033741185e995343ff198919c1eb8602f1f4c925fb4052f13e5ca6f598672ca5 | Triage

Sharing

General

Target

09fedd58bdc3b04793c37a4780faacd1_JaffaCakes118
Size

7.8MB
Sample

241002-lfe89syfjr
MD5

09fedd58bdc3b04793c37a4780faacd1
SHA1

4779d0b59845ce42c9f9fb90d64997e5bf33b437
SHA256

033741185e995343ff198919c1eb8602f1f4c925fb4052f13e5ca6f598672ca5
SHA512

7f6f0af8aa916abeccd09747c929397adc7bbb21995e8504610518e569f37072f337a116290263d5301d9bf28b65572a6f616be71b0f15cebc1023c8ff28f3fe
SSDEEP

98304:eO8zr5MpgBbXCIsGo5o7u5+XfpnOx+eA8M8QSGT4keUA31kh1rkwc8TwzsFfyezX:eb5/booyQAtA0GTleUAIrkOfKhV2LxW6

Score

7^/10

discovery upx

Malware Config

Targets

- Target
  
  HeraklesMT2Full17082013/HERAKLESMT2FULLPACK/HeraklesMT2.exe
- Size
  
  2.3MB
- MD5
  
  a94410c40daf4539bd714f63f1992483
- SHA1
  
  9276f5c6a7b6ed2c9f33ab0fb1c893dab8bc4b65
- SHA256
  
  e5b1f72f7041adce0ad3069fd3250c8707cbff41345a158dbe8bad6601270850
- SHA512
  
  f932073b656567e88fa216b3d6a169250969274eacf403b58dd699a2d2fe3e5d990609b90c2cabd60673759a8f751a439db47ccff9aec1d20293e3eabd845abb
- SSDEEP
  
  49152:mgppP3tfnT4VdEMisxQ2c8TKJnkwVMIguJ98CM+3zwj44:FvP9fEors4VMIg2aCM+8j/
Score

3^/10

discovery
behavioral1 behavioral2
- Target
  
  HeraklesMT2Full17082013/HERAKLESMT2FULLPACK/KernelBase.dll
- Size
  
  268KB
- MD5
  
  e954a79d6a754a5475582caced1565e6
- SHA1
  
  90b069cbc93c701394b47d4e830cdd7d384f5d5c
- SHA256
  
  3aa91ee188effd979e5b83965194b9cd75287765e576225e5db23048f1e75b62
- SHA512
  
  2d2207a089ae94857f29bd355579fb0d0c57f243dac0e20dea096be57eec3da5bd73cea09033d69341eca07035fa6f14c2967575f90a225a9f833e6598843a66
- SSDEEP
  
  6144:zolJaXNP+PnU0pFPP2KvxKyMu1S+ixnoLEl2BkFDA:UlJa9P0nU07P5KyMu7ipoLEl2eD
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  HeraklesMT2Full17082013/HERAKLESMT2FULLPACK/MSS32.DLL
- Size
  
  341KB
- MD5
  
  6400e224b8b44ece59a992e6d8233719
- SHA1
  
  8e7429fbde9144bba3e65d1ea4f7886b34a2fb30
- SHA256
  
  441b290e7dc6334eb5023cd9b7937739298fdd66c104d4c96e5edcf642ae912d
- SHA512
  
  b6de91c15e186c47817ed375c982fefbbde85672ab020666fa2cce00830146633ea821ec3b2c13b0b81429798baa3386e580a322083d3fffee3787a4842515de
- SSDEEP
  
  6144:8YGSiJIptpd3gxQaf6QFtUUYahQSM6rm2frWqS4aHrmtccD:8XSiJetronDFtBWSZrm2CSaHrmtcc
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  HeraklesMT2Full17082013/HERAKLESMT2FULLPACK/granny2.dll
- Size
  
