76586617f0f0492574ede863dd8b661f0da7ae3342e5d61f6d68dd6d7a37342f | Triage

Sharing

General

Target

b4eb607c4af9e0d6dd88dfaee8a96fed_JaffaCakes118
Size

13.1MB
Sample

241130-fsntaayldq
MD5

b4eb607c4af9e0d6dd88dfaee8a96fed
SHA1

94405602d39b4062e8b0769e3d1b7c7dac821b26
SHA256

76586617f0f0492574ede863dd8b661f0da7ae3342e5d61f6d68dd6d7a37342f
SHA512

3d9b362245cbd403de99224cef7e97e16c8579034e92117dee95ee8033c2c016006bbca7ff7749249e12394d2e13b86d083e1f60d229b41c598883e7e26c9af9
SSDEEP

393216:yY2ku6hak4+q/oXa4HTBlYPm1i6U23rQrejmIrXAPL:yYNsN2vY+1i6U23YQZwj

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  b4eb607c4af9e0d6dd88dfaee8a96fed_JaffaCakes118
- Size
  
  13.1MB
- MD5
  
  b4eb607c4af9e0d6dd88dfaee8a96fed
- SHA1
  
  94405602d39b4062e8b0769e3d1b7c7dac821b26
- SHA256
  
  76586617f0f0492574ede863dd8b661f0da7ae3342e5d61f6d68dd6d7a37342f
- SHA512
  
  3d9b362245cbd403de99224cef7e97e16c8579034e92117dee95ee8033c2c016006bbca7ff7749249e12394d2e13b86d083e1f60d229b41c598883e7e26c9af9
- SSDEEP
  
  393216:yY2ku6hak4+q/oXa4HTBlYPm1i6U23rQrejmIrXAPL:yYNsN2vY+1i6U23YQZwj
Score

7^/10

discovery
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  14KB
- MD5
  
  325b008aec81e5aaa57096f05d4212b5
- SHA1
  
  27a2d89747a20305b6518438eff5b9f57f7df5c3
- SHA256
  
  c9cd5c9609e70005926ae5171726a4142ffbcccc771d307efcd195dafc1e6b4b
- SHA512
  
  18362b3aee529a27e85cc087627ecf6e2d21196d725f499c4a185cb3a380999f43ff1833a8ebec3f5ba1d3a113ef83185770e663854121f2d8b885790115afdf
- SSDEEP
  
  192:86d+dHXLHQOPiY53uiUdigyU+WsPdc/A1A+2jwK72dwF7dBEnbok:86UdHXcIiY535zBt2jw+BEnbo
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/NSISdl.dll
- Size
  
  14KB
- MD5
  
  a5f8399a743ab7f9c88c645c35b1ebb5
- SHA1
  
  168f3c158913b0367bf79fa413357fbe97018191
- SHA256
  
  dacc88a12d3ba438fdae3535dc7a5a1d389bce13adc993706424874a782e51c9
- SHA512
  
  824e567f5211bf09c7912537c7836d761b0934207612808e9a191f980375c6a97383dbc6b4a7121c6b5f508cbfd7542a781d6b6b196ca24841f73892eec5e977
- SSDEEP
  
  192:tUZTobBDJ68r67wmsvJI5ad9cXzFOVu+mZ/P3p+57CvpVqDxVp01Dwn2GRPgsfA:6Bo/680dCI5adOjFOg9//p27uNw2Go
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  11KB
- MD5
  
  c17103ae9072a06da581dec998343fc1
- SHA1
  
  b72148c6bdfaada8b8c3f950e610ee7cf1da1f8d
- SHA256
  
  dc58d8ad81cacb0c1ed72e33bff8f23ea40b5252b5bb55d393a0903e6819ae2f
- SHA512
  
  d32a71aaef18e993f28096d536e41c4d016850721b31171513ce28bbd805a54fd290b7c3e9d935f72e676a1acfb4f0dcc89d95040a0dd29f2b6975855c18986f
- SSDEEP
  
  192:7DKnJZCv6VmbJQC+tFiUdK7ckD4gRXKQx+LQ2CSF:7ViJrtFRdbmXK8+PCw
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/blowfish.dll
- Size
  
  22KB
- MD5
  
  5afd4a9b7e69e7c6e312b2ce4040394a
- SHA1
  
  fbd07adb3f02f866dc3a327a86b0f319d4a94502
- SHA256
  
  053b4487d22aacf8274bab448ae1d665fe7926102197b47bfba6c7ed5493b3ae
- SHA512
  
  f78efe9d1fa7d2ffc731d5f878f81e4dcbfaf0c561fdfbf4c133ba2ce1366c95c4672d67cae6a8bd8fcc7d04861a9da389d98361055ac46fc9793828d9776511
- SSDEEP
  
