General

  • Target

    29956ed2572dde5734b3d92f5a763a8f_JaffaCakes118

  • Size

    492KB

  • Sample

    241009-dfjyfsxdqj

  • MD5

    29956ed2572dde5734b3d92f5a763a8f

  • SHA1

    e07b5babf38fcd3feb47794fb474a6a1d57fef1a

  • SHA256

    095a4229154396d12b071d047a596195ade77126cd5c3592db94fe864cb264de

  • SHA512

    66d1eb53caae06c04d2a1a7b98f2aa8fde1956cc2f88e964d345f69268e995d38b2bee4df392c8d0463adf5d0a72093c9c676971bdb61dd88310d6ceab136876

  • SSDEEP

    6144:3uk4fqjkwQqF6jtY03ZgLpp6TURimpBwXVUTL7E97IkXQxBRUoz0JehYvH7Aw0v9:x4fwz6peEUBwXVwM9vylzdYvH7AwC

Score
7/10

Malware Config

Targets

    • Target

      29956ed2572dde5734b3d92f5a763a8f_JaffaCakes118

    • Size

      492KB

    • MD5

      29956ed2572dde5734b3d92f5a763a8f

    • SHA1

      e07b5babf38fcd3feb47794fb474a6a1d57fef1a

    • SHA256

      095a4229154396d12b071d047a596195ade77126cd5c3592db94fe864cb264de

    • SHA512

      66d1eb53caae06c04d2a1a7b98f2aa8fde1956cc2f88e964d345f69268e995d38b2bee4df392c8d0463adf5d0a72093c9c676971bdb61dd88310d6ceab136876

    • SSDEEP

      6144:3uk4fqjkwQqF6jtY03ZgLpp6TURimpBwXVUTL7E97IkXQxBRUoz0JehYvH7Aw0v9:x4fwz6peEUBwXVwM9vylzdYvH7AwC

    Score
    7/10
    • Executes dropped EXE

    • Loads dropped DLL

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Target

      $PLUGINSDIR/GetVersion.dll

    • Size

      9KB

    • MD5

      225f776172f1baccd2721a6e5d512b36

    • SHA1

      2dbbc86f7b0285682880a627b56a75de09f4bed6

    • SHA256

      ecfcbe30f5b248673f9cbebb734b9981ed14b06380ea787c563d67b30e2d069e

    • SHA512

      4b99a5ac68122501a5913cf54bd3ae99d851d57656b0e136980122739cceef739fa2d5ea097f2442068b9489a4c25ea0884653c41d85f27f25996792bf6c21bb

    • SSDEEP

      192:MMr/9XGqK7s/AlHdJZBi46AQ5VuNxHA8/:MsXGqM93Bi46AQ5Vujg8/

    Score
    3/10
    • Target

      $PLUGINSDIR/NSISdl.dll

    • Size

      82KB

    • MD5

      cb1facc94ddb9f50fcfc176444d01063

    • SHA1

      3ddd287a0aa1e376b9b200ee546c3b68f1e48ec7

    • SHA256

      740889b170366dd60b93e0f381bc885be2a0591ea8905e48f9bd9830cb266436

    • SHA512

      5bd93e8e45b35c8d89040d01756a71890c1e8bd60b71e9945e8ccdd55e327816b596c03ea2222acee9c5f5edef85e5167403f4735e9303bfed8bfa739831d464

    • SSDEEP

      1536:nKHghY8sc+h3f3A9yBZgqCZMEeVDaDUg566Xo:KHghnsb7uCVGUg5jo

    Score
    3/10
    • Target

      $PLUGINSDIR/Processes.dll

    • Size

      35KB

    • MD5

      2cfba79d485cf441c646dd40d82490fc

    • SHA1

      83e51ac1115a50986ed456bd18729653018b9619

    • SHA256

      86b302fa9c85dfa0c1c03ba000864a928365dab571f3355347dba02da22949b7

    • SHA512

      cca186a7f9c5cff3f4eca410fbe8cc13dad2514a7e36aec9b1addfbcb239ace9b9b2d8427771858e3fd11783abce7e24d43c286f98da9f8b17562ca095a4c043

