a273b66c23294b51f15ca9bbe01f79f11de3b175d492a64e490f4f84a716ef67 | Triage

Sharing

General

Target

56a96389887d996816196e0ffb927e43_JaffaCakes118
Size

11.0MB
Sample

241018-lemlysyhla
MD5

56a96389887d996816196e0ffb927e43
SHA1

02d914e124f1d348b9bcdb84dff12e13e7a35ccf
SHA256

a273b66c23294b51f15ca9bbe01f79f11de3b175d492a64e490f4f84a716ef67
SHA512

885b4fd36f912d486c406f33e4da0f76bacd50ef26057bfb75312691d20cb0b873d7b5558ac3f0b5a8e2cfbb91aeb7c608ed8f2e69d4172bd30caeb9f8f34664
SSDEEP

196608:d0gK3em2RZhKuaKFh/c1Odm0wi0kpkXWIeQhnBfwTAX0AyAg3HExGRxijq2O:d0gkem2/8KFh/cY+XW+BYT40RkFRO

Score

3^/10

discovery

Malware Config

Targets

- Target
  
  56a96389887d996816196e0ffb927e43_JaffaCakes118
- Size
  
  11.0MB
- MD5
  
  56a96389887d996816196e0ffb927e43
- SHA1
  
  02d914e124f1d348b9bcdb84dff12e13e7a35ccf
- SHA256
  
  a273b66c23294b51f15ca9bbe01f79f11de3b175d492a64e490f4f84a716ef67
- SHA512
  
  885b4fd36f912d486c406f33e4da0f76bacd50ef26057bfb75312691d20cb0b873d7b5558ac3f0b5a8e2cfbb91aeb7c608ed8f2e69d4172bd30caeb9f8f34664
- SSDEEP
  
  196608:d0gK3em2RZhKuaKFh/c1Odm0wi0kpkXWIeQhnBfwTAX0AyAg3HExGRxijq2O:d0gkem2/8KFh/cY+XW+BYT40RkFRO
Score

3^/10

discovery
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  11KB
- MD5
  
  c17103ae9072a06da581dec998343fc1
- SHA1
  
  b72148c6bdfaada8b8c3f950e610ee7cf1da1f8d
- SHA256
  
  dc58d8ad81cacb0c1ed72e33bff8f23ea40b5252b5bb55d393a0903e6819ae2f
- SHA512
  
  d32a71aaef18e993f28096d536e41c4d016850721b31171513ce28bbd805a54fd290b7c3e9d935f72e676a1acfb4f0dcc89d95040a0dd29f2b6975855c18986f
- SSDEEP
  
  192:7DKnJZCv6VmbJQC+tFiUdK7ckD4gRXKQx+LQ2CSF:7ViJrtFRdbmXK8+PCw
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/XL7InstallUIPlugin.dll
- Size
  
  53KB
- MD5
  
  caf0bfe7af2519b591980e567923dc12
- SHA1
  
  c407a108d45f0dab53879a8b60c7c9bbdebc16e9
- SHA256
  
  03014ac037b73fd97f7d823704d0f6170697e2c330b5d4d83aaa43e87ef00883
- SHA512
  
  dc65fedee1efe8485e25155181b6c151f01c4acd8efe82d99df93d703d3eaa545e3198515ebd369f19b7a5829c86a8d2152e293f219a2b08db5b38bc3c45419c
- SSDEEP
  
  768:I4v8bZ8SWVkd3XmGZ2oLnnrvEEMOHYwNhreXaD3iLG:Vv8bZ8SW2d3XmGcoLnrvEEMOh1DSq
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/nsDialogs.dll
- Size
  
  138KB
- MD5
  
  c753bcd76cc7b0a9c06d385a75aca8e7
- SHA1
  
  c7242370171174c08947fc33e3e3ff894c8dc0a8
- SHA256
  
  cd8118dfe3646c37fb16a4562a5a2b59bcd03c5034beb0b5cb50f958baa7eb78
- SHA512
  
  fd65e9ab49a625b3475639f3f7038162c8f08217370c83be601210c3c33d321e4bf8122e73319b1c4b38d664d37d605f2683452d11378aa6831b7cf0508fb6eb
- SSDEEP
  
  1536:SvHcLn3ZjAdN5sJPtpdQ0uyzFozKPKt1UNsDLRWDfwD9mGsB36BkEJAXYQJJYsyt:AenJjjJPtLBozOmYXoOXBJJYsykUAI
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  $SYSDIR/atl71.dll
- Size
  
  88KB
- MD5
  
  4edd8d74ea48f58d3eca7e9297f19221
- SHA1
  
  c874f24787c7e487f16113080a80d8241297d5b0
- SHA256
  
  d422497febaa2fbb83a8a2ec342e08884c5a77fbddabde7bec4e21884f56d0ce
- SHA512
  
  6816c9d43aa3f78bec77d0e9be5e4e549a86f5ca2afaa19167d01763dd15fc7c18db609249e70271b88162460929d7cba13354e38eab0c9b03769fc0b498c32c
- SSDEEP
  
