524e2df81274262da706ae4e5f29089427ad39ba0f9ba9a1c20b565505801fef | Triage

Sharing

General

Target

0572dc95aa995ecf7ff8e01e4fd306b0_JaffaCakes118
Size

24.4MB
Sample

241001-me2xbaydkd
MD5

0572dc95aa995ecf7ff8e01e4fd306b0
SHA1

612e986063550a2ec6247360370ef5052f9b6177
SHA256

524e2df81274262da706ae4e5f29089427ad39ba0f9ba9a1c20b565505801fef
SHA512

185828c7ba7668a60e7bcd692923d1d49dd7597161f97dd95be00b2aee43090adca8282d293b50a7784530bd91d5789812b53247b3f65ab49023c88f797f0e72
SSDEEP

786432:ZybpiPivjp3A2FFVrFAC0G8BL+TRt7bF/t:Zu4aFQ0Vr0BgRt/F/t

Score

7^/10

discovery execution linux upx

Malware Config

Targets

- Target
  
  0572dc95aa995ecf7ff8e01e4fd306b0_JaffaCakes118
- Size
  
  24.4MB
- MD5
  
  0572dc95aa995ecf7ff8e01e4fd306b0
- SHA1
  
  612e986063550a2ec6247360370ef5052f9b6177
- SHA256
  
  524e2df81274262da706ae4e5f29089427ad39ba0f9ba9a1c20b565505801fef
- SHA512
  
  185828c7ba7668a60e7bcd692923d1d49dd7597161f97dd95be00b2aee43090adca8282d293b50a7784530bd91d5789812b53247b3f65ab49023c88f797f0e72
- SSDEEP
  
  786432:ZybpiPivjp3A2FFVrFAC0G8BL+TRt7bF/t:Zu4aFQ0Vr0BgRt/F/t
Score

7^/10

discovery
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/DcryptDll.dll
- Size
  
  14KB
- MD5
  
  904beebec2790ee2ca0c90fc448ac7e0
- SHA1
  
  40fabf1eb0a3b7168351c4514c5288216cb1566d
- SHA256
  
  f730d9385bf72eac5d579bcf1f7e4330f1d239ca1054d4ead48e9e363d9f4222
- SHA512
  
  8bdbbaaf73e396cf9fd9866b3e824b7e70c59a2bdefdb3236387e60d0e645d011265fe79fb193f6c0d6abe2e9c01260720c71cd8f068fcc4624760511c54efaa
- SSDEEP
  
  192:apY9VuCnNCbs8dNyHdrvr5T1KEtx/9ehuhiDTUkSv/DxRyeHk51I7n13Xm:aptMNUjyVvGWxauhiDDS3DnyK7nF
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  14KB
- MD5
  
  0dc0cc7a6d9db685bf05a7e5f3ea4781
- SHA1
  
  5d8b6268eeec9d8d904bc9d988a4b588b392213f
- SHA256
  
  8e287326f1cdd5ef2dcd7a72537c68cbe4299ceb1f820707c5820f3aa6d8206c
- SHA512
  
  814dd17ebb434f4a3356f716c783ab7f569f9ee34ce5274fa50392526925f044798f8006198ac7afe3d1c2ca83a2ca8c472ca53fec5f12bbfbbe0707abacd6b0
- SSDEEP
  
  192:n6d+dHXLHQOPiY53uiUdigyU+WsPdc/A1A+2jPK72dwF7dBEnbok:n6UdHXcIiY535zBt2jP+BEnbo
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/NSISdl.dll
- Size
  
  14KB
- MD5
  
  254f13dfd61c5b7d2119eb2550491e1d
- SHA1
  
  5083f6804ee3475f3698ab9e68611b0128e22fd6
- SHA256
  
  fd0e8be2135f3d326b65520383a3468c3983fa32c9c93594d986b16709d80f28
- SHA512
  
  fcef8ac5bd0ee6e316dbbc128a223ba18c8bf85a8d253e0c0877af6a4f686a20b08d34e5a426e2be5045962b391b8073769253a4d9b18616febc8133ccf654f7
- SSDEEP
  
  192:t5ZTobBDJ68r67wmsvJI5ad9cXzFOVu+mZ/P3p+57CvpVqDxVp01Dwn2GRYgsfA:fBo/680dCI5adOjFOg9//p27uNw2bo
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  11KB
- MD5
  
  00a0194c20ee912257df53bfe258ee4a
- SHA1
  
  d7b4e319bc5119024690dc8230b9cc919b1b86b2
- SHA256
  
  dc4da2ccadb11099076926b02764b2b44ad8f97cd32337421a4cc21a3f5448f3
- SHA512
  
  3b38a2c17996c3b77ebf7b858a6c37415615e756792132878d8eddbd13cb06710b7da0e8b58104768f8e475fc93e8b44b3b1ab6f70ddf52edee111aaf5ef5667
- SSDEEP
  
