bc1af5e58bcb412a72e59c142f5a255ba4474c4330e4cdcc6991821a1ec6f383 | Triage

Sharing

General

Target

176b728c76d39e62bddb985852b935c1_JaffaCakes118
Size

2.0MB
Sample

241005-m49y8avgle
MD5

176b728c76d39e62bddb985852b935c1
SHA1

27d3ee25d0aa4deca74901cceaf7cbbfa7e1a760
SHA256

bc1af5e58bcb412a72e59c142f5a255ba4474c4330e4cdcc6991821a1ec6f383
SHA512

5f335d3ea2cf8d1d829254105b2996025446f30c5a84218932f90f28d1594dca30af606cb6dcfae57b488bb03c190f58c8d6971ca2ff53c8ae9bf37f926c68d5
SSDEEP

49152:SGOihkel4EbeJKIzj/N9zd33g4ccCALA6ng4VK0WscBLYbrCRawu8:SoCI4Rnzd3Q4zbFngsKjFsrQar8

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  176b728c76d39e62bddb985852b935c1_JaffaCakes118
- Size
  
  2.0MB
- MD5
  
  176b728c76d39e62bddb985852b935c1
- SHA1
  
  27d3ee25d0aa4deca74901cceaf7cbbfa7e1a760
- SHA256
  
  bc1af5e58bcb412a72e59c142f5a255ba4474c4330e4cdcc6991821a1ec6f383
- SHA512
  
  5f335d3ea2cf8d1d829254105b2996025446f30c5a84218932f90f28d1594dca30af606cb6dcfae57b488bb03c190f58c8d6971ca2ff53c8ae9bf37f926c68d5
- SSDEEP
  
  49152:SGOihkel4EbeJKIzj/N9zd33g4ccCALA6ng4VK0WscBLYbrCRawu8:SoCI4Rnzd3Q4zbFngsKjFsrQar8
Score

7^/10

discovery
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  15KB
- MD5
  
  828a94a3b9a080f79e84015b55fce227
- SHA1
  
  c15c615925bb72531ba32194253eefa49edaa93a
- SHA256
  
  1d0a17641f697203fd0c0b9ba0b715436299203c9c1be90c458fe668a1eb68d2
- SHA512
  
  c3d41a3f9377a8c18a85eec50a3eb3cf5a4ec8ea4bbffd73992455cb01aaed9f158183bc647684f82c516534266a46ccfcd7c2c0b3e1b73774c3bedc9e80054a
- SSDEEP
  
  192:1sIZHdT9uwYX94kYd2iCzHR+yK7imphLAykycpKPd5mT8ozxGUWumle:1sUHd9GN2d2iwl0impATIPdAT8Ov6
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  11KB
- MD5
  
  a82b0479708b96c7bf4dd6b798aedee0
- SHA1
  
  7e47b402848a86bdddd5f0de8bb4620471caaab0
- SHA256
  
  72410442a894b8316da6ad469f03997ec17c0b0d117745bb6ac5cac3232c7d20
- SHA512
  
  02e07def3897d87d546c0cf1492191591be587f64ae5c165b9a91fb977585c65a860135eb8c102b67dede913ea935459ce70c4ca973b292122c8d097ab130d58
- SSDEEP
  
  192:hCZej3uzvJwqJMQKN4GbeWZksMI4ETWcEbcBZ8ep2Kra7y6G:hCi2HgN4GbeWmbI4Eybogia7y6
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  $R0
- Size
  
  612KB
- MD5
  
  e4fece18310e23b1d8fee993e35e7a6f
- SHA1
  
  9fd3a7f0522d36c2bf0e64fc510c6eea3603b564
- SHA256
  
  02bdde38e4c6bd795a092d496b8d6060cdbe71e22ef4d7a204e3050c1be44fa9
- SHA512
  
  2fb5f8d63a39ba5e93505df3a643d14e286fe34b11984cbed4b88e8a07517c03efb3a7bf9d61cf1ec73b0a20d83f9e6068e61950a61d649b8d36082bb034ddfc
- SSDEEP
  
  12288:6Fqi2VC1J7Zs7a5zchr46CIfsyZmGyYCqeC:6Ui2C1JdoiEdmGyYu
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  HaoZip.chm
- Size
  
