General

  • Target

    41ccb88b7ae2f8949a3ac9468d856991_JaffaCakes118

  • Size

    7.6MB

  • Sample

    241013-yqj2esvhrh

  • MD5

    41ccb88b7ae2f8949a3ac9468d856991

  • SHA1

    2ea6029a432658e805b89871e21f0a4b3849a25f

  • SHA256

    16e5c5d4271c78542e244da68903c3f6f88903130f8828cb53b7700310fd24b0

  • SHA512

    e0f58d673afdfde2c8c4b792669701cf5bf4a849deab9b6881fcb6b5a3fb5bcd3f2d02d4a732dd16d0ba3ee420db2622eaed4525b7bf6b36b7013cb433e16a08

  • SSDEEP

    196608:wj1DQDPxrj6k4AWLvaYRzaldEG1QlCHuwCOetbOj:yKDPxrj6cYSgzCdEKuCHhCOehE

Score
7/10

Malware Config

Targets

    • Target

      PSeMu3_Setup.exe

    • Size

      7.8MB

    • MD5

      093f121bc18675daa271f1e523423dfe

    • SHA1

      f0689527f1c50518508e1867f2f6c54f24b486a5

    • SHA256

      1031d051994a8ea3629cb0056039cb54fc25ff56b9cef59c441f92f8bb7c37ea

    • SHA512

      08d9c489a51746abe988988b14ca07768930981b056e19b44fbea25b017ce4e638dfd5e297dcc98635af0863e8df1ddb2829f224e65933b4eeb89f8c2b449da5

    • SSDEEP

      196608:wMx1dCpfJPUYQaWL8m3V8TkI3xXs2iTc73tadqEURuzoLmI2kg0xVH:wAGpfI38ml8ocX04zt/EyMoL52kg0h

    Score
    7/10
    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Target

      $PLUGINSDIR/Banner.dll

    • Size

      4KB

    • MD5

      0116a50101c4107a138a588d1e46fca5

    • SHA1

      b781dce23e828cf2b97306661c7dad250a6aaf77

    • SHA256

      ab80cf45070d936f0745f5e39b22e6e07ba90aa179b5ec4469ef6e2cb1b9ef6b

    • SHA512

      55de6aeaad05b01a25828553d3ea9f1b32a8b0c35c42dc6106bed244320e3421ec6a6f5359b15f9d18dd1e9692ca5572b2736d9d48cceb07b9443601d00a5988

    Score
    3/10
    • Target

      $PLUGINSDIR/Math.dll

    • Size

      66KB

    • MD5

      b140459077c7c39be4bef249c2f84535

    • SHA1

      c56498241c2ddafb01961596da16d08d1b11cd35

    • SHA256

      0598f7d83db44929b7170c1285457b52b4281185f63ced102e709bf065f10d67

    • SHA512

      fbcb19a951d96a216d73b6b3e005338bbb6e11332c6cc8c3f179ccd420b4db0e5682dc4245bd120dcb67bc70960eab368e74c68c7c165a485a12a7d0d8a00328

    • SSDEEP

      1536:0P43WZ4Ql60gam+2MwRmPeqFVHbQH0ZZ1Iet:0wU609VMH0T/t

    Score
    3/10
    • Target

      $PLUGINSDIR/System.dll

    • Size

      11KB

    • MD5

      c17103ae9072a06da581dec998343fc1

    • SHA1

      b72148c6bdfaada8b8c3f950e610ee7cf1da1f8d

    • SHA256

      dc58d8ad81cacb0c1ed72e33bff8f23ea40b5252b5bb55d393a0903e6819ae2f

    • SHA512

      d32a71aaef18e993f28096d536e41c4d016850721b31171513ce28bbd805a54fd290b7c3e9d935f72e676a1acfb4f0dcc89d95040a0dd29f2b6975855c18986f

    • SSDEEP

      192:7DKnJZCv6VmbJQC+tFiUdK7ckD4gRXKQx+LQ2CSF:7ViJrtFRdbmXK8+PCw

    Score
    3/10
    • Target

      $PLUGINSDIR/inetc.dll

    • Size

      20KB

    • MD5

      e541458cfe66ef95ffbea40eaaa07289

    • SHA1

      caec1233f841ee72004231a3027b13cdeb13274c

    • SHA256

      3bce87b66d9272c82421920c34b0216e12c57a437d1955c36f23c74c1a01d420

    • SHA512

      0bf6313e4cb7bbdcfba828fb791540b630adc58c43aa4b5ba77790367d0f34f76077cd84cc62e2a2c98c788a88547f32a11e549873d172c5aa2753124847cd0c

    • SSDEEP

      384:b1JO6XgZkjxm+NpXaWgzxUX//EUhU7ya4LQ0Ac9khYLMkIX0+GBty3Sm0:b+6Xgsm+NpKWgzxUXnEUhUua4Li70