  192:7DKnJZCv6VmbJQC+tFiUdK7ckD4gRXKQx+LQ2CSF:7ViJrtFRdbmXK8+PCw
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  $PLUGINSDIR/locate.dll
- Size
  
  17KB
- MD5
  
  7d3317f57c1a368480ace3c0ca804eeb
- SHA1
  
  d4c7e185bc64aac82339f51ba6c21cf0713c9f1a
- SHA256
  
  d88a04c1e39db583eaad727fd390fe599ab10198ee040bfbdd22daefadbd2372
- SHA512
  
  5598c2e6caa2f66edd48f8c8305e054d4b0740b5f2b7ed92cf197a13ac66ba99a32013d34b3c2e28d007ab7979eb90a50681324eb736b1410e7df1902e4ec32a
- SSDEEP
  
  384:ev/vPBkA6dK8wiLe45naPji7hpx2kRV+qgm:evyvwiNnGji7Xxjc8
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  $PLUGINSDIR/nsRandom.dll
- Size
  
  21KB
- MD5
  
  ab467b8dfaa660a0f0e5b26e28af5735
- SHA1
  
  596abd2c31eaff3479edf2069db1c155b59ce74d
- SHA256
  
  db267d9920395b4badc48de04df99dfd21d579480d103cae0f48e6578197ff73
- SHA512
  
  7d002dc203997b8a4d8ec20c92cd82848e29d746414f4a61265c76d4afb12c05bce826fc63f4d2bd3d527f38506c391855767d864c37584df11b5db9ca008301
- SSDEEP
  
  384:LCHDPMs4GdtyO5roguusMxUXiO3wOw95euooP2UgKbd9BvNtf:LCHD6Gh87MKXil/5r2U3z
Score

5^/10

discovery upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral13 behavioral14
- Target
  
  $PLUGINSDIR/xml.dll
- Size
  
  118KB
- MD5
  
  42df1fbaa87567adf2b4050805a1a545
- SHA1
  
  b892a6efbb39b7144248e0c0d79e53da474a9373
- SHA256
  
  e900fcb9d598643eb0ee3e4005da925e73e70dbaa010edc4473e99ea0638b845
- SHA512
  
  4537d408e2f54d07b018907c787da6c7340f909a1789416de33d090055eda8918f338d8571bc3b438dd89e5e03e0ded70c86702666f12adb98523a91cbb1de1d
- SSDEEP
  
  1536:U2A8OSGjylgkara+70LICin9zgtg2LxowhtJu6MqSNicNEtIfF42q2KC:OzjLkarn7O+n9z2L6whFtGF42bK
Score

3^/10

discovery
behavioral15 behavioral16
- Target
  
  APIWrapper.js
- Size
  
  13KB
- MD5
  
  c381d2dd71ef008113699b3cdf6d7346
- SHA1
  
  f20017ba0fd4a61d912e3f8a4efe203d80d59d37
- SHA256
  
  94c3ab29f1085a9bc0eca7c1eb1edc3b7caf293485c1b13727513c46ea618d23
- SHA512
  
  56803147b040344eea1220fb7647e180ff1c03731f0b6ccc44113f4908a44e3c8e593fdd6ccf418c4dea9189aed115747c75c0d5aab4cabf8b57b2cd35ccc58d
- SSDEEP
  
  384:m2mwtwz/mmTakZGXBdTiBQZGKcH8eLS4KiiCHXLG03ni:m2mwRjgTHK0y
Score

3^/10

execution
behavioral17 behavioral18
- Target
  
  LinFlashPlayer
- Size
  
  1.2MB
- MD5
  
  c0ddf167ea226010ea217319d227d909
- SHA1
  
  c0bdde09852d788ce8c0d985f957f293c8e0e980
- SHA256
  
  7db75959bf88427aab424bb89d928b331f67e707bd597f39ce38a7f1ccee2dc0
- SHA512
  
  0da33707984c2792e14e9141188b95e016ef8198d11fe893ffceb8060a31d05d1c64fd0dd0d1e8257b92cfc052416f8e78af3ddb0abb7aa64b9eeb80c08fadd9
- SSDEEP
  
  24576:r9peC7km/4Kj+TAqFKp58kAx6POfbUCvNCfKfuMf0HGGIk2g:veCImwK9qFKAZpf/vFXcmm
Score

1^/10
behavioral19
- Target
  
  RUNME.bat
- Size
  
  863B
- MD5
  
  acfb71f85fa2bef2305f93de23ce9aca
- SHA1
  
  839fafd21dde771db8d37d29d8662233744349ba
- SHA256
  
  21e7249ecbb40755d27a7f02561a1135ce9bcf762d3fb5303c5f8bf2565e47e9
- SHA512
  
  e899b0fcb18bc457cb0167d7cdfcb2822baed6353e5b50a18cb08e5b56dbe8a0c254fc892978b0863ad871a5e5c82946f1a93c97105ebd6c3db148a402a41bfe
Score

