1650d79e68c540d83541b01c8b017210a02eb90927e98b1bc7a4bafc9ee0542a | Triage

Sharing

General

Target

fdfcfa6599837f6af0ad50aca1d56091_JaffaCakes118
Size

3.8MB
Sample

240929-hhpc6swdqc
MD5

fdfcfa6599837f6af0ad50aca1d56091
SHA1

4872f8bff6411b7fd0b899357a1c82f94e050fd2
SHA256

1650d79e68c540d83541b01c8b017210a02eb90927e98b1bc7a4bafc9ee0542a
SHA512

d6ee0628620c24444f1a961d2dde69e3b7aa5a8c131e5d85f1779483be9102d7a0a4ad3be413b17159a4e6b517658eb152c282ec67127001c1c2ab19e77228ab
SSDEEP

98304:1FvGe8Q6lVx3odaenuETyPp6324oHabcFgcwyBfcdSFsr:1cJQ6Hx3oIl+yBI2lHJFfaD

Score

7^/10

discovery upx

Malware Config

Targets

- Target
  
  fdfcfa6599837f6af0ad50aca1d56091_JaffaCakes118
- Size
  
  3.8MB
- MD5
  
  fdfcfa6599837f6af0ad50aca1d56091
- SHA1
  
  4872f8bff6411b7fd0b899357a1c82f94e050fd2
- SHA256
  
  1650d79e68c540d83541b01c8b017210a02eb90927e98b1bc7a4bafc9ee0542a
- SHA512
  
  d6ee0628620c24444f1a961d2dde69e3b7aa5a8c131e5d85f1779483be9102d7a0a4ad3be413b17159a4e6b517658eb152c282ec67127001c1c2ab19e77228ab
- SSDEEP
  
  98304:1FvGe8Q6lVx3odaenuETyPp6324oHabcFgcwyBfcdSFsr:1cJQ6Hx3oIl+yBI2lHJFfaD
Score

3^/10

discovery
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/CopyFolderHelper.dll
- Size
  
  124KB
- MD5
  
  a28c321633d86b0eee9c7bfd0215eff6
- SHA1
  
  7e6803c21e1f778a7e1a275b81ed1e602c37b8c6
- SHA256
  
  234a0e07c49d2901021e14679722cd6fa88c2275848a7afbdf300fe1c35585c1
- SHA512
  
  b387029dee79b97245fb79f1f2128f22b5dc67abb0df143d5424424de7c392f445c3da58cb7d3e398483c1a7934f14b38b2268f881c4a865b73e4155d98f28f2
- SSDEEP
  
  1536:H0rI/zg5cTwImKKqa4SX/t3qJiSlsi/fT/3PIZNTBkaowwR:H08/zg5cT6lkEt60QsiDPYN9Bow
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/CopyFolderOption.dll
- Size
  
  72KB
- MD5
  
  81c2420f41dbea3dfe225e9434bacdc5
- SHA1
  
  160127d5e6f6de642fe7c08d846e33f07f297d6a
- SHA256
  
  2edcb827a15b52a01a6783a82f391f52b912ab50f466a6655d88a2f99cc241f5
- SHA512
  
  b28153a703f235fe43cea04c91c6b23170e12725dd4de86b800099cc4d3fffd03e7dc2540764c62ed741f652b80a26c19c4d10a5c094d3af6c8cc2209d39d5cc
- SSDEEP
  
  1536:HCBoXPAkVi9FTtCvIWMrsgFaSdbsi6oKF:aoXPLKSZM/FaSdV6oK
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  13KB
- MD5
  
  b4ae88873b8f735cce21f4f280b40e75
- SHA1
  
  32b2f6929645821adb3f63952de63805838f6172
- SHA256
  
  e8c6b3e917d708756e67fd709e5b78f333490be49532d85b1fa02cc844c7913f
- SHA512
  
  a109f3ba291e1d34b6c07d1e270c2d7f7c78a5e1e0fb1bb494779564f1608fe53d919d68a72a2b9aaaf0e23744fe16082a4e4833adf5a8edb499481ca5970ff8
- SSDEEP
  
  192:Mb5dzuNj+vzHKn5ihJiiRHxt2jaKdCRy5xyW6Wj5D8W2wvGJU/FVRQuC2M:Mb5yj8WiLNLD0C0CW6WND8W2wv/KuC
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/KillProcDLL.dll
- Size
  
  4KB
- MD5
  
  c1e153f9fa1001eb9fb34bbc4a3f3927
- SHA1
  
  dfca2dcce9b0486114692a23776191627b0c9839
- SHA256
  
  e594544cc4b4a0a5439a2b9a79db14e580d815c87e353781c47d4eab5e313b8e
- SHA512
  
  d2a7c2853b56f60f710dcea27c346dbd22593c98e5c000c22650613851f26e505b12260bcfc050473e97c2796a91c94a3c201785dad4d95de0b4e2de35c3a41f
- SSDEEP
  
