2af4075ac5ac4b21946410dc99f8001a8aa893e77168891b4dc538df02bc661f

Sharing

Copy URL

Twitter E-mail

General

Target

40a33b0318fccc2dd41bd564936ca62a_JaffaCakes118
Size

506KB
Sample

241013-sxsn9ayapp
MD5

40a33b0318fccc2dd41bd564936ca62a
SHA1

50602973f368e161d75adf77b3be7b4ec05b1a16
SHA256

2af4075ac5ac4b21946410dc99f8001a8aa893e77168891b4dc538df02bc661f
SHA512

25bcbb40c20f70069d2bcef312a688bde58f05c19568a0ffc6cb9db9bdf98d692bebc7fca04b4ae0e52fbee67beafa5e873ed92724cc82c5cc7b34ee88eee84d
SSDEEP

12288:cWWDdEmMvueuITy4AcwSc/ZtHStsFUsir//rmbdx/xm7c:cNEmGaxHZtyt4QLiZ3

Score

7^/10

Malware Config

Targets

- Target
  
  40a33b0318fccc2dd41bd564936ca62a_JaffaCakes118
- Size
  
  506KB
- MD5
  
  40a33b0318fccc2dd41bd564936ca62a
- SHA1
  
  50602973f368e161d75adf77b3be7b4ec05b1a16
- SHA256
  
  2af4075ac5ac4b21946410dc99f8001a8aa893e77168891b4dc538df02bc661f
- SHA512
  
  25bcbb40c20f70069d2bcef312a688bde58f05c19568a0ffc6cb9db9bdf98d692bebc7fca04b4ae0e52fbee67beafa5e873ed92724cc82c5cc7b34ee88eee84d
- SSDEEP
  
  12288:cWWDdEmMvueuITy4AcwSc/ZtHStsFUsir//rmbdx/xm7c:cNEmGaxHZtyt4QLiZ3
Score

7^/10

discovery
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/Dialer.dll
- Size
  
  3KB
- MD5
  
  8286932178460462a328d2bae8c7b0a5
- SHA1
  
  8441135f3d92f48e41f359c8c249bc8129a1e79e
- SHA256
  
  05dd0895a332e490e697cdd0830b227836e852a83201fe893f3929271b63dd6c
- SHA512
  
  1b39d51250316b5ec11d05312fd47a2ff87e93562032cc249f9a69563741f6bd32ca995bf9da310380ee6a854a41a121e5122c4a3e9c36fac3b0ecb8d1cc4174
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/FindProcDLL.dll
- Size
  
  3KB
- MD5
  
  8614c450637267afacad1645e23ba24a
- SHA1
  
  e7b7b09b5bbc13e910aa36316d9cc5fc5d4dcdc2
- SHA256
  
  0fa04f06a6de18d316832086891e9c23ae606d7784d5d5676385839b21ca2758
- SHA512
  
  af46cd679097584ff9a1d894a729b6397f4b3af17dff3e6f07bef257bc7e48ffa341d82daf298616cd5df1450fc5ab7435cacb70f27302b6db193f01a9f8391b
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  14KB
- MD5
  
  ca6a20e4e35d2abbc99de1c383356029
- SHA1
  
  48858707a4e2fe69688c77dbbf834c2a5d5c363a
- SHA256
  
  a6e32c90fb047e860cbe44355b573923d5950ddcf76ba7eedaf69f41d0dc3e21
- SHA512
  
  feb46e5d859b4e6c47209f7b184aebb08248ddd4ed26b2501e380238e90dec2ce3a285261256eb21db97585510c969fc261d3c9a1952153f5cdd572db38088c4
- SSDEEP
  
  192:/MBzn2/g5R+tQgBqUFGfNUsewLvZ3yi9uD4spERceMSFCnfnLgWhPKSsDEWF:/MBz24+gUUfJLrZ3y0y4sccuFCfLLR
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  11KB
- MD5
  
  a78507ea1078cadaa8b2ec1a2e1d874f
- SHA1
  
  77fe20488444ebbaafc5b2c0743251a94edc3b8e
- SHA256
  
  93d1e681daebfd24ff9fab3952e8ae94eddbdfb3650937988c1fd8085991610e
- SHA512
  
  0399452c7305f23576d4175ec198ad8da8a530215e9304632b20bcb41a38fa0ba2c1c0b0b734b9f887851c92c7f2cf4cdfad403ace84e63318c0694402e1f270
- SSDEEP
  
  192:8trS5c+oKreH53n2fUC1lfeTf9OJCzD4/IVqh88GrgU6H:/jrd09O3/IcG8U6H
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  $PLUGINSDIR/inetc.dll
- Size
  
