ef287c84613bac14274548cd7a0237b912cb26dbeb3448468f29a6174d204cd2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0200b0ae3a29723f6e583e0176f5ca82_JaffaCakes118
Size

1.2MB
Sample

240930-sl7c9swcqd
MD5

0200b0ae3a29723f6e583e0176f5ca82
SHA1

1b8ea6499bd7def114b8d42da1728d06c91c5cd5
SHA256

ef287c84613bac14274548cd7a0237b912cb26dbeb3448468f29a6174d204cd2
SHA512

e150b41da7019e2a51ed53b57c5d951e39c3972b38a02c255883fb86fa5f23e0c44d2fdc860629f6aca817559811a7ec076e3498fe900ac7da8632bec2977c86
SSDEEP

24576:E5VcGFJMAwLDiE8l1iiJcvkU6NnDnjWpInqyaNJyT18zT:8cGFJMAwfio+VNRnhafA10

Score

7^/10

discovery evasion execution trojan

Malware Config

Targets

- Target
  
  0200b0ae3a29723f6e583e0176f5ca82_JaffaCakes118
- Size
  
  1.2MB
- MD5
  
  0200b0ae3a29723f6e583e0176f5ca82
- SHA1
  
  1b8ea6499bd7def114b8d42da1728d06c91c5cd5
- SHA256
  
  ef287c84613bac14274548cd7a0237b912cb26dbeb3448468f29a6174d204cd2
- SHA512
  
  e150b41da7019e2a51ed53b57c5d951e39c3972b38a02c255883fb86fa5f23e0c44d2fdc860629f6aca817559811a7ec076e3498fe900ac7da8632bec2977c86
- SSDEEP
  
  24576:E5VcGFJMAwLDiE8l1iiJcvkU6NnDnjWpInqyaNJyT18zT:8cGFJMAwfio+VNRnhafA10
Score

7^/10

discovery evasion trojan
- Executes dropped EXE
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/CloseFlvDownload.dll
- Size
  
  61KB
- MD5
  
  524c601bb4991548b078b00dbfc773a9
- SHA1
  
  2289c4dddc7019727b7450898b88b6c0dfb6d3bb
- SHA256
  
  4acbff9bc8d6498abccb6d952752a3b769e9ca3042dc1ae5018577708cb8f8c3
- SHA512
  
  96d1b80c5903b3b6de6344cd6d6e3187a85139c3380fe26cb047a3bc9185032d43e22414cbc21f433ef70be80d4b71c1596669fb00b684188fa765d34bf5ba3f
- SSDEEP
  
  1536:w3rv0aUWV45W+bCPGPEfxwQlzAOrMaH5mX:wr0qVcUGgwq5H5mX
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  14KB
- MD5
  
  325b008aec81e5aaa57096f05d4212b5
- SHA1
  
  27a2d89747a20305b6518438eff5b9f57f7df5c3
- SHA256
  
  c9cd5c9609e70005926ae5171726a4142ffbcccc771d307efcd195dafc1e6b4b
- SHA512
  
  18362b3aee529a27e85cc087627ecf6e2d21196d725f499c4a185cb3a380999f43ff1833a8ebec3f5ba1d3a113ef83185770e663854121f2d8b885790115afdf
- SSDEEP
  
  192:86d+dHXLHQOPiY53uiUdigyU+WsPdc/A1A+2jwK72dwF7dBEnbok:86UdHXcIiY535zBt2jw+BEnbo
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/LangDLL.dll
- Size
  
  5KB
- MD5
  
  9384f4007c492d4fa040924f31c00166
- SHA1
  
  aba37faef30d7c445584c688a0b5638f5db31c7b
- SHA256
  
  60a964095af1be79f6a99b22212fefe2d16f5a0afd7e707d14394e4143e3f4f5
- SHA512
  
  68f158887e24302673227adffc688fd3edabf097d7f5410f983e06c6b9c7344ca1d8a45c7fa05553adcc5987993df3a298763477168d4842e554c4eb93b9aaaf
- SSDEEP
  
  48:iV6pAvmNC6iMPUptxEZK65x/AmvycNSmwVsOYJyvrpXptp/JvR0Jlof5d2:2811GED5ZTvycNSmwVsTJuftpZR0Sd2
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  IEBar/Uninstall.exe
- Size
  
  110KB
- MD5
  
  432ac9d2e8f6c965e8a6fa8ba7434066
- SHA1
  
  3c402dfcd991ff0790ea231c098d2dddf9d2ae9c
- SHA256
  
  d8990bd5ab9cad80edef51cc8b65302a14b38c8cff0efe93a210bdcd44710932
- SHA512
  
  f5cc7d2ac91e1dc5c6e8deaf6151e55b83a7b0c98b3d830d37b58916fcd16487087e90340ccc58c76df514325da0b1339aafb1b9a2ce108322a23357927a4630
- SSDEEP
  
  1536:EQpQ5EP0ijnRTXJj2gdLeAyNJMyouo9iLhl1iY/ovLDQSw0un+gDx1cQa3rQ12xz:EQIURTXJyceAnGXHAv4SG+gjcQa3bJcw
Score