  48:C4ojqpOxUcbslAR1k5eKv8rbvHMgiqCmZuwJQ7TLSMXaIYatzbgAa4l5YAZ:SEeFslARoeK8rDHMgTCmj/MqoRb+4l
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  $PLUGINSDIR/MyInstallOptions.dll
- Size
  
  13KB
- MD5
  
  1bb274d32dd6262ee7811e3f6333ab62
- SHA1
  
  e0b29b12fe2d4d642020c187e18ca32d8ca853f9
- SHA256
  
  09573ad4c5302d74c9ded2fdab44fc2f8953d8dad705f96ddc25f71913129104
- SHA512
  
  57ed40047bf30a179eb51333db38d58fe928b5149e9d8d92417f034422a398529b2d083e14f541f26c510b8ad4e88d6341e4dbd8257a24bbfdccf6cfc78cd0e3
- SSDEEP
  
  192:KDjiezhqQ//gmwIC6AYKhMdJEyaSYt4z1NqWElsu5Q1KSKoLa58iFVRrum1bc:KDjikhqQNwGAcEUlJNqWEG2rf6afxub
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  $PLUGINSDIR/NSISCustomCtrl.dll
- Size
  
  44KB
- MD5
  
  c9fc2e5d3e6eea8d083645f93957ebfe
- SHA1
  
  5586da85eaf37a9d4b60d22e75369e26d4482433
- SHA256
  
  e5a6cb8f42db2d5a8c2f9b126a7d1b1d3c63873aad0db40932ddeb96d979cd2a
- SHA512
  
  2feb7cd668e46f3890adddfae23894a84aa024a34431dbe28e878f5e6504e062a0a7c04a872f1c23193b02ce86302b2af7d8e29e416313e8ef3acdb628eddf64
- SSDEEP
  
  768:Ycif3hWTlzZVjgpn757i6Z1l2Q1rsfQKDor7:bQsTl3cpn757lpIfPo
Score

3^/10

discovery
behavioral13 behavioral14
- Target
  
  $PLUGINSDIR/ProcDll3.dll
- Size
  
  42KB
- MD5
  
  88f8a06a997f6d5c7995f14b8b4bc9d4
- SHA1
  
  fa1a5b56d134d2b8ba5fa0a0907469b8a8833cbe
- SHA256
  
  11bf93bb0ecf51411ecf4da1534dd088e910ae1618adc9093cc179cee60d2c74
- SHA512
  
  354db8e3cd4fe9f554806948541857bfe1f959146861bb7b3d1264ee4913e2cf28980fed1f3178485273bb7c18b4dd23bc65badffce6999b9b743e339560f2fc
- SSDEEP
  
  768:zZBEse4jeDAnAtZR6Ci0RSIl64VYIGSuRdJeEhH4nOxxxJ7ZK8qG6FLXbO:nE4yDsAXRg0R64iLJeEhYOxxb7Y8qnFu
Score

5^/10

discovery upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral15 behavioral16
- Target
  
  $PLUGINSDIR/QQDoctorHelper02.dll
- Size
  
  60KB
- MD5
  
  ed6c1e5ee15f8fa1bb3544c7f81c94ff
- SHA1
  
  12d5512b826086d88b04369b4f6f62aa8d0a61b3
- SHA256
  
  39007973cf6ae8763cbf3cb72beafed92d32adaf79e293599cdc553a4e23d446
- SHA512
  
  298d268d01981d9b2f8afa0cfd36ab0890378a5cae852249e1cc5b71071fd358176bc10ab15efcb52c6d59bc25ed9a241d907c8f5e9cab25de48dbe37a3fcff3
- SSDEEP
  
  768:QNfwa7SBFJlxT3VHqJovuLzm/+aCvoSBAziB9PCBeLNlV4xosbgo9NiI9:QtwKGlxT344uHm/+joCuoVKcojiI9
Score

3^/10

discovery
behavioral17 behavioral18
- Target
  
  $PLUGINSDIR/QQDownHelper.dll
- Size
  
  48KB
- MD5
  
  be3aca1d4f6b2c185dfb6b6a4c74148d
- SHA1
  
  9894b0ce263012b3bea51f42e81ffe5e8b2c3321
- SHA256
  
  1b866c330696bfdc8df9e9a28472e8a2558c457a482e2108804a7ce20ecb915f
- SHA512
  
  4a51aa6cb0da94ed751952f7ff9dd541097372341f8c46c2eea1add11f4bbc280c6ab0a6b6bb00497a5624ac6b4303c0869316c1599cc52323214135470bf670
- SSDEEP
  
  768:AJSH0HZWXWGw6YbtxaaB5VEXHqImSv4JXztTtKx1hk:AJtHZWb+xaaB3EXKIeXzt01hk
Score

3^/10

discovery
behavioral19 behavioral20
- Target
  
  $PLUGINSDIR/QQUIHelper.dll
- Size
  
  48KB
- MD5
  
  420039bb348a7cae4a442770a37c3199
- SHA1
  
  572cf7f1ebcde397000782eeb106ff2256ece632
- SHA256
  
  7c93a8eff2c5e2536de302a45051bc3cfa3bccedd28164ef255670603c077e83
- SHA512
  
  5730873de380fb089aa6fd657f5880ad5ece2574b5985157413ce57641a477e9a74b4316084ff97992374c989d6f521551d717822a12ccd6615aa4a9f4e11fc7
- SSDEEP
  
