ac546143819aa20f9cb1bf8bd9405ee3d8de167f47bb48a970d98878f1179f2d

Sharing

Copy URL Twitter E-mail

General

Target

44f36acb9b0636de084c199a5d9bfc34_JaffaCakes118
Size

1.2MB
Sample

241015-aw59vavbjh
MD5

44f36acb9b0636de084c199a5d9bfc34
SHA1

da16eb9ddc8970f89c3a792c1a8d7be82327e3bd
SHA256

ac546143819aa20f9cb1bf8bd9405ee3d8de167f47bb48a970d98878f1179f2d
SHA512

3b73dc04923511b8c4386f2590471e6da9cc4422d2294eeee16fe599f4d22a218c62d054e00f871c7d7711d514ead587a78acec4427929d9fe9de50e206a8976
SSDEEP

24576:x0yERCxiMwvLRXl3b5+/zI7tnH1RTemMS9M8CiBHkm9gcF8E:xMs+zd+CtnVxeKM8HBEm9ghE

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  44f36acb9b0636de084c199a5d9bfc34_JaffaCakes118
- Size
  
  1.2MB
- MD5
  
  44f36acb9b0636de084c199a5d9bfc34
- SHA1
  
  da16eb9ddc8970f89c3a792c1a8d7be82327e3bd
- SHA256
  
  ac546143819aa20f9cb1bf8bd9405ee3d8de167f47bb48a970d98878f1179f2d
- SHA512
  
  3b73dc04923511b8c4386f2590471e6da9cc4422d2294eeee16fe599f4d22a218c62d054e00f871c7d7711d514ead587a78acec4427929d9fe9de50e206a8976
- SSDEEP
  
  24576:x0yERCxiMwvLRXl3b5+/zI7tnH1RTemMS9M8CiBHkm9gcF8E:xMs+zd+CtnVxeKM8HBEm9ghE
Score

7^/10

discovery
- Executes dropped EXE
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Drops desktop.ini file(s)
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/AccessControl.dll
- Size
  
  10KB
- MD5
  
  055f4f9260e07fc83f71877cbb7f4fad
- SHA1
  
  a245131af1a182de99bd74af9ff1fab17977a72f
- SHA256
  
  4209588362785b690d08d15cd982b8d1c62c348767ca19114234b21d5df74ddc
- SHA512
  
  a8e82dc4435ed938f090f43df953ddad9b0075f16218c09890c996299420162d64b1dbfbf613af37769ae796717eec78204dc786b757e8b1d13d423d4ee82e26
- SSDEEP
  
  192:8SEWBGgiJM4LN+xq56XdNcNz/NWdlJmlyOcROQ:8SEPgii9KTzyt
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/FindProcDLL.dll
- Size
  
  3KB
- MD5
  
  8614c450637267afacad1645e23ba24a
- SHA1
  
  e7b7b09b5bbc13e910aa36316d9cc5fc5d4dcdc2
- SHA256
  
  0fa04f06a6de18d316832086891e9c23ae606d7784d5d5676385839b21ca2758
- SHA512
  
  af46cd679097584ff9a1d894a729b6397f4b3af17dff3e6f07bef257bc7e48ffa341d82daf298616cd5df1450fc5ab7435cacb70f27302b6db193f01a9f8391b
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  10KB
- MD5
  
  4fbb4a2cd711fc1fe84f3dc30c491dc9
- SHA1
  
  888e01ae6e64e7326f88df9a30587f699eab154a
- SHA256
  
  c3b05f4faf5e8903d5b4cb4a8ce4bbf2e8144725b98d8787d51c117b6efa9bc2
- SHA512
  
  92dcf99672a5935065df6492e27abb653679f1db6dcddfde87cd14260c94a870327826b23cc2f338381b3eb53d07c1a3867806f6ff94533db5195b895a856847
- SSDEEP
  
  192:CO6dJA/ruAFEiUdWWE6hE5RYUdJfbub1argMO:XKAFERdlxhGRYUzqZar
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/UserInfo.dll
- Size
  
  4KB
- MD5
  
  b59fbdc4abbbf4911d7d9516603f303e
- SHA1
  
  d00ef992008d1a4e6661134b02314674ace3d7a2
- SHA256
  
  9c139d709d7657679a2c77f1eb3fd3f1b471a36d16757c5c20e803d2b7d2a3d7
- SHA512
  
  bdcbbd0beaff597f24c0fde34f9bd4300c15ed55ef9c47d6bf7a2816554ce7dbd184f4a156f657c65b8579775f482e3fb12122d97b286b4139f84de6fb709b48
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  BitMeter.chm
- Size
  
