c1b7b8c8a1b6a623c554d32dbaf7e997d3f52c30435b3a80bcb375f169cf9269 | Triage

Sharing

General

Target

fa9222e8ce965d866f91d34c44d9e786_JaffaCakes118
Size

240KB
Sample

240927-rrmqdawgrl
MD5

fa9222e8ce965d866f91d34c44d9e786
SHA1

84872d3b60e7e5e1820f15985bf34753f63b4cb0
SHA256

c1b7b8c8a1b6a623c554d32dbaf7e997d3f52c30435b3a80bcb375f169cf9269
SHA512

48888db7e9cf3a26c8dcf8fa574d4b8de89fa66446495d38e66d92d5b77b3ceb1276ceef252332203bbb16c9eecfef436bd9599dbb51f6528aa25ea69682ef1e
SSDEEP

6144:qzZZdN5LxGFUCwKz/S6DT6Dcs2GGxErGtCSaGw6:qzZfXFCUCxzAcs2GGx+wbaG

Score

7^/10

discovery upx

Malware Config

Targets

- Target
  
  fa9222e8ce965d866f91d34c44d9e786_JaffaCakes118
- Size
  
  240KB
- MD5
  
  fa9222e8ce965d866f91d34c44d9e786
- SHA1
  
  84872d3b60e7e5e1820f15985bf34753f63b4cb0
- SHA256
  
  c1b7b8c8a1b6a623c554d32dbaf7e997d3f52c30435b3a80bcb375f169cf9269
- SHA512
  
  48888db7e9cf3a26c8dcf8fa574d4b8de89fa66446495d38e66d92d5b77b3ceb1276ceef252332203bbb16c9eecfef436bd9599dbb51f6528aa25ea69682ef1e
- SSDEEP
  
  6144:qzZZdN5LxGFUCwKz/S6DT6Dcs2GGxErGtCSaGw6:qzZfXFCUCxzAcs2GGx+wbaG
Score

7^/10

discovery
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/BgWorker.dll
- Size
  
  2KB
- MD5
  
  33ec04738007e665059cf40bc0f0c22b
- SHA1
  
  4196759a922e333d9b17bda5369f14c33cd5e3bc
- SHA256
  
  50f735ab8f3473423e6873d628150bbc0777be7b4f6405247cddf22bb00fb6be
- SHA512
  
  2318b01f0c2f2f021a618ca3e6e5c24a94df5d00154766b77160203b8b0a177c8581c7b688ffe69be93a69bc7fd06b8a589844d42447f5060fb4bcf94d8a9aef
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  11KB
- MD5
  
  959ea64598b9a3e494c00e8fa793be7e
- SHA1
  
  40f284a3b92c2f04b1038def79579d4b3d066ee0
- SHA256
  
  03cd57ab00236c753e7ddeee8ee1c10839ace7c426769982365531042e1f6f8b
- SHA512
  
  5e765e090f712beffce40c5264674f430b08719940d66e3a4d4a516fd4ade859f7853f614d9d6bbb602780de54e11110d66dbb0f9ca20ef6096ede531f9f6d64
- SSDEEP
  
  192:sRer7uivwq1XpKs4FVWSjMd8tIg2cREbyCsZ8q2R4Sy+Xe:s67Xws4FVWig86/5eCBqSy+Xe
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/animgif.dll
- Size
  
  8KB
- MD5
  
  63f11d04d07615bd610c857d0abdbed5
- SHA1
  
  fee63014806f8250c3e301a219fc43ef4b3a8f19
- SHA256
  
  a1fa2e0191f986824f5fc0ef62aee8b4b25695cc56d4b00fecdc1c92f8ea237f
- SHA512
  
  211f3689df9c219507072f71e9795e74cf9dd3a37f32330d8b7cb5cf335b9aec6f874df2e5fabf90e7f3e4d61655f7674d1ca94cd7d7ec4244a153019c334e23
- SSDEEP
  
  96:r9TyHw2an3ioGqEHsVBMOZm0GY/IXZjtV0iY3gW4hHxqK/KUnGQEmPD7KGucbl0r:r9TyHLhCRZm0GIIJbzOaBxqpZc65KHy
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/execDos.dll
- Size
  
  5KB
- MD5
  
  0deb397ca1e716bb7b15e1754e52b2ac
- SHA1
  
  fbb9bcf872c5dbb4ca4c80fb21d41519bc273ef5
- SHA256
  
  720be35cd1b4a333264713dc146b4ad024f3a7ad0644c2d8c6fcedd3c30e8a1f
- SHA512
  
  507db0bee0897660750007e7ce674406acf9e8bf942cf26ded5654c07682757b07c9eb767bead0966478abc554dc9a6461c4288dc35d12cacfadad4c128f1bb7
- SSDEEP
  
  96:J++xDiP4p7t7dNOt3stxtRFFXxGD6qxlnKE6ttdH3r3:Rx9pJ7jQs5toD6Cln/6tt1
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  $PLUGINSDIR/inetc.dll
- Size
  
  23KB
- MD5
  
  7760daf1b6a7f13f06b25b5a09137ca1
- SHA1
  
  cc5a98ea3aa582de5428c819731e1faeccfcf33a
- SHA256
  
  5233110ed8e95a4a1042f57d9b2dc72bc253e8cb5282437637a51e4e9fcb9079
- SHA512
  
  d038bea292ffa2f2f44c85305350645d504be5c45a9d1b30db6d9708bfac27e2ff1e41a76c844d9231d465f31d502a5313dfded6309326d6dfbe30e51a76fdb5
- SSDEEP
  
