36a6bd14c468207bad218c223b40c0ee6c4120a529f96bfd9c8c868d235ee85e | Triage

Sharing

General

Target

fd467ed77f83283caf0c971e108c28fd_JaffaCakes118
Size

2.4MB
Sample

240928-2gy1rsygnk
MD5

fd467ed77f83283caf0c971e108c28fd
SHA1

88bda05eec93affc4e1dd2195d4f2c802b72777f
SHA256

36a6bd14c468207bad218c223b40c0ee6c4120a529f96bfd9c8c868d235ee85e
SHA512

cf566edfcb4a92ab2e20aec1a525ce0466850df4d09b625d688f592e9777ff89ee3d4d7214536ef355cf3a90f70853e37ab022d93c0572a9bd6136da40a4fcb0
SSDEEP

49152:7nO2w4q0WVtx2LeFKSFmDNAdlHk1JFjcXLFFl0c9sGNZebsgC/:idndx1FKSqAbk5AxrT9scysR

Score

7^/10

discovery execution

Malware Config

Targets

- Target
  
  fd467ed77f83283caf0c971e108c28fd_JaffaCakes118
- Size
  
  2.4MB
- MD5
  
  fd467ed77f83283caf0c971e108c28fd
- SHA1
  
  88bda05eec93affc4e1dd2195d4f2c802b72777f
- SHA256
  
  36a6bd14c468207bad218c223b40c0ee6c4120a529f96bfd9c8c868d235ee85e
- SHA512
  
  cf566edfcb4a92ab2e20aec1a525ce0466850df4d09b625d688f592e9777ff89ee3d4d7214536ef355cf3a90f70853e37ab022d93c0572a9bd6136da40a4fcb0
- SSDEEP
  
  49152:7nO2w4q0WVtx2LeFKSFmDNAdlHk1JFjcXLFFl0c9sGNZebsgC/:idndx1FKSqAbk5AxrT9scysR
Score

7^/10

discovery
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  12KB
- MD5
  
  4c7d97d0786ff08b20d0e8315b5fc3cb
- SHA1
  
  bb6f475e867b2bf55e4cd214bd4ef68e26d70f6c
- SHA256
  
  75e20f4c5eb00e9e5cb610273023e9d2c36392fa3b664c264b736c7cc2d1ac84
- SHA512
  
  f37093fd5cdda74d8f7376c60a05b442f884e9d370347c7c39d84eca88f23fbea6221da2e57197acd78c817a74703c49fb28b89d41c3e34817cc9301b0b6485a
- SSDEEP
  
  192:6KdqJ4Bhf1mdCMI26t510swClJOeFIsm7F1QuPs:6KdE4zAddwR0swqOeFxu
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/StartMenu.dll
- Size
  
  6KB
- MD5
  
  388c408cff35a38d04e3cda18f63af07
- SHA1
  
  9c2aa2ed8b526ace4267acbcf5648b2601019ac4
- SHA256
  
  4f945ad53b7aa8ed516b2f58c2ed9f15c13bbdf0e489d71c7347b80583cee5fd
- SHA512
  
  542292d61ff209f6c98c62ebad549024611a7d42fb951f8cc211b886f0d202d5e0da3b754c84c8a00043c748ed527351fc524357412cf88875e6bf729cbba46f
- SSDEEP
  
  96:MFJsQxcnqakqeStS6+NMKQwECv0nGhFZxTxZ05hU/61:C9xcnqakCN+N9n0na1K5y61
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  Config.dll
- Size
  
  323KB
- MD5
  
  efa70d421ebf18b41bf7587d5cb8620e
- SHA1
  
  6aba02e860d6ebb85db1a124f91a28861d21a679
- SHA256
  
  17c215792cb51eebb80a8b2e3b0a59424c8b67696b209827c3821c1cb3bc7555
- SHA512
  
  21317ed2193ac3b4af4cc0afc47224b24707cffda0a5a781b399c23c77aa92e88003620f19de4b36e589e94a79c278a721940c36835da2c4684be466034c0212
- SSDEEP
  
  6144:RxkSIa5hObjposqP+k74uCp4OZDq6n0oy046xtFebd0Ks0:3kSIa5hObjpoBWk70p460oy0Tabs0
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  OpenConf.chm
- Size
  
  54KB
- MD5
  
  2ebcb12e6cd00c1eec63f55e2856670c
- SHA1
  
  7c26e2b56851e87f394908e122b95bb2e5f5131c
- SHA256
  
  3ff97c8f429d34b3ef444776279634d9c744fa55c016b81ec86623c1be395195
- SHA512
  
  fbc523a5586299bda3c83c97d1bac39908d1ad56f1707477c7001ccdb565dbbb3b312fe0ff100fb9c6bbc4dc62b4e4d49e719a0cd073bd1de705ea2a32c539eb
- SSDEEP
  