  1536:nrikoNDxHopwlej/A+KZtI+nG+efsCPJOnb/lDwT/XvTjZoxzvN4Zwm7aI5Y:u8pwBI+tefsnb/lDY/X/KVv6Zwm/
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  $SYSDIR/msvcp71.dll
- Size
  
  492KB
- MD5
  
  a94dc60a90efd7a35c36d971e3ee7470
- SHA1
  
  f936f612bc779e4ba067f77514b68c329180a380
- SHA256
  
  6c483cbe349863c7dcf6f8cb7334e7d28c299e7d5aa063297ea2f62352f6bdd9
- SHA512
  
  ff6c41d56337cac074582002d60cbc57263a31480c67ee8999bc02fc473b331eefed93ee938718d297877cf48471c7512741b4aebc0636afc78991cdf6eddfab
- SSDEEP
  
  12288:b692dAsfQqt4oJcRYRhUgiW6QR7t5k3Ooc8iHkC2ek:bSYACJcRYe3Ooc8iHkC2e
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  $SYSDIR/msvcr71.dll
- Size
  
  340KB
- MD5
  
  ca2f560921b7b8be1cf555a5a18d54c3
- SHA1
  
  432dbcf54b6f1142058b413a9d52668a2bde011d
- SHA256
  
  c4d4339df314a27ff75a38967b7569d9962337b8d4cd4b0db3aba5ff72b2bfbb
- SHA512
  
  23e0bdd9458a5a8e0f9bbcb7f6ce4f87fcc9e47c1ee15f964c17ff9fe8d0f82dd3a0f90263daaf1ee87fad4a238aa0ee92a16b3e2c67f47c84d575768edba43e
- SSDEEP
  
  6144:cPlV59g81QWguohIP/siMbo8Crn2zzwRFMciFMNrb3YgxS3bCAO5kkG:OlVvN1QWguohInJDrn8zwNF7eCr
Score

3^/10

discovery
behavioral13 behavioral14
- Target
  
  $TEMP/XL7InstallUI/XL7InstallUI.dll
- Size
  
  182KB
- MD5
  
  d39170ba0cc80c1919018ab97e9e767e
- SHA1
  
  3580123ef32b3868e2f8da8d376051c2558889f2
- SHA256
  
  7162f552fd0168372f2b9be5d8ff5b8fc9eb308f9f0df774d5322d2c5532a38a
- SHA512
  
  6289ac8c453fc80f3398adffd5659f1b0798f94c6e8f9f76e5d88ab4502fe872722cd29b0a736802cc5f02b364f1f2380d76206bf8f4a322f674a564329f4292
- SSDEEP
  
  3072:ojZDhwbQGQ9c28lgXsvu3zIVBhyk5mv0M9FlLD//kXjUKjTPTFrWIknn9ZNKQitJ:hbQXc28eX4L20oPEXj5PTRsn9ZNKbJ
Score

3^/10

discovery
behavioral15 behavioral16
- Target
  
  $TEMP/XL7InstallUI/XL7InstallUIPlugin.dll
- Size
  
  53KB
- MD5
  
  caf0bfe7af2519b591980e567923dc12
- SHA1
  
  c407a108d45f0dab53879a8b60c7c9bbdebc16e9
- SHA256
  
  03014ac037b73fd97f7d823704d0f6170697e2c330b5d4d83aaa43e87ef00883
- SHA512
  
  dc65fedee1efe8485e25155181b6c151f01c4acd8efe82d99df93d703d3eaa545e3198515ebd369f19b7a5829c86a8d2152e293f219a2b08db5b38bc3c45419c
- SSDEEP
  
  768:I4v8bZ8SWVkd3XmGZ2oLnnrvEEMOHYwNhreXaD3iLG:Vv8bZ8SW2d3XmGcoLnrvEEMOh1DSq
Score

3^/10

discovery
behavioral17 behavioral18
- Target
  
  $TEMP/XL7InstallUI/XLFSIO.dll
- Size
  
  209KB
- MD5
  
  6243898e9924015e0170a61b103c472e
- SHA1
  
  2d1f71e99a6e597f845c3a72609600c90dc42e00
- SHA256
  
  fb48f62256b05bd0041eedd505ea48989941b945ac24201d64808833166e0d8b
- SHA512
  
  177dc331a1d2ccda87871c2ab68cc92d6108e6ec2879b54a86ebcea3e52623a3547149ba507bb82e53615f4412c3c766428b603373e8af9389d71d8384ec5732
- SSDEEP
  
  6144:PlWeM+Q4Scge8x98HI0GjwWHkTBfb2vHx7:PlWf+ae8x+HI0KwGkTBbA
Score

3^/10

discovery
behavioral19 behavioral20
- Target
  
  $TEMP/XL7InstallUI/XLGraphic.dll
- Size
  
  697KB
- MD5
  
  82634927747c570c2b1e03118989f924
- SHA1
  
  7c6dcc3875bf027ae756086264d5904935a463c5
- SHA256
  
  7f5081bab1dadc88b46cded13c7a6d63a2c02bdc07adfea48f7888c0bbd50b33
- SHA512
  
  7aa421e228340255ea9e888a92da174ba2c76fb9c70825340e5d37c48fa4c6b3cda6100853a5fd5bbcaf2d516f893bb603ee584edeb03348cec662043bd4b7f2
- SSDEEP
  
