General

  • Target

    4fa776169a7d101e5da18227822d183e_JaffaCakes118

  • Size

    3.1MB

  • Sample

    241016-3n7f6azcqb

  • MD5

    4fa776169a7d101e5da18227822d183e

  • SHA1

    ed7915240d90835fd40acb09808009484a909728

  • SHA256

    aca9dab58e24d2097883a87a12be28a0d4227bbd469773c175299d3a11d1f76a

  • SHA512

    f59f8a81ff638e444ff0809203277f994c8ef1dff5a4fc5c5dd156c7f902b69a5318020c011aab99572c815c8bb233b1fa454448bde3620dc68c3aa4b511e5d2

  • SSDEEP

    98304:DeOqb4ZE1sZbCtdL97oKQweye9pzJrjrRlpkV8PeYtyHv:DA4ZE1sZcMiDe7N/TpzPdmv

Malware Config

Targets

    • Target

      4fa776169a7d101e5da18227822d183e_JaffaCakes118

    • Size

      3.1MB

    • MD5

      4fa776169a7d101e5da18227822d183e

    • SHA1

      ed7915240d90835fd40acb09808009484a909728

    • SHA256

      aca9dab58e24d2097883a87a12be28a0d4227bbd469773c175299d3a11d1f76a

    • SHA512

      f59f8a81ff638e444ff0809203277f994c8ef1dff5a4fc5c5dd156c7f902b69a5318020c011aab99572c815c8bb233b1fa454448bde3620dc68c3aa4b511e5d2

    • SSDEEP

      98304:DeOqb4ZE1sZbCtdL97oKQweye9pzJrjrRlpkV8PeYtyHv:DA4ZE1sZcMiDe7N/TpzPdmv

    Score
    3/10
    • Target

      $PLUGINSDIR/CoreAAC.ax

    • Size

      312KB

    • MD5

      b0ffac757be8d6cc41e1131eb2b0d959

    • SHA1

      0e41733a050bc2ed53fda6337d6501b9942317c2

    • SHA256

      04bf38bbd9cb8287582f9a2fb8b06e0ab30f06f676a93f4a56656b576f10e597

    • SHA512

      356ecf4902f767f74670e5fcd57f26fb8a43710d0a2b3a995877e6f265119b2f091c6e5e3457dfa1767c6e4043afc470cc7090f43dd997b27c0e94c7e102bee3

    • SSDEEP

      6144:+yTbEUUmDAh189YEqbBpkJzJTba96sZTiaJfOMBfcESToVk:bxUmDAn4C9GBJba96sZTf9Oy+Wk

    Score
    3/10
    • Target

      $PLUGINSDIR/CoreAVC.ax

    • Size

      26KB

    • MD5

      4b6451e30fd1835c0af3db68c6cfabd7

    • SHA1

      264405ee0ae0f74b833ae8642645ceb2ce0ec1c7

    • SHA256

      df307f34858014411fa15a99f59a2bdd80860f6fa491a966075da8bca4bc8f32

    • SHA512

      7015f33299594545fdc4e0aa45bc5f9fd4fa451d1a6268c71831b4fda753387d5cc9bdd1edfebcc2c94c2cfd97d1e534e93c18f3a83886d709691d2d7908a7dd

    • SSDEEP

      768:e9uWjQQOSRQgT0cukBYS2VXdTsrfZvm03cTX1Lt9gn27:e9TMSlT0cuCcdIjZvyTX1LtN7

    Score
    3/10
    • Target

      $PLUGINSDIR/FWUpnp.dll

    • Size

      140KB

    • MD5

      be2d4b56d5d40afca9c804d0776a25c6

    • SHA1

      7ea48cf0e980fe999f14338f44ad4c57c9b714de

    • SHA256

      e54031818e6449897e3a81f0637b0af7618f6aa9e1530c3bf4989d2fabe4a2d4

    • SHA512

      f32b8e1d27acb7c9021dcc6cd426599374f61a78fd38a0f9d0bf5bf63c424ca816e3859387d98b3060592ea86d1743c5ff149099bcab4da9e31ff7abc81fd627

