67df53e50fef54326d9a6a7ad5381e3f18aad855e6fb69fbeaed731320d7c58d

Sharing

Copy URL

Twitter E-mail

General

Target

0b01fb15714b16f061986c0727f6a55d_JaffaCakes118
Size

180KB
Sample

241002-q9x4dszckq
MD5

0b01fb15714b16f061986c0727f6a55d
SHA1

8e0f02e6337a8b32570fc45bc5f807ad312d63c7
SHA256

67df53e50fef54326d9a6a7ad5381e3f18aad855e6fb69fbeaed731320d7c58d
SHA512

b2be4e91062b46d1e69bba9ecc3dab6c3b8c246652a0bcd411b688627d82ddf6e24b794ecd6e383c64e400fd72395d96dbccc5149268f73f8df74b89a8774092
SSDEEP

3072:lRlvLcjJ33hZshIvtmb+GUjJZNMnSLSxOAIiXaA2u1hTGSTiN:vlvLMhZs28hUFMnSLSBIEl2u1haN

Score

8^/10

Malware Config

Targets

- Target
  
  ac8zt2/di.exe
- Size
  
  19KB
- MD5
  
  c9bd3a63d975900ab7337fda84b2bbc7
- SHA1
  
  87caa7f12cb273f5e8e18dbee6965fdf95b989bf
- SHA256
  
  6d5a2ab5f2de24f2a5f48d899838156970f1919d00332634bb70cda5f8777065
- SHA512
  
  11d46db08678ccebb54f03c4bb15766874e1a5573c88b1982c28cb40e9381b90798c08a08a498624d0a3ab8bc57a6e02982f8ff6e5f2a3f2d325fc477abf21c0
- SSDEEP
  
  384:+NosNEnhA0BZdYRKF6yech2ysFJj3M5b4Z8vvjORboTD6:4OhArAIyecMyk9eMZ8vv6R8TD
Score

5^/10

upx discovery
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2
- Target
  
  ac8zt2/driverpp.sys
- Size
  
  2KB
- MD5
  
  8d5b3d13c6a2d68ce32f272eaad9c8d4
- SHA1
  
  508af763a29586705ea38b6b3cc03f684eef26cc
- SHA256
  
  1d5b386db9e5ea6568fd0224921e526731e9c71d944c2371db97503270827521
- SHA512
  
  b2802198dd32817f04a4f4b1ae25ed29495e36de8f2dc30862871bfb95e7e0ce7c40d2bb385bfd4ceeb36bca399d773c4673f82f0e6e5c4916290d0227cad05d
Score

1^/10
behavioral3 behavioral4
- Target
  
  ac8zt2/iedrives.dll
- Size
  
  68KB
- MD5
  
  202b343adef9f8287d0072b31e390091
- SHA1
  
  6579fd61e7f3d6f0a3ea47bb84460067a84d509b
- SHA256
  
  f6e95ed15f12ae2695339e4bc75b47611e7623f3a153cd7ea248e52f04a84ef1
- SHA512
  
  6b94c6dc6fe0ec0defca5ebcdedd6291d9c3cf8027c748fcacc12d22debe9f000a7fe1148b677044aee04c9b53e0c9c8cf96e256b5dbecd9bc48187e6ad8b0a2
- SSDEEP
  
  1536:t5yJmpyPmNf3z/ciCjsHgC1C4bqPEhFCPyCx6EDw7XqfhIqn29yrwCy:tcxONfDki/gC4PshCsEQqff0ykCy
Score

6^/10

adware discovery stealer upx
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral5 behavioral6
- Target
  
  ac8zt2/install.bat
- Size
  
  304B
- MD5
  
  3a80487df38d375da59fce122961b561
- SHA1
  
  d61f2ef16b8cf8ccdceaf5a0078108b8634faa8a
- SHA256
  
  243930c9a6eb6369057d681f6fb32374d7dcb46b2bafae4b638e84bfb1a023a8
- SHA512
  
  b90329a1cd816a57a28faaae473b1e9d7b03af780575967b715f4b35bc5817f58dcb84968aaa73b375b302e638c2b974f5b1e173a033a43084559e45f760e477
Score