    Score
    3/10
    • Target

      $PLUGINSDIR/md5dll.dll

    • Size

      6KB

    • MD5

      0745ff646f5af1f1cdd784c06f40fce9

    • SHA1

      bf7eba06020d7154ce4e35f696bec6e6c966287f

    • SHA256

      fbed2f1160469f42ce97c33ad558201b2b43e3020257f9b2259e3ce295317a70

    • SHA512

      8d31627c719e788b5d0f5f34d4cb175989eaa35aa3335c98f2ba7902c8ae01b23de3ccb9c6eb95945f0b08ef74d456f9f22ca7539df303e1df3f6a7e67b358da

    • SSDEEP

      96:GL2PcvGn5olZMTZxEp8agTsflVwn4GogZcko5N1ub:U2Pxn5UZMTZipyaw4ZkKP2

    Score
    7/10
    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Target

      $PLUGINSDIR/nsDialogs.dll

    • Size

      9KB

    • MD5

      c10e04dd4ad4277d5adc951bb331c777

    • SHA1

      b1e30808198a3ae6d6d1cca62df8893dc2a7ad43

    • SHA256

      e31ad6c6e82e603378cb6b80e67d0e0dcd9cf384e1199ac5a65cb4935680021a

    • SHA512

      853a5564bf751d40484ea482444c6958457cb4a17fb973cf870f03f201b8b2643be41bccde00f6b2026dc0c3d113e6481b0dc4c7b0f3ae7966d38c92c6b5862e

    • SSDEEP

      96:hBABCcnl5TKhkfLxSslykcxM2DjDf3GE+Xv8Xav+Yx4VndY7ndS27gA:h6n+0SAfRE+/8ZYxMdqn420

    Score
    3/10
    • Target

      $PLUGINSDIR/xml.dll

    • Size

      118KB

    • MD5

      42df1fbaa87567adf2b4050805a1a545

    • SHA1

      b892a6efbb39b7144248e0c0d79e53da474a9373

    • SHA256

      e900fcb9d598643eb0ee3e4005da925e73e70dbaa010edc4473e99ea0638b845

    • SHA512

      4537d408e2f54d07b018907c787da6c7340f909a1789416de33d090055eda8918f338d8571bc3b438dd89e5e03e0ded70c86702666f12adb98523a91cbb1de1d

    • SSDEEP

      1536:U2A8OSGjylgkara+70LICin9zgtg2LxowhtJu6MqSNicNEtIfF42q2KC:OzjLkarn7O+n9z2L6whFtGF42bK

    Score
    3/10
    • Target

      $TEMP/dotNetFx40_Client_setup.exe

    • Size

      867KB

    • MD5

      61446fdd76788229d3ebaeabe84df38c

    • SHA1

      e15ad80fc74277ef2048312e9a71af56b2eba622

    • SHA256

      6ac187b96ce2c03640cfff2431a36f705c785a42aba6dd2566f1117652f067cb

    • SHA512

      2c781ff3eedb81dd9b670d0b50032f3a498d581734f97a3c928d0919ed8aaa12327ce87a8e16f7e11aad1740a4912109ea4e7b6e9bb39d57a72e165cf561b716

    • SSDEEP

      24576:atW4x8xgmUdUcyezFSjahBaNOMGC3UgJuTYdIMlM9QVmcIOLfEdjJYV:B4x8x1UGexmbcMGC3U3MlLVmczEdjJY

    Score
    7/10
    • Executes dropped EXE

    • Loads dropped DLL

    • Target

      MSCOMCTL.OCX

    • Size

      1.0MB

    • MD5

      ecc7d7f0d3446de36045d1d9e964fafe

    • SHA1

      da6b0ec081d628c33b150327f3bd16d3b7fa4729

    • SHA256

      bc58d624ceea02ab086f1cce809c992bf5a7105e88931853317a2f5aa5afd6e4

    • SHA512

      443de697be9886cd97235e6468f3a7f6bf11612711e54dba31431b0d9418672e1434e839ed50cacf28107f692f0c9d9d2f57d90e3a843d81015d459c180db632

    • SSDEEP

      24576:s0LiK1d6dxOehwsj5dC33M/jYVRDSfaF0gg1CVGO7oVtNKG:n6dAehwaY19G1u7+Ln

    Score
    3/10
    • Target

      MSWinSck.ocx

    • Size

      106KB

    • MD5

      3d8fd62d17a44221e07d5c535950449b

    • SHA1

      6c9d2ecdd7c2d1b9660d342e2b95a82229486d27

    • SHA256

      eba048e3a9cb11671d0e3c5a0b243b304d421762361fe24fd5ea08cb66704b09

    • SHA512

      501e22a0f99e18f6405356184506bc5849adc2c1df3bdee71f2b4514ab0e3e36673b4aecbd615d24ebb4be5a28570b2a6f80bd52331edb658f7a5f5a9d686d10

    • SSDEEP

      3072:YXMqLvIP75rTTK/h4KtBfqXKPRPRU6/OYqF3+8/xHvd:YDETTq7xPRU3P9

    Score
    3/10
    • Target

      PSeMu3.exe

    • Size

      2.7MB

    • MD5

      57934f7ac78cf4357baeed50e25298d5

    • SHA1

      62a1de326b9df0c2580277adf0a32576c5357849

    • SHA256

      bda42dd8bcb7a0752fa60fb43ac2c96e274398f4bc95e7eeca474dd6ed7651fb

    • SHA512

      add995dcff909529c8eaf9822b930068209a46a29d87607c0cffc7e6ff1fff11f42bb56c07df42ff0ba3d867f120eac64cf6e0b0ef24f8b733dee1f4a96eff49