    • SSDEEP

      3072:HE0D5eN3rsEkHJGYM+y/DV7u4hNesdd56PeAWK5:HRQ3rshhMn/DVj3dc2LK5

    Score
    3/10
    • Target

      $PLUGINSDIR/Hookkernel.dll

    • Size

      275KB

    • MD5

      65c2129a5c0cabd657022cf49a1a96a3

    • SHA1

      03c529e0226eb5b41cd91708512dbd58edecd600

    • SHA256

      0aa0271fc27552af57fd171c3288b00b600c912a60d8752bf70f90b997f5d67c

    • SHA512

      b9900c3f6c93cf30c55cf718d96743728535bcb820ffaf4efa3c1ab874c684903a8fb30c2e88babdd468c2badc49306186df95f32d86bfb1a84d8d182bc8143c

    • SSDEEP

      3072:VOGElO2Vtd2LW5ukXA8l7xLsx1BuAYzPWMYCWyRQzaniwlXs5Yo4qD1icgE:FEzrd2LWDXA8lVsNczPWtCW/zO3XtooE

    Score
    3/10
    • Target

      $PLUGINSDIR/Live.dll

    • Size

      205KB

    • MD5

      ec03fa69a025dc807314b9dcb5498986

    • SHA1

      a0f5abfa07ce548f10b806922eff748d2652f0e9

    • SHA256

      c3c5091dad0c0be701f6da2ae41a07f3614d6f567031dda823e5a320483c2243

    • SHA512

      78c30b0616686454be4c2eff375c91445270effb8d7bcbca372692ed86ce9dc383f91512fc65a937cd7c478c0c5cbd840e301aceabbf7d3c58cb92a80671cabb

    • SSDEEP

      6144:juVS50/4IMjqndIM7NpiLgqe4tQ+PAHWgaWSJKR82+gS45y69z6gm61xdO:jg82+gS4J9+gO

    Score
    3/10
    • Target

      $PLUGINSDIR/MngModule.dll

    • Size

      862KB

    • MD5

      992ef262f488bd71005d04644b128788

    • SHA1

      6a35e4ba677cc9e03fac85983bd968ab8862b16c

    • SHA256

      ca89fab589e51e74468860dec0a63eaf4bb9a80a8444fde7783f43ec7b96916b

    • SHA512

      6e619c4a2b382b2f7e9a9aab5cc9578caced894092cec9abd96fa9958a0506042afc463e1a767eece3115ed5db62d207b84df6dc919a84330cecf9309cb59578

    • SSDEEP

      12288:fQD1kl1ZVQQNaA13/NY9+pQwqDeIGvKb2yuYNemSIWGJjrirC6B5LgZku:o+l/Njp/bTyuYFWGJjrir3Fu

    Score
    3/10
    • Target

      $PLUGINSDIR/PPAP.exe

    • Size

      181KB

    • MD5

      ecf05fb40bb1eedda1ba50280ee91c74

    • SHA1

      a9b160c78cdb26e2c7f8a8a172dfbca832281df7

    • SHA256

      3c90f9e0159b911dd9559d86b80ebf9fc2a83908993c4cffacdc5d4ddcb9baf5

    • SHA512

      8c630615ec1041f4e6f88fa744529a564e6a7442a3666015ae519d68cc61904500d932f621af4b8d231a32e81d32bb1754cc5947e61093a87ae92bd0008ae7a5

    • SSDEEP

      3072:iktGuFdoU712zneJxEpiEIII1IIaVkbAGAdzB3Yt/nGbMQ:7roU52znAEgEIII1IIaVBGM3ZAQ

    Score
    3/10
    • Target

      $PLUGINSDIR/PPHookShell.dll

    • Size

      252KB

    • MD5

      a27a138723878a478c06e1f82adccfab

    • SHA1

      79dffc70b9104cd9487d7e49a95f492faadd3133

    • SHA256

      519277e0449b1eed8f75624ebbb9cb09a5d8dccd3815c6ef594fa4fec6318741

    • SHA512

      24ec8474d7e3969772176045a0191f669c4bf6f05ca241dc0e2c0840027ed8daa9cfb7b50383f23497c192809732f2afc5f384cd4edaea4d47e3547fbdbea31f

