c4bafdcf1f2f9593812c96e27591a3c988eabd1ec9d45337c394de86aafdaf71 | Triage

Sharing

General

Target

171f66ba3c071dbe1126d5f5fc3b6013_JaffaCakes118
Size

3.2MB
Sample

241005-lfp4gaxfkq
MD5

171f66ba3c071dbe1126d5f5fc3b6013
SHA1

afb5ff236c336566d6750fbd7f3c9e7150ce1675
SHA256

c4bafdcf1f2f9593812c96e27591a3c988eabd1ec9d45337c394de86aafdaf71
SHA512

9b61131a404526e9591e2bf5104bc862e902aef65fea974781a6c0c202bf2ef9b903685a8688ef5eab8e1c1f42caf6fd56c160a7c5a2c48c685b01ff2b411a0b
SSDEEP

49152:VVAzmH9S9Q2T5Xnt1fOzs+t0eoAixHz7XbGhx6ASn1u/ODPSO34xH4SQnK6z9:a9fnt1Yz0GilzfU69c/KSOIxYSQd9

Score

7^/10

discovery upx

Malware Config

Targets

- Target
  
  171f66ba3c071dbe1126d5f5fc3b6013_JaffaCakes118
- Size
  
  3.2MB
- MD5
  
  171f66ba3c071dbe1126d5f5fc3b6013
- SHA1
  
  afb5ff236c336566d6750fbd7f3c9e7150ce1675
- SHA256
  
  c4bafdcf1f2f9593812c96e27591a3c988eabd1ec9d45337c394de86aafdaf71
- SHA512
  
  9b61131a404526e9591e2bf5104bc862e902aef65fea974781a6c0c202bf2ef9b903685a8688ef5eab8e1c1f42caf6fd56c160a7c5a2c48c685b01ff2b411a0b
- SSDEEP
  
  49152:VVAzmH9S9Q2T5Xnt1fOzs+t0eoAixHz7XbGhx6ASn1u/ODPSO34xH4SQnK6z9:a9fnt1Yz0GilzfU69c/KSOIxYSQd9
Score

7^/10

discovery
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/DcryptDll.dll
- Size
  
  14KB
- MD5
  
  904beebec2790ee2ca0c90fc448ac7e0
- SHA1
  
  40fabf1eb0a3b7168351c4514c5288216cb1566d
- SHA256
  
  f730d9385bf72eac5d579bcf1f7e4330f1d239ca1054d4ead48e9e363d9f4222
- SHA512
  
  8bdbbaaf73e396cf9fd9866b3e824b7e70c59a2bdefdb3236387e60d0e645d011265fe79fb193f6c0d6abe2e9c01260720c71cd8f068fcc4624760511c54efaa
- SSDEEP
  
  192:apY9VuCnNCbs8dNyHdrvr5T1KEtx/9ehuhiDTUkSv/DxRyeHk51I7n13Xm:aptMNUjyVvGWxauhiDDS3DnyK7nF
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  14KB
- MD5
  
  0dc0cc7a6d9db685bf05a7e5f3ea4781
- SHA1
  
  5d8b6268eeec9d8d904bc9d988a4b588b392213f
- SHA256
  
  8e287326f1cdd5ef2dcd7a72537c68cbe4299ceb1f820707c5820f3aa6d8206c
- SHA512
  
  814dd17ebb434f4a3356f716c783ab7f569f9ee34ce5274fa50392526925f044798f8006198ac7afe3d1c2ca83a2ca8c472ca53fec5f12bbfbbe0707abacd6b0
- SSDEEP
  
  192:n6d+dHXLHQOPiY53uiUdigyU+WsPdc/A1A+2jPK72dwF7dBEnbok:n6UdHXcIiY535zBt2jP+BEnbo
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/NSISdl.dll
- Size
  
  14KB
- MD5
  
  254f13dfd61c5b7d2119eb2550491e1d
- SHA1
  
  5083f6804ee3475f3698ab9e68611b0128e22fd6
- SHA256
  
  fd0e8be2135f3d326b65520383a3468c3983fa32c9c93594d986b16709d80f28
- SHA512
  
  fcef8ac5bd0ee6e316dbbc128a223ba18c8bf85a8d253e0c0877af6a4f686a20b08d34e5a426e2be5045962b391b8073769253a4d9b18616febc8133ccf654f7
- SSDEEP
  
  192:t5ZTobBDJ68r67wmsvJI5ad9cXzFOVu+mZ/P3p+57CvpVqDxVp01Dwn2GRYgsfA:fBo/680dCI5adOjFOg9//p27uNw2bo
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  11KB
- MD5
  
