- SSDEEP
  
  384:L76w7ypNDB6BLRmh9tn4lMobn6qufspnL:i76BLR29t4uxqiW
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  avcodec-fb2k-57.dll
- Size
  
  791KB
- MD5
  
  62c1ac76a3da57946e469331775826dc
- SHA1
  
  efb9188959c1e609ab46aede474bdcbc9adc814f
- SHA256
  
  3ef06cf5267433ecc576dbcc24f0ac2666eaeaf9b18efb0baaf4a2aeb893889f
- SHA512
  
  fa874f17f2301cbe4cb86aa12ddfa2e89854cca9d82ae87dd5c9a3cdcea4a88f490f1f319b23ef82f28665b13b68bb0d080a5d8933d5479e6f59bd2af8e3f1f8
- SSDEEP
  
  12288:dbBdiBpyCGml57kw3rebQyOEiMFljV/elF7BgwG/cUl:dNdiBpyCG8kw3rebQyOE//ezdgwG/rl
Score

3^/10

discovery
behavioral13 behavioral14
- Target
  
  avutil-fb2k-55.dll
- Size
  
  516KB
- MD5
  
  a29ad276b594126a8f0927727140f051
- SHA1
  
  0f4635bfb38c1349fdb3930890574f6baa37bc61
- SHA256
  
  416c300aa4f3f58899c20f03de3733e1925e0412b29cdd2f8e57095335221963
- SHA512
  
  358bafa49488f5883c10f828f077c66ae8adb0df71a508212fcf2997110ee00fc7cdb0e2c202463a7c7d1251485938e1ef01969faf2faecbe6d30ae2e505ee39
- SSDEEP
  
  12288:PYLwu2P2ejUI6TrhnXwBXekxr5dm9Fu/s15u0PSGZZPx4TK+38D1jJlRpt9rWcbt:PYLwulPJprWcb6hn4K8
Score

3^/10

discovery
behavioral15 behavioral16
- Target
  
  components/foo_albumlist.dll
- Size
  
  348KB
- MD5
  
  10cffa81f8bc2fcd39bcedb0f7001f45
- SHA1
  
  1a6cdd2df591def500b30691702f2a08f8fed038
- SHA256
  
  f14850fb79ce1a81b1a20f8de1080086f5f797a03e636b3194a773d6d6b0d2c0
- SHA512
  
  0147871cc6d488a54936062fd5f3d7d8cf95bf3cfa6488159ab039213f02e62bbce48549b0bd37eb78d877d3e0864c48bdac3df7c7dad2378d6f733d8af94c2f
- SSDEEP
  
  6144:sJP6k8ZI4GcR3rQtMYRpIajJMEWAOS/qffsP:sXX4d3YRpIaqEWDfsP
Score

3^/10

discovery
behavioral17 behavioral18
- Target
  
  components/foo_cdda.dll
- Size
  
  302KB
- MD5
  
  7d48b66d66abd91d019878dfd475874e
- SHA1
  
  4eda696fb0d48c713c17aab8e5b4f00cbf88611d
- SHA256
  
  bee4076af211b24e40efb8daa07272a0c646433372789bed226bbbf1e8108f1c
- SHA512
  
  c805192e3d32be53dca98cf8edcc9763e3ba417f0909a6741ceddbe2dc407e7efe5bf387cea5bac42cc6acc8d2899e5b8d3183d3d0e16bdbd8117c9328ddbff2
- SSDEEP
  
  3072:0xCoZyhN6XKzojer0FlBrYF9enrtLcM1+c7olK1BFmbhMUZMo08RxAg0Fu0AlWZs:Zb+XKIXrdXwcIK1zmbhzN/AO1448
Score

3^/10

discovery
behavioral19 behavioral20
- Target
  
  components/foo_converter.dll
- Size
  
  523KB
- MD5
  
  38f2a9be2d04ec4c4a124f5276aad0d4
- SHA1
  
  1a1873399fdbbd331c907fd9ef94abecfd538a95
- SHA256
  
  7c9eb193da66f72c1e9ad9933f92eb8d32b044f5d8ea6ce8c3dac298e7c6cd10
- SHA512
  
  57846527098965986b67eff408edbe92b791939c4c6ce655f24e435ea6469d68b3eaa91e847271b252e356473ef07fec2c2ff6c0096aaff67bd92aaf6cb0a1d5
- SSDEEP
  
