General

  • Target

    05d550c182312f5a0580eafa2fbba806_JaffaCakes118

  • Size

    11.3MB

  • Sample

    241001-prezeszbql

  • MD5

    05d550c182312f5a0580eafa2fbba806

  • SHA1

    df034643778132a86f4878ef7df73b03ad4e9ce8

  • SHA256

    0155e34c5ad2f5661c5ebc2c6351ac2afe95246bf659e8cd0b0e1a7bffabc5de

  • SHA512

    ac3e1bfaccde56aa9525434f7134cd5a63705156a3a9e0c1b5c7150126c054dcd0822df6f1bae0543ab0ab4ce462ffd4c7bb654995d5494e782c9d710db422ef

  • SSDEEP

    196608:8NZvC6hQYJrDFVB5sQwl2yBzCnq1SY2FVwPoltHvKAEr3vRrUr/gfYg1e9:8vC6hr1bKlLRSJVu6BvKN/xUEte9

Malware Config

Targets

    • Target

      05d550c182312f5a0580eafa2fbba806_JaffaCakes118

    • Size

      11.3MB

    • MD5

      05d550c182312f5a0580eafa2fbba806

    • SHA1

      df034643778132a86f4878ef7df73b03ad4e9ce8

    • SHA256

      0155e34c5ad2f5661c5ebc2c6351ac2afe95246bf659e8cd0b0e1a7bffabc5de

    • SHA512

      ac3e1bfaccde56aa9525434f7134cd5a63705156a3a9e0c1b5c7150126c054dcd0822df6f1bae0543ab0ab4ce462ffd4c7bb654995d5494e782c9d710db422ef

    • SSDEEP

      196608:8NZvC6hQYJrDFVB5sQwl2yBzCnq1SY2FVwPoltHvKAEr3vRrUr/gfYg1e9:8vC6hr1bKlLRSJVu6BvKN/xUEte9

    Score
    3/10
    • Target

      $PLUGINSDIR/InstallOptions.dll

    • Size

      14KB

    • MD5

      d7b3f05ff44116b9080b5e69b2e86efd

    • SHA1

      2535ecfa122041edb901ac667944e0f6814c4cd0

    • SHA256

      40d66e085409445202dce1b5419449cc302d91be17614b521e3ccce473205db7

    • SHA512

      414c6b410b35a8bb5a2c9fdd46dad63704484e1535155219b29a5bb886ded73f4b7ca3bafa726ce751e1c711a764938c9256106a90098263d6ff88bc017ec140

    • SSDEEP

      192:X6JaVGQ+xI5EeuyvMmGpeWH2J5xprN+AxTyK72dwF7dBdcQOz:X6JaVh4I5rpPbTy+BdhO

    Score
    3/10
    • Target

      $PLUGINSDIR/System.dll

    • Size

      10KB

    • MD5

      4fbb4a2cd711fc1fe84f3dc30c491dc9

    • SHA1

      888e01ae6e64e7326f88df9a30587f699eab154a

    • SHA256

      c3b05f4faf5e8903d5b4cb4a8ce4bbf2e8144725b98d8787d51c117b6efa9bc2

    • SHA512

      92dcf99672a5935065df6492e27abb653679f1db6dcddfde87cd14260c94a870327826b23cc2f338381b3eb53d07c1a3867806f6ff94533db5195b895a856847

    • SSDEEP

      192:CO6dJA/ruAFEiUdWWE6hE5RYUdJfbub1argMO:XKAFERdlxhGRYUzqZar

    Score
    3/10
    • Target

      $PLUGINSDIR/exdll.dll

    • Size

      7KB

    • MD5

      d89cce9a905c12de3e9d5caf5241cc64

    • SHA1

      e0fb119abff69ca2dda23aa0489b38e0392b44f6

    • SHA256

      5193488a703f9f6e78e23b2964a7d0a847bc2965eee94152ebf6e5ba1f6c4a80

    • SHA512

      7daafb6c409ff185644546a77e412e46b2c8d28c983b786461a78be593afc38a94c82d51719f85d1b635c89d3b891370d123570dfb59a6a785b0778a1b679069