  384:yTxz0Cv0hqd+1TjQmd9YWrSUEc//////OD5hF92IJpJgLa0MpoYfAz6S:jCvsqdS3QGBREc//////Q53NgLa1ub
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  $PLUGINSDIR/locate.dll
- Size
  
  17KB
- MD5
  
  7d3317f57c1a368480ace3c0ca804eeb
- SHA1
  
  d4c7e185bc64aac82339f51ba6c21cf0713c9f1a
- SHA256
  
  d88a04c1e39db583eaad727fd390fe599ab10198ee040bfbdd22daefadbd2372
- SHA512
  
  5598c2e6caa2f66edd48f8c8305e054d4b0740b5f2b7ed92cf197a13ac66ba99a32013d34b3c2e28d007ab7979eb90a50681324eb736b1410e7df1902e4ec32a
- SSDEEP
  
  384:ev/vPBkA6dK8wiLe45naPji7hpx2kRV+qgm:evyvwiNnGji7Xxjc8
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  $PLUGINSDIR/xml.dll
- Size
  
  118KB
- MD5
  
  42df1fbaa87567adf2b4050805a1a545
- SHA1
  
  b892a6efbb39b7144248e0c0d79e53da474a9373
- SHA256
  
  e900fcb9d598643eb0ee3e4005da925e73e70dbaa010edc4473e99ea0638b845
- SHA512
  
  4537d408e2f54d07b018907c787da6c7340f909a1789416de33d090055eda8918f338d8571bc3b438dd89e5e03e0ded70c86702666f12adb98523a91cbb1de1d
- SSDEEP
  
  1536:U2A8OSGjylgkara+70LICin9zgtg2LxowhtJu6MqSNicNEtIfF42q2KC:OzjLkarn7O+n9z2L6whFtGF42bK
Score

3^/10

discovery
behavioral13 behavioral14
- Target
  
  GNU/aspell/bin/aspell6.dll
- Size
  
  522KB
- MD5
  
  dfbe7aab4fd4f86703f29a66afbdedfa
- SHA1
  
  e939e6078be98de5f58ef523c0c0ad3c16f1e7e1
- SHA256
  
  f806348dccf3297adc8863e0e6adf7ac43202afec3c82b297134036320f9790e
- SHA512
  
  3838219b1cc6724061d6343986916a2b81d72cd229e2889c4472dc19574072fc3dd031e72fb8399164c89b7ff81adc690aa34f8df087fce0b601d5d63c4888ff
- SSDEEP
  
  12288:fYYMusACjwV1NqRC+a107iuAkFtRP5I38k8hkZfPd3NMY8QX2gZclxWpdn98hbSV:fYYQAV1NGz9Ay28hZbgZclxG98hbz/vo
Score

3^/10

discovery
behavioral15 behavioral16
- Target
  
  GNU/astyle.exe
- Size
  
  116KB
- MD5
  
  0d52a634dd4e6612002f2d0163a49856
- SHA1
  
  0f0d8c1c22a361ba1b24d6bd585873ffbc472558
- SHA256
  
  677e086b163a4e5201468b90f5910e9c119bc92c0bd1d41e50f8acfcd54d4dbd
- SHA512
  
  9899d95f6c09bccb446372b8e01e1b120fa063d69b31502bc74cd4c91f1c3a9db4eee4c42442150ceb2345d6e1f6debc0d3d5cd83f45bba57ffcfc1a15bd5bbe
- SSDEEP
  
  3072:WN8DtH/CtB1ocY45O+I+Sfer2GeOji+g6DuOU4:WN8CoUI/eI+g6DuOU4
Score

3^/10

discovery
behavioral17 behavioral18
- Target
  
  GNU/ctags.exe
- Size
  
  196KB
- MD5
  
  074b768ef6e3409f189862eb2cfaacf3
- SHA1
  
  78a4bfba6f91fef98da23aacd94e596da70e14ab
- SHA256
  
  e99b59333f892e9c9d1e5c27ee714969cb429675424858c2c59b64ec539cae94
- SHA512
  
  558d41af4c261ddff9a8a002cbea33157dbb02b7a207230dd920ba80e3274e2b62e7f9101cbb4edf5e540b800f77a25bb76f4ce05def657ca2e32a7e72c18f01
- SSDEEP
  
  3072:EolQ7tKlWoxZ0eXvyEMkGoLhfgvheEPNmNUA704:ExhKlWoT0eXzMYgQEFC/
Score

3^/10

discovery
behavioral19 behavioral20
- Target
  
  GNU/iconv.dll
- Size
  
  955KB
- MD5
  
  fd1dc6c680299a2ed1eedcc3eabda601
- SHA1
  
  e702404882b03014abeb2adead38a9e87ad90046
- SHA256
  
  cb016e794d3311c71f21d87803e10a0e1133995f62a485eb37b321cd9b9e1087
- SHA512
  
  2aed2d9f2d086a52a25f320df3f2bda144c6adde7d7f3bb8974ebcdee7d65130246b357a54e383daa88c22578193009ef0ac1f627c7094c413dc157adcbc3df9
- SSDEEP
  