  1536:hu0LJ+5MbZ+8odY/hEdHhDdNIp6ImLPse7DTy:g0LJ+abE8QppIpsZm
Score

1^/10
behavioral10 behavioral9
- Target
  
  config/KbdProcs.dll
- Size
  
  439KB
- MD5
  
  2813b20630850df50d9123ab9f9d27d4
- SHA1
  
  528464d0368bc7a981b3a74f2f15239bf727256b
- SHA256
  
  849895b22f779208e2b7045b0692cdf6c777d01ced877941265f357d1fa7d2ea
- SHA512
  
  f606f623125504505ab931a1d3ee1ffe3a18b1a190fe8ede21ef7fdcc683ff9e79e5f099dde141017a3e0c63b88880829d635483173542e6def8d934277e4227
- SSDEEP
  
  6144:5wmSHuSCHvVpqlAVOr/XQ3Yv2h+XxTMddTTpGqFZ1Gf4zgQ0cq5nJ1KqaEJDhl:qmSHkHvVpqgI+dd3M+danJd5JDv
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  config/SubSystems.dll
- Size
  
  2.0MB
- MD5
  
  6a22867cdb0e2e49844cc0205e2190cb
- SHA1
  
  053c565433019f53cc14cb53604e3505124c3c5f
- SHA256
  
  c01ec591c939ca2d9124a4aad4f7248e69d72b0d164cc54079c03d29b7e7fbf6
- SHA512
  
  617916ac8d3aabdfe027605be00fbb472c7edc6fb493e25b4d7d9db3cdb6a7d59a5c9815eddbcfed98a24615b8eaf5b607462c001f3ad187dfc6696ad527288e
- SSDEEP
  
  24576:M0shnC/Z7CeaUzVBBX/AGE50b+tdmQ1e4NVHX+RAWJ/ltiqXL:MZCUSBDb+tdmQ1e4NVORdJ/jiI
Score

3^/10

discovery
behavioral13 behavioral14
- Target
  
  config/docs/OpenConfPowerPack.html
- Size
  
  6KB
- MD5
  
  bd27eecc85d2e294254171ebe3532fbe
- SHA1
  
  e3ee18f71754b2bee00af61832e6e783abbee2e0
- SHA256
  
  ed82c906eb758985f7b0b2ca34f0db138767f9caa95fdb8a5ab432a764d2e32e
- SHA512
  
  312e1bb307f02a3917f619f711f143571598ecf016094550550a4acc51b0c6b708adde70a558b2a85f7f99b1373bca8dd88cbbc8fc1209259edeadce0a03af95
- SSDEEP
  
  96:FagFdq0mIsBDo0GKm3YI3Rap9OggnB5Jetb83gUmAGq9s3qxNS8eUULBE:Vhs5AX313u0hB5JOb83nm/q66leFE
Score

3^/10

discovery
behavioral15 behavioral16
- Target
  
  config/docs/telepat.chm
- Size
  
  32KB
- MD5
  
  abef6a03cfe10282d8e72013c4f38fcc
- SHA1
  
  170cbd63080eadfdb180011fe4303fbe8c66846b
- SHA256
  
  6c769e5c025fc7b036fc75c64d391062fee76151d4c987f0c0188c27a0026d30
- SHA512
  
  0c7a4cd60c4e4d3de2eab1391c53f612126761c656767bf033021d0d4790e02a18ad5289357c84acd2f351b08d3f88bb6dbf8c5980e9b64b73391ebb5637f42c
- SSDEEP
  
  768:veahZ729KcvN9dI9BVTI69QWyAgP5TVqo4uxWNkq6QJ:vdhZ729KekasQWyAgBTzhj+
Score

1^/10
behavioral17 behavioral18
- Target
  
  config/fdsubst.dll
- Size
  
  41KB
- MD5
  
  0ae1c57b80b6ed8cb6ba5b1f3014f0b8
- SHA1
  
  50703f81487b434d0b14aeacc3dcb11fc38d750c
- SHA256
  
  be48154f2332a00f384227d39a458031c0ac23f0f46b8f67eddeaf265b4b31c4
- SHA512
  
  d4fc1e9da0ddbe43fd511b02baa8adfd4824a5d01308fe85493fd77c052271240c2b24690c257635c217c8c6ac77b190e4b144cffe3e9c3e27cbb483bc0aac10
- SSDEEP
  
  768:RcoioqZOeQIL/c+kgOBVAHn/2eeOBPsk0jxvOQPVZ0:RcvoqZHQ6j4Dsn/2hIkBm
Score

3^/10

discovery
behavioral19 behavioral20
- Target
  
  config/scripts/SubSystemsManage.vbs
- Size
  
  29KB
- MD5
  
  db120559cbf76ff6a5823353e85b094a
- SHA1
  
  d5d6f014d67679477cf6873ae4fda31e8cd795c3
- SHA256
  
  b3576d625092ad416e4d456230d1d8a8b6a0cf7364b4bcd9e8c5d8c147819aa4
- SHA512
  
  164b3fb8740db28b055288f887f76ca2ebea9aa74fe740fb7d750ebbff40fe8a5517ef6eec038dbf144b06cd551f628194f03cbd079f5ac0c5330a28601899fa
- SSDEEP
  
