0155e34c5ad2f5661c5ebc2c6351ac2afe95246bf659e8cd0b0e1a7bffabc5de | Triage

Sharing

General

Target

05d550c182312f5a0580eafa2fbba806_JaffaCakes118
Size

11.3MB
Sample

241001-prezeszbql
MD5

05d550c182312f5a0580eafa2fbba806
SHA1

df034643778132a86f4878ef7df73b03ad4e9ce8
SHA256

0155e34c5ad2f5661c5ebc2c6351ac2afe95246bf659e8cd0b0e1a7bffabc5de
SHA512

ac3e1bfaccde56aa9525434f7134cd5a63705156a3a9e0c1b5c7150126c054dcd0822df6f1bae0543ab0ab4ce462ffd4c7bb654995d5494e782c9d710db422ef
SSDEEP

196608:8NZvC6hQYJrDFVB5sQwl2yBzCnq1SY2FVwPoltHvKAEr3vRrUr/gfYg1e9:8vC6hr1bKlLRSJVu6BvKN/xUEte9

Score

7^/10

discovery execution upx

Malware Config

Targets

- Target
  
  05d550c182312f5a0580eafa2fbba806_JaffaCakes118
- Size
  
  11.3MB
- MD5
  
  05d550c182312f5a0580eafa2fbba806
- SHA1
  
  df034643778132a86f4878ef7df73b03ad4e9ce8
- SHA256
  
  0155e34c5ad2f5661c5ebc2c6351ac2afe95246bf659e8cd0b0e1a7bffabc5de
- SHA512
  
  ac3e1bfaccde56aa9525434f7134cd5a63705156a3a9e0c1b5c7150126c054dcd0822df6f1bae0543ab0ab4ce462ffd4c7bb654995d5494e782c9d710db422ef
- SSDEEP
  
  196608:8NZvC6hQYJrDFVB5sQwl2yBzCnq1SY2FVwPoltHvKAEr3vRrUr/gfYg1e9:8vC6hr1bKlLRSJVu6BvKN/xUEte9
Score

3^/10

discovery
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  14KB
- MD5
  
  d7b3f05ff44116b9080b5e69b2e86efd
- SHA1
  
  2535ecfa122041edb901ac667944e0f6814c4cd0
- SHA256
  
  40d66e085409445202dce1b5419449cc302d91be17614b521e3ccce473205db7
- SHA512
  
  414c6b410b35a8bb5a2c9fdd46dad63704484e1535155219b29a5bb886ded73f4b7ca3bafa726ce751e1c711a764938c9256106a90098263d6ff88bc017ec140
- SSDEEP
  
  192:X6JaVGQ+xI5EeuyvMmGpeWH2J5xprN+AxTyK72dwF7dBdcQOz:X6JaVh4I5rpPbTy+BdhO
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  10KB
- MD5
  
  4fbb4a2cd711fc1fe84f3dc30c491dc9
- SHA1
  
  888e01ae6e64e7326f88df9a30587f699eab154a
- SHA256
  
  c3b05f4faf5e8903d5b4cb4a8ce4bbf2e8144725b98d8787d51c117b6efa9bc2
- SHA512
  
  92dcf99672a5935065df6492e27abb653679f1db6dcddfde87cd14260c94a870327826b23cc2f338381b3eb53d07c1a3867806f6ff94533db5195b895a856847
- SSDEEP
  
  192:CO6dJA/ruAFEiUdWWE6hE5RYUdJfbub1argMO:XKAFERdlxhGRYUzqZar
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/exdll.dll
- Size
  
  7KB
- MD5
  
  d89cce9a905c12de3e9d5caf5241cc64
- SHA1
  
  e0fb119abff69ca2dda23aa0489b38e0392b44f6
- SHA256
  
  5193488a703f9f6e78e23b2964a7d0a847bc2965eee94152ebf6e5ba1f6c4a80
- SHA512
  
  7daafb6c409ff185644546a77e412e46b2c8d28c983b786461a78be593afc38a94c82d51719f85d1b635c89d3b891370d123570dfb59a6a785b0778a1b679069
- SSDEEP
  
  96:059ysHklhbDLSDP/cI0mDcV0gh1yfpZVwSir6xaZKzboZ8:059ZHkHbaDcAuyHngZUboZ
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/nsDialogs.dll
- Size
  
  8KB
- MD5
  
  6e5d67de86bbe1424c948ec22490e16e
- SHA1
  
  eb472a706f5b28f3151c14741926e1107b5bfafd
- SHA256
  
  d337a4fb3a455b847696ac70a6c070272e108e094d2b4395e3bdc1c76b86b8ae
- SHA512
  
  0ed74440e8a2f7af0d8412410d36a160ddbb362a2dd762297029f7997b2040e27aa0ca1bddb918197956b3280e036fcfc7ebab7adf665d93828479f1d5fe2314
- SSDEEP
  