    • SSDEEP

      6144:daf31Wel39Id66npp6kZ0EYmf2yLtopxL:d61Idnnpp6RgmpxL

    Score
    3/10
    • Target

      $PLUGINSDIR/PPInstallLog.dll

    • Size

      41KB

    • MD5

      a04d44787b28d37b4334c184ea4faae8

    • SHA1

      47a5038f2fc45841420a89f08eefd35191aa1fe7

    • SHA256

      34f0eb6f3b7deda82929fba6993eb27cd26d0b791be8031ce0b4729a7dc9dd46

    • SHA512

      a529e5c412dce90f34e13a185e81b757adf140447167b310d056d2b380873683e5b6681f5810be7d1194cfdd64eda25b87a1a5aae70ed4e48be5aa64acbd5346

    • SSDEEP

      768:oCIMnU6AUW1qDyaoKg6V86jJaJy+mW3jLWQbCo:lIMSHP6C6j4JqWTaECo

    Score
    3/10
    • Target

      $PLUGINSDIR/Send_Log_Kernel_Module.dll

    • Size

      233KB

    • MD5

      7d1dbe3c735d2a5d4951022c45547772

    • SHA1

      e6fbebc3c185d6b150bc7b2a9d1685e107b03b3e

    • SHA256

      8cc9bc4f9289ef37d344c88e4b53ce5ca58b11ec1e32d60fc9fd6456a80f1233

    • SHA512

      648299ee0b0c2678d9da43ca039fcf8525e9921b46327577fa6c57f0de41f5ccecda70e219a0135fb8c05725a752e7e2cdf27bad845203eb5147d3056e588086

    • SSDEEP

      6144:kQ4Xli0q/zL8eVC0RmtrC3mVe9IMv1cWzES179Tm:kQ4igrCWVe9zaWzD9Tm

    Score
    3/10
    • Target

      $PLUGINSDIR/System.dll

    • Size

      11KB

    • MD5

      c17103ae9072a06da581dec998343fc1

    • SHA1

      b72148c6bdfaada8b8c3f950e610ee7cf1da1f8d

    • SHA256

      dc58d8ad81cacb0c1ed72e33bff8f23ea40b5252b5bb55d393a0903e6819ae2f

    • SHA512

      d32a71aaef18e993f28096d536e41c4d016850721b31171513ce28bbd805a54fd290b7c3e9d935f72e676a1acfb4f0dcc89d95040a0dd29f2b6975855c18986f

    • SSDEEP

      192:7DKnJZCv6VmbJQC+tFiUdK7ckD4gRXKQx+LQ2CSF:7ViJrtFRdbmXK8+PCw

    Score
    3/10
    • Target

      $PLUGINSDIR/TipsClient.dll

    • Size

      237KB

    • MD5

      25853e8bd3e283e15024d1111535ede7

    • SHA1

      5b56e1dea924520b6c61ec09113c33fa3db573a4

    • SHA256

      ccbce22f01208cc8fc96de789ab9fedefc851f588cd4c1fbd6d9edc7ac2f4eb5

    • SHA512

      5bfa0e6bed05f1ab79ee97d1bd9bf1d48ba3d263a44e538d005af820c41c659eb112a4f19152e0841301fbd8b9618e8f353fe672df88b66e45c4719784202144

    • SSDEEP

      3072:G4CrgXFGPASJR81rXwRtTgvK8SvP4N6MPuFjpChe8WgoqILjWjpWyI9Se/tNWrLL:yg1TwsS8HUdjpChSpGje/tNyykwbC1

