1821d19dc59274e2ce3d5e9b3bdf330aa245502ebb247f421577565ffc3440ba | Triage

Sharing

General

Target

f4db6a125e3d059b2f0b52533ae18a43_JaffaCakes118
Size

15.0MB
Sample

240925-bnyepswdrn
MD5

f4db6a125e3d059b2f0b52533ae18a43
SHA1

ca73d8155ec8e3e6a1df55b4c375c8882c799470
SHA256

1821d19dc59274e2ce3d5e9b3bdf330aa245502ebb247f421577565ffc3440ba
SHA512

c3cbb4010b52089f1676bd093cb59d56163bf102a0dc70164c6c372cc82eb41e20c93c104d1e5a18888f5b014e9e037335ffccf5557db8bdfdafeede4fe1caca
SSDEEP

196608:yjlFoWLV3ji0yu6Y5e3xPW4bIUmpfxtTrEt/lQPhkUbqIXakPXIMYOBf8OAlEDAd:ynRV3e0yHiT4kUxZlQPhGVwbYcPDASvy

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  Bandicam/bandicam.exe
- Size
  
  15.0MB
- MD5
  
  86ddad2004ee165ab24b126272b29ce0
- SHA1
  
  15cb513e1b7d5fd295a252aaf99c9ef199f7989b
- SHA256
  
  21dfafc11d0c63ba11995bf206b9de297bc835dde6a13ebff445b0c762eb749f
- SHA512
  
  ba8fc5f81ac8663256772970da2ac3bed9c81feb510a551b8a37a8dc70e13907976c2632aaea9f661df015a4a3c28469ab07121cd8bb50ceb3bff2c428ce6e01
- SSDEEP
  
  393216:1EkkGawXGJo13+tMDOB71l07bxqeynPE02lyTQAMljj:1IGnXGGl+aDOBBlgwnPDjMljj
Score

7^/10

discovery
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  15KB
- MD5
  
  67d8f4d5acdb722e9cb7a99570b3ded1
- SHA1
  
  f4a729ba77332325ea4dbdeea98b579f501fd26f
- SHA256
  
  fa8de036b1d9bb06be383a82041966c73473fc8382d041fb5c1758f991afeae7
- SHA512
  
  03999cc26a76b0de6f7e4e8a45137ee4d9c250366ac5a458110f00f7962158311eea5f22d3ee4f32f85aa6969eb143bdb8f03ca989568764ed2bc488c89b4b7f
- SSDEEP
  
  192:CsIZHdT9uwYX94kYd2iCzHR+yK7imphLAykycpKPd5m78ozxGUWumle:CsUHd9GN2d2iwl0impATIPdA78Ov6
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  11KB
- MD5
  
  959ea64598b9a3e494c00e8fa793be7e
- SHA1
  
  40f284a3b92c2f04b1038def79579d4b3d066ee0
- SHA256
  
  03cd57ab00236c753e7ddeee8ee1c10839ace7c426769982365531042e1f6f8b
- SHA512
  
  5e765e090f712beffce40c5264674f430b08719940d66e3a4d4a516fd4ade859f7853f614d9d6bbb602780de54e11110d66dbb0f9ca20ef6096ede531f9f6d64
- SSDEEP
  
  192:sRer7uivwq1XpKs4FVWSjMd8tIg2cREbyCsZ8q2R4Sy+Xe:s67Xws4FVWig86/5eCBqSy+Xe
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  $SYSDIR/D3DCompiler_43.dll
- Size
  
  2.0MB
- MD5
  
  1c9b45e87528b8bb8cfa884ea0099a85
- SHA1
  
  98be17e1d324790a5b206e1ea1cc4e64fbe21240
- SHA256
  
  2f23182ec6f4889397ac4bf03d62536136c5bdba825c7d2c4ef08c827f3a8a1c
- SHA512
  
  b76d780810e8617b80331b4ad56e9c753652af2e55b66795f7a7d67d6afcec5ef00d120d9b2c64126309076d8169239a721ae8b34784b639b3a3e2bf50d6ee34
- SSDEEP
  
  49152:DpX9JVeE9HP6Zpy9KyhMI50Du8LljslNsHSHFUq9OiapbbO5Akb:H3P9HP6Zpy9KyhMI50Du8LljslNsyHiS
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  $SYSDIR/d3dx11_43.dll
- Size
  
  242KB
- MD5
  
  8e0bb968ff41d80e5f2c747c04db79ae
- SHA1
  
  69b332d78020177a9b3f60cb672ec47578003c0d
- SHA256
  
  492e960cb3ccfc8c25fc83f7c464ba77c86a20411347a1a9b3e5d3e8c9180a8d
- SHA512
  
  7d71cb5411f239696e77fe57a272c675fe15d32456ce7befb0c2cf3fc567dce5d38a45f4b004577e3dec283904f42ae17a290105d8ab8ef6b70bad4e15c9d506
- SSDEEP
  