    • SSDEEP

      768:uxEiycFoaj/+WSiJfmjvab7L/cUf7IIlMLRF:uxEm7sgfmjy//cgdlM/

    Score
    3/10
    • Target

      $PLUGINSDIR/nsExec.dll

    • Size

      9KB

    • MD5

      dad21928213e804133c6eed2b5402dbc

    • SHA1

      82fa0fe67dc55e22e2289800b2fca34bf59762d6

    • SHA256

      5f80c7ba031f546b69bd57071bdb5334760cde5afc43fe8271b9e6a3204ef390

    • SHA512

      8e8428f1bd5a81a447f8b892215d09d5695b1fcc9eb5bf0d9771a6989750feaa5957966fb444a24d78cf51ebb783d615348337e44b884c2e5d5f63d80551c9f3

    • SSDEEP

      192:lkhF3tTTxsMRRuWDxvsiwDc4veSQ4b95Q4huV+:lqFh9LRR7Z/oPX5QIuV+

    Score
    3/10
    • Target

      $TEMP/8cef5d5760950937a5ad3558fc8c2c47/downloaderDDLR.exe

    • Size

      58KB

    • MD5

      c7f6ed56312c8fbb58ae6ed445c38df4

    • SHA1

      e2dba94ef052db774478b9f7198c1a2298b334e5

    • SHA256

      fdb8452173a4f116f6e362ab5466c3c16bf6697502fe3d01db0d82f0e339de24

    • SHA512

      ac43e5bb31c3c0876a7768553916cce76d92088e62594e8463b128a0d6e587c48152a5efcf0b2a5e8fb43028d46913df114ae3c3750b7e6c4212c7044518ba43

    • SSDEEP

      1536:tLXB65939tY6HBg4sXJhweErCi/S8qcy4PLv:tLk395hYXJh0C6jy4z

    Score
    7/10
    • Loads dropped DLL

    • Target

      $PLUGINSDIR/NSISdl.dll

    • Size

      14KB

    • MD5

      a5f8399a743ab7f9c88c645c35b1ebb5

    • SHA1

      168f3c158913b0367bf79fa413357fbe97018191

    • SHA256

      dacc88a12d3ba438fdae3535dc7a5a1d389bce13adc993706424874a782e51c9

    • SHA512

      824e567f5211bf09c7912537c7836d761b0934207612808e9a191f980375c6a97383dbc6b4a7121c6b5f508cbfd7542a781d6b6b196ca24841f73892eec5e977

    • SSDEEP

      192:tUZTobBDJ68r67wmsvJI5ad9cXzFOVu+mZ/P3p+57CvpVqDxVp01Dwn2GRPgsfA:6Bo/680dCI5adOjFOg9//p27uNw2Go

    Score
    3/10
    • Target

      $TEMP/8cef5d5760950937a5ad3558fc8c2c47/downloaderOFFER0.exe

    • Size

      58KB

    • MD5

      c7f6ed56312c8fbb58ae6ed445c38df4

    • SHA1

      e2dba94ef052db774478b9f7198c1a2298b334e5

    • SHA256

      fdb8452173a4f116f6e362ab5466c3c16bf6697502fe3d01db0d82f0e339de24

    • SHA512

      ac43e5bb31c3c0876a7768553916cce76d92088e62594e8463b128a0d6e587c48152a5efcf0b2a5e8fb43028d46913df114ae3c3750b7e6c4212c7044518ba43

    • SSDEEP

      1536:tLXB65939tY6HBg4sXJhweErCi/S8qcy4PLv:tLk395hYXJh0C6jy4z

    Score
    7/10
    • Loads dropped DLL

    • Target

      $PLUGINSDIR/NSISdl.dll

    • Size

      14KB

    • MD5

      a5f8399a743ab7f9c88c645c35b1ebb5

    • SHA1

      168f3c158913b0367bf79fa413357fbe97018191

    • SHA256

      dacc88a12d3ba438fdae3535dc7a5a1d389bce13adc993706424874a782e51c9

    • SHA512

      824e567f5211bf09c7912537c7836d761b0934207612808e9a191f980375c6a97383dbc6b4a7121c6b5f508cbfd7542a781d6b6b196ca24841f73892eec5e977