  20KB
- MD5
  
  e541458cfe66ef95ffbea40eaaa07289
- SHA1
  
  caec1233f841ee72004231a3027b13cdeb13274c
- SHA256
  
  3bce87b66d9272c82421920c34b0216e12c57a437d1955c36f23c74c1a01d420
- SHA512
  
  0bf6313e4cb7bbdcfba828fb791540b630adc58c43aa4b5ba77790367d0f34f76077cd84cc62e2a2c98c788a88547f32a11e549873d172c5aa2753124847cd0c
- SSDEEP
  
  384:b1JO6XgZkjxm+NpXaWgzxUX//EUhU7ya4LQ0Ac9khYLMkIX0+GBty3Sm0:b+6Xgsm+NpKWgzxUXnEUhUua4Li70
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  $PLUGINSDIR/nsDialogs.dll
- Size
  
  9KB
- MD5
  
  e301e0184786c5c75b4b34e4d04608eb
- SHA1
  
  02382247eeec365f3b47518efe0a8f3a896f28a3
- SHA256
  
  02869a0f0b3826af1c859e57541b38869c506fbbf15cc5ca28edbe18776aa3b5
- SHA512
  
  3dc744d2f92dc6fb13f9f431a51fdad39bbcf863f273d5f203c729111c120586e96ea0e79f5c5fe821d3f67ea34f4ab6abe88cdde84e9e09da92d1e7a109d982
- SSDEEP
  
  192:c7ABMfTa1iCY1SO8K4i7U3M08/8Z+Qt+5GQcm5XPe/t:c7uyTa1iCYLT7WS8nm9P5X21
Score

3^/10

discovery
behavioral13 behavioral14
- Target
  
  $PLUGINSDIR/nsExec.dll
- Size
  
  6KB
- MD5
  
  d212f35e09d323d31b3e53c99e34855f
- SHA1
  
  af0769bd28110da9108dae89c271e3df86ee8629
- SHA256
  
  33e1b7930aa19878b1dd0184a5184a8f3f9043ed827aba3e54e34cd5888dfbd5
- SHA512
  
  684a3c70c87e3145a9ce10c585baaa681d5f3967056caf0f8d4ef2450791330637410b4d6ea6d2b9e576f5c28c8571c573900d0595d20658760f5155ee89e134
- SSDEEP
  
  96:psFzDFbUDemIOelnzrHAjK3Rk61K1heTkUVtM1Sl1WVvVLm:psaDemIPzb0gqZheThqw1WVvVL
Score

3^/10

discovery
behavioral15 behavioral16
- Target
  
  $PLUGINSDIR/w7tbp.dll
- Size
  
  2KB
- MD5
  
  9a3031cc4cef0dba236a28eecdf0afb5
- SHA1
  
  708a76aa56f77f1b0ebc62b023163c2e0426f3ac
- SHA256
  
  53bb519e3293164947ac7cbd7e612f637d77a7b863e3534ba1a7e39b350d3c00
- SHA512
  
  8fddde526e7d10d77e247ea80b273beae9dde1d4112806f1f5c3e6a409247d54d8a4445ab5bdd77025a434c3d1dcfdf480dac21abbdb13a308d5eb74517fab53
Score

3^/10

discovery
behavioral17 behavioral18
- Target
  
  $TEMP/VirtualBoxPortableTemp/7za.exe
- Size
  
  574KB
- MD5
  
  42badc1d2f03a8b1e4875740d3d49336
- SHA1
  
  cee178da1fb05f99af7a3547093122893bd1eb46
- SHA256
  
  c136b1467d669a725478a6110ebaaab3cb88a3d389dfa688e06173c066b76fcf
- SHA512
  
  6bc519a7368ee6bd8c8f69f2d634dd18799b4ca31fbc284d2580ba625f3a88b6a52d2bc17bea0e75e63ca11c10356c47ee00c2c500294abcb5141424fc5dc71c
- SSDEEP
  
  12288:myyKdVnyNhXCV4EkP7AIfzNXZ0b5NrnkcAqIV0A1caRI:mKvyNhXCV4E8BXAfrnkcAqU0A
Score

3^/10

discovery
behavioral19 behavioral20
- Target
  
  $TEMP/VirtualBoxPortableTemp/Test.msi
- Size
  
  32KB
- MD5
  
  8f847011d0eb0ab210d72f8df444a510
- SHA1
  
  99c753b1d04e459d03c655c093e363aebb3557f7
- SHA256
  
  3f352c15b6251f87e70dfdfe96ee729f5eb08f712451384ab9ef312fb25ffa53
- SHA512
  
  98a534b2bc711eaa2491d8d6950359f5ed4a731b733d884745901e4c665fabe3b7d7b4c8fd82d2692bcd1ee0f6d296af46e2f14a9fd9db4e44b121be5bad3ec4
- SSDEEP
  