  6144:IKM6XTlvYHwwrfMfYY9ObQlhmMj57OwSdwrAOxAZ5CfVQvRJ3:I1MY/rfM/KMj57OwSdwriCNQv
Score

3^/10

discovery
behavioral21 behavioral22
- Target
  
  components/foo_dsp_eq.dll
- Size
  
  200KB
- MD5
  
  fa98d17d86ff7195fbe011e3c5931018
- SHA1
  
  8800a4d83d7ec1cfd0ddb21ff8ce4d5c8b585688
- SHA256
  
  7aca1dc9de707462c52eaed4faf72ab89f49387920ba52d5246c98b1ffb86722
- SHA512
  
  2afa867d399651383a33bc2a36ba54b311006b9bc74a0ef517a9edaa22da0af79f1cc1e6e3f7bac3f57f1479863d0df30f1b0bbba3b5c8697811a9e7ad322775
- SSDEEP
  
  3072:N1mljJGXyzcidQvxdg3g8H+j9Z3YRrowAg0Fu6JxsEg:uIaK5CQ8H+j9Z3Y+wAO6Y
Score

3^/10

discovery
behavioral23 behavioral24
- Target
  
  components/foo_dsp_std.dll
- Size
  
  245KB
- MD5
  
  66ddcce2a7e4ebc3b807966f934eff0d
- SHA1
  
  2791cd433818f37e5fd894f82620e4065bdaba4d
- SHA256
  
  cdb4326a08a5893e69f7574db9741f6e22c37a0df94ecc956ad18b232c938de1
- SHA512
  
  ed921bd7c4ef0776e9fd63b4db174860e43e00c500abada778fd7fbe90487678b3e01a763b70b6721df337a1740cc33fa42df03b5fd57234b38ba4de906aba57
- SSDEEP
  
  6144:32stXGvqkYDb1mko0uxioBTj1KGaHyfAOz:GydoiuxioB8GaHc
Score

3^/10

discovery
behavioral25 behavioral26
- Target
  
  components/foo_fileops.dll
- Size
  
  289KB
- MD5
  
  4c0ec25262727f851fafbc064706e7fc
- SHA1
  
  2f37c1d57b28181482d56242a71a64b4845f921c
- SHA256
  
  3a24da2e657b000170cf3f1e41f0431c8a101bcb71d461328aea6ae2971ce939
- SHA512
  
  2bc7e405e3db82a842636dcdb3eacddd51d4d9f8d5420552a48012a30a8b1a7afb11ba65ec803c80e67797a2025285cb0b6ba5421ab5709cb601fd2d6d0aeacd
- SSDEEP
  
  6144:UjHj9qw2KwUUsow1Q0n6ORCxplAO1FmgIS:Ud87UUEy0n6O0LlcS
Score

3^/10

discovery
behavioral27 behavioral28
- Target
  
  components/foo_freedb2.dll
- Size
  
  300KB
- MD5
  
  7722268a8d4fb70de8b57e3d38d1476f
- SHA1
  
  8ae6850a0aa890788a31f020cc32bc044f21a50b
- SHA256
  
  5ed44022a5145038fd285789dbe69c3f1e6923004654ff13fa67fa0f039e8b5b
- SHA512
  
  d3966f97bdcc70f68124d4cf420efdef6abe0407053e475810c3cc88950533068dcfa551ab5cfb2d11cbf3be5811b2fafd23708c7b2fd73f20cae9189e8ccd75
- SSDEEP
  
  6144:gfa9Pg8XH+9Ut7+x/CrhlTU3OH7/AOqa3du:gfapg8Z+x6rhlTU3Orwi
Score

3^/10

discovery
behavioral29 behavioral30
- Target
  
  components/foo_input_std.dll
- Size
  
  1.4MB
- MD5
  
  412912a6c07feabccb1859b21bd7c5f8
- SHA1
  
  9a05f30919750e84d97657c0acf569291d99d888
- SHA256
  
  2598b8698ee67c2916e22ef7c2138ec6dc25a66423eb773f3b3dcfa0d5c612ef
- SHA512
  
  71d3e41a43da57b1791d55348f6a858f55d25601b7dedaf69082cfc4f6cd569db232e8ba8c07dfb2f015c1448fc6cf576b8a36f972eb3017ef50038ba2bcb4ba
- SSDEEP
  
  24576:7SZWG204QdteDIVbiQ/+RFG3gL40TVSsvza4:7SgGkuoCgLJbzv
Score

3^/10

discovery
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32