    • SSDEEP

      192:tUZTobBDJ68r67wmsvJI5ad9cXzFOVu+mZ/P3p+57CvpVqDxVp01Dwn2GRPgsfA:6Bo/680dCI5adOjFOg9//p27uNw2Go

    Score
    3/10
    • Target

      $TEMP/8cef5d5760950937a5ad3558fc8c2c47/downloaderOFFER1.exe

    • Size

      58KB

    • MD5

      c7f6ed56312c8fbb58ae6ed445c38df4

    • SHA1

      e2dba94ef052db774478b9f7198c1a2298b334e5

    • SHA256

      fdb8452173a4f116f6e362ab5466c3c16bf6697502fe3d01db0d82f0e339de24

    • SHA512

      ac43e5bb31c3c0876a7768553916cce76d92088e62594e8463b128a0d6e587c48152a5efcf0b2a5e8fb43028d46913df114ae3c3750b7e6c4212c7044518ba43

    • SSDEEP

      1536:tLXB65939tY6HBg4sXJhweErCi/S8qcy4PLv:tLk395hYXJh0C6jy4z

    Score
    7/10
    • Loads dropped DLL

    • Target

      $PLUGINSDIR/NSISdl.dll

    • Size

      14KB

    • MD5

      a5f8399a743ab7f9c88c645c35b1ebb5

    • SHA1

      168f3c158913b0367bf79fa413357fbe97018191

    • SHA256

      dacc88a12d3ba438fdae3535dc7a5a1d389bce13adc993706424874a782e51c9

    • SHA512

      824e567f5211bf09c7912537c7836d761b0934207612808e9a191f980375c6a97383dbc6b4a7121c6b5f508cbfd7542a781d6b6b196ca24841f73892eec5e977

    • SSDEEP

      192:tUZTobBDJ68r67wmsvJI5ad9cXzFOVu+mZ/P3p+57CvpVqDxVp01Dwn2GRPgsfA:6Bo/680dCI5adOjFOg9//p27uNw2Go

    Score
    3/10
    • Target

      $TEMP/8cef5d5760950937a5ad3558fc8c2c47/downloaderOFFER2.exe

    • Size

      58KB

    • MD5

      c7f6ed56312c8fbb58ae6ed445c38df4

    • SHA1

      e2dba94ef052db774478b9f7198c1a2298b334e5

    • SHA256

      fdb8452173a4f116f6e362ab5466c3c16bf6697502fe3d01db0d82f0e339de24

    • SHA512

      ac43e5bb31c3c0876a7768553916cce76d92088e62594e8463b128a0d6e587c48152a5efcf0b2a5e8fb43028d46913df114ae3c3750b7e6c4212c7044518ba43

    • SSDEEP

      1536:tLXB65939tY6HBg4sXJhweErCi/S8qcy4PLv:tLk395hYXJh0C6jy4z

    Score
    7/10
    • Loads dropped DLL

    • Target

      $PLUGINSDIR/NSISdl.dll

    • Size

      14KB

    • MD5

      a5f8399a743ab7f9c88c645c35b1ebb5

    • SHA1

      168f3c158913b0367bf79fa413357fbe97018191

    • SHA256

      dacc88a12d3ba438fdae3535dc7a5a1d389bce13adc993706424874a782e51c9

    • SHA512

      824e567f5211bf09c7912537c7836d761b0934207612808e9a191f980375c6a97383dbc6b4a7121c6b5f508cbfd7542a781d6b6b196ca24841f73892eec5e977

    • SSDEEP

      192:tUZTobBDJ68r67wmsvJI5ad9cXzFOVu+mZ/P3p+57CvpVqDxVp01Dwn2GRPgsfA:6Bo/680dCI5adOjFOg9//p27uNw2Go

