742f5cf6c1a88e32ee398e3523a57cce43046c2e056546a055516fe53a9cdb5b | Triage

Sharing

General

Target

2952565af33a0cb6a73ba71ac682af7b_JaffaCakes118
Size

698KB
Sample

241009-c4kn8avhkn
MD5

2952565af33a0cb6a73ba71ac682af7b
SHA1

00d86920186b966ecdc9af702f92fc18954cd1d9
SHA256

742f5cf6c1a88e32ee398e3523a57cce43046c2e056546a055516fe53a9cdb5b
SHA512

d58015ff7a83bea56b0bc8b9189fe9ebd5dbf8ac1e8cb125eb570fd9b131b9d2c8dff9e10918bde4fd41daeb5eb04b2b936d58ccf868c437e4a6a77c20e5fad0
SSDEEP

12288:pCldMgQ//KsoLGO/nHokkiMew+AWTVhJEKA0RC66pa3kRelbh8hpEbIzjA:pX//KsyGO/Iklxbr+X0RX8UkIGxs

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2952565af33a0cb6a73ba71ac682af7b_JaffaCakes118
- Size
  
  698KB
- MD5
  
  2952565af33a0cb6a73ba71ac682af7b
- SHA1
  
  00d86920186b966ecdc9af702f92fc18954cd1d9
- SHA256
  
  742f5cf6c1a88e32ee398e3523a57cce43046c2e056546a055516fe53a9cdb5b
- SHA512
  
  d58015ff7a83bea56b0bc8b9189fe9ebd5dbf8ac1e8cb125eb570fd9b131b9d2c8dff9e10918bde4fd41daeb5eb04b2b936d58ccf868c437e4a6a77c20e5fad0
- SSDEEP
  
  12288:pCldMgQ//KsoLGO/nHokkiMew+AWTVhJEKA0RC66pa3kRelbh8hpEbIzjA:pX//KsyGO/Iklxbr+X0RX8UkIGxs
Score

7^/10

discovery
- Executes dropped EXE
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Drops file in System32 directory
behavioral1 behavioral2
- Target
  
  $0/queryscan.dll
- Size
  
  576KB
- MD5
  
  44870576e69024e79a2dddc9afe0d2ce
- SHA1
  
  ab20f8bb36340611dc5f94f5d309cbb47b8a5cc7
- SHA256
  
  e1b671e2ba6091f973fc63aec6d75a5afbdaf61c1a4280ec7fa24a20fc479e18
- SHA512
  
  5cd9d58a6ac83830bc39fdaf6f0e46b3685adb5c62506b835610786b3b574fc8bbe4f06d9507af4d300d228fa05fea1122b69cfd2b9a5abb42f855ce6e0d618a
- SSDEEP
  
  12288:bfT0WrWeqzJzgVspgbCGnWS66yk2+G/+CW/SWv76E:br0sWeSLpydK6f2+G/ySCeE
Score

1^/10
behavioral3 behavioral4
- Target
  
  $0/queryscan.exe
- Size
  
  25KB
- MD5
  
  d9e855c7182e25f5c9d8f234234c8787
- SHA1
  
  c1bded1b95cd50f2292f3b21e8ca9123bc798edc
- SHA256
  
  6ccd36338173ace5eb07a6bb97620d9c5ab1222363b33a924b273a4e7f631fd3
- SHA512
  
  0471715589e4730f6eee9e20356ed3da2e30405956cab4839fa6aa0f084366d156639c4fc6c1e6a4fa17cff678c1411dd1f4e951bf02e41733650f406131d933
- SSDEEP
  
  384:NA/W+znG+9h9FexVjs2YiB1XT3a94R8bVb60AQcnvRjdZlIjN6/Wvilf:xGG+9heTYI1XTa9DRjAQcnvRBnsBalf
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  $0/uninstall.exe
- Size
  
  78KB
- MD5
  
  bb6e99a6101293b86ba5478b1d1e1193
- SHA1
  
  e7766fad214954ef27a14144b6fb769362701555
- SHA256
  
  44625efb63fb453277c586f78c3926bad2e33719f26319d13ba88c606a195a8e
- SHA512
  
  e8fc516539a103e7f336f166a8ae1e7711ec4f4b58f4c878a0db1872f67c91769b1025cc823faab0d4149971bbe5598411579841698bd902d5156f71002e4e2a
- SSDEEP
  
  1536:PEkjY1zy214Qay0DGkJ7qAELVigJQqFcpspCILLyK2/Db:8kjAJ4dDGkJ+AI0bWa/X
Score

7^/10

discovery
- Executes dropped EXE
- Loads dropped DLL
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  13KB
- MD5
  
  d765c492c21689e3d9d61634371fd861
- SHA1
  
  ac200933671ae52c9d5544d0e2e8e9144d286c83
- SHA256
  
  551e6042dd494ea01549555ffc194ab9729da09058ec714eb368dd06642c9bbc
- SHA512
  
  9919a9e848c8f1e26c75d0d29207571e4b86a4140bd554743d2c1f8bd7f386fe4919345b163d89a5d907fb165e435ba0ac5f6b1101713636141f156a420e2e0f
- SSDEEP
  
  192:9B6RvrfvOuJQDghBy/X7QKq3TLGciZJf0EzWzMnz6WoF1dBs:v6RrviWaX7eiZJ7nz6bB
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  10KB
- MD5
  
  fe24766ba314f620d57d0cf7339103c0
- SHA1
  
  8641545f03f03ff07485d6ec4d7b41cbb898c269
- SHA256
  
  802ef71440f662f456bed6283a5ff78066af016897fe6bfd29cac6edc2967bbd
- SHA512
  
  60d36959895cebf29c4e7713e6d414980139c7aa4ed1c8c96fefb672c1263af0ce909fb409534355895649c0e8056635112efb0da2ba05694446aec2ca77e2e3
- SSDEEP
  
  192:rO6dJA/ruAFEiUdWWE6hE5RYUdJfbub1aMBgMO:yKAFERdlxhGRYUzqZaMB
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  13KB
- MD5
  
  d765c492c21689e3d9d61634371fd861
- SHA1
  
  ac200933671ae52c9d5544d0e2e8e9144d286c83
- SHA256
  
  551e6042dd494ea01549555ffc194ab9729da09058ec714eb368dd06642c9bbc
- SHA512
  
  9919a9e848c8f1e26c75d0d29207571e4b86a4140bd554743d2c1f8bd7f386fe4919345b163d89a5d907fb165e435ba0ac5f6b1101713636141f156a420e2e0f
- SSDEEP
  
  192:9B6RvrfvOuJQDghBy/X7QKq3TLGciZJf0EzWzMnz6WoF1dBs:v6RrviWaX7eiZJ7nz6bB
Score

3^/10

discovery
behavioral13 behavioral14
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  10KB
- MD5
  
  fe24766ba314f620d57d0cf7339103c0
- SHA1
  
  8641545f03f03ff07485d6ec4d7b41cbb898c269
- SHA256
  
  802ef71440f662f456bed6283a5ff78066af016897fe6bfd29cac6edc2967bbd
- SHA512
  
  60d36959895cebf29c4e7713e6d414980139c7aa4ed1c8c96fefb672c1263af0ce909fb409534355895649c0e8056635112efb0da2ba05694446aec2ca77e2e3
- SSDEEP
  
  192:rO6dJA/ruAFEiUdWWE6hE5RYUdJfbub1aMBgMO:yKAFERdlxhGRYUzqZaMB
Score

3^/10

discovery
behavioral15 behavioral16

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16