7a8d168bb1256401fdac6fa662956a1e7c01e2f399bba8b193081e588869af9c | Triage

Sharing

General

Target

3d0047fff2f917e95a568f57a323aaa8_JaffaCakes118
Size

629KB
Sample

241013-bkgb1swaqk
MD5

3d0047fff2f917e95a568f57a323aaa8
SHA1

277f974f11474f90aef0b443c4fdb892932f30a8
SHA256

7a8d168bb1256401fdac6fa662956a1e7c01e2f399bba8b193081e588869af9c
SHA512

62054913fa92529c66a90f2bbccc44214d9812da05ba531a6ecdfea739ed724b500ddadbae04433f785571eb9adf2a478c8acf1a5c1518025ef0976368db438a
SSDEEP

12288:uoEH4yZgUGuHIn0YPq0WvSTWs8wt5ETXlFo0/JgBlMDZWseMaF8ZRC:uo04yZg4ILq0v8wt5ETVq0/+M89MDZ4

Score

7^/10

discovery evasion trojan upx

Malware Config

Targets

- Target
  
  3d0047fff2f917e95a568f57a323aaa8_JaffaCakes118
- Size
  
  629KB
- MD5
  
  3d0047fff2f917e95a568f57a323aaa8
- SHA1
  
  277f974f11474f90aef0b443c4fdb892932f30a8
- SHA256
  
  7a8d168bb1256401fdac6fa662956a1e7c01e2f399bba8b193081e588869af9c
- SHA512
  
  62054913fa92529c66a90f2bbccc44214d9812da05ba531a6ecdfea739ed724b500ddadbae04433f785571eb9adf2a478c8acf1a5c1518025ef0976368db438a
- SSDEEP
  
  12288:uoEH4yZgUGuHIn0YPq0WvSTWs8wt5ETXlFo0/JgBlMDZWseMaF8ZRC:uo04yZg4ILq0v8wt5ETVq0/+M89MDZ4
Score

7^/10

discovery
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  14KB
- MD5
  
  0dc0cc7a6d9db685bf05a7e5f3ea4781
- SHA1
  
  5d8b6268eeec9d8d904bc9d988a4b588b392213f
- SHA256
  
  8e287326f1cdd5ef2dcd7a72537c68cbe4299ceb1f820707c5820f3aa6d8206c
- SHA512
  
  814dd17ebb434f4a3356f716c783ab7f569f9ee34ce5274fa50392526925f044798f8006198ac7afe3d1c2ca83a2ca8c472ca53fec5f12bbfbbe0707abacd6b0
- SSDEEP
  
  192:n6d+dHXLHQOPiY53uiUdigyU+WsPdc/A1A+2jPK72dwF7dBEnbok:n6UdHXcIiY535zBt2jP+BEnbo
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/ShellLink.dll
- Size
  
  4KB
- MD5
  
  073d44e11a4bcff06e72e1ebfe5605f7
- SHA1
  
  5f4e85ab7a1a636d95b50479a10bcb5583af93f3
- SHA256
  
  b96b39cb4ad98f4820b6fd17b67e43d8d0f4b2667d50caa46eff44af245d75bb
- SHA512
  
  e9f99b96334764ae47aa026f7f24cfb736859a9131bd1c5ec7e070e830b651787f49910911f82e4ade0dc62fea0ad54ba210b07e44830eb2be6abb710a418a98
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  11KB
- MD5
  
  00a0194c20ee912257df53bfe258ee4a
- SHA1
  
  d7b4e319bc5119024690dc8230b9cc919b1b86b2
- SHA256
  
  dc4da2ccadb11099076926b02764b2b44ad8f97cd32337421a4cc21a3f5448f3
- SHA512
  
  3b38a2c17996c3b77ebf7b858a6c37415615e756792132878d8eddbd13cb06710b7da0e8b58104768f8e475fc93e8b44b3b1ab6f70ddf52edee111aaf5ef5667
- SSDEEP
  