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

    • Target

      $PLUGINSDIR/VAProxyD.dll

    • Size

      97KB

    • MD5

      c3a7c71bce4ec04d63b7ef8ec9958c39

    • SHA1

      cbe84ecbae1eb37557426783b7fa89a804d4fc09

    • SHA256

      02a78e77cb64d9fa1f90ed2be6d9ff7b94624b2a790ed8109bfe61e66ebd825f

    • SHA512

      9a5579cd5c437158d8277b64e583d18cd0113c186d1013e3c57c92d39a16b412ce9f95aef09dbbd05a36cab62e5193532c41eea6850b0a77d8502e7d1fa23468

    • SSDEEP

      1536:2ublP85a1u5pJfGdw13FpZxRCH4zwpmW7RZO7VccUCdPJL8QaECL:2mU81UGd8RCYemWDSKCJZAD

    Score
    3/10
    • Target

      $PLUGINSDIR/admodule.dll

    • Size

      812KB

    • MD5

      a256337aedd10bfe85aa8d0cc759c4b1

    • SHA1

      292012487cd89842964712e1ad26e7dfb2c1fcb1

    • SHA256

      e2c24c63ac4da0e34a253c3cf8d6ec31da39740376fe2e87e52ba0f32c450640

    • SHA512

      250666689c156809dae72648e99d0a9abdb105375044c956d6c50e4107dce236d95a7925611566f8963b7bb0e956631aff9cce65695f1b7e493cfd4c849dab72

    • SSDEEP

      12288:01uRtBrct5O/dyANBseR1+bQE5NyH8/uUIid7vV+4KCaEovvV:3gturIGjUIid7rKvvXV

    Score
    3/10
    • Target

      $PLUGINSDIR/audioswitcher.ax

    • Size

      304KB

    • MD5

      9ab21c1c96fcb113ff93cd641b88112e

    • SHA1

      d5ffe5945ebbeaf73a0e1d7470d0a2f72b08f6ff

    • SHA256

      bff1bf09ff63a3fd600cbf36684aa01da6a08b63498ae549b15f0964572c3ea6

    • SHA512

      44cf7f6d8e51aa6c8d98f1c5456c391fe812d6df4c6b68450d0ba4ee920e86a22433f22ee3f367a8f1183c0276fbe0eaeb2de7987ac9acf51f542a0a84451293

    • SSDEEP

      3072:9VKpjxoDyxTJwkUY6WJ12sodlHiO9OHXXg1207yOh/qEMIZX2Wwr73U048j02MQN:HKpnYsgssHZ9OHHgRhweTioIcr7

    Score
    3/10

MITRE ATT&CK Enterprise v15

Tasks

static1

Score
3/10

behavioral1

discovery
Score
3/10

behavioral2

discovery
Score
3/10

behavioral3

discovery
Score
3/10

behavioral4

discovery
Score
3/10

behavioral5

discovery
Score
3/10

behavioral6

discovery
Score
3/10

behavioral7

discovery
Score
3/10

behavioral8

discovery
Score
3/10

behavioral9

discovery
Score
3/10

behavioral10

discovery
Score
3/10

behavioral11

discovery
Score
3/10

behavioral12

discovery
Score
3/10

behavioral13

discovery
Score
3/10

behavioral14

discovery
Score
3/10

behavioral15

discovery
Score
3/10

behavioral16

discovery
Score
3/10

behavioral17

discovery
Score
3/10

behavioral18

discovery
Score
3/10

behavioral19

discovery
Score
3/10

behavioral20

discovery
Score
3/10

behavioral21

discovery
Score
3/10

behavioral22

discovery
Score
3/10

behavioral23

discovery
Score
3/10

behavioral24

discovery
Score
3/10

behavioral25

bootkitdiscoverypersistence
Score
6/10

behavioral26

discovery
Score
3/10

behavioral27

discovery
Score
3/10

behavioral28

discovery
Score
3/10

behavioral29

discovery
Score
3/10

behavioral30

discovery
Score
3/10

behavioral31

discovery
Score
3/10

behavioral32

discovery
Score
3/10