  663KB
- MD5
  
  a4a414c1c3b8dae6b2e20f7574087651
- SHA1
  
  abde4b66f3d634e1b8327a4f53fd663e467124d3
- SHA256
  
  45a65f929a876bd97fdd09884fdf07a5098728da138690825880a43b33eca741
- SHA512
  
  916dd6fb345849054b4b2ab0c58aa3ee271f571190d6b23b53ab352265ec41c7377df27f5206d032ae40dc209ca1d3b14036f5f4594fb68db843ca0e9825bf1a
- SSDEEP
  
  12288:VIbSIrpkyiF9XE3AGLR7oRQ16bEmCUn0dTSTxdGcPie5Ov:aSI2tqPMRQdmoSTx88it
Score

1^/10
behavioral11 behavioral12
- Target
  
  BitMeter2.exe
- Size
  
  1.4MB
- MD5
  
  8f4f83ffeed8b15b8c6d9b7737c8d80f
- SHA1
  
  44f89f163523ce13c198c863a380df0887fbf1bb
- SHA256
  
  7db72329f61e0983d141cdafa88220dd096f461294d2027b7e2846033e12d834
- SHA512
  
  a9db831af48a254f42ce6c48fa1b5f25b81a8972cfdd20ad2e5b8fc20f5a23127fcb295fb91ef07ca1da3d8a23dbd15856895e9edbcbe599d32d4c8b16b2a10f
- SSDEEP
  
  12288:Z057FRBA8HjM3f42nnn9bvxX00c00r9urp4LrqL/RX+0nmA4:UA8I3AKbvxYnrqL/Ru0mA4
Score

6^/10

discovery
- Drops desktop.ini file(s)
behavioral13 behavioral14
- Target
  
  Interop.IWshRuntimeLibrary.dll
- Size
  
  48KB
- MD5
  
  ab60fa41800b46219388405a8f981e7f
- SHA1
  
  9ca326d6f44845b6fcb88b40aeabe837d6916124
- SHA256
  
  1bb31c32bf1ba2dd630a7a791529f192f7378e6fd51fff8ca4b713cc35d002fb
- SHA512
  
  da7f411bd896f2663011ec8e3c9d954ed742af1c94655c79e7faec2f0f73d6d1ec903c2af70e2b893425db55f80b2074fc5f82df682f27ed85b6a0d8d4e0208c
- SSDEEP
  
  768:WcZvU+Im6bXd8yJXBE/sfl5cVHhbnOyVc1tUdztx72z9IkCB6ktcN+:fYNik9Cv7OKcnUL72z9ID6T+
Score

1^/10
behavioral15 behavioral16
- Target
  
  ar/BitMeter2.resources.dll
- Size
  
  68KB
- MD5
  
  8aacc3bd2ed35d17edf104c128a6762d
- SHA1
  
  e7cc499b3cef8080d3e45f3937307b2ac31cba04
- SHA256
  
  3bff92073729254cba2c3e9ed8e5a72cf40f87daa52fc96942e279c395a21090
- SHA512
  
  d184fe9c829001c5d8fb4a038e7945f957023e0cf7c9594482ea0881490121ba7cd04a91d06ff0523d3b61c32a357420fc5dcae32d4dfdb9d797936734966c98
- SSDEEP
  
  768:p57gfoBi/EVmeuyi7vdX4Ti2QfxYdiVKudm/sme5vL1Koao/gU4PMSvuMlV:pJ4/EVmeuy2R2Q+UmeRL1r/gbMSvPH
Score

1^/10
behavioral17 behavioral18
- Target
  
  cs/BitMeter2.resources.dll
- Size
  
  56KB
- MD5
  
  918da6fa0e8dde538d3ab636290596b2
- SHA1
  
  df7d15c211982335b5b6b053de88ad27a191f09b
- SHA256
  
  6a2be7f57595c843a181bc1e7b2de9325ebf6af9c20201bcdd823a61bc75fee5
- SHA512
  
  50e12e19ecad479b3797570e072251235b447f928d8156c066b4ea2240e0573554047871b71e1a01543b8fcf7f4c39e2db300e6260d9e231b5e73538792251d1
- SSDEEP
  
  768:+57gfEKhSL98enK0cyqzvt10UfHsGoHo1DcIK375u:+JZKhSL98enq0UfCo1DG37M
Score

1^/10
behavioral19 behavioral20
- Target
  
  da/BitMeter2.resources.dll
- Size
  
  56KB
- MD5
  
  87f4f3d2290401ecb3a629fd274187b8
- SHA1
  
  8e948944932f4a7d84d071c3a565882f7b361fc3
- SHA256
  
  45b25c55a6fb7a652bf91f0ff3cbd057012d82f30f52e153dfa9550d26a08e1d
- SHA512
  
  701a0ed3725823eb050c20c81c466a6f536bf3ca7bd0c8bed56128e9b419708ceb5329b1366e320f240686f222a82f727fed8e17f57b4bb8b5d790ef2c3673aa
- SSDEEP
  