  192:7DKnJZCv6VmbJQC+tFiUdK7ckD4gRXKQx+LQ2CSF:7ViJrtFRdbmXK8+PCw
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/locate.dll
- Size
  
  15KB
- MD5
  
  3ed8f71cc67857223cad786e0c7c578e
- SHA1
  
  a4864b53ac8c0d0eaffc516f891644c935de942a
- SHA256
  
  58200fbce500184e73d8cf63bc689c157763b8a63e3d1cd62165e334e8d1596d
- SHA512
  
  7424517d42dea7a3121cc9c52d490d6d1c27df59e1e1d926cf97d3543908de78c1e384061ba76b3520cd5a7eecef83f3629b565add617193d09db09a5f882430
- SSDEEP
  
  384:e3vRxT1E9qSqCDwNnN3NLNmwJOXZRPX2qkf:e/Rx2D4N95RIXZprk
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  $PLUGINSDIR/nsRandom.dll
- Size
  
  21KB
- MD5
  
  ab467b8dfaa660a0f0e5b26e28af5735
- SHA1
  
  596abd2c31eaff3479edf2069db1c155b59ce74d
- SHA256
  
  db267d9920395b4badc48de04df99dfd21d579480d103cae0f48e6578197ff73
- SHA512
  
  7d002dc203997b8a4d8ec20c92cd82848e29d746414f4a61265c76d4afb12c05bce826fc63f4d2bd3d527f38506c391855767d864c37584df11b5db9ca008301
- SSDEEP
  
  384:LCHDPMs4GdtyO5roguusMxUXiO3wOw95euooP2UgKbd9BvNtf:LCHD6Gh87MKXil/5r2U3z
Score

5^/10

discovery upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral11 behavioral12
- Target
  
  $PLUGINSDIR/rfshdktp.dll
- Size
  
  2KB
- MD5
  
  9410591a148871a6d0629cf25b94526f
- SHA1
  
  be1e8b0fe8327f185136a0d2460a68f720484535
- SHA256
  
  acc76e81f71e7f2ba58c36d678bc9ae4705e0187a3cdfa6d0025190467d9c0c7
- SHA512
  
  465d3e418e769b907262e07cbca3d2c5132bf328431d456be09c059821be20a6d30106562d7ef0bfa93ca219b2abe57ee891d937419fc4b8840987b184b45df0
Score

3^/10

discovery
behavioral13 behavioral14
- Target
  
  ޸IE ɱ.url
- Size
  
  1KB
- MD5
  
  1a4696b09948361a7034e850ba299856
- SHA1
  
  d8187c923c73d272c8cb5a8b69caaf397431a2cc
- SHA256
  
  05448df298916bba4eccde34838bf782631178295b93a15fdf67cf224525465a
- SHA512
  
  57ca75d5cc22212316811a2951acfed3f80593a54db9d96ed2b2e33446569bafd174ed5e929717eae8698e0364192a0a95e8bb712b7f10290bec22f34848cdd1
Score

1^/10
behavioral15 behavioral16
- Target
  
  ֮.exe
- Size
  
  1.1MB
- MD5
  
  331810e9f6de0679e9cd337aa026aab4
- SHA1
  
  88cbc6a80afcfdd2d5506d8f73ca889a669c5eed
- SHA256
  
  7c06daa6628997c39580b86e9601ee35c7e688efe0079d11517310f6433911cf
- SHA512
  
  5c82f7a497519d8a466d898701c210c27908d12ec9ff0dae56e121b574551648fcbb30d2af0c8e2bdb9b3fc1f86801bdea0fe23858b721a61905eeabcb59e55d
- SSDEEP
  
  24576:oWTeo4A7fKVV/NeK2TYIT4/oFaASoA6Vfnw:dTeq7SH/yTYIT4QIoA6Vfnw
Score

6^/10

discovery evasion trojan
- Checks whether UAC is enabled
  evasion trojan
behavioral17 behavioral18

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

discoveryevasiontrojan

behavioral18

discoveryevasiontrojan