  384:z2CMqS6GmOYSvEM5IC0IXey3M5IC0ioXhhU:Ve5oMmCTeWMmC
Score

6^/10

persistence privilege_escalation
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral21 behavioral22
- Target
  
  VirtualBoxPortable.exe
- Size
  
  109KB
- MD5
  
  338e285b58c35ec242b89b837407ff77
- SHA1
  
  9ac416b575edfc0396e8322b739534b1856d0019
- SHA256
  
  154eb4a2a453337fd81fdfb626c093929d498d56c25ee041cdaa8b5f2d3f8dea
- SHA512
  
  2ef41e897452c0a03ee350bd123f8a68f4071f316a3aa4fcf5ac118efa0a223d94c35cd38ffce386549366f46c13fea49c1d84de851a97c3c0d120c5c21381fb
- SSDEEP
  
  3072:AQIURTXJeOWDxfEjBCpR+RaFrPHibxajiiiGzSRE2:AsoOWDdEYX+4FribKiGzSRE2
Score

7^/10

discovery
- Loads dropped DLL
behavioral23 behavioral24
- Target
  
  $PLUGINSDIR/FindProcDLL.dll
- Size
  
  3KB
- MD5
  
  8614c450637267afacad1645e23ba24a
- SHA1
  
  e7b7b09b5bbc13e910aa36316d9cc5fc5d4dcdc2
- SHA256
  
  0fa04f06a6de18d316832086891e9c23ae606d7784d5d5676385839b21ca2758
- SHA512
  
  af46cd679097584ff9a1d894a729b6397f4b3af17dff3e6f07bef257bc7e48ffa341d82daf298616cd5df1450fc5ab7435cacb70f27302b6db193f01a9f8391b
Score

3^/10

discovery
behavioral25 behavioral26
- Target
  
  $PLUGINSDIR/Registry.dll
- Size
  
  16KB
- MD5
  
  24a7a119e289f1b5b69f3d6cf258db7c
- SHA1
  
  fec84298f9819adf155fcf4e9e57dd402636c177
- SHA256
  
  ae53f8e00574a87dd243fdf344141417cfe2af318c6c5e363a030d727a6c75d1
- SHA512
  
  fdbbedcc877bf020a5965f6ba8586ade48cfbe03ac0af8190a8acf077fb294ffd6b5a7ae49870bff8cacd9e33d591be63b5b3d5c2e432c640212bdcd0c602861
- SSDEEP
  
  384:Bl1fUuJHxreh2OatbswPCr64oLchV0oLQYYfVB:BlBzHxrehKbswK2TchDLQZfVB
Score

3^/10

discovery
behavioral27 behavioral28
- Target
  
  $PLUGINSDIR/SimpleSC.dll
- Size
  
  61KB
- MD5
  
  859a019ff8cd23433bb0f6147773680c
- SHA1
  
  81cf2c41259ff5abc898ee31c3d67d6c0d26d506
- SHA256
  
  eab581d0ba757ff654dacd3349593ebd5aab632f46167ede10111c4ad50156e8
- SHA512
  
  50aa51d6f9827575cfd004e33ba4f4d17f2b24956bbdb861948419e80be4db20cda6beb6f43d3921cf9e512a61662290e037ebcdc275da7319fbc53907007ff1
- SSDEEP
  
  1536:E/qXv1si+Xsp9MNfPTM+hcQOz18rW5R8c4fx+tnA:rv1EXZBP7T3rW5R87x+tn
Score

3^/10

discovery
behavioral29 behavioral30
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  11KB
- MD5
  
  c17103ae9072a06da581dec998343fc1
- SHA1
  
  b72148c6bdfaada8b8c3f950e610ee7cf1da1f8d
- SHA256
  
  dc58d8ad81cacb0c1ed72e33bff8f23ea40b5252b5bb55d393a0903e6819ae2f
- SHA512
  
  d32a71aaef18e993f28096d536e41c4d016850721b31171513ce28bbd805a54fd290b7c3e9d935f72e676a1acfb4f0dcc89d95040a0dd29f2b6975855c18986f
- SSDEEP
  
  192:7DKnJZCv6VmbJQC+tFiUdK7ckD4gRXKQx+LQ2CSF:7ViJrtFRdbmXK8+PCw
Score

3^/10

discovery
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

T1546

Installer Packages

T1546.016

Privilege Escalation

Event Triggered Execution

T1546

Installer Packages

T1546.016

Defense Evasion

System Binary Proxy Execution

T1218

Msiexec

T1218.007

Credential Access

Discovery

Peripheral Device Discovery

T1120

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Loads dropped DLL

Enumerates connected drives

Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32