    • SSDEEP

      96:059ysHklhbDLSDP/cI0mDcV0gh1yfpZVwSir6xaZKzboZ8:059ZHkHbaDcAuyHngZUboZ

    Score
    3/10
    • Target

      $PLUGINSDIR/nsDialogs.dll

    • Size

      8KB

    • MD5

      6e5d67de86bbe1424c948ec22490e16e

    • SHA1

      eb472a706f5b28f3151c14741926e1107b5bfafd

    • SHA256

      d337a4fb3a455b847696ac70a6c070272e108e094d2b4395e3bdc1c76b86b8ae

    • SHA512

      0ed74440e8a2f7af0d8412410d36a160ddbb362a2dd762297029f7997b2040e27aa0ca1bddb918197956b3280e036fcfc7ebab7adf665d93828479f1d5fe2314

    • SSDEEP

      96:rZ5RwaB9dE0/PvQMuql/ODzN3ZOyGE1xiR0r2HpYkUdiw4:rZL7/AMzUz5ZOtEW0r2JxUdi

    Score
    3/10
    • Target

      content/ctoolbar.js

    • Size

      1.5MB

    • MD5

      c4a6bc851aba92ae248db54ef0fe8db4

    • SHA1

      2c50a6ae23defea0c1349a653b0e4b5f4b29352b

    • SHA256

      60fe26d176f9bf5fc6f11a9c57e1bdbc6efb83edbbc11bbc06dbf5f0a3b8cb46

    • SHA512

      4101cabfebbf85bd0459c10e1dd55bf5ff3c740e81eb975fa50a5a35e3a77899a6f555c32aa6ea0af1f0354ddd6dcd012a8ec2e10fdfb7efa650f63c6b29b347

    • SSDEEP

      49152:Ct/NTb3NF3W7hos3QX+asyRTH+qHNFClHwd/Eza6fv7:p

    Score
    3/10
    • Target

      $_7_/components/Conduit.js

    • Size

      10KB

    • MD5

      6bc46c871c97fe512a148a19ceb0e2ae

    • SHA1

      e2b4da1e5348eaf9005f99499e6e9b0973cb2745

    • SHA256

      5c0c4364bdb53c83b1306ff1e5ad87e1423d2199740b2d3104584394deb1fed9

    • SHA512

      c3435cf24169330b69353acdb03fbed0c1be2fa570987b6d88801a973d7907fac12985ff6139a7dfc091295c890955fab8d1202fb1697f50a0ba95957b694003

    • SSDEEP

      192:FkW8qVXjrX4XbXJXnXJQHHgNci7/jXj3/7u7ecZ7wvsbhvw1P/iff:tLVXfIrZX5Qg+6TD4PZ7WsbJw1I

    Score
    3/10
    • Target

      $_7_/components/ConduitAutoCompleteSearch.js

    • Size

      12KB

    • MD5

      a75e688942a993c32de3dc9cd656c5f2

    • SHA1

      c405a6423ec511bc001a78b751d91e3633ba2726

    • SHA256

      8c08111ff1f43aae95e487971cd033b4a582808f554b3e1dd21809ce69e3b8f8

    • SHA512

      6c3317dee75cabf2b403f35d5f81971307b3b1fc3b71ccf862375e88e8a6232a560ea3b91f21555c388cdcb3f08906a51032b8ae7ccebe8e82be8ff4c50698b9

