dc811cc216e3cf694ac24841ea7df9df90175608af5a413070f58f685ecea10a | Triage

Sharing

General

Target

079244721cabacc7d3bee3cc663b8545_JaffaCakes118
Size

20.0MB
Sample

241001-1rw4gssclj
MD5

079244721cabacc7d3bee3cc663b8545
SHA1

152cab0691d77f62a424eeb0e810fd51dde30806
SHA256

dc811cc216e3cf694ac24841ea7df9df90175608af5a413070f58f685ecea10a
SHA512

26e419d52b7646780bff726cf29fd9d1eea6753a2d3a785ddd45aedc873d856f2ddab1a5932a4d93335a37101a2f24806a7b4711753f6af7b0d3e7429689b82f
SSDEEP

393216:XdD7w+gA0nmHcdWkFcLXvBYOuW9e9HMlbyVp+awADd2:Fs+gA2dDSLGzWM9NVp+rOM

Score

7^/10

discovery upx

Malware Config

Targets

- Target
  
  079244721cabacc7d3bee3cc663b8545_JaffaCakes118
- Size
  
  20.0MB
- MD5
  
  079244721cabacc7d3bee3cc663b8545
- SHA1
  
  152cab0691d77f62a424eeb0e810fd51dde30806
- SHA256
  
  dc811cc216e3cf694ac24841ea7df9df90175608af5a413070f58f685ecea10a
- SHA512
  
  26e419d52b7646780bff726cf29fd9d1eea6753a2d3a785ddd45aedc873d856f2ddab1a5932a4d93335a37101a2f24806a7b4711753f6af7b0d3e7429689b82f
- SSDEEP
  
  393216:XdD7w+gA0nmHcdWkFcLXvBYOuW9e9HMlbyVp+awADd2:Fs+gA2dDSLGzWM9NVp+rOM
Score

3^/10

discovery
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  14KB
- MD5
  
  325b008aec81e5aaa57096f05d4212b5
- SHA1
  
  27a2d89747a20305b6518438eff5b9f57f7df5c3
- SHA256
  
  c9cd5c9609e70005926ae5171726a4142ffbcccc771d307efcd195dafc1e6b4b
- SHA512
  
  18362b3aee529a27e85cc087627ecf6e2d21196d725f499c4a185cb3a380999f43ff1833a8ebec3f5ba1d3a113ef83185770e663854121f2d8b885790115afdf
- SSDEEP
  
  192:86d+dHXLHQOPiY53uiUdigyU+WsPdc/A1A+2jwK72dwF7dBEnbok:86UdHXcIiY535zBt2jw+BEnbo
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/LangDLL.dll
- Size
  
  5KB
- MD5
  
  9384f4007c492d4fa040924f31c00166
- SHA1
  
  aba37faef30d7c445584c688a0b5638f5db31c7b
- SHA256
  
  60a964095af1be79f6a99b22212fefe2d16f5a0afd7e707d14394e4143e3f4f5
- SHA512
  
  68f158887e24302673227adffc688fd3edabf097d7f5410f983e06c6b9c7344ca1d8a45c7fa05553adcc5987993df3a298763477168d4842e554c4eb93b9aaaf
- SSDEEP
  
  48:iV6pAvmNC6iMPUptxEZK65x/AmvycNSmwVsOYJyvrpXptp/JvR0Jlof5d2:2811GED5ZTvycNSmwVsTJuftpZR0Sd2
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/UAC.dll
- Size
  
  14KB
- MD5
  
  361e8e7f3e1e722f6ac5f4f3ab873035
- SHA1
  
  954e00873cc194fb87f350e52ec256c9df92a54b
- SHA256
  
  b7ae0a44882df8045866b75d4565ecb65f2f8e6ef19d23c532f2002a8caf9654
- SHA512
  
  7d45ba23ac24023b68225167d2a39f6aa553681f0a5a5a1df53407f51bbb471ac565e6b15e252e7e25e002b4b7eccde87f5a11e0ef21c26c71544ee6217d1b17
- SSDEEP
  
  384:FRNvuMqAChVo1WCeR3XbrKUgqy7g8HOZHDZ8:/NvZqA2o7IbOUgP42
Score

5^/10

discovery upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral7 behavioral8
- Target
  
  axvlc.dll
- Size
  
  411KB
- MD5
  
  1127390826a9409f6fd7ad99c4d4af18
- SHA1
  
  32f7415cacbd35ccda998fc299b38bf1b6f37d30
- SHA256
  
  3da6af3057cfd9490e512279c5ee2c6ec778a71d57dc8aa1992098c8d2bd1b69
- SHA512
  
  342755750c5cd9e912755cb487f06b7dff1daf02a6254c7440c2b7ca61f2c3a537529c7aab8871910158cf4c955e16c18f8b2efa47a5ace9bab896cbae0992be
- SSDEEP
  
