General
-
Target
bc340b314fa52eb060af22289f7ecb85_JaffaCakes118
-
Size
26.3MB
-
Sample
241203-hqxphszpgj
-
MD5
bc340b314fa52eb060af22289f7ecb85
-
SHA1
44b51fb28b8a77eb522d771b0816bfbd95a8c37e
-
SHA256
c977ae66e324525a57dd0982d670fce03626aa70b4c57e7aff2ba8eab97e4e75
-
SHA512
ccf31fbf1c5729bbff0947500eb190510b821822b51c9d21030c48978c7046ed00a683aedccd9706d18f9188065f36f69f1a593a3488c69a47f7a1f5fe92ea41
-
SSDEEP
786432:YRx4ptP/Ib59RRfWEdEP9NxPm4bKPZ41RAhlZj:YiVIbHWG8PE0hAhHj
Malware Config
Targets
-
-
Target
Erebus-master/exp/0803.exe
-
Size
360KB
-
MD5
f87afacff9c44b94db109e3e956a4b33
-
SHA1
34755544c13596033d6fef875c1c02cf7fe39c01
-
SHA256
18e5187ae45ee5e13379dae0657430a843fae52848b19f572d2fde65906cad4d
-
SHA512
e26ee28f306fa566f35cf44862db3d5c2434297a1678d89aa822610e2d86a88a7e79ef71c7763b4851ccc7513b610200fe125bbbd90950d0e2757e55f4d03177
-
SSDEEP
6144:vo3683VUErRP1m+qFOkKC3uf1PAUjxL+LP/6oy1Woo44GipIRMEofiC1:vcFeErF1m+qCC+AUj5+eoWlbMEofi
Score5/10-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
-
-
Target
Erebus-master/exp/16075/x64.dll
-
Size
326KB
-
MD5
1c2d1c1beb40ab760d5cf746f7ebe562
-
SHA1
132a2de1c9dc58b1723dd4978f6b23a54cb35c24
-
SHA256
2ccddc7a54f7ed79e71b7473eecf0a0b2712c1e609981e7599f69fdb7ca19536
-
SHA512
68ca8088adc9e8f55b90476b9d61a36d84f94f7ab10e1ebccff836195a166e1d853387b9d578ed582c54632e82071c333289aefa16b793dd5469ca33c9b6afb0
-
SSDEEP
6144:f5/nnwxEuBGthmXYptsRaeK+wIwH/6no7jGj9ariu:fdAkmitsQ+wiyE
Score1/10 -
-
-
Target
Erebus-master/exp/16075/x86.dll
-
Size
250KB
-
MD5
1099101ea868ef7f3ee3f16a243ddde1
-
SHA1
3272b2c0a01187723093e9d2323ef253f366a99d
-
SHA256
df0c7275e41ac16741e0fb9c905b581eabd1c1a5993bc85c9e75058fd9315abe
-
SHA512
6ba8b2b49f5888cfcbb031a66549a7333f88a1fee19d572d5f22381b491104bfbcfa9eb71270c1f96b1053dd36d124cc377a69ada969306fcc330ffac05c1179
-
SSDEEP
6144:5/LXbxaXnA3sD10PXcqQPoxJnv1QLkq00XMID3JX6ybkNCvkJTnu:RXanAcSGo5Ft0XMID3Fbksv6nu
Score3/10 -
-
-
Target
Erebus-master/exp/8120/x64.exe
-
Size
93KB
-
MD5
4facb81f57e515a508040270849bcd35
-
SHA1
159fafd3f9227687d7f081ea481f6d5865a95f76
-
SHA256
07191e65af30541f71e876b6037079a070a34c435641897dc788c15e5f62f53c
-
SHA512
6eb350eae9ff4cc099a2b8910cff4c0adfbfe6f5b39da6e045d9c2513b92b290246f8e1dfc7c20c59444f7c6d1824c46ebea564d16529c6d20e64eb6538d40cb
-
SSDEEP
1536:fZOI/uY6iLM3qKbTeMllj+n90gg32nxJovno7/za8LIbsW4d6s+iVg:fP/uYDL4bTVllj+90gg3DQTv6s+iVg
Score1/10 -
-
-
Target
Erebus-master/exp/8120/x86.exe
-
Size
81KB
-
MD5
3fe38271b009298b4cb0b01ef57edbf3
-
SHA1
21080868796fdea9c1e3ae82ded7f75e846e0f95
-
SHA256