7^/10

discovery
- Executes dropped EXE
- Loads dropped DLL
behavioral10 behavioral9
- Target
  
  $PLUGINSDIR/CloseFlvDownload.dll
- Size
  
  61KB
- MD5
  
  524c601bb4991548b078b00dbfc773a9
- SHA1
  
  2289c4dddc7019727b7450898b88b6c0dfb6d3bb
- SHA256
  
  4acbff9bc8d6498abccb6d952752a3b769e9ca3042dc1ae5018577708cb8f8c3
- SHA512
  
  96d1b80c5903b3b6de6344cd6d6e3187a85139c3380fe26cb047a3bc9185032d43e22414cbc21f433ef70be80d4b71c1596669fb00b684188fa765d34bf5ba3f
- SSDEEP
  
  1536:w3rv0aUWV45W+bCPGPEfxwQlzAOrMaH5mX:wr0qVcUGgwq5H5mX
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  14KB
- MD5
  
  325b008aec81e5aaa57096f05d4212b5
- SHA1
  
  27a2d89747a20305b6518438eff5b9f57f7df5c3
- SHA256
  
  c9cd5c9609e70005926ae5171726a4142ffbcccc771d307efcd195dafc1e6b4b
- SHA512
  
  18362b3aee529a27e85cc087627ecf6e2d21196d725f499c4a185cb3a380999f43ff1833a8ebec3f5ba1d3a113ef83185770e663854121f2d8b885790115afdf
- SSDEEP
  
  192:86d+dHXLHQOPiY53uiUdigyU+WsPdc/A1A+2jwK72dwF7dBEnbok:86UdHXcIiY535zBt2jw+BEnbo
Score

3^/10

discovery
behavioral13 behavioral14
- Target
  
  IEBar/xbietb.dll
- Size
  
  404KB
- MD5
  
  f03364a071944d6517a537b0d91409b2
- SHA1
  
  c8cdda8df6bc7b832dda8891a61005fc0c11821d
- SHA256
  
  4af7f55e631b40d49c973e9f595f6c9d0ab0ac85be8358dc44e5e121f3699aaa
- SHA512
  
  39e04e8d0cdbee66df03bddf531c2eba831268b29530c1bae8d0bd9ba0abd1ffc86218ff33c41fcfaadfec2238382dbec8407e993ba9ce75528841c44e8302d9
- SSDEEP
  
  6144:xa4ZBXHlMZPqnN7bzS4P7sB2lXqlS8UyY+UWa8rnQ6uKmca:xa4fHloqnN3G4UEqlS8UyvUWzrnAca
Score

3^/10

discovery
behavioral15 behavioral16
- Target
  
  QQDownloader(xmlbar).exe
- Size
  
  1.6MB
- MD5
  
  42dcc73ed5873118929ae6831775dee4
- SHA1
  
  f0cf1fe3e3f535cb1a7ee8ec9cbf51834c8f21e5
- SHA256
  
  ca1981d57358c407332049a27b4aac932c4dc65c4350e06cd561f14e71e626ec
- SHA512
  
  adb07dbf0030ee14b2b966ec0e585b83f9ed221f598139b6a99ee5aae27a47d376bcaa7ff19eeaf2a865201738e74e1c68f3b27f689d4fe6c337482d89c3f201
- SSDEEP
  
  24576:80KgsD2PPmXMI6SCSL1k/RlgNEkcSoFpVk+6oM:PWD2P15DqQSEkcSoFpVfK
Score

3^/10

discovery
behavioral17 behavioral18
- Target
  
  config/swfobject.js
- Size
  
  6KB
- MD5
  
  699027eb66b113bebaf40b578997aade
- SHA1
  
  d5fdecfab746bc684d7043503af40488521c8534
- SHA256
  
  228e7abc6f0b491c177be9ee528856caf19ea3135c014713cc67ad64f2ae50b6
- SHA512
  
  8ef047b38cf12790cdb4b7efe113a7fa8634af674da288ce9708a1cd4dc89470bb05f73890271f3342c254e259f59c9984fc386ccf3abcb744e6f338f3b742bc
- SSDEEP
  
  96:38U0kLW9T+NZS2qD3QKAwEkZN6IzNXHjcOINVLyo3OQ:GkLWl+jSX7ckZHzVHjcOINVLyRQ
Score

3^/10

execution
behavioral19 behavioral20
- Target
  
  updater.exe
- Size
  
  492KB
- MD5
  
  3cd4ee18bdfd9e5719315f1a5275547c
- SHA1
  
  997b5ccf96a4cd3c652cecba909e23e740c7bbe3
- SHA256
  
  f4c48833f45235d755a7b14b843f41188d594b5eda7d44769eac75d7f18144e9
- SHA512
  
  d71c480b912e4cefb49ced1e9ac3972a12314c9635a0abd26db1178f5cc7ac42154252083d5b77b14456bf9c28167dfde335c719c8e6f609436c40d7d029ff4b
- SSDEEP
  
  12288:7KxTwrVPmrQ/r1GhvhDNKy4LBx1w3u1U/hs8TsPUK:7KxT4gTUx1fU/PTB
Score

3^/10

discovery
behavioral21 behavioral22

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoveryevasiontrojan

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22