  768:5G9kTtH1n0trdl3t5DWZxm6kx/8oQx2gGKa:cqTtHdujDcg6Ro/gGKa
Score

3^/10

discovery
behavioral21 behavioral22
- Target
  
  $PLUGINSDIR/SysHelper.dll
- Size
  
  104KB
- MD5
  
  54e48b32891fae5ba08f1938a2f34c55
- SHA1
  
  7a888ef110b8cb53e55d5477b3bc2dd318f172ae
- SHA256
  
  a0d13573fb0d644777f4c79e6b7fb984b2f7268d573c855c62d7503376bc19a1
- SHA512
  
  e7d9c72a6e7b5e79b527faa7ac3d7d7d47c10ec581d75c1dd7e38ee08037592eb5db13b1db603e3343b712246fec3538c37c7f89adc510d6cbd5caa2747e1bcc
- SSDEEP
  
  1536:RnAJFUH4DKhgKhy/7xkuGtMNa+OhDTYRm7iEhtMUpmdyKdjSOo5xUy:RnAJFUHXVyjxkuGCNa+OLA9ygjSOoTU
Score

3^/10

discovery
behavioral23 behavioral24
- Target
  
  $PLUGINSDIR/SysVer.dll
- Size
  
  44KB
- MD5
  
  a882be56f3bc1926f3e1a7ced82d2e1b
- SHA1
  
  09bc00a1684baa0bdd9fb287ab02e5b8a1e52c64
- SHA256
  
  9dba15dcbd93ddb5c57ee41be7eca6c828f37fb7e8863bd4142acee5dd235aed
- SHA512
  
  17de7a1b8b0e3ba5b582bfd7b1f7c7bf511e7561be0903449a27503bb5c1e7211d026128fecb96a00e4d59ea409a82eee02763e7027a63e6dd582612ed4a3b4c
- SSDEEP
  
  768:etYTPnqrlhoOk1Ii3bGvgy9DJuZ0K7RvD8od:sYTPnqrvw1cFDIZ77Rgo
Score

3^/10

discovery
behavioral25 behavioral26
- Target
  
  $PLUGINSDIR/VerDll.dll
- Size
  
  5KB
- MD5
  
  539ec6d5456e17ed6c144770d1748aaf
- SHA1
  
  9746a5023f2752aa5f4537dda731c306b69d7942
- SHA256
  
  89eb71d2a255648eb1e8517cdfe43ad2bd6f816d6ae69db159ac8e10db5b1dbc
- SHA512
  
  16b57a2376b7b6be1721f4e9cd38341051fc8bc6589ed4a71e63deba9406d1d6323ad1d353ec0b7b03c9fbf52b52442425300dcbfe81d90c5770b96d2a5a37e0
- SSDEEP
  
  48:CzsLy3XKTysjTCZGIifyl+6RtYcnybzSVVgJkHqYWPpmR:MsLyqFqZGIifyl+6IY+z9JkHzWPp
Score

3^/10

discovery
behavioral27 behavioral28
- Target
  
  $R0
- Size
  
  45KB
- MD5
  
  29f586cd7afb0e77b19d4afc82aed4af
- SHA1
  
  b3c6dab8a02a8a432fc2838d08e74a8d6ce3054a
- SHA256
  
  92980522df25a2aea95c0dfd8fd87ec39e9bc4058c32c570420dcbe241ee44a3
- SHA512
  
  3a4f5653e3b91eb8112b686739e7a9097a9a359f5839a8f5c9c875912ea8a82ffcb0e11e14ff83b448d1dd4070a289a585aa8af65aeaf9790aeb5bf9e608f624
- SSDEEP
  
  768:OsAnFmd1nunlbBNLZ7/h7UaGm0mioWLXbk:oQ3ulnL5/hQk0yWHk
Score

3^/10

discovery
behavioral29 behavioral30
- Target
  
  $SYSDIR/msvcp60.dll
- Size
  
  397KB
- MD5
  
  90a80bbfc13797237b21da0a602f3b82
- SHA1
  
  f10bf1fb7fd03ddb2885bfd2347e7d8665644675
- SHA256
  
  e76056bf677fcf7e57612ece60bbe046c83df2270e6b39e06cfa04f3c0e01a79
- SHA512
  
  dec358491efb2c3e29526aee01c3c66be5319f898136a32d8cc1c643d09eda1008e2d70d5a9f08dab6cdef780ec74cbf803aeb3cbeaaa287fbd602427012e407
- SSDEEP
  
  6144:k4C3mtRisVPOxHKjyLqLnsYi6zeOdNQ3fq3OoxHkCmlkf1lD:bztRnVPOxqjyeLbi++fq3OoxHkC5f/
Score

3^/10

discovery
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32