07008bf1d066ca66058ca362205075c855355acf0519b6445d51da320ae8f899 | Triage

Sharing

General

Target

f9daf9075d1c85e330703ec0dae7119f_JaffaCakes118
Size

995KB
Sample

240927-gr5abaycjp
MD5

f9daf9075d1c85e330703ec0dae7119f
SHA1

ba37870dbe73d3284fe2e596af08b5e05cd2d8f2
SHA256

07008bf1d066ca66058ca362205075c855355acf0519b6445d51da320ae8f899
SHA512

8eece16eca39323cb3110137ec10be82f1f459e9931765388e14a5d482b288e9996ee611ae58f485d9e9829608dca4ad6514b4d0bef345e966b11d35f694bb0c
SSDEEP

24576:CR68R7De3idIieuuomax/2Lcwd5q5HgUHE5TetYwSrU1WmA9S:CRg3ce6xhSoAxgYv6f

Score

7^/10

discovery execution

Malware Config

Targets

- Target
  
  f9daf9075d1c85e330703ec0dae7119f_JaffaCakes118
- Size
  
  995KB
- MD5
  
  f9daf9075d1c85e330703ec0dae7119f
- SHA1
  
  ba37870dbe73d3284fe2e596af08b5e05cd2d8f2
- SHA256
  
  07008bf1d066ca66058ca362205075c855355acf0519b6445d51da320ae8f899
- SHA512
  
  8eece16eca39323cb3110137ec10be82f1f459e9931765388e14a5d482b288e9996ee611ae58f485d9e9829608dca4ad6514b4d0bef345e966b11d35f694bb0c
- SSDEEP
  
  24576:CR68R7De3idIieuuomax/2Lcwd5q5HgUHE5TetYwSrU1WmA9S:CRg3ce6xhSoAxgYv6f
Score

7^/10

discovery
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  11KB
- MD5
  
  2ae993a2ffec0c137eb51c8832691bcb
- SHA1
  
  98e0b37b7c14890f8a599f35678af5e9435906e1
- SHA256
  
  681382f3134de5c6272a49dd13651c8c201b89c247b471191496e7335702fa59
- SHA512
  
  2501371eb09c01746119305ba080f3b8c41e64535ff09cee4f51322530366d0bd5322ea5290a466356598027e6cda8ab360caef62dcaf560d630742e2dd9bcd9
- SSDEEP
  
  192:vPtkumJX7zB22kGwfy0mtVgkCPOsE1un:k702k5qpdsEQn
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/UserInfo.dll
- Size
  
  4KB
- MD5
  
  d1e37112390e6bcca8362788d61becf5
- SHA1
  
  d97888f0f69d34de202e7c68b8ff5b2c2fec4c5f
- SHA256
  
  77b40d42606d48f817b901f1e5abea114b4288b344b8c193bf3e3c52e469a926
- SHA512
  
  04121e5241ad14890095a6cf5e698979820fa97d911918b9b77f2064a713e20f4827f72c057d5da1789bc340d63f391872fe5dfbb79e6c33d3995f82c37fa51f
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/nsDialogs.dll
- Size
  
  9KB
- MD5
  
  13b6a88cf284d0f45619e76191e2b995
- SHA1
  
  09ebb0eb4b1dca73d354368414906fc5ad667e06
- SHA256
  
  cb958e21c3935ef7697a2f14d64cae0f9264c91a92d2deeb821ba58852dac911
- SHA512
  
  2aeeae709d759e34592d8a06c90e58aa747e14d54be95fb133994fdcebb1bdc8bc5d82782d0c8c3cdfd35c7bea5d7105379d3c3a25377a8c958c7b2555b1209e
- SSDEEP
  
  96:oyqZ4zC5RH3cXX1LlYlRowycxM2DjDf3GEst+Nt+jvDYx4yqndYHnxss:oyq+CP3uKrpyREs06YxKdGn
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  License.rtf
- Size
  