  24576:Mf0TfklyKuJGavkg3Ny4WbbbVKHYsa4QhBAUZLYr5vx:AaayKuJGaXFQK4sDQhBAUZLYrtx
Score

3^/10

discovery
behavioral21 behavioral22
- Target
  
  GNU/libxml2.dll
- Size
  
  1022KB
- MD5
  
  ea496a20e79f8443ef4ea9ea0ccff462
- SHA1
  
  fe2efdaaef263de1dd988b8032a4dfbf30fc4865
- SHA256
  
  90b1008dab413d0286ccdeb4d3f7ac21bd880d89fff792ed95e34c2fe69470a2
- SHA512
  
  bf20d5d0ca8f0302e0b6367ae867346924840ea070a74e6db3cb8bcdee19d5e8f2f8be98b55131339aa25fd15f1cddf28c01bd6b47fb56a61fad5d6c3b488dfe
- SSDEEP
  
  12288:ud5xPAXijPVifAUz8R1NxPi3Ekjqs85pypxxOyUr0QF95NXphQ0pWxoHeZpk4b8l:uP5Gso3GbxOVQTyLxOyUtXE08uHej
Score

3^/10

discovery
behavioral23 behavioral24
- Target
  
  GNU/xmllint.exe
- Size
  
  35KB
- MD5
  
  e531b10b07978677ace71595e4728156
- SHA1
  
  45f31cd0dc119427f074b0f1d981398f52ebb61e
- SHA256
  
  39dcfe6fbb357965ff7d65c3db8c8e0cf573fdf403e23d7fb9a0bc507b4ff76c
- SHA512
  
  07ac0d7139ccb25ca30c71f9bb7f83c81983891b3d0a18c64ac244aeb7529b15979d7a3d8bdba33aaeb02919ed96942652b4767b617bdfcf176e787175ede435
- SSDEEP
  
  768:dLLKWXYQ/TIqBZGNe4Ka4WY+iNARZxE8t:xLKWXfTCNe4Ka4WxiN6c
Score

3^/10

discovery
behavioral25 behavioral26
- Target
  
  GNU/zlib1.dll
- Size
  
  58KB
- MD5
  
  80e41408f6d641dc1c0f5353a0cc8125
- SHA1
  
  6d957ba632df5b06d49a901f2772df4301610a2a
- SHA256
  
  b09537250201236472ccd3caff5c0c12a5fad262e1e951350e9e5ed2a81d9dde
- SHA512
  
  857d4dc087c73f00d79bf70edfc67ddc0b15a86a4fff366d91e5ef6684af43eed7dcf8579f6b4fb35dedd090973e2bde1a82aae07642136b608eeb1d567e5c03
- SSDEEP
  
  1536:b/jUwfZ7BURaHUry7nToIfYIOlIO+CM6:1x7BURaHUrgTBfev+CM6
Score

3^/10

discovery
behavioral27 behavioral28
- Target
  
  UEDOS32.exe
- Size
  
  49KB
- MD5
  
  5bc2b1647d906cab1786741db964af53
- SHA1
  
  cac81d711b1c32c73486d719027b28df126462b8
- SHA256
  
  6bf9e76122e3b2518cd0d1718a3c6524965f2b8854293d222a2446688510e845
- SHA512
  
  44e78ac6e71679ceea890f2c7217de6bea5044280b029cba4f0ae984b4ab97842b9aafc0b2a192b3543bd615410c9e794d156aa9b4b30b57d2217cf4d5e306ea
- SSDEEP
  
  768:HehoGNLS406i0fHmUU8m3ySNcb/HH/GR1kMTSYr0Cv6rTvUg54m:HIfqem3ySWz4kMTe55/
Score

3^/10

discovery
behavioral29 behavioral30
- Target
  
  Uedit32.exe
- Size
  
  9.9MB
- MD5
  
  fa359bdcc9d06c3efaf3fc2143641a67
- SHA1
  
  bee9a5f1ba8292d26e0f7f7a00530f859c928da5
- SHA256
  
  75f6958db91edc7745235374848c91ec4f7fbc6d0c9cffb2c3ae223da4e18fc7
- SHA512
  
  214b5379865013dc3c7891630a51b6074cd4fb9e66abdd7b5bf0e7c0e668ea1fdadb87a32dafc4a6109a8621c9386fe99a2f1f4bf329bfec709a9e10c9b10ff6
- SSDEEP
  
  98304:oEmzkOY7yIBl5Ktq8weyJPNgmR+Q/+icSFu1nH9/WL1YbP0Hk+CGRzOsCND9g4mj:Q4x7975dNgO//A9/WL2KCedj
Score

3^/10

discovery
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32