792c3d0c1f24a89c24d62fb979926a32ab7ff6a68362682336f7cae4c9001e7d | Triage

Sharing

General

Target

528b490bc46badb0d1653fe04dfd4877_JaffaCakes118
Size

315KB
Sample

241017-tjee5stcpd
MD5

528b490bc46badb0d1653fe04dfd4877
SHA1

268c248abed01cbae87567dc593e8fdd1d62fc83
SHA256

792c3d0c1f24a89c24d62fb979926a32ab7ff6a68362682336f7cae4c9001e7d
SHA512

c10f1153e9392562f43ceee4f83bf14578b1a620c139f6ee679083093bf35dd73a46a736ec1a13591ded893c514621ef090779d254772eb664beb4beace183fb
SSDEEP

6144:IQq/hEP2kQN6KXsrZ9Y5kygDw2keN1gqO8mxxmNuGjvJiRA:0ELYsrZ3yqPxN1g38mxxzAvJiRA

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  528b490bc46badb0d1653fe04dfd4877_JaffaCakes118
- Size
  
  315KB
- MD5
  
  528b490bc46badb0d1653fe04dfd4877
- SHA1
  
  268c248abed01cbae87567dc593e8fdd1d62fc83
- SHA256
  
  792c3d0c1f24a89c24d62fb979926a32ab7ff6a68362682336f7cae4c9001e7d
- SHA512
  
  c10f1153e9392562f43ceee4f83bf14578b1a620c139f6ee679083093bf35dd73a46a736ec1a13591ded893c514621ef090779d254772eb664beb4beace183fb
- SSDEEP
  
  6144:IQq/hEP2kQN6KXsrZ9Y5kygDw2keN1gqO8mxxmNuGjvJiRA:0ELYsrZ3yqPxN1g38mxxzAvJiRA
Score

7^/10

discovery
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/BrandingURL.dll
- Size
  
  4KB
- MD5
  
  71c46b663baa92ad941388d082af97e7
- SHA1
  
  5a9fcce065366a526d75cc5ded9aade7cadd6421
- SHA256
  
  bb2b9c272b8b66bc1b414675c2acba7afad03fff66a63babee3ee57ed163d19e
- SHA512
  
  5965bd3f5369b9a1ed641c479f7b8a14af27700d0c27d482aa8eb62acc42f7b702b5947d82f9791b29bcba4d46e1409244f0a8ddce4ec75022b5e27f6d671bce
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/CustomLicense.dll
- Size
  
  4KB
- MD5
  
  ca37f2747e04ae09ae9f14852574abef
- SHA1
  
  e40bf34907337340520f368575c848ddb62f98c5
- SHA256
  
  bbcab5c7e9f4b3f63184b23995e5b335a1c6ca5108aaa1be0eaf3fbf78afc1c4
- SHA512
  
  ea781e646313bc458fba0ce66e357818725f385cb6c3383bb9c41dbb5221a6f43e3d8296aa3cbd5e8759d95d87a8eefa5f87665912fbc65c8eb4efcacabfdb60
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/GetVersion.dll
- Size
  
  6KB
- MD5
  
  5264f7d6d89d1dc04955cfb391798446
- SHA1
  
  211d8d3e7c2b2f57f54a11cb8bc4fa536df08acc
- SHA256
  
  7d76c7dd8f7cd5a87e0118dacb434db3971a049501e22a5f4b947154621ab3d4
- SHA512
  
  80d27ee2f87e2822bd5c8c55cc3d1e49beebb86d8557c92b52b7cbea9f27882d80e59eefa25e414eecee268a9a6193b6b50b748de33c778b007cde24ef8bcfb7
- SSDEEP
  
  96:E12Z84uiwpGTVTDSpaHYfniz0R3GhCvXY6Ix5vdR7pBi46AQ5Vu4:2STVTGwYhR3GhCvy5vH7pBi46AQ5Vu
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/IMInstaller.exe
- Size
  
  57KB
- MD5
  
  de27cfa64f976f323a85ee33de5b0c6b
- SHA1
  
  2dd2d039037662e5a8658243a8c1796acb746d83
- SHA256
  
  13d3ffe7288e2c8ee0bb101603282b85588c4e6a0433b86ef53674f6a1dcc17e
- SHA512
  
  5d95a58b9ea0d31a1725c73b5368fe3d8092a5e5c24701afbca50765c0721ea5eb674e2dc61e2d9a554ea592896fb8cf3c92f6952ddc9163967bf984cc5d19c1
- SSDEEP
  