  12288:TJIc7rGhczN3TVl//rgV+74g6WvTn5kg7PSK7A7/sW2LgAN44:TJXr2ctP/DSQvTn5kCrAjs5cj4
Score

3^/10

discovery
behavioral21 behavioral22
- Target
  
  $TEMP/XL7InstallUI/atl71.dll
- Size
  
  88KB
- MD5
  
  4edd8d74ea48f58d3eca7e9297f19221
- SHA1
  
  c874f24787c7e487f16113080a80d8241297d5b0
- SHA256
  
  d422497febaa2fbb83a8a2ec342e08884c5a77fbddabde7bec4e21884f56d0ce
- SHA512
  
  6816c9d43aa3f78bec77d0e9be5e4e549a86f5ca2afaa19167d01763dd15fc7c18db609249e70271b88162460929d7cba13354e38eab0c9b03769fc0b498c32c
- SSDEEP
  
  1536:nrikoNDxHopwlej/A+KZtI+nG+efsCPJOnb/lDwT/XvTjZoxzvN4Zwm7aI5Y:u8pwBI+tefsnb/lDY/X/KVv6Zwm/
Score

3^/10

discovery
behavioral23 behavioral24
- Target
  
  $TEMP/XL7InstallUI/libpng13.dll
- Size
  
  224KB
- MD5
  
  9c6a33ee663d1d821cc508a3f4d99fe1
- SHA1
  
  ed8c20076d243b03e77db406b0c6845b1427ae13
- SHA256
  
  971d40c80d65f44b7a70c0a64db173e8579ec1e1b9aeeecc0b457f4d9e1ea890
- SHA512
  
  b3307b95831cc6b84c9cd85320ed9ecbe27616c0fdb407a48c778934031fd640895c55d4741c82815dc0399765e8d129027b9f3bd9a2d7dc0da84c7ab6b3b799
- SSDEEP
  
  3072:mWx5Kk09OAyMLd0oJyHy2T8BgXVYZ85TiDn6WrdvkKW/2aYn/NyRus4Zc4ZUp0sz:s24BgXVYZ8506WrdvdW3Ylls4ZJ2d9e
Score

3^/10

discovery
behavioral25 behavioral26
- Target
  
  $TEMP/XL7InstallUI/minizip.dll
- Size
  
  19KB
- MD5
  
  1b3434c71f2ba35bdc11659a5a54e83d
- SHA1
  
  9289453581f355ee35ae529fe5c545da6d9eb381
- SHA256
  
  4661f46936752971ccdaa5f3f6e46f9bccfbc9652494d42ee2358e53bf6c78a7
- SHA512
  
  936b8f15913d06b2779053385448205f80f2699f7038cdb6747baea63f9630133963d19664cd6bcade04f560d9310a33a4491307278a1e39e238e9979e23f8e3
- SSDEEP
  
  384:So6lPJWZRqHadG4oXiuHVGLLuhIBleTW3l1J0G:S1lhEx1BuHVGLLOIB9N0
Score

3^/10

discovery
behavioral27 behavioral28
- Target
  
  $TEMP/XL7InstallUI/msvcp71.dll
- Size
  
  492KB
- MD5
  
  a94dc60a90efd7a35c36d971e3ee7470
- SHA1
  
  f936f612bc779e4ba067f77514b68c329180a380
- SHA256
  
  6c483cbe349863c7dcf6f8cb7334e7d28c299e7d5aa063297ea2f62352f6bdd9
- SHA512
  
  ff6c41d56337cac074582002d60cbc57263a31480c67ee8999bc02fc473b331eefed93ee938718d297877cf48471c7512741b4aebc0636afc78991cdf6eddfab
- SSDEEP
  
  12288:b692dAsfQqt4oJcRYRhUgiW6QR7t5k3Ooc8iHkC2ek:bSYACJcRYe3Ooc8iHkC2e
Score

3^/10

discovery
behavioral29 behavioral30
- Target
  
  $TEMP/XL7InstallUI/msvcr71.dll
- Size
  
  340KB
- MD5
  
  ca2f560921b7b8be1cf555a5a18d54c3
- SHA1
  
  432dbcf54b6f1142058b413a9d52668a2bde011d
- SHA256
  
  c4d4339df314a27ff75a38967b7569d9962337b8d4cd4b0db3aba5ff72b2bfbb
- SHA512
  
  23e0bdd9458a5a8e0f9bbcb7f6ce4f87fcc9e47c1ee15f964c17ff9fe8d0f82dd3a0f90263daaf1ee87fad4a238aa0ee92a16b3e2c67f47c84d575768edba43e
- SSDEEP
  
  6144:cPlV59g81QWguohIP/siMbo8Crn2zzwRFMciFMNrb3YgxS3bCAO5kkG:OlVvN1QWguohInJDrn8zwNF7eCr
Score

3^/10

discovery
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32