255ba55168751d2b17f2bfa7a8b27ef0f43d3018fbc1fb207b7a5ff4c3825daf | Triage

Sharing

Copy URL Twitter E-mail

General

Target

123bb10f1b9392e5d0c1816dbe29c8f0_JaffaCakes118
Size

989KB
Sample

241004-hb8s8stcnb
MD5

123bb10f1b9392e5d0c1816dbe29c8f0
SHA1

fc5c5e1ebf302dec2c9337b550e884cca479a1d3
SHA256

255ba55168751d2b17f2bfa7a8b27ef0f43d3018fbc1fb207b7a5ff4c3825daf
SHA512

eeb2560d92ebceb94a6921edacd482b4ab33d52dede2e3ca323ed5db90a00b1a5566ef38479acf62fdfc8f8669067d9d84d815a663abe3fbf6bfd93c2eebdd81
SSDEEP

24576:99f9D/PUbP3smQDKX4Akvy/KqlfAeg+caRZgqw:zfh/rTDKX4tyyqWeDcaRZe

Score

7^/10

discovery evasion trojan

Malware Config

Targets

- Target
  
  123bb10f1b9392e5d0c1816dbe29c8f0_JaffaCakes118
- Size
  
  989KB
- MD5
  
  123bb10f1b9392e5d0c1816dbe29c8f0
- SHA1
  
  fc5c5e1ebf302dec2c9337b550e884cca479a1d3
- SHA256
  
  255ba55168751d2b17f2bfa7a8b27ef0f43d3018fbc1fb207b7a5ff4c3825daf
- SHA512
  
  eeb2560d92ebceb94a6921edacd482b4ab33d52dede2e3ca323ed5db90a00b1a5566ef38479acf62fdfc8f8669067d9d84d815a663abe3fbf6bfd93c2eebdd81
- SSDEEP
  
  24576:99f9D/PUbP3smQDKX4Akvy/KqlfAeg+caRZgqw:zfh/rTDKX4tyyqWeDcaRZe
Score

7^/10

discovery
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  12KB
- MD5
  
  4c7d97d0786ff08b20d0e8315b5fc3cb
- SHA1
  
  bb6f475e867b2bf55e4cd214bd4ef68e26d70f6c
- SHA256
  
  75e20f4c5eb00e9e5cb610273023e9d2c36392fa3b664c264b736c7cc2d1ac84
- SHA512
  
  f37093fd5cdda74d8f7376c60a05b442f884e9d370347c7c39d84eca88f23fbea6221da2e57197acd78c817a74703c49fb28b89d41c3e34817cc9301b0b6485a
- SSDEEP
  
  192:6KdqJ4Bhf1mdCMI26t510swClJOeFIsm7F1QuPs:6KdE4zAddwR0swqOeFxu
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  DocDrag.chm
- Size
  
  106KB
- MD5
  
  ac0e5b3ea03463c7bedab513bbf9acec
- SHA1
  
  fdf78f0f067aebf2faac8274e18574ec102a81b3
- SHA256
  
  3a200d0b2941733c6a0c4d7b73003e8faed4b67c920180da87e9541cd57ee859
- SHA512
  
  4c1cfbe4e83aa4cbce4252a6b988e071cbb5d3604d000f6f953e1a1c91f7c3db94c94501108f6f1f80faee61dafe6d3ecc6c4e00293b0dfcb1473dc3751f93f8
- SSDEEP
  
  3072:N3In082NaNNI/iM6XwH0kjIFpRGiLMzMD8yrirBP:N3w003ZgHDKRZLLXOrBP
Score

1^/10
behavioral5 behavioral6
- Target
  
  HTMLParse.dll
- Size
  
  88KB
- MD5
  
  cda5b33c69c80b2ca7f33d4ff6cf54cf
- SHA1
  
  bdac81ec3e0f9eefc74d1092e149ffbd48de472f
- SHA256
  
  48636e27fb4deb1208b9599c81ac0860b709801c7f9acd1cd8df56498453ecb0
- SHA512
  
  53d9c080f22d35ca029f098d0eebf9241bb83d1339f7d615f04d4847afe4529e22e8c3ab2fc532c14d33c4fec8535467fe637f10bf5cd57480e16bbc44b43c16
- SSDEEP
  