  361KB
- MD5
  
  0b2b7950c8c66fc36699719112a7e5d9
- SHA1
  
  f5dbb5f253d0684ad3ecb254305e1855d1bc9ba0
- SHA256
  
  bf8352a753a7b769faa3fdd4b10ed1b95bf5de2b5432ff5c097a7d87bfb6fb33
- SHA512
  
  49ac016f75960cabd34ef3b45e110d4998d2226d251de8705dfbc604a6e95243721f3962c719d78745960ed004ed8da3e5279f4ab4f9e3fc6f905eb96cacd798
- SSDEEP
  
  6144:3LrmxvIvVP1+aS3MxHVBz46dXc5W2D91QPGEs29h:HmxYu3uHVRVs5VhWh
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  HeraklesMT2Full17082013/HERAKLESMT2FULLPACK/hid.dll
- Size
  
  29KB
- MD5
  
  896f15a6434d93edb42519d5e18e6b50
- SHA1
  
  b91a3512a80c4201c3fcfaf62abace894fbba328
- SHA256
  
  9263f0cec58d45ebe3fb9c3061fb9392c55a7933b84b4592e6ee13cfc86d5a50
- SHA512
  
  3707c2a2a95ed1971e769a6a01fed6062f60f78687f668b264ad4e1424e13041e4b88f5e95ff17a2f3eb1313f5e6cb4a08940a285534564553f29bf25bdabce2
- SSDEEP
  
  768:LeNywl5H97B/7/W+QiA6KwbYeLiJEzsW4YvPM7f2c8J/ciBSY:fqlBIiGw8eLi2jkfx8yiBR
Score

1^/10
behavioral10 behavioral9
- Target
  
  HeraklesMT2Full17082013/HERAKLESMT2FULLPACK/ijl15.dll
- Size
  
  364KB
- MD5
  
  1aa06c81a0621e277e755b965b5e4b5f
- SHA1
  
  4a6f2a8cb383192c80ee0b2c1deee3c795a0986a
- SHA256
  
  334aa12f7dee453d1c6cb1b661a3bb3494d3e4cc9c2ff3f9002064c78404e43a
- SHA512
  
  49a8ab45b176667c4dd69f86abe7c608cfa8f37af14f6326a2d56553adef08d9a416e79bf31a06e59653a487df539dc6aefa6ddedad0042477aea89bb215e9c7
- SSDEEP
  
  3072:Ym5/JSmfd23YsND6QbiLw3tJ30N44nZutjC6++h2NStogI5xF+iX9ZaPqCK0QaL:Y2sND6Qbi3NetW6++h2NSjPRKZASYLu
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  HeraklesMT2Full17082013/HERAKLESMT2FULLPACK/ilu.dll
- Size
  
  27KB
- MD5
  
  bd4ff726291d98374fa6791c0589f288
- SHA1
  
  d3534cd62d312fe28988c6229c47ab81a3ae1f9e
- SHA256
  
  c37851d8d77eb4a8eb6514b91dc6ff39d82ccab41e32fb3a184324b0352d81ac
- SHA512
  
  084aac1f82928ec6abf26b1da5d610d04a8cb178737a29c631978a14b640bff2ce4a523e467376dfbd7cde57e3b801ca80ef8f0c389b5c1a02b8937cc32dc2bd
- SSDEEP
  
  768:Pdpwdihoelcbx+8Z+I3sduBAq72yWpFexg:VpwdmoeWAY+6vAOq
Score

5^/10

discovery upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral13 behavioral14
- Target
  
  HeraklesMT2Full17082013/HERAKLESMT2FULLPACK/imagehlp.dll
- Size
  
  155KB
- MD5
  
  b2db6aba2e292235749b80a9c3dfa867
- SHA1
  
  a40e45cdeb544aa7d9ead794dc06f9f3cbeffbea
- SHA256
  
  92bcb678e2d0a7a9c15a74b41846d8723b96e37181407c0e8a56c7105659aaf3
- SHA512
  
  8a81fd4553f3e73446b98f5fadca333fea473f68798383dd32ab9741498af549e4598d7a51e0ea52986d13c742299509b8fdceb834fe6d7c645e67070a386f94
- SSDEEP
  
