4967b99f1aa6817f1664b8b2c769932cecf0bf3d671e9120b3d78ccfafb9847f

Sharing

Copy URL

Twitter E-mail

General

Target

0d5c3efcb054ef7bc90fee493f5f1679_JaffaCakes118
Size

161KB
Sample

241003-b7twmasaqd
MD5

0d5c3efcb054ef7bc90fee493f5f1679
SHA1

a14b0dd4c9d2d5ac76dadfa19200e8c4e7e07b5f
SHA256

4967b99f1aa6817f1664b8b2c769932cecf0bf3d671e9120b3d78ccfafb9847f
SHA512

f23185f7af4cdbb1053081f7fbfd5679d7d8095a1749b2188d677db1c0d45a86d82634a76995970b98ecf18449ad7a7bd38a856123d9aa094684e09b646bd386
SSDEEP

3072:AIj+D27+lKZnW3F9AfS63BInTsS2OVa3tJbJ5Fg/XMjYm8ULiOiafE58KibFtM:lC2iwgF9D6xssfAcj7//inibk

Score

8^/10

Malware Config

Targets

- Target
  
  msdrives/driverpp.sys
- Size
  
  2KB
- MD5
  
  8d5b3d13c6a2d68ce32f272eaad9c8d4
- SHA1
  
  508af763a29586705ea38b6b3cc03f684eef26cc
- SHA256
  
  1d5b386db9e5ea6568fd0224921e526731e9c71d944c2371db97503270827521
- SHA512
  
  b2802198dd32817f04a4f4b1ae25ed29495e36de8f2dc30862871bfb95e7e0ce7c40d2bb385bfd4ceeb36bca399d773c4673f82f0e6e5c4916290d0227cad05d
Score

1^/10
behavioral1 behavioral2
- Target
  
  msdrives/iedrives.dll
- Size
  
  68KB
- MD5
  
  202b343adef9f8287d0072b31e390091
- SHA1
  
  6579fd61e7f3d6f0a3ea47bb84460067a84d509b
- SHA256
  
  f6e95ed15f12ae2695339e4bc75b47611e7623f3a153cd7ea248e52f04a84ef1
- SHA512
  
  6b94c6dc6fe0ec0defca5ebcdedd6291d9c3cf8027c748fcacc12d22debe9f000a7fe1148b677044aee04c9b53e0c9c8cf96e256b5dbecd9bc48187e6ad8b0a2
- SSDEEP
  
  1536:t5yJmpyPmNf3z/ciCjsHgC1C4bqPEhFCPyCx6EDw7XqfhIqn29yrwCy:tcxONfDki/gC4PshCsEQqff0ykCy
Score

6^/10

adware discovery stealer upx
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral3 behavioral4
- Target
  
  msdrives/msdrv.EXE
- Size
  
  67KB
- MD5
  
  6d9ec31b17f13479b1dcdeb3a790883e
- SHA1
  
  1302901cc26a559437a18bc0b9d0f2ba4039fff2
- SHA256
  
  ebf88afee2655dada60a0dea072e0b803ec5d228ca2c20727b76488c7afbc014
- SHA512
  
  de35c3dbceafaa75fdefa7182bb434073fe0c4abee734fb8a7c09eba5bfbb0121544975e86916765387f93da60bbef144d2e258ae42e0068272620bcd86202f1
- SSDEEP
  
  1536:eJgHv2qSN7qqOugDy6WUGLr5bq9n0waMJhU1ITSDi0:eJgHv2qIWe7UGLFWOcfTSDf
Score

5^/10

discovery upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral5 behavioral6
- Target
  
  msdrives/msdrvctrl.exe
- Size
  
  32KB
- MD5
  
  14f19d9a7e8b0deff5f0c55e22c5c8dc
- SHA1
  
  a2bc1ea2ca8faac7642afe85cc3dfd5bd6a86089
- SHA256
  
  22b3255c710f79056dd3fca6775a9e069f855bda5d51d7edd823637e433f72a9
- SHA512
  
  4622c6fdc511988b03c76b487f8e497b8044c2345044450fb5665c49a843c3806290ee4e0d1e974169502384e411f27258ad107a618ec28fbae234b8c470f1f8
- SSDEEP
  
  768:iMQBteUlcwTcENOvH7x2cHQ3mFz4yNtAnFJjTpshXnhN3CvRN:NQD3lcecEkvgDm5tgjmhN3A
Score

8^/10

discovery persistence upx
- Adds policy Run key to start application
  persistence
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral7 behavioral8

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Browser Extensions

T1176

Privilege Escalation

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Installs/modifies Browser Helper Object

UPX packed file

UPX packed file

Adds policy Run key to start application

UPX packed file

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8