  4KB
- MD5
  
  b673ad39ce7ff047b492ec651d84c777
- SHA1
  
  67c94925d4ccb910f0c135b830bc122cb33d5a1c
- SHA256
  
  f7b42b543592fa59fda4e0cc23de7814c5e64ceea7031222636451242bb9bf62
- SHA512
  
  525edfb0c655138af6add9907dbe8f40042117c9c7fc7357fc24945f063a35b8b5bcef23b9d520c7dd13cd2329aa5ca6217d4423864acf5e3322ea8c84b97ea3
- SSDEEP
  
  96:MCWqJw2EY5JVSFXbwx2ABdDhYki4s9CE6bYuGI9bK6Xlcg6tRkU4qfKzt3fKO2:YquRFXbwx2sdFYki4k96bYm9uolZSRkS
Score

4^/10

discovery
behavioral10 behavioral9
- Target
  
  Plugins/History/Csv.js
- Size
  
  439B
- MD5
  
  507da4948c6fc5bfabcea9843a8739e1
- SHA1
  
  4ae337ca2ba59a4e0411652b0c013c100eef6d98
- SHA256
  
  11c43d156c846c91e00fbd394f809f96953b7aa398d68276c9703ac54bac386d
- SHA512
  
  83cb1ce129ad4062ceb4fe5bbfd08a507188743cf0ef360d4e6a00bac5f3c2a23ed0a86f4ec928b3786bd96b2e4f0804bf5cd061a4b2304cebdc89ae8ba84e0b
Score

3^/10

execution
behavioral11 behavioral12
- Target
  
  Plugins/History/Html.js
- Size
  
  984B
- MD5
  
  f1d63b6cfb31ddfebd70ae3c19b808b7
- SHA1
  
  264616c85ef6a06ad242867b16e96cb4103151cb
- SHA256
  
  af07a14e423b9e7ace405ab201dd7e8cf030f7c107a9cc8fce885349c698eeb8
- SHA512
  
  a7168475b3bc7ecac78cd5ca44056b5e0f1c58c71aee6a9c094925ca90f3ce0d27ade91d245fedfe78a7c152e864994d459d20963f82dfafdc9de4bfba9392ab
Score

3^/10

execution
behavioral13 behavioral14
- Target
  
  Plugins/History/Json.js
- Size
  
  753B
- MD5
  
  5bf192665d79f79a71e053fcd209becb
- SHA1
  
  1e2f1784735349c4325b516bfb8680d8072bf536
- SHA256
  
  3115b9a220596f2fa50ba4ad87f313ce5461047badb3f55036770b09d2c87b0b
- SHA512
  
  4b48810d1761b55997aa5550e312e4eabe7ada1664e9f6dda98bebc74984781a2af67733758c2b48f9a817d939b3857e3d0cc4ee5e67dbc71aabf92912ce9cd2
Score

3^/10

execution
behavioral15 behavioral16
- Target
  
  Plugins/History/Txt.js
- Size
  
  381B
- MD5
  
  48c6586fbbcc4d9ddff17cc6a92f17e3
- SHA1
  
  f6050c384b6c66642cd327e80903058a76aa66ed
- SHA256
  
  082fbc40e118aa552e6a7729989aa49829a81283b1f035f78f54dca9cccc13c6
- SHA512
  
  255f515f1f328ede2a32146869f34a3cf63b66df56d2626d3df11a888ad94c0a4efc1ea023b92fa2fb8194386828b74de4a8d0c2926f88c7aa6a56ab2b827f9d
Score

3^/10

execution
behavioral17 behavioral18
- Target
  
  QTranslate.exe
- Size
  
  1.6MB
- MD5
  
  748db54e6fb1f96fe6633172f7b6020a
- SHA1
  
  2daff0edee203d4e9a027594d86d383e5336fdc8
- SHA256
  
  362c4c062513db9d91d96497b9962a441003f5c36c3853ccee68681bb541b24f
- SHA512
  
  06b21d39db46667df01dd2b53b9519bc07c0f6d4dea874864626e6e93947bb9a22db42d2f91dc707b0d6e482d3063e77e60d8c23dfd15ebeea816e7a058cf37f
- SSDEEP
  
