e945eb4d7c65d8d3122ff6626186385ec073946a051318280a99abf72fb98431 | Triage

Sharing

General

Target

020e56050370601a07eebeeea89b646a_JaffaCakes118
Size

927KB
Sample

240930-svwywssdqp
MD5

020e56050370601a07eebeeea89b646a
SHA1

d9b2b1cddb6b5ec1c3198d112b755cc8b2e0c468
SHA256

e945eb4d7c65d8d3122ff6626186385ec073946a051318280a99abf72fb98431
SHA512

eaf6e84dabd78657f3ddf2aa51a2610657c920b3f4e16992a6404d61938a2b75e123f0671810de4026d19ab93faf04501ac9d0f6d1097c19f193b7f91fa597a7
SSDEEP

24576:yN0Men6rCMI/TwADt34svKIL5Ia6qdHsLS23i0iDHvJR7wGGg:yGMep7/s8o4KItIafdHwrkDHvJV

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  020e56050370601a07eebeeea89b646a_JaffaCakes118
- Size
  
  927KB
- MD5
  
  020e56050370601a07eebeeea89b646a
- SHA1
  
  d9b2b1cddb6b5ec1c3198d112b755cc8b2e0c468
- SHA256
  
  e945eb4d7c65d8d3122ff6626186385ec073946a051318280a99abf72fb98431
- SHA512
  
  eaf6e84dabd78657f3ddf2aa51a2610657c920b3f4e16992a6404d61938a2b75e123f0671810de4026d19ab93faf04501ac9d0f6d1097c19f193b7f91fa597a7
- SSDEEP
  
  24576:yN0Men6rCMI/TwADt34svKIL5Ia6qdHsLS23i0iDHvJR7wGGg:yGMep7/s8o4KItIafdHwrkDHvJV
Score

7^/10

discovery
- Executes dropped EXE
- Loads dropped DLL
- Drops desktop.ini file(s)
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  14KB
- MD5
  
  325b008aec81e5aaa57096f05d4212b5
- SHA1
  
  27a2d89747a20305b6518438eff5b9f57f7df5c3
- SHA256
  
  c9cd5c9609e70005926ae5171726a4142ffbcccc771d307efcd195dafc1e6b4b
- SHA512
  
  18362b3aee529a27e85cc087627ecf6e2d21196d725f499c4a185cb3a380999f43ff1833a8ebec3f5ba1d3a113ef83185770e663854121f2d8b885790115afdf
- SSDEEP
  
  192:86d+dHXLHQOPiY53uiUdigyU+WsPdc/A1A+2jwK72dwF7dBEnbok:86UdHXcIiY535zBt2jw+BEnbo
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  11KB
- MD5
  
  c17103ae9072a06da581dec998343fc1
- SHA1
  
  b72148c6bdfaada8b8c3f950e610ee7cf1da1f8d
- SHA256
  
  dc58d8ad81cacb0c1ed72e33bff8f23ea40b5252b5bb55d393a0903e6819ae2f
- SHA512
  
  d32a71aaef18e993f28096d536e41c4d016850721b31171513ce28bbd805a54fd290b7c3e9d935f72e676a1acfb4f0dcc89d95040a0dd29f2b6975855c18986f
- SSDEEP
  
  192:7DKnJZCv6VmbJQC+tFiUdK7ckD4gRXKQx+LQ2CSF:7ViJrtFRdbmXK8+PCw
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  $TEMPLATES/installstat.exe
- Size
  
  44KB
- MD5
  
  7c30927884213f4fe91bbe90b591b762
- SHA1
  
  65693828963f6b6a5cbea4c9e595e06f85490f6f
- SHA256
  
  9032757cabb19a10e97e158810f885a015f3dcd5ba3da44c795d999ea90f8994
- SHA512
  
  8aadb5fd3750ab0c036c7b8d2c775e42688265b00fe75b43a6addaefc7ee20d9fa3f074dd7943570c8519943011eda08216e90551b6d6a782b9ed5ce20aa6bab
- SSDEEP
  
  384:H+HHi0nKwn0RDbwemPK7BywsgtDgHJR0bA6VWqaCL6VuhV5bIle+vEv5aY3uBRgl:en1nKwn0ZFmKApg7AqaCL6Y16Ha5/uO
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  $TEMPLATES/statistics.dll
- Size
  
  528KB
- MD5
  
  410fc558ecbf82a45edd04c1853a918a
- SHA1
  
  718212f09564f68868db35c23bdae897a009f682
- SHA256
  
  7afcb7555f1f595df9b87900239bf7614930846e356f633d1eb9199c861dfee2
- SHA512
  
  b9af2f529ca55aaeb713dd662b5039345deb1678095f937fbd9819c71de6e95bc6781332b46bb7695aa5c78a2a1787ade2751acbc05f248f2ff44cead8a4f73c
- SSDEEP
  
  6144:00KrP3aHbaBGCUiSG1IMo9G3mMDlKyoGMojHgDpokrJvgEwyd4bF1sdJJT:00KDq7s/9S8zygbgDpoyJv7dh
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  KKDock.exe
- Size
  
  430KB
- MD5
  
  9f2d4b3cef9fa0af1428dcf5e8b1331a
- SHA1
  
  247a495cce345aeede728ca68c8831e40f954365
- SHA256
  
  d7871276d80cf9e009cb3b756d8a49d1d0fd7f2ee84b530cf68eb0182a1a29e6
- SHA512
  
  03dc35b4c593490fcb861aa0c5b5734c835c2bbfe34ca133c5a1c2f69452d39db724add7d48f39a916795836aa2aae9fcb2256346ae7e05b8e7759843eec1dbb
- SSDEEP
  
  12288:TKO/e68Qx7nKuKGuMKHRMTGcjuOV/HT6+DzgN:7e679najWuSrG
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  uninst.exe
- Size
  
  37KB
- MD5
  
  5e4205d6f43c970f73c96fa8da37381d
- SHA1
  
  d5bcb66364a8bfe2ac9a566cc15406e643d7e8f7
- SHA256
  
  509b75ebb559b6fccb61dda8442a44297e25ec14738988e299d0e1afa5ad8731
- SHA512
  
  019db54918a2a6d276c6e5735a4caed42cdbea64372068fa466824f7d2bd040af171e8f66d016da890ba3f9383461e7eae0cadf8911b9197f0a2b367f671d0e3
- SSDEEP
  
  768:EHJd0TpH2+bQ2dUWVX9Hfv1JMWmtLEJOyuBxG0D3mjfS3XJKTQvDXACva:EpgpHzb9dZVX9fHMvG0D3XJm8pa
Score

7^/10

discovery
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral13 behavioral14

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14