General

  • Target

    d58b285c6548a9c9e38055cbe4ab69a1_JaffaCakes118

  • Size

    201KB

  • Sample

    241208-gj9vtszngk

  • MD5

    d58b285c6548a9c9e38055cbe4ab69a1

  • SHA1

    86bcb2d97c07a16e1d997507c54469c734e33386

  • SHA256

    dd1ca209c9a0bfc94fa01d2ab775e6ab0da25bd80864a49c67078ecf8696eee9

  • SHA512

    9661563bbb9c0001a4c722fec6c5ea0da2c01f6deeed34d4526e546af160ea27a567cd3c7a3c7ceac93c360695eb57330a3bf8fc3c780b0782d2a93090d50f53

  • SSDEEP

    6144:ka9S+XIeczXyA9kAqkINcgS3bb8O3zdeih8fai:k+S+4eMX/WFleg6bbrdlh8f9

Malware Config

Targets

    • Target

      xxx/autorun

    • Size

      323B

    • MD5

      b8d13c1fc35551c9b9c7bac8b8380d45

    • SHA1

      54cbf07e186adb83a6d9af5432ad78026f5e3926

    • SHA256

      1b85954f46372dce14e8e648753ea70a15fb0b18927e6c88fee95f1da769ae2a

    • SHA512

      25ce3ff1fb8119b48500f5ba46c3bc48262fbb8bd67fbd14c5fbe92965fe96aefa9f5321f62c4a0d5255ac59f79b333395d24f6ea7bb0c53703d692f9d016547

    • File and Directory Permissions Modification

      Adversaries may modify file or directory permissions to evade defenses.

    • Creates/modifies Cron job

      Cron allows running tasks on a schedule, and is commonly used for malware persistence.

    • Target

      xxx/b

    • Size

      8KB

    • MD5

      0453ae2cac43ee1da908ca414c3e31e4

    • SHA1

      67ccc3866b13d10f5f7106b7580b7cbc8dc8a470

    • SHA256

      d0e85625d7a0f2a64fa1c06965f8e0fbbfaa382013f3e636cded0b3c541bea61

    • SHA512

      0259386c3acf3b39b2a61611c2da15cb04269940b392d27f368e02f0473ba1b123531454849dea3a219cd5608bd52bf58db52f9db461c89fc189e12b64852777

    • SSDEEP

      192:fco9x2gTFmcSJFBzJb9PcsbqCnFw6WcGypdAvf6:fcmhdYbtb9PccF+qkq

    Score
    1/10
    • Target

      xxx/b2

    • Size

      19KB

    • MD5

      6cbde448e8dcdb36521f275afa5a978d

    • SHA1

      b85a7130bbf77b4c237e0bf915f6ce672792e47e

    • SHA256

      e9715d2b9af3fea3a6fd5fe00304acd7ab2f3f389c9d0486059a45e7016798dc

    • SHA512

      3bfdce0018108eb80590ea6138b1e54a1d52f81f4c55cf83a3f63e2a17ce3e91bd7ed19a1935633755420fd0ff1c185757de4b5ff3b091d3d54529c442c0963b

    • SSDEEP

      192:fxPS6cLDBTng1iwU0SLMVirVtq/S/oetNwEJOH/hqB4gHHHHuf1can21c1UGq9s:fdcLDVwU0SHVtCSwetNwt/I8f1j21IU+

    Score
    1/10
    • Target

      xxx/crontab

    • Size

      148KB

    • MD5

      f5b1420933dc0f210a2664e23a58c039

    • SHA1

      c34597af2f63be4214a1b63ca7915229e0578a93

    • SHA256

      88cc820bafce9be130e34648eaf63a15469d8c237f0d6b22e089051e3a9b10e1

    • SHA512

      279787a68e08e8d9481ee37fac098d862b9970490eecf2250c6c40b8330772cefc092ab0b9ee53f7747e3a13318ed4fb74a7d55c4b8bfb7472faca675fd3beef

    • SSDEEP

      3072:UNHik9rOwkocfiYahVTZKblvK4xTGpGpyiaTa:UNBOwssTKvK4EpdT

    Score
    1/10
    • Target

      xxx/f

    • Size

      8KB

    • MD5

      2554ffaedc5bf037383457e671f0baea

    • SHA1

      1ed59a0dc45d4b744df58999a18f987183b2e4ee

    • SHA256

      02eda65cd09f03855057c1e147b93f98d0f24f286e3b2aac5779ff6a007adf43

    • SHA512

      8a59d7449c007526adae1433798749657c2cf85db29bf8ecfb81946aa3ccd5a64dbc8b1dda41cadc175a3398faa3438af44bfa83d7074b7546b71b347dba9555

    • SSDEEP

      96:fNc16qcPdismTjQLSVB3LWaPflsNd9UqtmcyNVlC43uRm+Uw+4T1Ebr6ufhGP:fy+liDjQLSVzmd9UqtmcHbUDkGyO6