  1536:bJ4AjeiMxAnfxRjxBP1LxIvrJrCyBn1csUOaI:2AjeiMxAfnxBNL+vrMH8aI
Score

1^/10
behavioral21 behavioral22
- Target
  
  de/BitMeter2.resources.dll
- Size
  
  56KB
- MD5
  
  fb98b4e90bece8a7d71e4851515dc939
- SHA1
  
  9603ae0525641236183f35499e62e03aa72d0f6d
- SHA256
  
  61b1413e8bd988d134c05080663b0a9e502b77157292daa2cddc3be0bb9612b7
- SHA512
  
  62b8681f64968598e2e7004d209c84b456396e527432a4415df5c2af3463fcdc45cc204392279028f55aa1c5ec9394df2a50949dda1ff9f953fd9669bfa82b54
- SSDEEP
  
  1536:OJ1cLSOkvt9twZt5BU00dG53rdvpUckk:+cLSOkvPtwX7Uk
Score

1^/10
behavioral23 behavioral24
- Target
  
  es/BitMeter2.resources.dll
- Size
  
  56KB
- MD5
  
  be96eabdfdb30ceb764b197739f73d80
- SHA1
  
  b8228c9f1583ad941238dc64d67fc6c4b125f121
- SHA256
  
  09daaaf7e263006746b804c699d8ac2ff5a049893494e3c601b5f88940588e84
- SHA512
  
  5f2d1b36e6c1464dcb94aafdb4d915302dd1e37cfff690dce35291f2f39c5d81d0d70df44b3f7571538e8498e079019f4d63f84d959dbe1ccc0e96478fc137bd
- SSDEEP
  
  1536:AJd60Qvhxb3w1p35hYsW7ogDA8ykJhF0NDTcaQs:A60QvhxbA1p4YxQs
Score

1^/10
behavioral25 behavioral26
- Target
  
  it/BitMeter2.resources.dll
- Size
  
  56KB
- MD5
  
  ede59da8ed8106190c4810a834d81459
- SHA1
  
  baf5e2c9e9eddc377fd3b2fe6eae5249a18534a7
- SHA256
  
  7026a8987d751ee17885786109104a971e0489bac6677a427b177943dd1ebab1
- SHA512
  
  c8faad05fb19537352fe0362f835cc0b8528c967bbd804cc29fcb5b2467a1c328c177fab1cbfefc2cc950f9843d90fe9e39c0c80f72c1320b47e9ef8b1998c93
- SSDEEP
  
  1536:qJ7cRhmGsjD2k4lzhR8o+bkspGbCMuREkegcayYzW3m:8cRhmGs+k4RhvCMuuK
Score

1^/10
behavioral27 behavioral28
- Target
  
  nl/BitMeter2.resources.dll
- Size
  
  56KB
- MD5
  
  0129e0432b60b699ecf073ae2b22d9a7
- SHA1
  
  4d8664c9a7f6f44a7dda22fe5cd513f39e65aa84
- SHA256
  
  41960dbfbc9e6cad3bc0902c93ce2d117670fee4144691e0ce46dacf053f9413
- SHA512
  
  469ded1b347c0e8835abcc26c7182b9c14bfcc3ff9d9553fb1d3780af4eefc96fc2e5fae4ccc72ffe388ec736a6a59941036028d57b4280908e2482ab52932c9
- SSDEEP
  
  768:N57gfr4Km4srpihvjpyM9hd0vkgIz+AYs8dZIYjESIrxOo:NJG4Km4srDah6vfIUexL
Score

1^/10
behavioral29 behavioral30
- Target
  
  nl/uninstall.exe
- Size
  
  39KB
- MD5
  
  2085bc9fb2f8bde44375fa20622c249f
- SHA1
  
  539e87673707b09224582dd5aa920fbe8ba6dfa6
- SHA256
  
  79353004cd19ee6e8856ffd813582709dd878a34e624ad12d01d252d3617b1d9
- SHA512
  
  b8cedaa3d5d1a4b07b179d5f74666e3caded9e1762c1a0799a7fcc3f6708fdd1d39d23c1593948bb9f09a3b5db3ca994f6f012477e2f24647f9ec41e34ba664e
- SSDEEP
  
  768:LH3wplCzpl1QYc6ZOZcBMMGpUvsVYZwuUy0D3MFBOV1mJLQJRnsnwbVQP:LXwjCzX139sZDM4y0DhmJpnwxQP
Score

7^/10

discovery
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Executes dropped EXE

Loads dropped DLL

Checks installed software on the system

Drops desktop.ini file(s)

Drops desktop.ini file(s)

Deletes itself

Executes dropped EXE

Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32