5^/10

upx discovery
- Drops file in System32 directory
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral7 behavioral8
- Target
  
  ac8zt2/install2.bat
- Size
  
  93B
- MD5
  
  e9b8f17fbc7e4edb879c3c73eb31e3ee
- SHA1
  
  de810ec64d3e442ce4d86d28caec2382377bcd64
- SHA256
  
  dbaf0ecc389a3c92ada1e141898653055a09f83f6d6937b76964249982b1c77f
- SHA512
  
  a7322311a9012603eac6e6b036a5f2d7bbd264793ddb93f3313d086764850c4885fb4b2240987ba9d1e137fb9dfa366b1d0ecd6423ccea3561f312298a3c4c77
Score

8^/10

discovery persistence upx
- Adds policy Run key to start application
  persistence
- Executes dropped EXE
- Drops file in System32 directory
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral10 behavioral9
- Target
  
  ac8zt2/msdrv.EXE
- Size
  
  67KB
- MD5
  
  6d9ec31b17f13479b1dcdeb3a790883e
- SHA1
  
  1302901cc26a559437a18bc0b9d0f2ba4039fff2
- SHA256
  
  ebf88afee2655dada60a0dea072e0b803ec5d228ca2c20727b76488c7afbc014
- SHA512
  
  de35c3dbceafaa75fdefa7182bb434073fe0c4abee734fb8a7c09eba5bfbb0121544975e86916765387f93da60bbef144d2e258ae42e0068272620bcd86202f1
- SSDEEP
  
  1536:eJgHv2qSN7qqOugDy6WUGLr5bq9n0waMJhU1ITSDi0:eJgHv2qIWe7UGLFWOcfTSDf
Score

5^/10

discovery upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral11 behavioral12
- Target
  
  ac8zt2/msdrvctrl.exe
- Size
  
  32KB
- MD5
  
  14f19d9a7e8b0deff5f0c55e22c5c8dc
- SHA1
  
  a2bc1ea2ca8faac7642afe85cc3dfd5bd6a86089
- SHA256
  
  22b3255c710f79056dd3fca6775a9e069f855bda5d51d7edd823637e433f72a9
- SHA512
  
  4622c6fdc511988b03c76b487f8e497b8044c2345044450fb5665c49a843c3806290ee4e0d1e974169502384e411f27258ad107a618ec28fbae234b8c470f1f8
- SSDEEP
  
  768:iMQBteUlcwTcENOvH7x2cHQ3mFz4yNtAnFJjTpshXnhN3CvRN:NQD3lcecEkvgDm5tgjmhN3A
Score

8^/10

discovery persistence upx
- Adds policy Run key to start application
  persistence
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral13 behavioral14
- Target
  
  ac8zt2/start-soft.bat
- Size
  
  106B
- MD5
  
  2db9eee30c48f83c413ca1d713557db6
- SHA1
  
  4763a4f26fe3c36dbd339852c34a7a35c5e0e8eb
- SHA256
  
  193ccc3d3d4029c231615b7ff3e732389219ea430b436780e21dc8900a5f2abb
- SHA512
  
  f544ccf6952bd180a40f5e34a79f3e0a6533152f8e49221d2a5e85a7ee4f671b84ad5d2bd2d888090ad3558bba257358a3ab5e1c10dd8fcc00b3955a600c519e
Score

1^/10
behavioral15 behavioral16

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Browser Extensions

T1176

Privilege Escalation

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

UPX packed file

Installs/modifies Browser Helper Object

UPX packed file

Drops file in System32 directory

UPX packed file

Adds policy Run key to start application

Executes dropped EXE

Drops file in System32 directory

UPX packed file

UPX packed file

Adds policy Run key to start application

UPX packed file

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16