  96:rZ5RwaB9dE0/PvQMuql/ODzN3ZOyGE1xiR0r2HpYkUdiw4:rZL7/AMzUz5ZOtEW0r2JxUdi
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  content/ctoolbar.js
- Size
  
  1.5MB
- MD5
  
  c4a6bc851aba92ae248db54ef0fe8db4
- SHA1
  
  2c50a6ae23defea0c1349a653b0e4b5f4b29352b
- SHA256
  
  60fe26d176f9bf5fc6f11a9c57e1bdbc6efb83edbbc11bbc06dbf5f0a3b8cb46
- SHA512
  
  4101cabfebbf85bd0459c10e1dd55bf5ff3c740e81eb975fa50a5a35e3a77899a6f555c32aa6ea0af1f0354ddd6dcd012a8ec2e10fdfb7efa650f63c6b29b347
- SSDEEP
  
  49152:Ct/NTb3NF3W7hos3QX+asyRTH+qHNFClHwd/Eza6fv7:p
Score

3^/10

execution
behavioral11 behavioral12
- Target
  
  $_7_/components/Conduit.js
- Size
  
  10KB
- MD5
  
  6bc46c871c97fe512a148a19ceb0e2ae
- SHA1
  
  e2b4da1e5348eaf9005f99499e6e9b0973cb2745
- SHA256
  
  5c0c4364bdb53c83b1306ff1e5ad87e1423d2199740b2d3104584394deb1fed9
- SHA512
  
  c3435cf24169330b69353acdb03fbed0c1be2fa570987b6d88801a973d7907fac12985ff6139a7dfc091295c890955fab8d1202fb1697f50a0ba95957b694003
- SSDEEP
  
  192:FkW8qVXjrX4XbXJXnXJQHHgNci7/jXj3/7u7ecZ7wvsbhvw1P/iff:tLVXfIrZX5Qg+6TD4PZ7WsbJw1I
Score

3^/10

execution
behavioral13 behavioral14
- Target
  
  $_7_/components/ConduitAutoCompleteSearch.js
- Size
  
  12KB
- MD5
  
  a75e688942a993c32de3dc9cd656c5f2
- SHA1
  
  c405a6423ec511bc001a78b751d91e3633ba2726
- SHA256
  
  8c08111ff1f43aae95e487971cd033b4a582808f554b3e1dd21809ce69e3b8f8
- SHA512
  
  6c3317dee75cabf2b403f35d5f81971307b3b1fc3b71ccf862375e88e8a6232a560ea3b91f21555c388cdcb3f08906a51032b8ae7ccebe8e82be8ff4c50698b9
- SSDEEP
  
  192:uk/Mh+iFddQBML3jvxpZ5HAwxkDBad0lFS/iRv:ukEEiLdT7l5HAckDod6h
Score

3^/10

execution
behavioral15 behavioral16
- Target
  
  $_7_/components/ConduitToolbar.js
- Size
  
  2KB
- MD5
  
  1e23335eaf20a13e563dcc8caccf4f7a
- SHA1
  
  663ab968fd59626be7ddc2c7999d933140a3edef
- SHA256
  
  98af646fc6f0ce4b48e2bd5106f98673d640b21fea21a4aa779731c6f8d70ada
- SHA512
  
  33f56b2f3a61b4f6be6f7fc432fd55425dfd12bdc773ec2660b595ea8eb97bf6517e73a4b6c2004e700105655cb1ea0ddaac718a8a31e70306cafe877943cada
Score

3^/10

execution
behavioral17 behavioral18
- Target
  
  $_7_/components/FFAlert.dll
- Size
  
  13KB
- MD5
  
  00282e5831a7008088b0db1d7e108db6
- SHA1
  
  c1852e3e5f4c22f2359c13c67dffaab92faaeb2b
- SHA256
  
  482a8bf5e26a882b310989ce1cb5a7244a03212150d514559aecd7e74c0654ba
- SHA512
  
  2083856f890ead56239e22b4def93567e86e903e17ab866ef6f9d1d6ad23de323704f75e326daa0579adf217b93d5cb4ef3df5a3bb14664bf06b0e744f008927
- SSDEEP
  
  192:0vUIEp6awbMWJvqgKlTMGcQ6/7yyrPlrDDyB4iprOR3XYEqWpW0:p6DJygITMGcQ6FrDDyB4UOtIG
Score

3^/10

discovery
behavioral19 behavioral20
- Target
  
  $_7_/components/npmozax.dll
- Size
  
  112KB
- MD5
  
  bb2fd4632cbf410c584bab0be026b733
- SHA1
  
  da1433810446595bb38fdbc3a664ffb09e81d06c
- SHA256
  
  1056248d3674adbc9e33e81f836a578b0e830c054da5a35723fe7072976c3ba6
- SHA512
  
  541b333b24e5943ba7d8d5ca052b450138d51b915760dfa512e7403144738994995358ea0bc4304f7aa75e28b6a4a6cd04f608729d100bd6c5dce40f68d4a631
- SSDEEP
  