  6144:8K0GaAtQlDJCSB4MvfIeDRI9Z7IJItblSwJ7FnH4fa1wlMjb5:eGjQlDkSB4MvfIeDRI9Z7IJIRlfJ7N4w
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  $SYSDIR/vcomp140.dll
- Size
  
  178KB
- MD5
  
  1cd23a0f3daf4210f86ba8eb60b2612b
- SHA1
  
  979ab8d98d27fc0c8810822d80a4f1361657f21d
- SHA256
  
  dbc67dd65ef7d68bde9147c6244e7aaa8cb275ed6d0ef60301c7e4fbb95a5a42
- SHA512
  
  90941648d2cebf4bcd65e54c503a2ced7362fe2b5afa6772b0ecc8ca945d2e43ea14e90a17e64f3eab8ef76ecbb0ea3cc801dbcfeaa8a90ab8b1fe2e081c17c6
- SSDEEP
  
  3072:KDGRbh7RozAcuolrdTl2E72uRcQnFCt+DVFf/w62dQ:HoTuIT73CG/SQ
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  $TEMP/BDMPEG1SETUP.EXE
- Size
  
  1.4MB
- MD5
  
  916bfd2422bca5b78d61a640f87c6295
- SHA1
  
  a16f097cddcf9513ca81c124a40c0537291c30e1
- SHA256
  
  d6127b8e6a4dd1a028291378260e3c5a85b79bb45351cf8ab279d00317b3a963
- SHA512
  
  e6e47704183730207b8770f3b8dd1f66acab285f74e4001d370fb73ec8c8ecda61af9df189714529b2a3c3425290bd200bf4e209061a3042a917b88bf1b0ad29
- SSDEEP
  
  24576:smJWXdFFVnnafzcUw7ygmn0dlB/B6Y8rMO5sT7uVwjEOIdXK/rDjtrE35jUjBX4V:s5XtVnuw+gioZR8EIJs/rDj+qj272kP
Score

7^/10

discovery
- Loads dropped DLL
behavioral13 behavioral14
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  15KB
- MD5
  
  67d8f4d5acdb722e9cb7a99570b3ded1
- SHA1
  
  f4a729ba77332325ea4dbdeea98b579f501fd26f
- SHA256
  
  fa8de036b1d9bb06be383a82041966c73473fc8382d041fb5c1758f991afeae7
- SHA512
  
  03999cc26a76b0de6f7e4e8a45137ee4d9c250366ac5a458110f00f7962158311eea5f22d3ee4f32f85aa6969eb143bdb8f03ca989568764ed2bc488c89b4b7f
- SSDEEP
  
  192:CsIZHdT9uwYX94kYd2iCzHR+yK7imphLAykycpKPd5m78ozxGUWumle:CsUHd9GN2d2iwl0impATIPdA78Ov6
Score

3^/10

discovery
behavioral15 behavioral16
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  11KB
- MD5
  
  959ea64598b9a3e494c00e8fa793be7e
- SHA1
  
  40f284a3b92c2f04b1038def79579d4b3d066ee0
- SHA256
  
  03cd57ab00236c753e7ddeee8ee1c10839ace7c426769982365531042e1f6f8b
- SHA512
  
  5e765e090f712beffce40c5264674f430b08719940d66e3a4d4a516fd4ade859f7853f614d9d6bbb602780de54e11110d66dbb0f9ca20ef6096ede531f9f6d64
- SSDEEP
  
  192:sRer7uivwq1XpKs4FVWSjMd8tIg2cREbyCsZ8q2R4Sy+Xe:s67Xws4FVWig86/5eCBqSy+Xe
Score

3^/10

discovery
behavioral17 behavioral18
- Target
  
  $PLUGINSDIR/UserInfo.dll
- Size
  
  4KB
- MD5
  
  d16e06c5de8fb8213a0464568ed9852f
- SHA1
  
  d063690dc0d2c824f714acb5c4bcede3aa193f03
- SHA256
  
  728472ba312ae8af7f30d758ab473e0772477a68fcd1d2d547dafe6d8800d531
- SHA512
  
  60502bb65d91a1a895f38bd0f070738152af58ffa4ac80bac3954aa8aad9fda9666e773988cbd00ce4741d2454bf5f2e0474ce8ea18cfe863ec4c36d09d1e27a
Score

3^/10

discovery
behavioral19 behavioral20
- Target
  
  $SYSDIR/bdmjpeg.dll
- Size
  
  22KB
- MD5
  
  2fbd5126c7eecbad70090a37693ea51d
- SHA1
  
  6b6c5036c99bf7d30d25548c989e35dd6e4defed
- SHA256
  
  6c331c0a88ae15dccb2f463391e1d40d4b48a921f330776108c4c9b97253a260
- SHA512
  
  7b57082852e6522f0443c7d8c0b614d76598cf9521613208332f02343168c2981a7d407202de55c1d42d2c9e230837a10b89feb5cb7e545cb421722ea1f62d02
- SSDEEP
  