  49152:gtsCiOA/jihyQVXgeTvxv2R11R3z5TKh:g7iOA/jihySXgq0R11R3z
Score

3^/10

discovery
behavioral19 behavioral20
- Target
  
  Services/ABBYY Lingvo Live/Service.js
- Size
  
  1KB
- MD5
  
  775bfe418ea23e35ec46d7dc7fae20bc
- SHA1
  
  d76c4dfbe668f58a8013cff0a229d271bbda9e7e
- SHA256
  
  9eb71196fc84db83f71c9becb273a50790912a3ec1d7511643ae3a17b1ce07b4
- SHA512
  
  7f8bc62e6ebd6f64ac06a3f6cc8acfd0d23c2f642805768d2976f6a425410fc8a489ac497845484abfe7276379206d9f8efd09650ee85c9b568a40d25ed76e6f
Score

3^/10

execution
behavioral21 behavioral22
- Target
  
  Services/Babylon Dictionary/Service.js
- Size
  
  1KB
- MD5
  
  28b98da236c36d8d76aeea14aa5dcb56
- SHA1
  
  f3af70980b459de87abd31cd04506184d0d87105
- SHA256
  
  cea9edacf3a56c0ccaf6057a40de1706c04652714ff2050d09560c883386e761
- SHA512
  
  c320715f29f211f60e0a6f9c0155cab57a8972709950f127d4a81d427d70bb0f3ee75e0a1b5fdd6b17328ab69d0b14b4e9aa91ec5203f895548137ddefb23607
Score

3^/10

execution
behavioral23 behavioral24
- Target
  
  Services/Babylon/Service.js
- Size
  
  1KB
- MD5
  
  40d43a227caa3937aac1b9f928aa08f7
- SHA1
  
  ed4709e2f85fa2ad0c3999c253614c7f0b04157a
- SHA256
  
  6633339a56475dd3aef8ff4f80ea9396a9b930451a0fad06641fb253fc6b1d61
- SHA512
  
  e1dc1c0624fbb27bddf3eef495854ca3921155d80913ba3b0b541a07ef3ec05b2b810b32c805be8acd02a2b1c258ae144f21869becfe0b357c69bfc6bb49895c
Score

3^/10

execution
behavioral25 behavioral26
- Target
  
  Services/Baidu/Service.js
- Size
  
  3KB
- MD5
  
  7a4ae7a2670ff483bf2e7e90f877bd52
- SHA1
  
  ab6651355cd5c22137e2ce40f1312623ab09cbe2
- SHA256
  
  af52f977450b55e3ae9b5f2102685ccfdb573cbbd6b6b50b14a32d71fcc321a1
- SHA512
  
  b16a247ba75c140c4ab008a01ce4483c2ae6506c5ec38ee0fbdb9f84860d3a850c5aa64252feb7b8b7d3fb3746b8081bef5b3974df2c95a81e4f9ccd20086f32
Score

3^/10

execution
behavioral27 behavioral28
- Target
  
  Services/Common.js
- Size
  
  5KB
- MD5
  
  6d6f7db81c64e76faf1bad3da4b000e7
- SHA1
  
  da6f8c7577c093cd00983949874c6daf0e84117f
- SHA256
  
  194c5248d283a035295dcba4acaa00dbd1ab0a897a41cdf6b4b1ee80e217c74c
- SHA512
  
  3478aaee6bf34d9e004fab24e37a9737ee54b2c5d24c8d9e332e5feba2ac737d43cec34a4473f7d6249d091c4cd9d476ae7b4684f6feaf19c13a2c18a865758a
- SSDEEP
  
  96:/QVPL9zjRaNrrawBT7Jyd2qpjA36TU5REQ4uoEq0sESggWZENldL28wMUd:CPL9zjRaBBv0ps4PVuIggj28wMUd
Score

3^/10

execution
behavioral29 behavioral30
- Target
  
  Services/DeepL/Service.js
- Size
  
  2KB
- MD5
  
  3f809146611860610e1e303fed0152f4
- SHA1
  
  6b287a7874146db18373235a3e1fce67dab3a8ae
- SHA256
  
  80a304545ed505a2bb3cc49e6bf00c88afe63d4f7b41491d45d8673a7c2ae3cf
- SHA512
  
  624e3178e327e07d962244ed900dbbdbc9825b91845907757a9692e4a21d30b35ef2a8c87e695795ba09e0fd4a866c5868b55bfb5dba578f742227c1750be99f
Score

3^/10

execution
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32