  768:3GwrXwhqec+QtyLwA09iaTd/hmvQBjrSo8SpVCltvQ3nPCuGv34O1+dZu:XAMeWX9i0/bXSo8SO7QnPC7voOyZu
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  RecoverSetup.exe
- Size
  
  52KB
- MD5
  
  528fbedfdc2b1c77f6ea1012886bd061
- SHA1
  
  df51e44db1a73cb52f6453413ab6dd9146a858fc
- SHA256
  
  ac95efac20467a307882892f93b624ce81b4d5835f4bfed2372ae5665aee31db
- SHA512
  
  8aef54bfbdc09e338a48c7b747a5fbd4e5c23f0e9f9a32b58e280acdfe25db26fd1f1288e72f0a181a8ce31ab4bacad287f5f7ce9670f071eb3610e79c218ecc
- SSDEEP
  
  384:nul9IX5JleJCbRFjGDGULAp7i401zd8HfpJHAcPeD5g3R5MO1rK82J:uM/ek6Wifz+RpAcPc+34O1+z
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  SCommCtl.dll
- Size
  
  124KB
- MD5
  
  45975dc8be96860619825831c8fd4964
- SHA1
  
  43d929f9829b6a1be53f6ad47f3491b784a0d1c5
- SHA256
  
  55908c623d9347fe83cad84f49cfa17c376fe8039ca8e33f33f0c9225b98bffe
- SHA512
  
  f3310c9d635cd0a98323631a4c0594278df82897a5848787288d1706fd688b4501a71c323ff4ad0e68d346db5e881d4d871a56cb6d81ea5789bf54ed2778db27
- SSDEEP
  
  3072:yATKmtm9/07i9AbGRFYKtthdWWGUHoHRqecMtnQV8MfU2dO+P2:yAOmtAN9A63tUEHoHRXtnUj4++
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  SDbAPI.dll
- Size
  
  56KB
- MD5
  
  67e3a2e2cf2fa47b624597f0d7babd51
- SHA1
  
  f682d59748f2378dfd759cff35c200c5f3cc1ba9
- SHA256
  
  12be5fa439972ef5d4f934c02a16222a6f3a65e3b0e9b16269d407aaa51c0a7b
- SHA512
  
  607bd78036cfde19f107ababe341c9e590057ab85a8ffe3363ab45e52c677ff031bd5d82088c1891c3dbb8cd47822ca1d128f216de3a72925062d594f4855890
- SSDEEP
  
  768:dty4KjaMRPbRXJpwg9b+1Sm5kWiw4dLp7cP/IHRp1h:dERBbRXJp/9b+13K3waLp7cPgHhh
Score

3^/10

discovery
behavioral13 behavioral14
- Target
  
  SDocCatch.dll
- Size
  
  124KB
- MD5
  
  89f5112e004efedc3cc4f74f8e408f6e
- SHA1
  
  cdd9d85ea0aadb45ab51d89c17f23c5d376bcaf2
- SHA256
  
  5b504913b963de278e77e33c5c5b77228cb6e07ddd865083f2b3753a5c2c6256
- SHA512
  
  9b9ddc2d6facf5cb4fd3ef47f5988947cb482bebf2497f76b32d0787883fa086a85724cc0d9f2be84991116758944b02b744c0b1ab243a5ac1e0ca5b0b4259f1
- SSDEEP
  
  1536:cAL2jWTdG1HUfZcXEDg/4BLajufa5Gi7s1TUZDxUhCnoO9:cA6jsGFUfZcU0juS5Giw1Ylxh
Score

3^/10

discovery
behavioral15 behavioral16
- Target
  
  SDocDB.dll
- Size
  
  32KB
- MD5
  
  69ec08bf9366d274c06f0029590962eb
- SHA1
  
  d4d30106c0345a73e8916a6016b5ea262c6dabb4
- SHA256
  
  3814feadb8b4d4e2f576ee192de97b81320c1647ac1632fde669e62423b72f34
- SHA512
  
  91a4053ba4c0d7af488fea5dad050bb90f3737c351b0b40a1fc2a9e28aac13594069ab3698a670e213be1f36d1060783fad4efe36b0b95269c94d9132c1778ab
- SSDEEP
  