  3072:Vu/5gT7QS5lOgvW/AYxwt/A9ksO96Lpd3D:gCT7J5lRt3bsO96L
Score

3^/10

discovery
behavioral15 behavioral16
- Target
  
  HeraklesMT2Full17082013/HERAKLESMT2FULLPACK/imm32.dll
- Size
  
  117KB
- MD5
  
  a6f09e5669d9a19035f6d942caa15882
- SHA1
  
  ed1a583fd2753e57b4328136865648f841f32936
- SHA256
  
  68c8af0cc1923e3a7245392f2480ee665d265df300a609d2540bf7c6d9c1a1be
- SHA512
  
  e155170958c08ba33fbeb6b562a18afc016c2069bb0d9c04156fcf515b23d1a9d8516dac98394980dd67fdc682c4fe0235ee4ae76fdf6d82014133bf6a11836f
- SSDEEP
  
  3072:rpz7bH3v34CjydTam0AvGzc5LNEOd19HeYmh2m5sH:lbH3vICekm0eGzwLvHmh2m5sH
Score

3^/10

discovery
behavioral17 behavioral18
- Target
  
  HeraklesMT2Full17082013/HERAKLESMT2FULLPACK/kernel32.dll
- Size
  
  1.1MB
- MD5
  
  ac0b6f41882fc6ed186962d770ebf1d2
- SHA1
  
  f9ac70c562ba70dd7917e99b00ed6878531de66f
- SHA256
  
  21cc2473fee7a102488d29114d91522381d6e7232d7be54dcd92075db535aff3
- SHA512
  
  6e66fadcce947b6d8190f2f5ea7e14bc83b52ee3ee070f801c01130e1565ed2ad59e6471759901dff127bea26909a5b871284be9304669e00a3384639a3de40f
- SSDEEP
  
  24576:92PEQWsHunfuKH8CBlcODV3iNXm5lnVI:UPEQBHuXH8W/V3iWK
Score

3^/10

discovery
behavioral19 behavioral20
- Target
  
  HeraklesMT2Full17082013/HERAKLESMT2FULLPACK/msvcp120.dll
- Size
  
  524KB
- MD5
  
  cb8020836e77353f5229fe43d436e386
- SHA1
  
  00d0a8dd7da963da84c9f88e049d0bd5b48dee9e
- SHA256
  
  4aa834778f46f46e5437dde57f9ee9d6e8007f9dc892ebd78f0c861f87c23c83
- SHA512
  
  3f3172964b1d1ba5448f157c7d3b7b5a99766c33a5bce88366b80fccd921faa4b2555ada938f287647993621292961ea925693bc0680f53f68557398962e0549
- SSDEEP
  
  12288:Tn+iYWXadHgmjxCLngkdIdhUgiW6QR7t5ss3Ooc8DHkC2eksdt:T+Ia1xMgkNs3Ooc8DHkC2eksdt
Score

3^/10

discovery
behavioral21 behavioral22
- Target
  
  HeraklesMT2Full17082013/HERAKLESMT2FULLPACK/msvcp120d.dll
- Size
  
  800KB
- MD5
  
  21196af1383110e3030d6ffc374e3c1b
- SHA1
  
  30b6c8473be61ac652bbb7617f1e468bedfbbe10
- SHA256
  
  75580cafcc89f17858de089fe28449d1fd2b4ba0cbb76372bf07cff87989072f
- SHA512
  
  474c34f73876119c8b6e9834585f63106688cf712c7d9ec907a1eb2dcb44e804a9ded2d0865f18455cfdc4d83855f63faddcf85cf023335120ec3c853453187e
- SSDEEP
  