    Score
    3/10
    • Target

      $TEMP/8cef5d5760950937a5ad3558fc8c2c47/downloaderSTUB.exe

    • Size

      58KB

    • MD5

      c7f6ed56312c8fbb58ae6ed445c38df4

    • SHA1

      e2dba94ef052db774478b9f7198c1a2298b334e5

    • SHA256

      fdb8452173a4f116f6e362ab5466c3c16bf6697502fe3d01db0d82f0e339de24

    • SHA512

      ac43e5bb31c3c0876a7768553916cce76d92088e62594e8463b128a0d6e587c48152a5efcf0b2a5e8fb43028d46913df114ae3c3750b7e6c4212c7044518ba43

    • SSDEEP

      1536:tLXB65939tY6HBg4sXJhweErCi/S8qcy4PLv:tLk395hYXJh0C6jy4z

    Score
    7/10
    • Loads dropped DLL

    • Target

      $PLUGINSDIR/NSISdl.dll

    • Size

      14KB

    • MD5

      a5f8399a743ab7f9c88c645c35b1ebb5

    • SHA1

      168f3c158913b0367bf79fa413357fbe97018191

    • SHA256

      dacc88a12d3ba438fdae3535dc7a5a1d389bce13adc993706424874a782e51c9

    • SHA512

      824e567f5211bf09c7912537c7836d761b0934207612808e9a191f980375c6a97383dbc6b4a7121c6b5f508cbfd7542a781d6b6b196ca24841f73892eec5e977

    • SSDEEP

      192:tUZTobBDJ68r67wmsvJI5ad9cXzFOVu+mZ/P3p+57CvpVqDxVp01Dwn2GRPgsfA:6Bo/680dCI5adOjFOg9//p27uNw2Go

    Score
    3/10
    • Target

      $TEMP/8cef5d5760950937a5ad3558fc8c2c47/preinstaller.exe

    • Size

      213KB

    • MD5

      06baef00ae0f0e42fc5fea24fc4eac42

    • SHA1

      9161574590f09cfe4c24498827386ed57f2e8c58

    • SHA256

      19460c3c1b450286c68fba77086c561e740374ae5c44213dd2ec22dc52a430b8

    • SHA512

      29431ff9f16fdd4122a10dfec0f260a4397e776daae2ef17defae71e037f082d48d186a24d229c408c9d1b0b4f02aaeaa69011e44cf399795f9c09903ac51486

    • SSDEEP

      6144:f03ZgLpp6TURimpBwXVUTL7E97IkXQxBRUoz0JehYvq:ZEUBwXVwM9vylzdYvq

    Score
    3/10

MITRE ATT&CK Enterprise v15

Tasks

static1

Score
3/10

behavioral1

discovery
Score
7/10

behavioral2

discovery
Score
7/10

behavioral3

discovery
Score
3/10

behavioral4

discovery
Score
3/10

behavioral5

discovery
Score
3/10

behavioral6

discovery
Score
3/10

behavioral7

discovery
Score
3/10

behavioral8

discovery
Score
3/10

behavioral9

discovery
Score
3/10

behavioral10

discovery
Score
3/10

behavioral11

discovery
Score
7/10

behavioral12

discovery
Score
7/10

behavioral13

discovery
Score
3/10

behavioral14

discovery
Score
3/10

behavioral15

discovery
Score
7/10

behavioral16

discovery
Score
7/10

behavioral17

discovery
Score
3/10

behavioral18

discovery
Score
3/10

behavioral19

discovery
Score
7/10

behavioral20

discovery
Score
7/10

behavioral21

discovery
Score
3/10

behavioral22

discovery
Score
3/10

behavioral23

discovery
Score
7/10

behavioral24

discovery
Score
7/10

behavioral25

discovery
Score
3/10

behavioral26

discovery
Score
3/10

behavioral27

discovery
Score
7/10

behavioral28

discovery
Score
7/10

behavioral29

discovery
Score
3/10

behavioral30

discovery
Score
3/10

behavioral31

Score
1/10

behavioral32

discovery
Score
3/10