  192:KOtNAGkg5fmIGXrHZYrkQjPSs9mSUN1yF+Yy3Ud/7:1Hp5MbHZpmnPUN1yNy3UR
Score

3^/10

discovery
behavioral17 behavioral18
- Target
  
  SDocDrag.exe
- Size
  
  664KB
- MD5
  
  7166258329fa82b7e3b10dd6e0ffd442
- SHA1
  
  004c7b6c6ee144cbb0644a641bb38babdb78f5ea
- SHA256
  
  a47444aeafece0090d6e0327502c849c8d20f6cc6cdd8c16b5390f65988f2f72
- SHA512
  
  84c36f00802386db345de9531e2c527fe6930c13247158c6706dd9c0a1d423eb009927c6847f2c33a56b7209d705bf4d44d1629df274e14cc582d2efba9356ae
- SSDEEP
  
  6144:Yoi0A5yKjP4CgSQoQRNEjQ85P7hWCid1BhTNDC/cOOCfJzaLv:av5DdQRNv8DFqbZDClJzar
Score

3^/10

discovery
behavioral19 behavioral20
- Target
  
  Uninstall.exe
- Size
  
  49KB
- MD5
  
  2ed306ed8e5e98c67878bbc0184f429f
- SHA1
  
  6848bd050c60b6e54ad3dcc94adc390cc185271c
- SHA256
  
  95843a9fe45bf2bd195622ebb4dffc467684eae10422bc9ebfbbf8148ff03ccc
- SHA512
  
  56b577cd49d6dfe5cd1ee845b17affca336f83d408f6af346556b3445d45f5a01421795324553f2738d0effb0540267ebcdeb9fa71012b6285d2b2e3d9360e4b
- SSDEEP
  
  1536:1e0DnjRrJav2FnUIRr2vMYBJtqAELVig6:HD11a8YBJ8AI0L
Score

7^/10

discovery
- Executes dropped EXE
- Loads dropped DLL
behavioral21 behavioral22
- Target
  
  hha.dll
- Size
  
  818KB
- MD5
  
  83178b998b55f3b199d21158f307fa4c
- SHA1
  
  cdadee248714c2e2df3a62c8c21222b017086ffe
- SHA256
  
  32003df5ecd25fa39a0c410a487c8b8440758f199eb4032b4ec03cd8f1da220c
- SHA512
  
  9675be3ff15b84a5b28e82ef5d5b8d43abf73a05d3b94d8099807ff3021ff20617875ef028f62a4297ff0c18b5a93d02a5a91d3fd5ddb3b495f46bce699efcd2
- SSDEEP
  
  24576:SfZZj36x6TqtCO+nRcfcXcDcXrZ3sK0GmzBDtb:eZZj33YV+nRqe6w3sLv3b
Score

3^/10

discovery
behavioral23 behavioral24
- Target
  
  hhc.exe
- Size
  
  54KB
- MD5
  
  03942554b3d506e7a419be967773c9f9
- SHA1
  
  5abb5859e2cd791bd8250b935b25e686dced4e12
- SHA256
  
  85eece9789c4af12bb5041243fe1944790a8f859536b629dc7bccd9ba56c0d11
- SHA512
  
  4b8d6c3664569bc95e96cbee08811c02ba490237c6f94d51dce8b686904ba18fe06c169ba4e93c508284ffe991f2b31730ca53dafb704529fea58eb8af3b43c0
- SSDEEP
  
  768:lb6dZtmPN79giyntnMq59ZyTj5s1RaoX07KOxzdgveEK0iLZ7:d61ONKi+tndPhRFuNdRdhZ
Score

3^/10

discovery
behavioral25 behavioral26
- Target
  
  seesi.url
- Size
  
  78B
- MD5
  
  f732fb60456005d7b5f890786a84cd35
- SHA1
  
  fa0825a7e5b0324a8e4b7ab5e13d2aa297c31007
- SHA256
  
  bcf027d49a99b0cfaa512a979223177b91b4688b7b18e593ffe602bac6cb86f0
- SHA512
  
  d9858aaadbc5d63fa9348644908b78e826490f4b951f58b7ac12ad8a75d04fb8e586ba39feafc00918aecd39dbf849fc90409e89983502614b9937bec8bc1ddd
Score

6^/10

discovery evasion trojan
- Checks whether UAC is enabled
  evasion trojan
behavioral27 behavioral28

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

discoveryevasiontrojan

behavioral28