Overview

overview

7

Static

static

7

example_msxml32.dll

windows7-x64

1

example_msxml32.dll

windows10-2004-x64

1

libeay32.dll

windows7-x64

5

libeay32.dll

windows10-2004-x64

5

msxml32.exe

windows7-x64

5

msxml32.exe

windows10-2004-x64

5

ssleay32.dll

windows7-x64

5

ssleay32.dll

windows10-2004-x64

5

tre.dll

windows7-x64

5

tre.dll

windows10-2004-x64

5

zlibwapi.dll

windows7-x64

5

zlibwapi.dll

windows10-2004-x64

5

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0835273d660dbd505aa537806c5a8040_JaffaCakes118

  • Size

    675KB

  • Sample

    241002-bl52rstdkh

  • MD5

    0835273d660dbd505aa537806c5a8040

  • SHA1

    76ecd4c1b6ecf6f3dd49f45a1919395feca537a5

  • SHA256

    9e7a54ceacc92fe46819a48e0e2a5c0fc51c2f5a4d0ce6ce9db8ad992d3b8a48

  • SHA512

    7a620202a7851eee17cd394b9cce7428a517ac834440cc16d832f8bbf3f28c243e40aad4135793d520e321821b18b14859b66f0086569c5f5fdc7b10b4d7077e

  • SSDEEP

    12288:dHfYE1z0orpC5fD0M4eG9yHxvREM6gIp3yOQXya38ejJ7YCsKXiz7nwIx:NAA1cput9yHx2MAVQj38eSC8XwIx

Score
7/10
discoveryupx

Malware Config

Targets

    • Target

      example_msxml32.dll

    • Size

      2KB

    • MD5

      881f161cff24f1662356cf08499cc225

    • SHA1

      e749bd21138b6203c33857dc6307e16406ad5fd8

    • SHA256

      a843429c784a20d17ee661e242a36c2aa3557f4210deed03f3ba86aea2581af2

    • SHA512

      b78a0c1372ef03e9e124900001b16252134de7f3452a986d2c9843438c83d2d867baf9214b18c8aaa717c14848bb602ac359e643b003a4d088b1ac62c441c3c1

    Score
    1/10
    behavioral1behavioral2

    • Target

      libeay32.dll

    • Size

      349KB

    • MD5

      155c6097632cdeba41c2e86735b4440f

    • SHA1

      a0613c15c053370659294770f4f1a1bcbda86700

    • SHA256

      0a0f43c6169ad80af7cf60ff03f2480fbf7f243382a8a8e153ddbd5f5aea8253

    • SHA512

      d6946322eeb6bf938d1a2b6dd4019ac669b2c5d6fc09676da3b5d21eeef19dd6078f393f55963fa043dc60d43ea50307de73037e14381bad0f5b1a6fc4efae3a

    • SSDEEP

      6144:Ov9m5pt/GlGkJ/zs/hBEkw+7QsBCpsLSDUuCL5L29negvWEnGR:i9fFJU7Q3rUuWYn

    Score
    5/10
    discoveryupx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral3behavioral4

    • Target

      msxml32.exe

    • Size

      540KB

    • MD5

      2fce28590221411a47ba474b9e03d51a

    • SHA1

      0b3c64f4cae8649ad06f569e053d15a9632e548f

    • SHA256

      ced4642eb7060d564a74ba2c7f8df70080d1525e853d9e46f4085381c7b037b1

    • SHA512

      557bc13424f206dc5293bf047825eb07331cb66b9da375a36b6ea3acc3b14304f25bb6ff6d3040444bcd56e2e32d62125467f1817f375b983d15a56a2c5d644e

    • SSDEEP

      12288:wp7J6OM/ZAkrdcCW8k8Mx5torYvg5skFY02daTjkGds+0:U7JviBcCxk8ODesm2dakGds+0

    Score
    5/10
    discoveryupx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral5behavioral6

    • Target

      ssleay32.dll

    • Size

      66KB

    • MD5

      1342e5f24777b73c51f53d84e1cac2a7

    • SHA1

      ed10df053e95b83a251e6e178c73f51e6c5e1fa4

    • SHA256

      c0b630a4f21a147745ff681cbc607e516fd7bdb0f953411ec8757fda5574ce7e

    • SHA512

      ba38c4f0f4fe503e8904ca3f8df4fc0178a76c8f8e393ccb49aff6233c60ae92ab501ecff1261e9e92388bf6c62949449f82df5717432274c79f7bb0ba1bd369

    • SSDEEP

      1536:Bfv5M0OFxE2QMDTSAiQ1wYCqc9OvrbXlJ2sGAGzcNl:Bf5qaNM/IQowSsG

    Score
    5/10
    discoveryupx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral7behavioral8

    • Target

      tre.dll

    • Size

      30KB

    • MD5

      b5c14eb9a8e89a9463e34cd2dab27049

    • SHA1

      a96b2b0d582734e96ba3dcfe503324bb528588a4

    • SHA256

      d8276dd4ae4525713482f462aab0f15b934892125ff07c53fbecbec4ec3bf659

    • SHA512

      f8c5a27732b649d47ebd3233bf90293ec7834ce8f24994e12d6966c15f9973cc44932d34d97f25f499dc0e152c998ff786cb7d68acae549c986faecdbee08c5b

    • SSDEEP

      768:yBKUmQuJjXucAnfsrFsKFyaQ+GnyfPVNnZ13/:iKU/uJCcisqpayylNZ13/

    Score
    5/10
    discoveryupx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral10behavioral9

    • Target

      zlibwapi.dll

    • Size

      42KB

    • MD5

      e70de782d9957b1fccb47631d82d77aa

    • SHA1

      19e4b4db441f6a9c4e5a936a71b81fc420a29fd9

    • SHA256

      b7f84f70ad85eba699b80b55eca12bffaf9042b5ab3c517ecb507e3d5ffa064b

    • SHA512

      d3649df3b53e41623bb81777f28f1b32cd61b6ffb45c9cd45f30ceec035232b724abaa6c4ccd2c0d61c83741d177831576c16a245d802a0ba2d72dddd533fd63

    • SSDEEP

      768:5j6KtryQh53Y3bbTfz5VQamtVmKPvOWir0oYrycL83t0Bj6s5:5jX5AbB+aSJPUr0R2cQ9+5

    Score
    5/10
    discoveryupx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral11behavioral12

MITRE ATT&CK Enterprise v15

Tasks