  3072:fd8cpf3GOywbdopQzdglm4c0j9G9rAiYIH9Lf:fxe3wbdXdgRcoGpPjd
Score

3^/10

discovery
behavioral21 behavioral22
- Target
  
  $_7_/components/nsAxSecurityPolicy.js
- Size
  
  8KB
- MD5
  
  c982f14a117ca444fcd4e558684e72ad
- SHA1
  
  d349adb454d434939ad56937dfc6b77bc9bcd1b9
- SHA256
  
  fe1cf8b6c350ce8b890ab8aa1c2e8441dd9c672b43439e6241bd90b63bee3718
- SHA512
  
  8ce89bcdd31f3b8c529a14255f69c684216eaab44987612b094f1a2c2fed94fd43877caad56fb082eabf1e2de20870b9e681e2f2b04baf55fae1fa847a95b560
- SSDEEP
  
  96:8HeHqTzNT0oIOyYDVvJR0zrvwby0eNPNEla0cOnJujv/abPHJ1F9jYuOonoDZt9B:vH0zNT0KyYJKFSSaaml/KgXD4vb
Score

3^/10

execution
behavioral23 behavioral24
- Target
  
  $_7_/lib/xpcom.js
- Size
  
  63KB
- MD5
  
  71c09e3d8cfee0d1cd467b8d7882c4d0
- SHA1
  
  941f9487029999ddce4762552aafad540ed26055
- SHA256
  
  8f8ed78b3b391508a834552389f60a31d374128adae1f5de29a4a37adf10d6e8
- SHA512
  
  08e91ea109f85f27e8af15a11b11be84d8ec0e5a9b991f1f38772d19b56bd33f88d5249b24e1ed1f509afefc0113d603c7881c9b444f1ababd3cd41e3ec7b151
- SSDEEP
  
  768:TVvJ2t1Gs+ZagZH3EwgRAat+hT7L/G4J1Ua3w3CCIEdyrumhwamhQ8umho2D8l00:8n4zGcyTyM7fiWv2d+tP+xPr
Score

3^/10

execution
behavioral25 behavioral26
- Target
  
  bplay.exe
- Size
  
  12KB
- MD5
  
  e057aa4a56a9a2a628a8053f25a27d7d
- SHA1
  
  d839e5258bbdb871c746c2cef52e336487535c47
- SHA256
  
  2519081eca56fadcf3b62e7cb22e55a1f839b9055e9f1e404fc28145d149e913
- SHA512
  
  d968aa76b1483a14b7d829c755a99c7ad09163d18da6806f23b3a33664292f16a4695b596b0d2be619a3b6dc909cfcb8cb7ff236641d1cc012e4f438364945e7
- SSDEEP
  
  384:azbge2/99IpWUFyCKaMgXGT/bl55oqyfvN:azb619IpWUFyQiB55aH
Score

5^/10

discovery upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral27 behavioral28
- Target
  
  bslib/bslib.dll
- Size
  
  1.7MB
- MD5
  
  9e3686b052f71477355f2e9793b4d837
- SHA1
  
  e553b4803d3a8f84f20e464dfc9c3c8b4a86371f
- SHA256
  
  4724d271bc497d4050e8064bb2bbcd1bccb99e8d347e190ecfdf28c68566eb01
- SHA512
  
  1e71a1757f40387ca8e1d8510f70c5843419fcada78a0bb496db453590b727a272c107355c9550bee636a7dc17b991ec9eec6b3ff012d29e6444c6c00e1157ec
- SSDEEP
  
  49152:0EY6B7omRtdVUNB4PNEz0Qw1IQvEJORXsHkAUFdy:ZRB7X7UNOPez0J1IQvEoCh
Score

5^/10

discovery upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral29 behavioral30
- Target
  
  bspcodecdl.exe
- Size
  
  544KB
- MD5
  
  0965e5e8afc4c984474b5b1ad69b28fd
- SHA1
  
  36c8c6365b1398f4ed865be894caac02148ca4a4
- SHA256
  
  3e08054cb9c02957425dacd7bf208ad48761c3e6b5ec273420ab8255188a90e2
- SHA512
  
  20bd03bdc0ce545deaf27241f1cf389d9337fc8bb32d24b9f3ffda5740c0a981665f2119c22e31f76489b3cec8399326dfed79cd6e0c2d97eba4b5838884aa2e
- SSDEEP
  
  12288:2Pb+K5vJtsAj8fsZlm0hAeRTitBsq81NPpw6Yr2Y4VkqD1o:Ubf5hKupLfRTitBsq85w3rcl5o
Score

5^/10

discovery upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32