    • SSDEEP

      192:uk/Mh+iFddQBML3jvxpZ5HAwxkDBad0lFS/iRv:ukEEiLdT7l5HAckDod6h

    Score
    3/10
    • Target

      $_7_/components/ConduitToolbar.js

    • Size

      2KB

    • MD5

      1e23335eaf20a13e563dcc8caccf4f7a

    • SHA1

      663ab968fd59626be7ddc2c7999d933140a3edef

    • SHA256

      98af646fc6f0ce4b48e2bd5106f98673d640b21fea21a4aa779731c6f8d70ada

    • SHA512

      33f56b2f3a61b4f6be6f7fc432fd55425dfd12bdc773ec2660b595ea8eb97bf6517e73a4b6c2004e700105655cb1ea0ddaac718a8a31e70306cafe877943cada

    Score
    3/10
    • Target

      $_7_/components/FFAlert.dll

    • Size

      13KB

    • MD5

      00282e5831a7008088b0db1d7e108db6

    • SHA1

      c1852e3e5f4c22f2359c13c67dffaab92faaeb2b

    • SHA256

      482a8bf5e26a882b310989ce1cb5a7244a03212150d514559aecd7e74c0654ba

    • SHA512

      2083856f890ead56239e22b4def93567e86e903e17ab866ef6f9d1d6ad23de323704f75e326daa0579adf217b93d5cb4ef3df5a3bb14664bf06b0e744f008927

    • SSDEEP

      192:0vUIEp6awbMWJvqgKlTMGcQ6/7yyrPlrDDyB4iprOR3XYEqWpW0:p6DJygITMGcQ6FrDDyB4UOtIG

    Score
    3/10
    • Target

      $_7_/components/npmozax.dll

    • Size

      112KB

    • MD5

      bb2fd4632cbf410c584bab0be026b733

    • SHA1

      da1433810446595bb38fdbc3a664ffb09e81d06c

    • SHA256

      1056248d3674adbc9e33e81f836a578b0e830c054da5a35723fe7072976c3ba6

    • SHA512

      541b333b24e5943ba7d8d5ca052b450138d51b915760dfa512e7403144738994995358ea0bc4304f7aa75e28b6a4a6cd04f608729d100bd6c5dce40f68d4a631

    • SSDEEP

      3072:fd8cpf3GOywbdopQzdglm4c0j9G9rAiYIH9Lf:fxe3wbdXdgRcoGpPjd

    Score
    3/10
    • Target

      $_7_/components/nsAxSecurityPolicy.js

    • Size

      8KB

    • MD5

      c982f14a117ca444fcd4e558684e72ad

    • SHA1

      d349adb454d434939ad56937dfc6b77bc9bcd1b9

    • SHA256

      fe1cf8b6c350ce8b890ab8aa1c2e8441dd9c672b43439e6241bd90b63bee3718

    • SHA512

      8ce89bcdd31f3b8c529a14255f69c684216eaab44987612b094f1a2c2fed94fd43877caad56fb082eabf1e2de20870b9e681e2f2b04baf55fae1fa847a95b560

    • SSDEEP

      96:8HeHqTzNT0oIOyYDVvJR0zrvwby0eNPNEla0cOnJujv/abPHJ1F9jYuOonoDZt9B:vH0zNT0KyYJKFSSaaml/KgXD4vb

    Score
    3/10
    • Target

      $_7_/lib/xpcom.js

    • Size

      63KB

    • MD5

      71c09e3d8cfee0d1cd467b8d7882c4d0

    • SHA1

      941f9487029999ddce4762552aafad540ed26055

    • SHA256

      8f8ed78b3b391508a834552389f60a31d374128adae1f5de29a4a37adf10d6e8

    • SHA512

      08e91ea109f85f27e8af15a11b11be84d8ec0e5a9b991f1f38772d19b56bd33f88d5249b24e1ed1f509afefc0113d603c7881c9b444f1ababd3cd41e3ec7b151

    • SSDEEP

      768:TVvJ2t1Gs+ZagZH3EwgRAat+hT7L/G4J1Ua3w3CCIEdyrumhwamhQ8umho2D8l00:8n4zGcyTyM7fiWv2d+tP+xPr