  6144:Mse1d1MOcGWQ1gmUVc/r8FNo0O9lUPwAmjs0HepYbjleraBCDorABa:MsmdiOcrKgLsYNo0WYYbjleraB
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  libvlc.dll
- Size
  
  109KB
- MD5
  
  7dfb162693ceb4afbb2eb63d0f09d3f2
- SHA1
  
  e733aa5746ec587a7909a66eaa6154843dc12472
- SHA256
  
  f2fbd9b4d8f2ade91348d1ae14d8e6d6e27b880340c61619c6d2b63aa6891522
- SHA512
  
  7c6ee99e0b0e41496d53db19863ca91b24bcdb28a7971dcc44d1c5ca88db6042b2a32a36b87c9f297cec459aa25984b5652731947f3f59954aa60dba46cfb37c
- SSDEEP
  
  3072:7huVu07COkoBdgVR78pg50S+V2dqLp4L0S:0QKc8pg5aV2ALp4L0
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  libvlccore.dll
- Size
  
  2.2MB
- MD5
  
  81b7512e37e94ec09779f89fe35b95aa
- SHA1
  
  25aa85c70c5ad60244c12cff983f567a6ee0fefd
- SHA256
  
  8356116659b9da55371aa38f70d4ea6879f816aaa6382b62c51f2fd9adeb1b51
- SHA512
  
  61277b97edec4374aaae82f8f638595096f085518fd899f263fbd584d0ba4a0ca86e10e1a33a9c4d127a67d6589b3e6ea19ced53081fde868ee4daa950bbdf83
- SSDEEP
  
  49152:L8PQOjV4TvTOlNba+/6G5lXxYp8UxwbAquy43bMQOg8KupGaXXnYIBAUZLYu0:L8PQOjV4TvTOlNba+/6G5z2z+dBAUZL
Score

3^/10

discovery
behavioral13 behavioral14
- Target
  
  npvlc.dll
- Size
  
  300KB
- MD5
  
  3f9f8e0f93d6fa7b7552077a3df171de
- SHA1
  
  ef222eeee66972e16b8b3d7395a53893c6690d47
- SHA256
  
  d7c9c4f679fc691c20bdee09b6f6fe79bb4ae29af562e3bcc2a6f64f5af5a8ef
- SHA512
  
  ffe25b19cd19b02ea96bc4e096997a8d446f28006accd67c2b575d316827f8e5ea614568124ea1a2059f8140040b4a3a1577f015b227bd70c2fccb2fd9693e4c
- SSDEEP
  
  6144:TiNfZfqSRsBtfgi4VTP75l8p4BHbxc3UPS6qmraBCDorABD:TiNxfqSeB1gvlP752gbjqmraBg
Score

3^/10

discovery
behavioral15 behavioral16
- Target
  
  plugins/3dnow/libmemcpy3dn_plugin.dll
- Size
  
  36KB
- MD5
  
  488c560fdc560fa83e9e1d6f5469c841
- SHA1
  
  a0f74aa6c5a4481ac166014eae2c9120d6128fb8
- SHA256
  
  ad6b98436c905308e01841d30a7dbe68ae9b08624cbc4dc7593c76e69e631ac7
- SHA512
  
  53dfee1114e42cd1b959575a8fd5676262591f86f3b93a881ce732bc0170adeaf81553591de80a52933fea2b5130ee008bf27ee0123b8bff7a19e40a3048a52b
- SSDEEP
  
  768:gNFX/9KxLM5sKfgv1eSuJSlrkKf+Vmx//Kx:aFX+LMWKfgwDSlYA+Vm9/Kx
Score

3^/10

discovery
behavioral17 behavioral18
- Target
  
  plugins/access/libaccess_attachment_plugin.dll
- Size
  
  34KB
- MD5
  
  2e01a91d4d3c0e1e04fd62040d70f495
- SHA1
  
  025f7d522435eb53b49a7f7412ba33a94a848450
- SHA256
  
  787cd3fc5e4ed28b587017478d842a228909aac78c18236365934262a367bfea
- SHA512
  
  9454b8a16d264f45c7d900c85c17272504c8a9b2cc80f7877d1fddef3275031f02a903e515866bde886e3187c19f013f174edf84b25a66a444214f55a95f0abd
- SSDEEP
  
  768:/tbiXdJyfxLME/K1wgv1xKlwkV+VYx/+C:1biXkLM6K1wg+l1V+VY9+C
Score

3^/10

discovery
behavioral19 behavioral20
- Target
  
  plugins/access/libaccess_bd_plugin.dll
- Size
  
  91KB
- MD5
  
  5a5847d7dad7b90c8d7fe5c1be39df3d
- SHA1
  
  bafc9ee7fcc620cba0c2c04d74f5737f4208fb79
- SHA256
  
  f7e2d5692d7d6e906c811cb80755a0844698a7ac1355a59ead9475ecc3ae849c
- SHA512
  
  cbc76820e22fca5c90352ac9d08fb8229d342e3f690a4be9d880801362c420debfc3ac2345913093161abad063e224f720776b3172fce25c7c00ee715c3794e7
- SSDEEP
  
