519f11efd61f5fd2058424869f79657c1eea8921042bf3e86977e37fbe28e1bf | Triage

Sharing

Copy URL Twitter E-mail

General

Target

37f18a9f7f67749f5188baced91551ed_JaffaCakes118
Size

110KB
Sample

241012-ck3exsxard
MD5

37f18a9f7f67749f5188baced91551ed
SHA1

ff3e11755b2a055469ecd93a14f3f76db08b9451
SHA256

519f11efd61f5fd2058424869f79657c1eea8921042bf3e86977e37fbe28e1bf
SHA512

e3b0cdbffe1a64a3d7f147a015f7474478ee4b6fd454e17fcb04f2fa84ba8ac91302e590f84f74d7e9c2f90993a569a12b989d9783ae0575c4a784af4e056368
SSDEEP

3072:WNyah0mJ8mUSTxdZbRCLm0riNZ9H8ttu7Tk+c:WwPK7ZdCLJ9ttOYZ

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  37f18a9f7f67749f5188baced91551ed_JaffaCakes118
- Size
  
  110KB
- MD5
  
  37f18a9f7f67749f5188baced91551ed
- SHA1
  
  ff3e11755b2a055469ecd93a14f3f76db08b9451
- SHA256
  
  519f11efd61f5fd2058424869f79657c1eea8921042bf3e86977e37fbe28e1bf
- SHA512
  
  e3b0cdbffe1a64a3d7f147a015f7474478ee4b6fd454e17fcb04f2fa84ba8ac91302e590f84f74d7e9c2f90993a569a12b989d9783ae0575c4a784af4e056368
- SSDEEP
  
  3072:WNyah0mJ8mUSTxdZbRCLm0riNZ9H8ttu7Tk+c:WwPK7ZdCLJ9ttOYZ
Score

7^/10

discovery
- Executes dropped EXE
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/StartMenu.dll
- Size
  
  7KB
- MD5
  
  728d03c6922988977693be59715fd52e
- SHA1
  
  5f06287f574682a844722bcded04d335fb1b9a42
- SHA256
  
  3c28c4e66a5f16e7ae2c57ca9b0c2887730d82472ac1786b641bd7744931f73b
- SHA512
  
  ebad773bb271a7648d011c8d32eea35dbc8a9f1c7c0ecca440e62fd7fb0e24fc2403b548e32f7a92bb1577abb1f25ad0d353a019f253251a56a535264797f119
- SSDEEP
  
  96:Z+PBC0x22epxPEvC4FkWE+in1/FMvsCGRfRFqCB5tzGhEl5VN:Z+pepxPE1r8/FtmCDtag5v
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  $TEMP/matrix32529.exe
- Size
  
  64KB
- MD5
  
  f4bfb157fc6762de4df2f315d63803e3
- SHA1
  
  b47ffa1c18c025635c6e89d3b03cb36ae6c5ae7a
- SHA256
  
  dfa199986f20dd86ef6d477a5321e6fc1c82506c57c8ac4595f86820836bdc69
- SHA512
  
  6ca168b7ebba4f80e71fd87e99b574d57681cc6052ff06b65d5fc8f837227a0e7e2ed9606e8fdff7f0d49d5a1928f02bf06d291f3941607a5624abd7f95ae314
- SSDEEP
  
  768:DieFdCAMggWyzPotGp02UJJzxgLRKJ71RFmAzyA7faivpYnT:DieF0UPpGizJzxgsjFTz9baivpY
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  Uninstall.exe
- Size
  
  52KB
- MD5
  
  1277cd9187492fa9f67fdf9cb51d97b9
- SHA1
  
  8cec47d7f8167f0f4e575c2484e5f4bc2b9f174e
- SHA256
  
  8ae9c2fe64ef2b485e1dc6fab397b54a9c3d024eb2dea3a4cc14cb61cad38f6e
- SHA512
  
  3528ac622542330f5678041bd8d9c60bbfa38a621203997dbb0d289a633f6760ef8d9b2d37ac212bc4e0f1f76300acc3befbf7e34fcb7900a8db0ad5a5b8f44b
- SSDEEP
  
  768:7Sup23EQCjlQRB8/ewZ1iU6nyYFxbssT/F/O71mJ52qjWb1JW4923IEwu+P:Wu4EQalMK/ewGnh0mJ8BJWB3IK+P
Score

7^/10

discovery
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral7 behavioral8

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8