  1536:SpgpHzb9dZVX9fHMvG0D3XJC/g9rjd1V/DOSUvKIMDe:QgXdZt9P6D3XJRNhDmvKBe
Score

7^/10

discovery
- Loads dropped DLL
behavioral10 behavioral9
- Target
  
  $PLUGINSDIR/Math.dll
- Size
  
  66KB
- MD5
  
  b140459077c7c39be4bef249c2f84535
- SHA1
  
  c56498241c2ddafb01961596da16d08d1b11cd35
- SHA256
  
  0598f7d83db44929b7170c1285457b52b4281185f63ced102e709bf065f10d67
- SHA512
  
  fbcb19a951d96a216d73b6b3e005338bbb6e11332c6cc8c3f179ccd420b4db0e5682dc4245bd120dcb67bc70960eab368e74c68c7c165a485a12a7d0d8a00328
- SSDEEP
  
  1536:0P43WZ4Ql60gam+2MwRmPeqFVHbQH0ZZ1Iet:0wU609VMH0T/t
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  11KB
- MD5
  
  c17103ae9072a06da581dec998343fc1
- SHA1
  
  b72148c6bdfaada8b8c3f950e610ee7cf1da1f8d
- SHA256
  
  dc58d8ad81cacb0c1ed72e33bff8f23ea40b5252b5bb55d393a0903e6819ae2f
- SHA512
  
  d32a71aaef18e993f28096d536e41c4d016850721b31171513ce28bbd805a54fd290b7c3e9d935f72e676a1acfb4f0dcc89d95040a0dd29f2b6975855c18986f
- SSDEEP
  
  192:7DKnJZCv6VmbJQC+tFiUdK7ckD4gRXKQx+LQ2CSF:7ViJrtFRdbmXK8+PCw
Score

3^/10

discovery
behavioral13 behavioral14
- Target
  
  $PLUGINSDIR/UserInfo.dll
- Size
  
  4KB
- MD5
  
  7579ade7ae1747a31960a228ce02e666
- SHA1
  
  8ec8571a296737e819dcf86353a43fcf8ec63351
- SHA256
  
  564c80dec62d76c53497c40094db360ff8a36e0dc1bda8383d0f9583138997f5
- SHA512
  
  a88bc56e938374c333b0e33cb72951635b5d5a98b9cb2d6785073cbcad23bf4c0f9f69d3b7e87b46c76eb03ced9bb786844ce87656a9e3df4ca24acf43d7a05b
Score

3^/10

discovery
behavioral15 behavioral16
- Target
  
  $PLUGINSDIR/cpudesc.dll
- Size
  
  4KB
- MD5
  
  d25102051b33f61c9f7fb564a4556219
- SHA1
  
  c683964c11d5175171bd009cb08f87592c923f85
- SHA256
  
  e58e5d1d8da2ea526d0d754b4faad3773021166b0720723efb7b30f1f5075398
- SHA512
  
  8828eec31926251d7e51b5bf1050c3519c9b7fca4f978fb6ee0bf18f9642c3460687f10ff79e5892100ecadbf49725711567c348e1dfccb3644bd9ef992a92f0
Score

3^/10

discovery
behavioral17 behavioral18
- Target
  
  $PLUGINSDIR/fm_license.rtf
- Size
  
  73KB
- MD5
  
  4a6d1534a2473f9b4655920eceb4f424
- SHA1
  
  10bd36482cecfd0ed5a9794bdb2005b8162a8ca7
- SHA256
  
  a5e7ec057431a4866922b12373f39f8e3412e40d6b2f5471e08dc83abdce4a6c
- SHA512
  
  a11606e3714e6552fc62089747ebc9e880932ffe6a49705311efca8b3a671f46c85507aa72a2a0f126558be68dcb22d9d1b672ffe8455fa72fd4838366eaa9de
- SSDEEP
  
  1536:Cp6nbg4Mdj7eHJm4ZFIcQtesQ1EJcdTc/FcT:CMnbg4MYr99YQ
Score

4^/10

discovery
behavioral19 behavioral20
- Target
  
  $PLUGINSDIR/inetc.dll
- Size
  
  20KB
- MD5
  
  134b93f8bd1f82cd2f1b06c878580703
- SHA1
  
  29cdbce7a2caf1f7e4d2a139c42336d490074665
- SHA256
  
  45153adf50541316468e2b189a0f8127be9fb29e2f920e7eeaa6aceb438db8c4
- SHA512
  
  f970c38debb6631dab7369e2bc96237f16a8fd328d9d35a2b54cb688e1807f62cc6d63230afe89ce5c3945097ae4466872c72929a9623adde3ee57bddf54b692
- SSDEEP
  
  384:EBQCxl9oGPZsw1v6yBIgktbBYeTeXMK5HQ/0lR+Tya4LV0Ac9khYLMkIX0+GBxgU:goGFghBZTeXMK6cVa4L
Score

