b74202b42da26bced2ad73bc73b96faa8da54d1ea2049e4083f54b7b2a3348ca | Triage

Sharing

Copy URL Twitter E-mail

General

Target

029677a4a25f1f4d29223b989d2ac488_JaffaCakes118
Size

652KB
Sample

240930-whwzxasbmf
MD5

029677a4a25f1f4d29223b989d2ac488
SHA1

40a0cf5525ec0714870774da57e3a7e434040f87
SHA256

b74202b42da26bced2ad73bc73b96faa8da54d1ea2049e4083f54b7b2a3348ca
SHA512

06451d4298ffd4e6a5a10c6310fd80c5af11c2430e0b7a0d251b5fb7da90baa32cf6d9b44cbe21574decc8badc2b9cd0fec2585bdcc7d2f3db80d83f695576f0
SSDEEP

12288:RfsJqbYp6TkQ3ykusestdhzgC7LP6BUQOVAJDSMEbQ5AFH/l:RE6Yp6TkQ3ykQwfz5LCGI1E4Ald

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  029677a4a25f1f4d29223b989d2ac488_JaffaCakes118
- Size
  
  652KB
- MD5
  
  029677a4a25f1f4d29223b989d2ac488
- SHA1
  
  40a0cf5525ec0714870774da57e3a7e434040f87
- SHA256
  
  b74202b42da26bced2ad73bc73b96faa8da54d1ea2049e4083f54b7b2a3348ca
- SHA512
  
  06451d4298ffd4e6a5a10c6310fd80c5af11c2430e0b7a0d251b5fb7da90baa32cf6d9b44cbe21574decc8badc2b9cd0fec2585bdcc7d2f3db80d83f695576f0
- SSDEEP
  
  12288:RfsJqbYp6TkQ3ykusestdhzgC7LP6BUQOVAJDSMEbQ5AFH/l:RE6Yp6TkQ3ykQwfz5LCGI1E4Ald
Score

7^/10

discovery
- Executes dropped EXE
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Drops file in System32 directory
behavioral1 behavioral2
- Target
  
  $0/resultbrowser.dll
- Size
  
  560KB
- MD5
  
  3d420e9b099da001110542c5b2810b89
- SHA1
  
  73ba5ad9e7a8040f1f42cee1d1ec6049c68451f8
- SHA256
  
  91e366a11a6960110ec85173808106f7bcd1132ae98639f2ddcb3344ca04b82a
- SHA512
  
  cd9e5a0503a61feae5e10b30160b592dd6773e7f58b1236a17e4680baf3f4ef31bbbb959f9a0207ec2bbacc51be4968bbc70aa28fef48c60fe2549bf0bd1a27a
- SSDEEP
  
  12288:Zvb1RlJ+2WsA3jZVilsCrZhR8d2RcAJnI07bgx3JdvPcPxp:lbnlJ+2ojZoSyZ04VJnI0w/h0X
Score

1^/10
behavioral3 behavioral4
- Target
  
  $0/resultbrowser.exe
- Size
  
  44KB
- MD5
  
  3b6e1efd41843ab6a5237246494a2fa3
- SHA1
  
  6c1d8133cc9f5bd33264eea622bcc2c689c0c159
- SHA256
  
  560c95d0c5550c1000d5b42c3a3062ad15a6caceaa9329e66c4f2dae92af9708
- SHA512
  
  7c1d28640ed27d7edc7756872022f1fbff137a800755704281cc29655fc890da518c6f242894ba20d4d943bfe42a7cc719ec7de70d531fc434ce2def25d0bdb5
- SSDEEP
  
  768:CaR3RHNDdwdOmxIf2DkyDIa/2BoecOISfV1l:FRHND8Ommf2DxDIvFcTyl
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  $0/uninstall.exe
- Size
  
  83KB
- MD5
  
  d90e0c54ddcc23cfc75e32579cc56c70
- SHA1
  
  83909c3ad775bac6210d4431b3f03e9229ca9877
- SHA256
  
  8274bcdae8b130f8580abeab448d44eff756d0929a5ee3b88ff400db9bb8b806
- SHA512
  
  548835b3e11e919d2092fef763b093df0cf879a0964eb0a65b98a753971ab708d65c1a48b7129a63a5c8bd15f40c846be01e0b5899bdbf9ebb977056ee797cfa
- SSDEEP
  
  1536:LEkjY1zy214Qay0DGkJ7qAELVigJlRHcpX/OrwsKD7cis52/Dd0P:4kjAJ4dDGkJ+AI0SR8tMwRcisY/2
Score

7^/10

discovery
- Executes dropped EXE
- Loads dropped DLL
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  13KB
- MD5
  
  d765c492c21689e3d9d61634371fd861
- SHA1
  
  ac200933671ae52c9d5544d0e2e8e9144d286c83
- SHA256
  
  551e6042dd494ea01549555ffc194ab9729da09058ec714eb368dd06642c9bbc
- SHA512
  
  9919a9e848c8f1e26c75d0d29207571e4b86a4140bd554743d2c1f8bd7f386fe4919345b163d89a5d907fb165e435ba0ac5f6b1101713636141f156a420e2e0f
- SSDEEP
  
  192:9B6RvrfvOuJQDghBy/X7QKq3TLGciZJf0EzWzMnz6WoF1dBs:v6RrviWaX7eiZJ7nz6bB
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  10KB
- MD5
  
  fe24766ba314f620d57d0cf7339103c0
- SHA1
  
  8641545f03f03ff07485d6ec4d7b41cbb898c269
- SHA256
  
  802ef71440f662f456bed6283a5ff78066af016897fe6bfd29cac6edc2967bbd
- SHA512
  
  60d36959895cebf29c4e7713e6d414980139c7aa4ed1c8c96fefb672c1263af0ce909fb409534355895649c0e8056635112efb0da2ba05694446aec2ca77e2e3
- SSDEEP
  
  192:rO6dJA/ruAFEiUdWWE6hE5RYUdJfbub1aMBgMO:yKAFERdlxhGRYUzqZaMB
Score

3^/10

discovery
behavioral11 behavioral12

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12