b2cb65c9ac36f1e3fb31dfd5235c29b396be0968e6b225d625dc3c8fd72395f4
-
SHA512
fd1d53abc75005f978ec070b7d8e517e67ebfe30c04c0b0741299577f985fdeecbad63bd33834bad1b6a8f84f41be1b23b6aca9973e69bd749c2e06e6d7c53be
-
SSDEEP
1536:QqLmiDfcVXoWz2GVsvn62I+zXaVVGcsB74bCsWjcdXSVY:QqLlDQXocBV0i2huXSVY
Score3/10 -
-
-
Target
Erebus-master/exp/com/1405_1322_x64.exe
-
Size
132KB
-
MD5
2e2ddfd6d3a10d5dd51f8cbdeaeb4b75
-
SHA1
bf51231e74fe5ce86e612e8bec16bc555afb7d73
-
SHA256
85bd47cc708f80a3e9aebc5948404017053eec1c316f2c3b527011f19597ab1f
-
SHA512
ec9f48e571982954e98ecb76156c8c619a67c7c6dc75c3d1319ddd8fca992f4a47e86d0735882320ef4bc8ebca39c763f18e19981b7d50bb4c7db1563de90c25
-
SSDEEP
3072:0Ud3B51Sbph2PlpHyKE+LrmeTwMJV4NalCD:0Ix51SFA95yKEUxz
Score8/10-
Stops running service(s)
-
-
-
Target
Erebus-master/exp/jp/jp.exe
-
Size
339KB
-
MD5
808502752ca0492aca995e9b620d507b
-
SHA1
668c40bb6c792b3502b4eefd0916febc8dbd5182
-
SHA256
0f56c703e9b7ddeb90646927bac05a5c6d95308c8e13b88e5d4f4b572423e036
-
SHA512
9a35ea626bb411531efe905a4a81c3dfdebf86b222d3005e846c87f9501b3d91a6164ef44c2ca72070fe8c33f2bfbfb58b4f96353be1aa8c2c6f9390827a5afa
-
SSDEEP
6144:1fuJYaRk/qxEuUPAVHKZxgHb95dL2f552yxhMsxEc8d7:1fGFRw3+P/PuiX
Score1/10 -
-
-
Target
Erebus-master/exp/sp/sp.exe
-
Size
71KB
-
MD5
b2a64dc8ac56a13247f7b1beab39b6bc
-
SHA1
93ac76efc0992889669e0527af28d1a07e1df241
-
SHA256
41236f7197f79d287226bba44eac778f7fc59d7b56f3fb8ec80d8e64fa9a40d3
-
SHA512
a0eced5a5bb69f9df7cf0b0605084a7864436e72f6fb84d063d83f1210eccad61cbfe3086201c5a183d2bd30a9b0856f3bb1df6c1b11d849c3ad17c5b651c30c
-
SSDEEP
1536:JZIehKZJJUcldrA3YQ5LrsGbzexZEs/W+zntWVogK89LOQ7:/IehKHJ/YLNze/WsX89LO6
Score1/10 -
-
-
Target
Erebus-master/gather/chrome80.exe
-
Size
8.4MB
-
MD5
e7370f5d9e4aa76683dadd3cdb302337
-
SHA1
2ad56443df8de645255e415432611f16b3eb4332
-
SHA256
9aade6e8f3a965f19c4b761f80f9259d703417d1275f18693e5ab00527a6e47e
-
SHA512
c0e1b977aa5605e29e1c53b4c95ec3438b24288cf2439179d2592d3e3c0e84c5632df01fd3bee3d62e2e5f3e33945905808b3373d9758fc3b00f1c6d0ea5f4f9
-
SSDEEP
196608:0cIdNfVhryUTqR+zQMd9e+q2WWmQqh+ZZRB5d85EkqCkqLROnCtFw:6fVFl3QMd9vqZQjeNy+OC
Score7/10-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
-
-
Target
Erebus-master/gather/cookies.exe
-
Size
6.5MB
-
MD5
887eaff4676116c56d24a8e451a7af13
-
SHA1
cc0dd8f039dc978fca2618656d4a70c43ae403a7
-
SHA256
438cf9de347cd3d4254b709f914c421ae23ce6d0ab364054b49a736f6de228f7
-
SHA512
9caacd1abe34c4a75910ee1bb125ae48ef7ffac3a630a5cd52cb6ec8d719b2a851ec22fc0ad790af0b82d4e0fc1a2fd1dfb4111186e0ae3311e620ba2ed91453
-
SSDEEP
196608:0cY9VhKd9e+q2WWmQqh+ZZRt5d85EkUtquStb:gVUd9vqZQfeNLj