  163KB
- MD5
  
  74309dc7361642b6f9b796899b467c2b
- SHA1
  
  742c190163efd3b594da20754822e556a921b80e
- SHA256
  
  82e3dbcf5478eab913373bb2bfb9c464248a1803f5905f0fddd2315297fa5383
- SHA512
  
  a1ab71d1ae469c8882ab3281addf3d97a982f873a8f47c10fe930188163bd1bc0ff02cf5cda70bf4d993faea0c3e206daf0b966dae125a5a52d23aa4c74c6943
- SSDEEP
  
  3072:mhuIyDjh8PuRCakQzgQlibBqljt54yy20bSxegRoVoaVYlMluR/:m8jSEkQzg42c54c3xJRWpVs/
Score

1^/10
behavioral10 behavioral9
- Target
  
  HaoZip.exe
- Size
  
  1.4MB
- MD5
  
  45de7fddf3751d8bb1ea443e5172e16d
- SHA1
  
  1b32bc1ab44b046689505bdf8a62077575a546fe
- SHA256
  
  fd7d93dc2a9a40ffcbdb319658cc2546483532df25c814962223039c40cbf28a
- SHA512
  
  952ffe8bd1a2e06999886111b0449f5d9e8ff3dfd58ebd97834419119c9b28aaf678f27574b1b10bb577091d0c3ec7ee1c2b0aa7193fe44e17b925c3bd820c36
- SSDEEP
  
  24576:F1+y/iN9tjaWQcOCTZPUL5eqTmIDyic2HG5iLlBg0NG9g0WGfEq9F/PRZorFQG3U:iy6BjaJcOCkTfDhfHaiL3gYGGGMuFxZt
Score

4^/10

discovery
behavioral11 behavioral12
- Target
  
  HaoZipC.exe
- Size
  
  253KB
- MD5
  
  506b2e3d13ebb82e50d5231051ff623d
- SHA1
  
  db3ef5949a4ee7c9aa40f1d65a643adcbb4f60dd
- SHA256
  
  c59f4a5062d6d3584555968b6360d2040189b79583cadc6671fd4cddeaae858d
- SHA512
  
  09e838551f3980b7df0f8f72d3326ad9583370f9bcfdda881675b10125dfbcf45b77f4907f26030d6fa513398827c4fcc79fb62d51279b64b5d24bae73d4db84
- SSDEEP
  
  6144:G13KxS7xd5GxNb5sN5t5hMSoSvN/gNu3qRDj+OVk:S3Kx8xd5cw5t5uoN/gNcqRDjs
Score

3^/10

discovery
behavioral13 behavioral14
- Target
  
  HaoZipUpdate.exe
- Size
  
  173KB
- MD5
  
  02699409630705df1a941dc9421e95dd
- SHA1
  
  fc2e0a6b7f797223537532a412982e1bce8b57a7
- SHA256
  
  55f20ecdcfe0ee45b8fb2c614fcdfd9eaa70b4d302795af440dbc08294d041e2
- SHA512
  
  6fe7e15842e4953601bdd1fc93bc30ed627b29042a16567c934ac0512881a11a08cc1aa4a3ed7ea9cd3edc744a354f07c6beb0e55bd04a42d523c279fd06fb8c
- SSDEEP
  
  3072:uEG2v/XKwzcupqx8Vy40XI5VCdtItf0TLLbmR7o1KIGpreP6k3koiU82zWOvGQAg:OAXK5uJVyTtIt0TL5w3preL7iazWOvvX
Score

3^/10

discovery
behavioral15 behavioral16
- Target
  
  lang/HaoZipLang_chs.dll
- Size
  
  368KB
- MD5
  
  c81586f9c72ddc4044ddc5b9358e8e8e
- SHA1
  
  6520830ddc2f762165b92c19b2781a5aad0054f4
- SHA256
  
  ca074ef34502da9695217f6bb2841309e0a593c199851289bacefcd067871822
- SHA512
  
  d8a1fcc483ad80c6904ae06c047bd3774cdbc0dc6de23e184e043b0a9fe47676664982709b4c6c047255270079d674751b1dd3a8a043ae1498bc466a693e5652
- SSDEEP
  
  6144:ypwtD1HAO5vYGxz1hs44TbXStpjfhYmRWvF9q5n92j53:y8BgO5dFWyK
Score

3^/10

discovery
behavioral17 behavioral18

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18