    Score
    3/10
    • Target

      bplay.exe

    • Size

      12KB

    • MD5

      e057aa4a56a9a2a628a8053f25a27d7d

    • SHA1

      d839e5258bbdb871c746c2cef52e336487535c47

    • SHA256

      2519081eca56fadcf3b62e7cb22e55a1f839b9055e9f1e404fc28145d149e913

    • SHA512

      d968aa76b1483a14b7d829c755a99c7ad09163d18da6806f23b3a33664292f16a4695b596b0d2be619a3b6dc909cfcb8cb7ff236641d1cc012e4f438364945e7

    • SSDEEP

      384:azbge2/99IpWUFyCKaMgXGT/bl55oqyfvN:azb619IpWUFyQiB55aH

    Score
    5/10
    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Target

      bslib/bslib.dll

    • Size

      1.7MB

    • MD5

      9e3686b052f71477355f2e9793b4d837

    • SHA1

      e553b4803d3a8f84f20e464dfc9c3c8b4a86371f

    • SHA256

      4724d271bc497d4050e8064bb2bbcd1bccb99e8d347e190ecfdf28c68566eb01

    • SHA512

      1e71a1757f40387ca8e1d8510f70c5843419fcada78a0bb496db453590b727a272c107355c9550bee636a7dc17b991ec9eec6b3ff012d29e6444c6c00e1157ec

    • SSDEEP

      49152:0EY6B7omRtdVUNB4PNEz0Qw1IQvEJORXsHkAUFdy:ZRB7X7UNOPez0J1IQvEoCh

    Score
    5/10
    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Target

      bspcodecdl.exe

    • Size

      544KB

    • MD5

      0965e5e8afc4c984474b5b1ad69b28fd

    • SHA1

      36c8c6365b1398f4ed865be894caac02148ca4a4

    • SHA256

      3e08054cb9c02957425dacd7bf208ad48761c3e6b5ec273420ab8255188a90e2

    • SHA512

      20bd03bdc0ce545deaf27241f1cf389d9337fc8bb32d24b9f3ffda5740c0a981665f2119c22e31f76489b3cec8399326dfed79cd6e0c2d97eba4b5838884aa2e

    • SSDEEP

      12288:2Pb+K5vJtsAj8fsZlm0hAeRTitBsq81NPpw6Yr2Y4VkqD1o:Ubf5hKupLfRTitBsq85w3rcl5o

    Score
    5/10
    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks

static1

upx
Score
7/10

behavioral1

discovery
Score
3/10

behavioral2

discovery
Score
3/10

behavioral3

discovery
Score
3/10

behavioral4

discovery
Score
3/10

behavioral5

discovery
Score
3/10

behavioral6

discovery
Score
3/10

behavioral7

discovery
Score
3/10

behavioral8

discovery
Score
3/10

behavioral9

discovery
Score
3/10

behavioral10

discovery
Score
3/10

behavioral11

execution
Score
3/10

behavioral12

execution
Score
3/10

behavioral13

execution
Score
3/10

behavioral14

execution
Score
3/10

behavioral15

execution
Score
3/10

behavioral16

execution
Score
3/10

behavioral17

execution
Score
3/10

behavioral18

execution
Score
3/10

behavioral19

discovery
Score
3/10

behavioral20

discovery
Score
3/10

behavioral21

discovery
Score
3/10

behavioral22

discovery
Score
3/10

behavioral23

execution
Score
3/10

behavioral24

execution
Score
3/10

behavioral25

execution
Score
3/10

behavioral26

execution
Score
3/10

behavioral27

discoveryupx
Score
5/10

behavioral28

discoveryupx
Score
5/10

behavioral29

discoveryupx
Score
5/10

behavioral30

discoveryupx
Score
5/10

behavioral31

discoveryupx
Score
5/10

behavioral32

discoveryupx
Score
5/10