  384:W+NfYX+FfJ1iPJJQpuNc6zJxKi35nBDHImfQeSCf80GbeiS0NElT3skmsr:BNru4EcktPom4eSC00GbeiSFqsr
Score

1^/10
behavioral21 behavioral22
- Target
  
  config/scripts/SubsystemsReports.js
- Size
  
  3KB
- MD5
  
  ca0ce9a46aee2ba5fe51e4d5affd6d93
- SHA1
  
  c70ec351508dd6bef75c37aa455c8880140c235f
- SHA256
  
  863b1bb5981d9610569c090c751638cacbd703cf1c69bc0e0c1666c9eba5f3a7
- SHA512
  
  b41c76eb039fc7db527336f3ea5cd39839e769bc8a87b7a246c61b3167a3ae534e3036a991ca35d46b7f6ed8fc6cb35a230ae68256a292f45df9d61684e76828
Score

3^/10

execution
behavioral23 behavioral24
- Target
  
  config/scripts/telepat.vbs
- Size
  
  22KB
- MD5
  
  09397fb97fdf8d8d5437001ff9a2f1a6
- SHA1
  
  f799f85b1d422d7ba8944281bdfb549a4082e4dd
- SHA256
  
  9fe547b945d32980f914c4558f128c7b3d12060193d4533c6af7658351918812
- SHA512
  
  22fa48c38e206c135dc832c71d31ceaf2eb06cbc04cd511c34885bccc981cd3f47cecc8e622f5567c2c8c525ea9e9b2c161e87abe9a7302d4a3d757f5975247c
- SSDEEP
  
  384:IOLVtHiPl1opPgFUhzDylQIigsw6FQY6JlV8EJnUQfbHfNjs4KkOxNj:5HLpXFlBfQXlEHNj
Score

1^/10
behavioral25 behavioral26
- Target
  
  config/system/ClipboardHistory.exe
- Size
  
  641KB
- MD5
  
  f30aec00e263c77b2e5214d308a78da2
- SHA1
  
  95602806fec924703f9163300932a9a8828fdebb
- SHA256
  
  95692b53078725bacedbaf33b57526127985af6b2351455e86e79d00a3e4eaed
- SHA512
  
  78b448223b4bd9ad93ea996bd52714cc6d2b092e55fe69f1f9779f181496f5eea5d14092abf0fdbb0e2a8cb2d76420a807c5fd8cba57aa53a375d717abb9e369
- SSDEEP
  
  12288:q0FzWyl0HsLGAc57FYRiwaWAyZ/BLR6YVBaVMWLWtSJ:qMCnHsLGZ7F5waWAcB4Ly
Score

3^/10

discovery
behavioral27 behavioral28
- Target
  
  config/system/StructureUpdater.exe
- Size
  
  809KB
- MD5
  
  979eb6886bd6f1938f5a6988e8daecca
- SHA1
  
  d3b6468e86c7c3951bec74166cc5196b62b064b7
- SHA256
  
  a528ed1998f9f3a21fb8b1aaf66b38aa1048adda4288aa0d1cfe6e7be0eb9951
- SHA512
  
  a44a0344d33c3e8d436cac3cb4f7c83ce7e17af59d9f8490605095fd1f7178c248f07e629e0925e570971ec469deff9214836cdcb3df2ff4e9351e212294b285
- SSDEEP
  
  12288:EQ+gLc9dZKMqrgG8/KaBFA/mSGMQXTAtDQZLfPxb7jyfmOLgwzY:o8EGMqz8/if/QaDOPMeKVz
Score

3^/10

discovery
behavioral29 behavioral30
- Target
  
  config/system/xml2tls/xml2tls.exe
- Size
  
  36KB
- MD5
  
  946f5c1001ce867a2e1051530d751978
- SHA1
  
  e46abc759b63bad03c2582618092b5b7d7457731
- SHA256
  
  c37e9c8336900f35e51dcf3db4facc21a91f0c980a626fc39baa9900683ce34c
- SHA512
  
  11918ea56fbb3edb06516bfeb90b1146d1f223ac606f92d7f9c19859978cde4f108ae695d63b674f8a299463c177442fccf95c4b645b339bc6bc99258f01b1e8
- SSDEEP
  
  384:saaG3kwx9hmF3+mj1ah+CbK9q7RicD+6jumBEAEu464kn+DDO:CGLnhmVkx3NSagu4ViKO
Score

3^/10

discovery
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32