  384:Jc7pqz4KQ6moXX3WaHQ2HbOtjoPzDnYPLk10eMpV8D:Jc7pqrtdX7OtkXrD
Score

3^/10

discovery
behavioral21 behavioral22
- Target
  
  $SYSDIR/bdmjpeg64.dll
- Size
  
  25KB
- MD5
  
  5adea79e8f723c361ec5139e9f57e2b6
- SHA1
  
  31d585657a1200959d62f18df475459730380691
- SHA256
  
  c8ae89bbe268c6aa50036da8ceab7bf9645cc71cec7d0b4ebd85dbc5cab00138
- SHA512
  
  abeb498d0c774c6e1d4e8c299734ca2ae27a7c2a47221c0106e53d63232bf696f9abf29f807cb58dedb8df87cf88d0dcd184f3502f316efff8b91d566cd696a0
- SSDEEP
  
  384:kJdZG0KOr/dtPG+6/EbeTnf3B7ywentajfyOlCDynYPLk10eMiNHW:kvj5eTfVug2OlCWF2
Score

1^/10
behavioral23 behavioral24
- Target
  
  $SYSDIR/bdmpega.acm
- Size
  
  64KB
- MD5
  
  4d2daf31a931480527531392e86ed0ae
- SHA1
  
  7fe7852b3da5c68986f843497adab1d95f8f68f0
- SHA256
  
  99d50c2864bdbb0f5fdacd03856ab4f0f4dc93b01fb1390aab3d70f315e07a21
- SHA512
  
  786f8489e37844dce3da5ab6835fd77703fded72eb1acf0d018e3801f61e2e850fdb8b341606c7cbc919f8fa8ca0696f0b0b01a1a9f393931eb532df84e98f3f
- SSDEEP
  
  768:59OnI49PYUY9gpi00laScPILN0M7AoA6Obh0vaTxDgzFMOjmzc8R8a3q0m:TOnI0PYUuguZ707dBDgGOatR8a3/m
Score

3^/10

discovery
behavioral25 behavioral26
- Target
  
  $SYSDIR/bdmpega64.acm
- Size
  
  69KB
- MD5
  
  03bc1e31e802542632e029a402fb01bf
- SHA1
  
  ecf31ca913bf9ab8a8ccb4314f462ef557a79879
- SHA256
  
  415ef586c238566dac1433002299fe3b0cb7c67321aea923c08ff6d0a17615e2
- SHA512
  
  80e99ab668fcda82d79e4d9a83e6548cbb06b44b60179b5f42b2aaeb1135bd8aea9cacaf7d70cc2843061def34a920290f62ba805b82158679b342f69431aaac
- SSDEEP
  
  1536:r2WopVs/uBbcwOTlZTd7wOtOofxrcaAvvEL:aWopC+bly7fOofxrcaAvS
Score

1^/10
behavioral27 behavioral28
- Target
  
  $SYSDIR/bdmpegv.dll
- Size
  
  64KB
- MD5
  
  7a6ecdb70c6a9012506f800caf795dc3
- SHA1
  
  09b8ee9015351e5441334adaf913d0d3723f2d4c
- SHA256
  
  24f67e8b96b4590e42d1f63da734bbc0c8ab40011db1f37c083ec68bd9e26020
- SHA512
  
  30587356f18e91e6ac78c80f54c12c50118c88273ff449944c99bb6f78744dd1d334b5074e2612232cf694192129210349024a48c11518562f53332474ec8e46
- SSDEEP
  
  768:Wb4aURgp+ksjhdgwxdlAdRpIPevJ9kIgKuAz9aEuG6dA+9uFMCtgc8RLRCvk:WQmp+kyjgKeemXkIh9FixvSaRLks
Score

3^/10

discovery
behavioral29 behavioral30
- Target
  
  $SYSDIR/bdmpegv64.dll
- Size
  
  68KB
- MD5
  
  509bfbb117e326bd4486b9d355a46c1f
- SHA1
  
  6c90419c9e3922480f9f64ea847943ca5f63eb9e
- SHA256
  
  e9c9ff574e4ab8044050c0c9e6564288aa614531d61dab3d1a693863f2c942ab
- SHA512
  
  6b01a42cc55dca857c214ba22b34c6fb541dd17267dd97097943eb28f6c3ea97da5e22e8169d2bf3d1dd43bcebcd40d8c9b8f0afcff83b7a91ef6d28319c52dd
- SSDEEP
  
  1536:yZzTbeX7e5dzSLO4ZXOx54a2OrQtg/ALvq:yNbCK5dzcQxKa2OrQtg/Ivq
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32