  384:l4Z8sUAUNuGGsPVPEZ+OLkCnFJDhgvZwcRa9h9S4y4fO:lG8sUAUnt88CFJDhmajMA
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  $PLUGINSDIR/nsArray.dll
- Size
  
  6KB
- MD5
  
  6585fc9e20b149a15e4dbb8aab03dbf6
- SHA1
  
  d3839b1694341ad494b0f92e4e3c6cc1c18e2333
- SHA256
  
  08e298c9a25208730f165660af4eec21e9fbd8021c34bce12a020d27e51843d4
- SHA512
  
  234f98317ba3a0cad5954a261610e0c851f3ae01d8213267bf4c06b259b57f1cc629c81b10e0778755065973381be33496a2f2ed82fea6c92540a389d7126476
- SSDEEP
  
  96:duRa4zuYKD7ODz63a0HydVCXRKnNh3ZGnjD6vHBzZHVefA7EfXxLfAZR:dOD+XHydMXRojUevpXjwX2ZR
Score

5^/10

discovery upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral13 behavioral14
- Target
  
  $PLUGINSDIR/nsDialogs.dll
- Size
  
  9KB
- MD5
  
  f7b92b78f1a00a872c8a38f40afa7d65
- SHA1
  
  872522498f69ad49270190c74cf3af28862057f2
- SHA256
  
  2bee549b2816ba29f81c47778d9e299c3a364b81769e43d5255310c2bd146d6e
- SHA512
  
  3ad6afa6269b48f238b48cf09eeefdef03b58bab4e25282c8c2887b4509856cf5cbb0223fbb06c822fb745aeea000dd1eee878df46ad0ba7f2ef520a7a607f79
- SSDEEP
  
  192:y1zQhZDqlJcKISw99ioU3MSfwLF/+nhHUisdz:ozoZDGKYw9goWyFGBU7z
Score

3^/10

discovery
behavioral15 behavioral16
- Target
  
  $PLUGINSDIR/nsExec.dll
- Size
  
  6KB
- MD5
  
  08e9796ca20c5fc5076e3ac05fb5709a
- SHA1
  
  07971d52dcbaa1054060073571ced046347177f7
- SHA256
  
  8165c7aef7de3d3e0549776535bedc380ad9be7bb85e60ad6436f71528d092af
- SHA512
  
  02618317d6ab0302324aae4d3c5fca56b21e68c899e211cfa9412cf73820a1f931e56753c904fd7e510c638b4463aedbfe9536790279e096ea0387b67013e0c4
- SSDEEP
  
  96:/Uspq2y5jOEEQrhySvUgfj74/vvrTBzfYZA4YF3Telac1nIq/2:/erjOELhySv5f2vvBjiAflaB1nIq
Score

3^/10

discovery
behavioral17 behavioral18
- Target
  
  $PLUGINSDIR/nsWeb.dll
- Size
  
  8KB
- MD5
  
  84bcf3c71e70d5a6e9dc07d70466bdc3
- SHA1
  
  31603a1afc2d767a3392d363ff61533beaa25359
- SHA256
  
  7d4da7469d00e98f863b78caece3f2b753e26d7ce0ca9916c0802c35d7d22bcf
- SHA512
  
  61aefa3c22d2f66053f568a4cc3a5fc1cf9deb514213b550e5182edcecd88fadf0cb78e7a593e6d4b7261ed1238e7693f1d38170c84a68baf4943c3b9584d48e
- SSDEEP
  
  96:9E1ZgHfHizBkiz1zCuNrwXTP8Jx/N6SCMeNV37bnwXwPML/bUdut5tCsPb2N6nOc:9E1ZkGdbiSCMeNN7LwAY/gd+Oc
Score

3^/10

discovery
behavioral19 behavioral20
- Target
  
  $TEMP/instloffer.exe
- Size
  
  63KB
- MD5
  
  fb9b18511894c93bca0f85ca949bca64
- SHA1
  
  638b081b36460365f61c70daafc4b37e836f407b
- SHA256
  
  364473e09b0d8af87e3b382bc3c8917558cda7be9e27ec06aca1c70c1ffd130c
- SHA512
  
  0c63dcf2e18686e1add906d572f8ff3b93b756ccc83a38ae048fb1949528ed63d7521fdaee5e21f44209d65ec189f5e4fe68f228a9a91d6186ab2bea64d0f325
- SSDEEP
  
  1536:jldZEszWriITJGrvopX1VF7CXjl7ybqYPRSEvrGqEYii:j2szWOITsEL50jl7yx5SEvrGqEdi
Score

3^/10

discovery
behavioral21 behavioral22
- Target
  
  $TEMP/license.rtf
- Size
  
  64KB
- MD5
  
  6b8dc5a7996305143c0130cffe8d1e47
- SHA1
  
  1252766aac776551ac2cd24f9699f2eab60bc609
- SHA256
  
  d5b1bf719d37616562675010510bb1ecb7604dd00b600ee8eab2772a22da3b7b
- SHA512
  
  21011bb5259e7e5d24018099cdef1ab631eccb9faa6075d2ffbf7cea0274500fcb5e846b6cbf9b9f7c5e305c68d364ede926b7653c857276b39264e1cf1ef88a
- SSDEEP
  
  192:joywdaDnpCHjJn1XnJmm/PUitwvvQFJuBDeoXoBSiBMKahj4kY63ErvQREnDydWl:cytIX8SFJmS1SiBMrj7Z3ErTtLgPJe
Score

4^/10

discovery
behavioral23 behavioral24

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24