Overview

overview

7

Static

static

7

fmod.dll

windows7-x64

5

fmod.dll

windows10-2004-x64

5

minimp3.exe

windows7-x64

5

minimp3.exe

windows10-2004-x64

7

minimp3_uc.exe

windows7-x64

5

minimp3_uc.exe

windows10-2004-x64

5

minimp3_uninst.exe

windows7-x64

7

minimp3_uninst.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    37de7a1b708bc4243aba936adbff6991_JaffaCakes118

  • Size

    398KB

  • Sample

    241012-b9dbna1amr

  • MD5

    37de7a1b708bc4243aba936adbff6991

  • SHA1

    d23672da7bbd9ecdc800c40ab554fbfb4491c7bf

  • SHA256

    99adae7c04ef80fe128ae5810fb61acb8930f818f243869290f6c4dfae12557c

  • SHA512

    09e3527af489cda725de97b495ce29788fdc4a29653f2d60319a9b50a00a56ccb02b4f335c62bab2c12f39e02651956ec2ef694d4f806eaa78a462790bb09cc1

  • SSDEEP

    12288:fGY0n6Ammydyc5eCMlkMVaUGF7RUlLYPuSrL8P+hmfE1:fGY06AcdycNMjYnUhquSfZQO

Score
7/10
discoveryupx

Malware Config

Targets

    • Target

      fmod.dll

    • Size

      157KB

    • MD5

      53f2a550bb1b7333f44112ab18482c33

    • SHA1

      cc1330cb0afc9fcf62588b89c66a92803408506e

    • SHA256

      d4b8a9555e5073fb87624b56ca21451047d4763458a328e765fa93d0d80f8aad

    • SHA512

      eaa72d9b78833678f9b9ea2f2e604994711ee5f221817dbfb82d1990bcfc264e9979a0cf499794dcee3e5b2af53f1c7b5bbc61c4b3c29095b9c8d2832bf779c7

    • SSDEEP

      1536:m6gnQQ6WgWV2Mxh4MoU6bId5xlYxUDzQUDMd8ZEVIhiBQe6A0j/MVfEGuZL5yfso:mfQcpYMxGSY3qTZbZeHpE1vVWZbxF1

    Score
    5/10
    discoveryupx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

    • Target

      minimp3.exe

    • Size

      73KB

    • MD5

      ddf627587823da0641beab57057a0112

    • SHA1

      4dae0d343e6f6e394abd485575bfb27fb02b0f91

    • SHA256

      ca7372c3788d512772ff3c8d0e484e32f1742f748d3d6a0ab0bc8e66bc65be99

    • SHA512

      a09c07117316dc6c5cbbf8cabee4c9c9b9aa57b4dd3fccaf84be38709581a94e1c33b0ad5afc0a519c2a331a9f41be577794238ed31cc6a12144bbb3f0a0c9b1

    • SSDEEP

      1536:cMpKl/NNxhN3wTNatIxtIjeY9wRTxno3gY+oZ9eayUDBjWTKTHDc:9MdNJNQgIyCRRo3gHovDyEBjWAw

    Score
    7/10
    discoveryupx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral3behavioral4

    • Target

      minimp3_uc.exe

    • Size

      109KB

    • MD5

      34a7eb67ab657198f107804fda827dc2

    • SHA1

      b4c67bc82a97a0f7f0f30810ee71d3c066a15b00

    • SHA256

      414e4c3e3c978f5831b6d6245d0a9429a06c0a0af0bee2b52f9daa55eb83d3c5

    • SHA512

      9d7210f0e9cd937a596e6a06fb86b40153d7e05aa3cb3a36286fe154e8bda500082dde18c30303ac545e193c22ce8a1b7ace8fb65892f9b0d76bcc9cd6b9b076

    • SSDEEP

      3072:euYgNfH15FgooXUIvV71RWuaVURXQEj3Gf:BN59GU2gu0gLG

    Score
    5/10
    discoveryupx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral5behavioral6

    • Target

      minimp3_uninst.exe

    • Size

      83KB

    • MD5

      8c58f59f3696ceb88a789a345f4df891

    • SHA1

      54d9b462b682c4aa2aa2e7fe19bceb047437bf6d

    • SHA256

      e22ae0fd131a29a575ff5d744a41ffb76ff40bab8de9797cde898ed63df37d70

    • SHA512

      dd21e5a2285477233934bb290152e97d4a9756a06a9608a49f4894214aa857ee4247a47f81404cc69e7326eaa71c4f5205f4f9d444cbc76dbb25bc6bbfb1ae6e

    • SSDEEP

      1536:1JJkbM3ZLEOJYsU8hFuH/QcE4YwXkpu+E88iDZVsa93p1Icr9EU7mnD:1JabM3pEOqs9TQwskpu+HD17TrOU7m

    Score
    7/10
    discoveryupx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral7behavioral8

MITRE ATT&CK Enterprise v15

Tasks