  24576:zWNuCXOu4M8pK24LKbJNH2s3Ooc8DHkC2eia:WuCn8K2X2O
Score

3^/10

discovery
behavioral23 behavioral24
- Target
  
  HeraklesMT2Full17082013/HERAKLESMT2FULLPACK/msvcr100.dll
- Size
  
  808KB
- MD5
  
  aed6d63cfa5a3ef7021af9c457fee994
- SHA1
  
  f6ad746ef520b03df6cf0f5a2512d0df964c4688
- SHA256
  
  b4bfa27f677295b00a1df9a7e14db4b75cac2dd41b898d4e9a378eccce3699f0
- SHA512
  
  5573b17eb19d13cc96df5d66ef60cc8ff98e1ac9d8582a870ed2befa28ee271fb41741a92aa703234150fceadf4a436d10b8a6518c1816d0c804eb1261650d2d
- SSDEEP
  
  24576:C5e4L1vwTowTWqwVeeK7R/myyKgn9IrzOI:C5e4LfUWqAacn9Y
Score

1^/10
behavioral25 behavioral26
- Target
  
  HeraklesMT2Full17082013/HERAKLESMT2FULLPACK/msvcr120.dll
- Size
  
  943KB
- MD5
  
  97cf870f1d1fdc83640e3c8d8ec81c66
- SHA1
  
  dc5e0d62bb9c9aff9c7712ec9732c4276b28ec1f
- SHA256
  
  b1644c5cab4a6d14361b6f57d634b77c656edb3bd41276b321f7db2ca45b74a4
- SHA512
  
  90a156430c60e379bd7bbb17ae1188ea76e526905f213a7f22e754fc57026da8c8576fbdcf16ad79aba20ee87d06790c9842b29218004ef9985744c57238dd52
- SSDEEP
  
  24576:S2mFyG8IYbNQ0uBMOrQWOfbLzhrUO0fEM:VIS68bL10fEM
Score

3^/10

discovery
behavioral27 behavioral28
- Target
  
  HeraklesMT2Full17082013/HERAKLESMT2FULLPACK/msvcr120d.dll
- Size
  
  1.7MB
- MD5
  
  cbbf45898b048fc227673662b87df1a6
- SHA1
  
  4b06118efeef2632c2044922eee51226fdd6ba07
- SHA256
  
  d2b0a8b8d36c3b12d6978dcf393fb1305600dd89c9ff6188a2ecf034d572876e
- SHA512
  
  18b93d8711a7117765f4b752429f83ade8a0934833e0db42e02653d35114f03da90b6530cb343d30b6b0162f776fce264582d871972b911b45ffec2f1a47e915
- SSDEEP
  
  24576:NsLz3WHYbIDYGjJxOhUl5nj+wvFHTf49w/b+T44pepHZGuerTdC7bbvMBt8nsmmY:uLzSJxfnjj3+NiGDX27s87/5
Score

3^/10

discovery
behavioral29 behavioral30
- Target
  
  HeraklesMT2Full17082013/HERAKLESMT2FULLPACK/ole32.dll
- Size
  
  1.3MB
- MD5
  
  928cf7268086631f54c3d8e17238c6dd
- SHA1
  
  a80bcd38123c3e8ed3182925757dcb99841ca96c
- SHA256
  
  f058fafb04e7ebd5cade9b48195b7aa7c3508f332a89f5e6e5f3f071e8cadd4a
- SHA512
  
  04b570962abb875461fac67470540754d5361f631a98f0798ec4f46ea7464d95a418f882da00690aa6872e4a4f8bb1686e99584355addf7e7b239277bafae592
- SSDEEP
  
  24576:xGitqrK9/5N2Ij8PnLl077XMQ3kRJw8NNlbKovbkia4zLo0sOAH1nrGJwV2lmG:xoKp5NWnx077L0TjlKMbkij+AaVz
Score

3^/10

discovery
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32