  00a0194c20ee912257df53bfe258ee4a
- SHA1
  
  d7b4e319bc5119024690dc8230b9cc919b1b86b2
- SHA256
  
  dc4da2ccadb11099076926b02764b2b44ad8f97cd32337421a4cc21a3f5448f3
- SHA512
  
  3b38a2c17996c3b77ebf7b858a6c37415615e756792132878d8eddbd13cb06710b7da0e8b58104768f8e475fc93e8b44b3b1ab6f70ddf52edee111aaf5ef5667
- SSDEEP
  
  192:7DKnJZCv6VmbJQC+tFiUdK7ckD4gRXKQx+LQ2CSF:7ViJrtFRdbmXK8+PCw
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  $PLUGINSDIR/locate.dll
- Size
  
  17KB
- MD5
  
  7d3317f57c1a368480ace3c0ca804eeb
- SHA1
  
  d4c7e185bc64aac82339f51ba6c21cf0713c9f1a
- SHA256
  
  d88a04c1e39db583eaad727fd390fe599ab10198ee040bfbdd22daefadbd2372
- SHA512
  
  5598c2e6caa2f66edd48f8c8305e054d4b0740b5f2b7ed92cf197a13ac66ba99a32013d34b3c2e28d007ab7979eb90a50681324eb736b1410e7df1902e4ec32a
- SSDEEP
  
  384:ev/vPBkA6dK8wiLe45naPji7hpx2kRV+qgm:evyvwiNnGji7Xxjc8
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  $PLUGINSDIR/nsRandom.dll
- Size
  
  21KB
- MD5
  
  ab467b8dfaa660a0f0e5b26e28af5735
- SHA1
  
  596abd2c31eaff3479edf2069db1c155b59ce74d
- SHA256
  
  db267d9920395b4badc48de04df99dfd21d579480d103cae0f48e6578197ff73
- SHA512
  
  7d002dc203997b8a4d8ec20c92cd82848e29d746414f4a61265c76d4afb12c05bce826fc63f4d2bd3d527f38506c391855767d864c37584df11b5db9ca008301
- SSDEEP
  
  384:LCHDPMs4GdtyO5roguusMxUXiO3wOw95euooP2UgKbd9BvNtf:LCHD6Gh87MKXil/5r2U3z
Score

5^/10

discovery upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral13 behavioral14
- Target
  
  $PLUGINSDIR/xml.dll
- Size
  
  118KB
- MD5
  
  42df1fbaa87567adf2b4050805a1a545
- SHA1
  
  b892a6efbb39b7144248e0c0d79e53da474a9373
- SHA256
  
  e900fcb9d598643eb0ee3e4005da925e73e70dbaa010edc4473e99ea0638b845
- SHA512
  
  4537d408e2f54d07b018907c787da6c7340f909a1789416de33d090055eda8918f338d8571bc3b438dd89e5e03e0ded70c86702666f12adb98523a91cbb1de1d
- SSDEEP
  
  1536:U2A8OSGjylgkara+70LICin9zgtg2LxowhtJu6MqSNicNEtIfF42q2KC:OzjLkarn7O+n9z2L6whFtGF42bK
Score

3^/10

discovery
behavioral15 behavioral16
- Target
  
  EDSDK.dll
- Size
  
  444KB
- MD5
  
  bf5fb2b41c7ca1010a17459c3acfb1a4
- SHA1
  
  66be10a907982439f7ad4731a3db91f1131321e7
- SHA256
  
  45008f8eea8c5d7c402301625d7508770d11c46ec2771d22bd09dc881dbc5c7b
- SHA512
  
  64cf6bc5dbe1f978b43518f314b67b85387351f96058d986163fa085e40b36c65397a694f7e005c739bdd753bcc3c3a260c6074d4c61d52bad93a3ae11028ff3
- SSDEEP
  
  6144:LjL28IZqTG1oVVsYx3hm4NDDTVHv1ivIJIbhf:LjK3Yq1oVVsYe4X0AJih
Score

3^/10

discovery
behavioral17 behavioral18
- Target
  
  EdsImage.dll
- Size
  
  1016KB
- MD5
  
  a1155717ed8030650fce1245917d63da
- SHA1
  
  6e04e8da8da29ae963facd637d314926ddddcebc
- SHA256
  
  b97ee53fe9cabc0a3548aa260a72c2e1d85a367d6a51cff446decd39c031b605
- SHA512
  
  b9d09affaff9ea20bf86385599e1ddccf3e180f2995175bcbd0a06b948db65454d5d86d53cf94cdfcc80e49d4bdb3a2a1f0d17684ccc6609c7375539202fb001
- SSDEEP
  
