6c45a081ad22ba31f1cd239ed96d6f71c3b9ed1d524cb40511c9a8dbcd068b92 | Triage

Sharing

General

Target

2ac402b04c6497b1cdcb5636625e3ad7_JaffaCakes118
Size

2.3MB
Sample

241009-e1rpgawekr
MD5

2ac402b04c6497b1cdcb5636625e3ad7
SHA1

f4ba1e10e4422c59bc4f49cb1d365c1efd632584
SHA256

6c45a081ad22ba31f1cd239ed96d6f71c3b9ed1d524cb40511c9a8dbcd068b92
SHA512

8ce589bd9d346d3344fd29f00548bf0f6c03b4855d878b8dff73d7c6416b04052053851dacb15b0c6fbd941214b90733da9d376708c67899d387399008442334
SSDEEP

49152:kAccKDgX5lTXX7PFIhlHULMIxMXHm0GFoJnlrR0t6O9Ip:tp5N7PmIx+hRR00H

Score

7^/10

discovery upx

Malware Config

Targets

- Target
  
  2ac402b04c6497b1cdcb5636625e3ad7_JaffaCakes118
- Size
  
  2.3MB
- MD5
  
  2ac402b04c6497b1cdcb5636625e3ad7
- SHA1
  
  f4ba1e10e4422c59bc4f49cb1d365c1efd632584
- SHA256
  
  6c45a081ad22ba31f1cd239ed96d6f71c3b9ed1d524cb40511c9a8dbcd068b92
- SHA512
  
  8ce589bd9d346d3344fd29f00548bf0f6c03b4855d878b8dff73d7c6416b04052053851dacb15b0c6fbd941214b90733da9d376708c67899d387399008442334
- SSDEEP
  
  49152:kAccKDgX5lTXX7PFIhlHULMIxMXHm0GFoJnlrR0t6O9Ip:tp5N7PmIx+hRR00H
Score

7^/10

discovery upx
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/CryptBinaries4.dll
- Size
  
  23KB
- MD5
  
  cc33034cde279e6dde91f637f01f549f
- SHA1
  
  0628772fc6a8d1653fe18aa81bb8c58498a3815e
- SHA256
  
  c58e430dd83b740a9df678365d96d77be6d9aaf438814b70142300cadf4ce3e6
- SHA512
  
  6e68b2280587c714bc1ae16f1267093f7accd55872eae68a0fca2759ab60522e517db82cfb55191a001d47131c1b1fb4ccc1cb33d5375bfc794fe3e145d0fb0a
- SSDEEP
  
  384:0C4qoa3WiphDgROnbbiVDDMnnS8Vz/mYJo2qgsuRd23GnR7NystQX0CmiVcKO:0wnG25Rd22nR7NyGQpmiiK
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/lzma.exe
- Size
  
  71KB
- MD5
  
  71dc11c495355f883498ff5e8702bb3d
- SHA1
  
  9685190619088991a89ab6b96f8595453bb7f795
- SHA256
  
  f16b39ef342323d997b2cc9b649a94b6ebd12954671f357d1ed690bd7eb5ba7f
- SHA512
  
  3551706f1faf912944a0412c72f31510ea58fe5a60449141f7945d80f9b1f3018eced1ef82033405943c78d707a77ced0045c9217f5737ae1dfd5c1e239665ea
- SSDEEP
  
  1536:L4iIoFd/iQuGIpJrnuRctWN5UbhYLEnCwaXEY1:L4iICd/iHVrnuGtmUBgXE0
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/nsExec.dll
- Size
  
  6KB
- MD5
  
  acc2b699edfea5bf5aae45aba3a41e96
- SHA1
  
  d2accf4d494e43ceb2cff69abe4dd17147d29cc2
- SHA256
  
  168a974eaa3f588d759db3f47c1a9fdc3494ba1fa1a73a84e5e3b2a4d58abd7e
- SHA512
  
  e29ea10ada98c71a18273b04f44f385b120d4e8473e441ce5748cfa44a23648814f2656f429b85440157988c88de776c6ac008dc38bf09cbb746c230a46c69fe
- SSDEEP
  
  96:M7GUb+YNfwgcr8zyKwZ5S4JxN8BS0ef9/3VI9d0qqyVgNk32E:eKgfwgcr8zylsB49Ud0qJVgNX
Score

3^/10

discovery
behavioral7 behavioral8

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8