3^/10

discovery
behavioral21 behavioral22
- Target
  
  $PLUGINSDIR/license.rtf
- Size
  
  64KB
- MD5
  
  de475a7001cf25a3669adb1aa2696678
- SHA1
  
  2b5633023e109d728cf113c45aecd85a29423396
- SHA256
  
  2fe05b388a51d617fa2fe958df887afc2fe44ff2b610613ad5b3619991fa255c
- SHA512
  
  e8ebc7d7c1566d66d1a70f9180a6f2e0b854dbc77e88332582a0f00c3475a54fc200e4c725a09a664f573ec2b0eb4bae1c449e02ef05ed13a62b633604eb45df
- SSDEEP
  
  768:onpT17dYreVOx49XvSMDcpzyA/mw3RgnaCwL9W5PfOyGlgODxyBrbWZQU/JbtH3C:Ibc/H3KtFFuCOWwu
Score

4^/10

discovery
behavioral23 behavioral24
- Target
  
  $PLUGINSDIR/ls_license.rtf
- Size
  
  50KB
- MD5
  
  8c9785a3b9234955bc80a02c71fa8a8d
- SHA1
  
  0b987d3d68c712eca80a175c197f99de2b8aab9d
- SHA256
  
  e19ef1e9204758c4424b9a85fcf1216f32221fbe7938accadf38d373547c400a
- SHA512
  
  b80fbcfe67191b7b91f913efbd1b6c04b3ffbb2a57aa90b9ddb22dc130dfc3eb230f20293c1706162f7106d0381ff5e44f9a4e7c9ab5e02a780130ddc328ef54
- SSDEEP
  
  768:Fk6Oyj0LBk4oaqVYmfiBkyKWm+1URooIniyCDcpzyA/mwDWLePsrfKY7G5kIniyB:2y0reWrD
Score

4^/10

discovery
behavioral25 behavioral26
- Target
  
  $PLUGINSDIR/nsDialogs.dll
- Size
  
  9KB
- MD5
  
  c10e04dd4ad4277d5adc951bb331c777
- SHA1
  
  b1e30808198a3ae6d6d1cca62df8893dc2a7ad43
- SHA256
  
  e31ad6c6e82e603378cb6b80e67d0e0dcd9cf384e1199ac5a65cb4935680021a
- SHA512
  
  853a5564bf751d40484ea482444c6958457cb4a17fb973cf870f03f201b8b2643be41bccde00f6b2026dc0c3d113e6481b0dc4c7b0f3ae7966d38c92c6b5862e
- SSDEEP
  
  96:hBABCcnl5TKhkfLxSslykcxM2DjDf3GE+Xv8Xav+Yx4VndY7ndS27gA:h6n+0SAfRE+/8ZYxMdqn420
Score

3^/10

discovery
behavioral27 behavioral28
- Target
  
  $PLUGINSDIR/obes_license.rtf
- Size
  
  47KB
- MD5
  
  d5202603b21d9ae63536c5e470e82b5d
- SHA1
  
  f34cd7761441afb891af278aa45ae90d8b3a96d2
- SHA256
  
  dad3ad31ee341b2f0213e9e006dd49b5a8c5a063a3d1e62df9fdfdc359a971d2
- SHA512
  
  997ed523f1f4f51693ac1e20f91f483bb2c393f7bda7cefc0e8a900ae0130f25d9aeffa97858116c8a999851b7e0128d2a4f091a8759801091f5cc83b394f75d
- SSDEEP
  
  768:2H6OygBgg1PALqZab8NJRi/hQZoLLXI1nqT2njX8x3b7G5V5V5h5G5P5N5T5gVVQ:CxwmwCHxHLBwNm/t8tZ
Score

4^/10

discovery
behavioral29 behavioral30
- Target
  
  $PLUGINSDIR/obfr_license.rtf
- Size
  
  45KB
- MD5
  
  473c155dd98254e5f856fb91168aec88
- SHA1
  
  6f2e59babce54278876b858ac6c337557ce63cbf
- SHA256
  
  00616df5290ca0f698f935f8c66975d6082de86bf4d1f650e23e6ea5eb4598dc
- SHA512
  
  b8f36be11af0a58332b280cbc3d665ac39b804b4281f25c4a90b6a15d5c25f36262cdf6c17faf89a43a486a26850bf27332a9ae0e9642710f6452f85ae03d633
- SSDEEP
  
  768:2H6OygBgg1PALqZvDcpzyA/mwhRgnaCwL9W6PfOyGlgOkauIKx49kWUSN4UIRop3:CFuQsb+aFAUk
Score

4^/10

discovery
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32