  24576:Ie1s0qihaQBZmKPggfZusahAufE/Rh6XSrcm:KYaKr66pRhXc
Score

3^/10

discovery
behavioral19 behavioral20
- Target
  
  Help/en/camcontrol.html
- Size
  
  714B
- MD5
  
  3a8a6e7c27497b9229eac75ff0fa7c9f
- SHA1
  
  c4107e99e559dd77cef78868f9745592c52f747f
- SHA256
  
  7393265a71121cc6895da25cee14fb9e13c360ac7ab57c8620c257a5f36e5a42
- SHA512
  
  5ff4bf19029f64117373e850e3aa23da01ea3484bfe67d1b9a36d3abbe2a0e6b227d8b74e352af3bfcf606e378b2460da4977a85f05a36aa4c120db551ced861
Score

3^/10

discovery
behavioral21 behavioral22
- Target
  
  Help/en/devices.html
- Size
  
  1KB
- MD5
  
  aa8996ec92f3cfbf541a74322c5db868
- SHA1
  
  93dce858124bab8cd1d599e30dba39b94b02c1bc
- SHA256
  
  46bdc3d6ccd4c536bf4c6d83e6a77efeb3119147f917442afc3e9587f2cb5067
- SHA512
  
  6b4bc947e30f4a220305284394a79f1e749162d5060279638dbc4b8f5974477319bfa5cb5992f5b39f908f29765bf4862456b8064fe61bebe825a7f3bb790ac3
Score

3^/10

discovery
behavioral23 behavioral24
- Target
  
  Help/en/firststeps.html
- Size
  
  1KB
- MD5
  
  d90efa09ffb3c352ec0e45ad81aef49d
- SHA1
  
  6bd4e097efb29503e0d355fb068d0038135a2feb
- SHA256
  
  26804bf5e96ca51633746911415ffb919f034128a6e319ee5e7ce8b8c2eb4e48
- SHA512
  
  bbfb79a663210c8241b85db6d4d667c77c342a33028252ff6baf9adafd4eee1fa4c3659660f286b8ad56fd1f3be6e316a296bd3b1cc275c3d2d109315afc915f
Score

3^/10

discovery
behavioral25 behavioral26
- Target
  
  Help/en/geocoding.html
- Size
  
  1KB
- MD5
  
  ad9b06894ec1b7b75650de47d2ba2970
- SHA1
  
  0b8bdc635f2cf7e2d9039d4ac30c33aae40114ee
- SHA256
  
  3111723ea6ba3cad37917c9b0d7d207fd736de1f7b86e412dc4219bc1d51f3ec
- SHA512
  
  f8e7797032edffe6c75cf18a3864781fa8bcfeb637403dd678589f8a21d5a4dbca0ee8da1fcfbc5af185e5b958961ab4d4381f1b7d9779ed20599020a90b9025
Score

3^/10

discovery
behavioral27 behavioral28
- Target
  
  Help/en/import.html
- Size
  
  1KB
- MD5
  
  e5d2fff5bf2fcdfe92cf9f9431b2d488
- SHA1
  
  bc665e10b419c5e54cc4216c883ea78fe986b35f
- SHA256
  
  eaeed7b4978cf3cb564ba6bac39242dad81dadfff86af144bacf7e7efbc36fd3
- SHA512
  
  5c54a5090d8d58bf2f160e15b10eb03e06ea4df482d11bea13a0a54790912c0ba13938b522d1c2e7372678d80f86ea51bffc9c2df94960f16c40774a17c07e25
Score

3^/10

discovery
behavioral29 behavioral30
- Target
  
  Help/en/importsettings.html
- Size
  
  5KB
- MD5
  
  7e425b28de9fdabb29f0583ee2ddee01
- SHA1
  
  ac728296cfa9a0748362b48d04b7e7279e4c84bb
- SHA256
  
  80ae760d4479f8e768f9b3d8e36127f11634020bd45fe1b81075cc0159ae5d46
- SHA512
  
  5ed67afdf3150473c1f939f5a8cccf4fc590ce1d0f0f1f298202121fb92ee0af5f7062a94f44eb919b353a6e6967f4e693c02dc0911d5e4e2038dd50d3e2db43
- SSDEEP
  
  96:8YUWj3hGPAAfTlfqy4OB3QAT0lAV4ckKGmcwACuH/HgHVz:8+DhGPPfTsuBgU0ecwACufHg1z
Score

3^/10

discovery
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32