42ac1985a6247ad89e3cd5164f62a0e74bca4be5e74ee4403c8e4702632b3f4f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2f25c4b41285bc96f983e61a4df60c63_JaffaCakes118
Size

2.3MB
Sample

241009-l2s29a1hpc
MD5

2f25c4b41285bc96f983e61a4df60c63
SHA1

46605b1da86e13f6b1418f15bd5a00ede5ae0637
SHA256

42ac1985a6247ad89e3cd5164f62a0e74bca4be5e74ee4403c8e4702632b3f4f
SHA512

2d1f76e0ca471f2d0df52c27ebae419e264843a36816b6771fe7e3ceb7cbb1be4d892ebf03eb03e26320bcea7f363af72a61a57e0d8a82a9fc7515d86d9807f8
SSDEEP

49152:kAccKDgX5lTXX7PFIhlHULMIxMXHm0GFoJnlrR0t6O9Ip:tp5N7PmIx+hRR00H

Score

7^/10

discovery upx

Malware Config

Targets

- Target
  
  2f25c4b41285bc96f983e61a4df60c63_JaffaCakes118
- Size
  
  2.3MB
- MD5
  
  2f25c4b41285bc96f983e61a4df60c63
- SHA1
  
  46605b1da86e13f6b1418f15bd5a00ede5ae0637
- SHA256
  
  42ac1985a6247ad89e3cd5164f62a0e74bca4be5e74ee4403c8e4702632b3f4f
- SHA512
  
  2d1f76e0ca471f2d0df52c27ebae419e264843a36816b6771fe7e3ceb7cbb1be4d892ebf03eb03e26320bcea7f363af72a61a57e0d8a82a9fc7515d86d9807f8
- SSDEEP
  
  49152:kAccKDgX5lTXX7PFIhlHULMIxMXHm0GFoJnlrR0t6O9Ip:tp5N7PmIx+hRR00H
Score

7^/10

discovery upx
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/CryptBinaries4.dll
- Size
  
  23KB
- MD5
  
  cc33034cde279e6dde91f637f01f549f
- SHA1
  
  0628772fc6a8d1653fe18aa81bb8c58498a3815e
- SHA256
  
  c58e430dd83b740a9df678365d96d77be6d9aaf438814b70142300cadf4ce3e6
- SHA512
  
  6e68b2280587c714bc1ae16f1267093f7accd55872eae68a0fca2759ab60522e517db82cfb55191a001d47131c1b1fb4ccc1cb33d5375bfc794fe3e145d0fb0a
- SSDEEP
  
  384:0C4qoa3WiphDgROnbbiVDDMnnS8Vz/mYJo2qgsuRd23GnR7NystQX0CmiVcKO:0wnG25Rd22nR7NyGQpmiiK
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/lzma.exe
- Size
  
  71KB
- MD5
  
  71dc11c495355f883498ff5e8702bb3d
- SHA1
  
  9685190619088991a89ab6b96f8595453bb7f795
- SHA256
  
  f16b39ef342323d997b2cc9b649a94b6ebd12954671f357d1ed690bd7eb5ba7f
- SHA512
  
  3551706f1faf912944a0412c72f31510ea58fe5a60449141f7945d80f9b1f3018eced1ef82033405943c78d707a77ced0045c9217f5737ae1dfd5c1e239665ea
- SSDEEP
  
  1536:L4iIoFd/iQuGIpJrnuRctWN5UbhYLEnCwaXEY1:L4iICd/iHVrnuGtmUBgXE0
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/nsExec.dll
- Size
  
  6KB
- MD5
  
  acc2b699edfea5bf5aae45aba3a41e96
- SHA1
  
  d2accf4d494e43ceb2cff69abe4dd17147d29cc2
- SHA256
  
  168a974eaa3f588d759db3f47c1a9fdc3494ba1fa1a73a84e5e3b2a4d58abd7e
- SHA512
  
  e29ea10ada98c71a18273b04f44f385b120d4e8473e441ce5748cfa44a23648814f2656f429b85440157988c88de776c6ac008dc38bf09cbb746c230a46c69fe
- SSDEEP
  
  96:M7GUb+YNfwgcr8zyKwZ5S4JxN8BS0ef9/3VI9d0qqyVgNk32E:eKgfwgcr8zylsB49Ud0qJVgNX
Score

3^/10

discovery
behavioral7 behavioral8

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8