Score7/10-
Loads dropped DLL
-
-
-
Target
Erebus-master/local/2020-04-10-mssb.xls
-
Size
2.0MB
-
MD5
38e8f6c37833ccad83d74cedf5e949d1
-
SHA1
89cca86bd5bfa041641f510f3bcd5c05a3ada026
-
SHA256
8fd62c91d0edf3ba7a90d891f8113a1c1d8c62fd44c94bc4d481648a34111142
-
SHA512
f8a5617492d9dc16bd5d64231ea2f605b08779ead8e23a614b67ad47b6840c34be9bb9126a06cf6eeab274d13bd5656543d88a28d4dbacb1dca8d1b97d1c07f9
-
SSDEEP
49152:1xbSb/H0Vt7xMhl7Q0DICxR2thuuV4uA+OsQwVKc:vgcVbW9Q0DIC72pV4upOwN
Score3/10 -
-
-
Target
Erebus-master/local/windows-exploit-suggester.py
-
Size
67KB
-
MD5
b85ac40fa657eaf15ef07814e677acb7
-
SHA1
a6df392a19e90205fa2817604feb02bf634e0315
-
SHA256
c7ede901b75c2a48af62d4444fb1a9e62acfdee92ca21517bca1d573afd8e6b7
-
SHA512
7ac235b57bd594295bfff32a0ecd992719649de2f0070f8b470e9121426e4554c89bb79863459f9e25d53b1c6133c93eda8d3032523d69e16e7c99a386ff0fb2
-
SSDEEP
1536:TKU38AJBrwejZtw4sh2H5TstgVxbM7ytX8r3iu7AiwdYmBRNbiMoJsipkxPv0Yr7:wiweVtwc5igVxbM7ytX8r3iu7AiwdYmf
Score3/10 -
-
-
Target
Erebus-master/modules/gather.cna
-
Size
5KB
-
MD5
1937688b655dab7f808901eb467f3710
-
SHA1
c711aebea4a5526236e41a06fdf8387f6bee166d
-
SHA256
4e11933b4a20b847fc76ff30db0db81f5db0189d70eb768c2d34850fa51c5487
-
SHA512
d5582d569af8083028beb0c74b5ce56c8327a3e0bf446b339b30755da71aeffac412fc94e067b55a01763fdcd6b120076e810e76560669635ffcb9ef8f298d0b
-
SSDEEP
96:AbS0rqDQadVq/rYd27xkDqE2jZXRZ3xj3CQqgJ9irpJi5lFXsYJH5MIH+pWB29Dr:8S0rqcad4EI2D321rFCQl9irMlFXlaYu
Score3/10 -
-
-
Target
Erebus-master/post/BadPotato.exe
-
Size
57KB
-
MD5
f8ff7d24e9fd85b37f6abd432ab5bf79
-
SHA1
5e69e7a338dbb111b3d3e3cc834449f1d9f8134d
-
SHA256
e3cbe26236b403a6516c25810d5f1866c8e912cdea5763262258246ef7379381
-
SHA512
9ade2bc95737f506b63ef623a71fbe3413b06d76f827b9a025e99d343f0a6ee5645b30e1e22e8fa48e21665dfd8d268de4df319500543698422e0eb2e462839c
-
SSDEEP
1536:j6Ztn6DJB0Eu0K+AAtrg5xJjFu7RCpjwn:jScJB2mg5xJjFu7RCpkn
Score1/10 -
-
-
Target
Erebus-master/post/HiveJack-Console.exe
-
Size
6KB
-
MD5
9725b0c65a9cec07c721e6eb45bf9103
-
SHA1
a4bed3183e4be42f0e7d82e5a0688a7b8ae22801
-
SHA256
1c3493464f6af6053ee9d4e59a90212591b4cc4d7f283b46928472670c6c7bc2
-
SHA512
a486a12a094de218d306ea27bd4862fd85b7949b6115649fc4c448172cd74efe525f5b2f51574c0dfbea48b5e47a9787df5b00538aacf7642a3b53d1e2f81234
-
SSDEEP
96:Mj6GxqAE/+Db7CynGCXpewl5TIKzrOHr26zNt:S6abGEflZROL3
Score1/10 -
MITRE ATT&CK Enterprise v15
Execution
Command and Scripting Interpreter
2PowerShell
1Python
1System Services
1Service Execution
1Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Unsecured Credentials
1Credentials In Files
1