31b200e8271b8bab143db73a180a7057f0262a35164cec2f6abde5da319f6dec | Triage

Sharing

General

Target

0001ba2d1ab27bdc1578c899e8ff8ada_JaffaCakes118
Size

638KB
Sample

240930-hefa4avfqg
MD5

0001ba2d1ab27bdc1578c899e8ff8ada
SHA1

7be434a208ea00eba420adaeeeb70143fd2c6bbe
SHA256

31b200e8271b8bab143db73a180a7057f0262a35164cec2f6abde5da319f6dec
SHA512

f09d9db7900217b842ad5060056aeb3118b9322fd2eb39a214c3dbc701a1d69201dd223aac80d7ec08fa023e0ea893e4abf452d3127ee4a9d8588d4f9dd54ac6
SSDEEP

12288:TIyy51xtr7H4t3xpCBZkv+t1R/2/vQXLGGmcS+7mzZAM22nPxoNc+qLTwkun2JpX:Thy5/2Ru79XYHQXCu0A2JoNcRckm2HX

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  0001ba2d1ab27bdc1578c899e8ff8ada_JaffaCakes118
- Size
  
  638KB
- MD5
  
  0001ba2d1ab27bdc1578c899e8ff8ada
- SHA1
  
  7be434a208ea00eba420adaeeeb70143fd2c6bbe
- SHA256
  
  31b200e8271b8bab143db73a180a7057f0262a35164cec2f6abde5da319f6dec
- SHA512
  
  f09d9db7900217b842ad5060056aeb3118b9322fd2eb39a214c3dbc701a1d69201dd223aac80d7ec08fa023e0ea893e4abf452d3127ee4a9d8588d4f9dd54ac6
- SSDEEP
  
  12288:TIyy51xtr7H4t3xpCBZkv+t1R/2/vQXLGGmcS+7mzZAM22nPxoNc+qLTwkun2JpX:Thy5/2Ru79XYHQXCu0A2JoNcRckm2HX
Score

7^/10

discovery
- Executes dropped EXE
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  14KB
- MD5
  
  f62d03fcb1473110e920a9bb2c701006
- SHA1
  
  c48444ef2daa60dcdf91f1645cd4ecd8e66545f7
- SHA256
  
  17e2f205af12d5a86638dc83c95fc69199c41af2fa6daeb1e91ec330f68c5372
- SHA512
  
  701d531d405d08054d53298141d5bbd56e74df7b22bcea5f9f0e5c4407421ea0ca9617aa84e740dc1dc44e6d14e58852c1ca2087213cc2319f2da44eaed0bc05
- SSDEEP
  
  192:g6JaVGQ+xI5EeuyvMmGpeWH2J5xprN+AxTxK72dwF7dBdcQOz:g6JaVh4I5rpPbTx+BdhO
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  Password Organizer.exe
- Size
  
  894KB
- MD5
  
  465b21a5b4e3bbfc7e898eac7de0ea5d
- SHA1
  
  7dd2158ba1262e9bdb6640d7ae4264bdc763107d
- SHA256
  
  05306fcdcc12a5e0baed9fd79844059c08f5d98d2ae98a2d14268faff564c7ed
- SHA512
  
  a36e1b4280d92356ef570187610815d86d2b5ea49a2a700e05e8958e2c789261e629fca44be928d35bf9757b24458b395742de2e859689bfb7df008894315898
- SSDEEP
  
  12288:UrAT5847prm1qckD7/9R6sYGZf14LvtdE3MQMzq3JutYGU8bf6Ds:sIG41S1nER7YG74nEQVf6A
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  help.chm
- Size
  
  70KB
- MD5
  
  d0cb0656b84149e6016488ee0cb05aa1
- SHA1
  
  5997ea56c710fd2787bc7ecaa3e91ff48230725d
- SHA256
  
  678c73b34c5148a14c8ac91b49f69c918b60e4671356dc7635d82105c31b8b15
- SHA512
  
  583200deb750f5b3f89a3cd4d2608b971552b67edbd567c98182d0ee38f31347854c408cf47dd96aa3df6bd65fb4c070db2d9f15262dd4eaf432cdd121b9b18f
- SSDEEP
  
  1536:bUih1I/z468BOoIEbkQ5L1WkMWaE+Bwsi2:Iih1IU68koBkULw5WQysi2
Score

1^/10
behavioral7 behavioral8
- Target
  
  sqlite3.dll
- Size
  
  457KB
- MD5
  
  7dd72136525221bea82f0a41ee253f60
- SHA1
  
  bbe6b22d5a089bd2c97c7948b83b13758d309a60
- SHA256
  
  52e5655fabe12b745bb58bec7e1b84b7eccd0cf9f2b1e5b279a868582f012e4c
- SHA512
  
  b8694fd0503d08e7471c5c6eb4e4cae82486db6f52675b844fbc041bff82c8820d265dc58401f9b852a878d9e3b6bdc0263de140f68fb386cdfecdf582630f38
- SSDEEP
  
  6144:gVMxrx7IG5GQEEhcNVHUL0YpsOTrxyIr/y8K7WgnnKUf6SBuRRQXQdem8hFysJNQ:CM+grrxyIra8K7WEr67RQg8mo2hV/pwG
Score

3^/10

discovery
behavioral10 behavioral9

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10