3^/10

discovery
behavioral20 behavioral21
- Target
  
  SAFlashPlayer.exe
- Size
  
  800KB
- MD5
  
  eff2852664f15cba397048c1aa892c7f
- SHA1
  
  563ab7ca551489dead739af91d94708061e16f41
- SHA256
  
  5873fd642111194866643a40bb5d59e7dd66db04bc235e0216321915d764d997
- SHA512
  
  dfe7d1290fc439edddd683eec07d419a79ef0fb4c5892267b1552afca44b4c90da0d2c75dfd4748cfb326462cac7243da1f00aa343511a24dc1cb05d9d83bb08
- SSDEEP
  
  24576:gtt6tP2jLB0EGb7PmcQYZs7zvtCuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuIuu+:g8PjlyQZU0uuuuuuuuuuuuuuuuuuuuud
Score

3^/10

discovery
behavioral22 behavioral23
- Target
  
  ViewletBuilder4.exe
- Size
  
  56KB
- MD5
  
  bdaf175ecb96086d0c950928d854d942
- SHA1
  
  7085ac5ed3e107e9350476ae636be99ffbf937c6
- SHA256
  
  bb2c49152c6e93ea47867799293c171445df9ecf7680b69105984ad222142b87
- SHA512
  
  3b6f12664f68b4a65e5b9198342cbe7115c5b807e11fa6794c63b03985ff953cbf00f0dab1ca3b4d1e6ef21715851b68e3b51228175c0bf1f6a81d5a2e414e24
- SSDEEP
  
  768:U7C4AeEW1lqXokGbLaHgmlCW7s6k9Qkm0EuZC1vQMHW4o:U7CClqXokGYlCW7s6k9485M2/
Score

3^/10

discovery
behavioral24 behavioral25
- Target
  
  closer.html
- Size
  
  290B
- MD5
  
  4f58d0e61257c4bd874712a9ba45d6ba
- SHA1
  
  943bb750f66d7a975a5a4c21bf47bf3fa7ff7160
- SHA256
  
  dae219f74bfd74baba8bcd537735821ab066534603f85782622c3d746b857d1a
- SHA512
  
  3eed700d3ad6cefacfbe0e4805c585db773165487f9959c51224a9b2704316962efea01df1c43d4e8a84699f0f022da1d806965f120f5d4aa414914ef388a7e1
Score

3^/10

discovery
behavioral26 behavioral27
- Target
  
  delete.bat
- Size
  
  48B
- MD5
  
  27910c31e2a769bc92b47824769cc688
- SHA1
  
  9d08a96f3f3171e27abe026f1aad10c28168df94
- SHA256
  
  a60ccd908a6909c877f0e0496435962a32678f6d6fba33f7aaf878d9f21947da
- SHA512
  
  2d6cd56c27c0cf6c711cd67d0f8ab1d6c2185e9a8fad88185a4ed919bd3e9f2d0649b00626db2dd96891c2fdf90da862e26cdc3d3c214d210e4ea30380175017
Score

1^/10
behavioral28 behavioral29
- Target
  
  deleteVBFolder.exe
- Size
  
  160KB
- MD5
  
  e1b805f0682cd37d5e4c40827e83e043
- SHA1
  
  408b4ed26f166135109e68bb75dc09a15341492a
- SHA256
  
  ea3001ab696e7614ca6a7765db4e5c31eee9ba85e7a407e690712a6b7d52472f
- SHA512
  
  59860816febd616d927ade0989aba5ed2504e17f55aa1a4de4c992005dfeeca6d98676bf605a981e9915018d6e1f2ab00cfe57de24e22dbbb34fb6c0b695a859
- SSDEEP
  
  1536:7MUWJ7XA6uJfZ1x7tOdtVHDYo6tcdmUmi4AmWqW2oK:7xWJTcfZ1BqDYo66aRW2oK
Score

3^/10

discovery
behavioral30 behavioral31
- Target
  
  handler.html
- Size
  
  5KB
- MD5
  
  ff9179c5f7075ed7cfbfb0a7276b600d
- SHA1
  
  21d66d6aa0ed092b80f85c2936511af58196a8ee
- SHA256
  
  4a728901591ffea2a09559211312a4656e3de439f9a1e055110b40f2e6e74b35
- SHA512
  
  87d76a14a59d150dc8a56fb76f1a39f07918c17a7eec78d1743a15d6726f7ca92683f9aa0320e0abfde8e571b92a280c32af6083c4afc8cdec680b5d4b7e1e28
- SSDEEP
  
  96:o7uVL1X0gUe4/HMNfCMfL3c3z0fIFR37mMh+jDqLJT4+yD9:o7EL1X01e4/4fCMja0fIFZ7mMBNTe
Score

3^/10

discovery
behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32