    • SSDEEP

      49152:ofyU7Hvvl6k8AJvw+tP8D0ap5447CaLQAH9C5H:oawl6eJvlp8D054ma1o

    Score
    3/10
    • Target

      Plugins/MSDOS.dll

    • Size

      33KB

    • MD5

      76074dc82ca16b4ca2080924b7ff2f3c

    • SHA1

      d472795d3b8858dd286ed5a87aea6d75e3b3404a

    • SHA256

      5a711912404794038f463a9ac4308ea14393d9e670c26582a8850298c3970a88

    • SHA512

      1c122f82370211fb3c130d85b0f215486988a6d766e81d69490bba95cc4e76c2a23d52d3f2ce75cb87fe046d0ec3fd840f5c3b1f42c9e489456f7c40288223b3

    • SSDEEP

      384:MPljpbm3spfqLGm3Ick1b7eARdCp8bde1rG8zntFjbwOt5Ave:MP/bnfiIwARG8Je1rGaLwOtq

    Score
    1/10
    • Target

      Plugins/PA12.dll

    • Size

      87KB

    • MD5

      d25540d0e8730e9f0b1a515650478a1b

    • SHA1

      bf25489ed089f46f35c6157096a9d1913e383867

    • SHA256

      a30d9208556d9bd0027644184572c5e0bfaefbc8b556840f8fac18b9cd50c093

    • SHA512

      f15c7ec1ff5918fc12564a108892ee26fa2398c66cca98b748c78a4a0090ad0408e2690ee4e7869704683f9f6879a5975e4123eb799aca1a51fc643af6601d05

    • SSDEEP

      1536:KWhFlTCpsQTi5S/MB6BA63KhcZjqxIktXLrMkDbk6nQOWAw:Pepoennd+tXLrMkDNQOW

    Score
    1/10
    • Target

      Plugins/PUB2220.dll

    • Size

      1.5MB

    • MD5

      f6c9754fe3e41a659cbf48efe8a9eda1

    • SHA1

      69c80e6c3f7d5aa5d74dcf1915c89606ba13056b

    • SHA256

      a5f732939a70fb4182bf3f1e8f678668af45359321c15564d92fcc0ba1320436

    • SHA512

      a30e8e1e832912500d8ba529dd0c853a65edf1cfd829ef40083c9b06f33cf59d348d583d814457af40dcc0cc581fdfc5929a4dbf0a2857910210fd999b90f30a

    • SSDEEP

      24576:92oogNmb42MBPmlIRYsPbZ73JaPAgwtaHIvBKoE78U0yIivDskc35hDbyEGjxL8/:9b9NpAEUP3ldXxA7

    Score
    1/10
    • Target

      Plugins/SSX.dll

    • Size

      70KB

    • MD5

      ec8d6b45188c5c424ece4b10bb63034f

    • SHA1

      cc1299b5b8de36ccae8898169aac9a04dfa663c0

    • SHA256

      07d2f49c27c7cc9792fb6359b66ecd031d6b3c4bfd8897c8a6a4e0f6dad20c71

    • SHA512

      e98bb3f4a98522c13611ee6abe4edf5853d57a2b9f1b17450b6db729e7898e84091c8dbc0055119cc740701be75e939294bb8729b3a2f6c0e01cdb48e7b0e9b3

    • SSDEEP

      1536:jHYkhfFxiAGGO2KM4XGt+4mw1/RBJEs1:cibbKMOM/Rjv

    Score
    1/10

MITRE ATT&CK Enterprise v15

Tasks

static1

upx
Score
7/10

behavioral1

discoveryupx
Score
7/10

behavioral2

discoveryupx
Score
7/10

behavioral3

discovery
Score
3/10

behavioral4

discovery
Score
3/10

behavioral5

discovery
Score
3/10

behavioral6

discovery
Score
3/10

behavioral7

discovery
Score
3/10

behavioral8

discovery
Score
3/10

behavioral9

discovery
Score
3/10

behavioral10

discovery
Score
3/10

behavioral11

discoveryupx
Score
7/10

behavioral12

discoveryupx
Score
7/10

behavioral13

discovery
Score
3/10

behavioral14

discovery
Score
3/10

behavioral15

discovery
Score
3/10

behavioral16

discovery
Score
3/10

behavioral17

discovery
Score
7/10

behavioral18

discovery
Score
7/10

behavioral19

discovery
Score
3/10

behavioral20

discovery
Score
3/10

behavioral21

discovery
Score
3/10

behavioral22

discovery
Score
3/10

behavioral23

discovery
Score
3/10

behavioral24

discovery
Score
3/10

behavioral25

Score
1/10

behavioral26

Score
1/10

behavioral27

Score
1/10

behavioral28

Score
1/10

behavioral29

Score
1/10

behavioral30

Score
1/10

behavioral31

Score
1/10

behavioral32

Score
1/10