  1536:QU0iwK7kmUhjZ+nC7MS2cJBx+Obo/yI2RRwQ0XrIMBKnghlm4+Vt9U8uQ6D:zROhcnC7MS2cJB8ObOyI2RWXMngh84+e
Score

3^/10

discovery
behavioral21 behavioral22
- Target
  
  plugins/access/libaccess_ftp_plugin.dll
- Size
  
  44KB
- MD5
  
  f344111f902d663faca92ba33d56f246
- SHA1
  
  8eab7eea73caa34038f688be99964f2b8ac547cc
- SHA256
  
  7e478a793155d4b43f42614e037366dae7d1ad2937b69e41176c286338ce2764
- SHA512
  
  2a394736c1be1a23140895e4be469686603a434c0d43735e964a3862e22a348a16e1ce1c62b8d9da570a7fd9d298b96e1e09b767c676c49a04f7d1452c89243f
- SSDEEP
  
  768:mukkK5NE9MdoX8u5xAMDswKGgv1y8lBs7+V3x/8Sftk:muqfEWdoX/AMFKGgrlG7+V39Jftk
Score

3^/10

discovery
behavioral23 behavioral24
- Target
  
  plugins/access/libaccess_http_plugin.dll
- Size
  
  89KB
- MD5
  
  d85839521546692289617932ca678a0e
- SHA1
  
  9fed98d714d753a30538905e37a5c0d8804218c5
- SHA256
  
  87b3f4f10e05c119e0c6ae3181ef9a375b042f55d0f7269c4ec88964b7dec813
- SHA512
  
  a7d3003c0d0c9ac76cc424101fc99aaa2b50106f25a70d7297e5b0ad2a9455d4c1a967864f19239438c70529c13702548fcfac7956f12c0ba7786dc0bb96fb59
- SSDEEP
  
  1536:ec0m7X9DWeNF8sX6mmI2Jl5QWNEi26MlKog5l2++VA9HvSFIOSnToIf82:echziaoog58++VAl2eTBf8
Score

3^/10

discovery
behavioral25 behavioral26
- Target
  
  plugins/access/libaccess_imem_plugin.dll
- Size
  
  46KB
- MD5
  
  4426916e512cdb8b61d9743daf979eb5
- SHA1
  
  37dbdb6992057b458a87bb70ed0a37b0a8d606b7
- SHA256
  
  35769b20e710384bd84a887dc96cb1d6edafeae589635b75e5bf753999a08641
- SHA512
  
  c29547a394b69a3d92f63d4eec01d29dd4e26d8b03afa972ac15ba945a9f523d6f7e66996f78e9926f53c7b630a28966d97d5bdeb162c156d340be3d529e535c
- SSDEEP
  
  768:eXf2hmpkEzXPS3msvxMMFHK6gv1pilw8N+V+x/z8CM:eP2hmmEzXsPMM1K6gmlNN+V+9zzM
Score

3^/10

discovery
behavioral27 behavioral28
- Target
  
  plugins/access/libaccess_mms_plugin.dll
- Size
  
  77KB
- MD5
  
  088ec625e783ce38b830c3f9849ba098
- SHA1
  
  50aef15731f7d2a6928f4518e58de948c4d8e1bb
- SHA256
  
  68b7f4dbf5179780fc416b009b2d2b4895683344b73de73a1e4710fc218b7b79
- SHA512
  
  b0504ff4c1fcf90655d9809e57ea5f3597a6be1d6bf16c28ef318c5e5962b8467eb9ff7a9adfcfc34ee9e6fe4d07fdc2f0a78e462a8491d785ea2127fdc9e06b
- SSDEEP
  
  1536:ka4lZFU44H818UH1A4+4qlXUXqEMdKogClBL+Vz9U0cjb8sxb:XixVAoAQogCXL+Vzyp8C
Score

3^/10

discovery
behavioral29 behavioral30
- Target
  
  plugins/access/libaccess_rar_plugin.dll
- Size
  
  39KB
- MD5
  
  c4e9661fe6e0a0e26a8b39765657060b
- SHA1
  
  70777be0e375c2c1982a9aa187a709bde050c449
- SHA256
  
  72dd8be7667daf755a436021dff6ec76d03a7f86d00d4c89b35d03b32cef5f26
- SHA512
  
  72c4951b9199b4a04662e5ff088995483014c7efb29baf03e1888c53eda8bab65ac0401f3c5b706d976d9fa173cd021d362f1ac5a757fc1beb0f988d911f0f6d
- SSDEEP
  
  768:qaG/1NIZVX3nnTx4MDSKHgv13P4lQUz+VFtx/2zdS:qamqVXV4M2KHgl4lFz+VFt92zdS
Score

3^/10

discovery
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32