    Score
    1/10
    • Target

      xxx/f4

    • Size

      14KB

    • MD5

      88da5242d494a29f9307d93f003f7f1d

    • SHA1

      8238b054ea6eafd97898835052c7c01053a5c7b2

    • SHA256

      ceb82162527b1f4512a1b16f300dcb3bc4d377104dbc3f21b70bd32cd05b60f8

    • SHA512

      7c00235a4e1c14fe6912c87756848870175e23fc82971d7b7b5e1b542755bddcf52807fb9315bab58cbe9fe9ae705b908dd5358a842d6303f85c04eaf2f7a8de

    • SSDEEP

      192:fDqe0I8HAtnkvOa/t7O3A2VY3vdSehW9Zm0A372OaRcixRcg6o5S:fuLHCnkvOa1Cw38SMml2OaRBRyf

    Score
    1/10
    • Target

      xxx/j

    • Size

      10KB

    • MD5

      f2c6e588978118522898340fb9c5dd61

    • SHA1

      b39d5c18a74baeb0dcf31e55a51cf2e7be87d884

    • SHA256

      825ebdf925fbee86aab2cf53b25447e5511e307c1a6364bf9c120190fca0b893

    • SHA512

      d561c2bad0eb1ec3af04b0da18b3566e2f7002b71cfc61c1d9999c42a00ac8213dbed03541c14d78ea11c86f6b26aaaa0be4164613547360b74337a87b6c6745

    • SSDEEP

      192:fH8VUtd9VR0FXyf4hHQ7/xcnipTgc6ieQ0RsbE93n:fcKuFXC4YxMip0pieQWsbEh

    Score
    1/10
    • Target

      xxx/j2

    • Size

      13KB

    • MD5

      3117eec5cff2a57ca1f153c89b32861b

    • SHA1

      2f40fb39d5082db49dbbfbf48a2b20fdb4a0946d

    • SHA256

      b42146142866b57b8fee8cc72239ed7bce3d7740d4a7cc9149153b88277cc2a4

    • SHA512

      91e51c3d5201046a2b06c27f2448876034d2edad026c7c39a70a47b06d67c8e0bebcda85b345225378e73570f1495dc168ef58200deb00a780d735b9a9ec7c33

    • SSDEEP

      384:fHxeLNSu9HTHkGvxWPwcHfoDfQIL38dXu:5PWHTHrvxI5gIILss

    Score
    1/10
    • Target

      xxx/mech.help

    • Size

      22KB

    • MD5

      1874b6a425f02814977ab798b2e65f17

    • SHA1

      d952c8962d3dca6201a5c8a132b64b26ea38361c

    • SHA256

      2aee40e57f48a2181dc9939404126562e88ca6e6b17fc56767a09036daf38867

    • SHA512

      74a2318f3066db20f1a63ed2f85fc38570a664c115348de6890abbea67cc17d3db38059530fd1b7246b81b502bcec84154226115387d218c4b8d5d3fddd08a07

    • SSDEEP

      384:c8SjDq9C5YRsQE65trp8AUR7MTyoqSJNok:xKq9n2QE65tl8AUR7MTRxNok

    Score
    1/10
    • Target

      xxx/mech.session

    • Size

      290B

    • MD5

      08f481eec9c68711f7285c0d78c394a9

    • SHA1

      10f81812ec18619d44576f0d0e02bf19161b29ea

    • SHA256

      47d6d59abd6aae1a209842519fd6cb0eb3eb58a6b35ab4bc08d7c883b045d785

    • SHA512

      bc32d7a27a1eb32ff23a7215ffd35e89096c89d7b86efed455feaee94a08172e16d83ca57e36521e94d60d392e1e14f614861b2a75e2356ff51fac2f5787dd78

    Score
    1/10
    • Target

      xxx/run

    • Size

      32B

    • MD5

      b6eb2e6e834b3eadcb4afb3de0616424

    • SHA1

      2caea1b70ca49d4d6799bf9129841124906dc8a7

    • SHA256

      4b9c0eeb6156785ff42f5858ff52b5249f5f66c736fb40124a2499f11da8ec70

    • SHA512

      4d85c86d89a91bdbca8800862ef393e683a1bc787b9f9aec6d2c5ae6b928d9dace135c441ee5a06744534456843bc089b98402d6d504b3e6ba94c77fefa7500d

    Score
    1/10
    • Target

      xxx/s

    • Size

      14KB

    • MD5

      c24e82931367715c8597f05e5279bb0e

    • SHA1

      9d58bfb07d85483049f1d22bc02cfa3737706865

    • SHA256

      ed4b05a1d27bc71697f2e04f4584f80d31836e1c49fbe6701c4fcad64a9c591f

    • SHA512

      4a55f37fe3f83db989bb5c731ea2d21bbbb41081dc0b7df93b0f9b6b631408feab6cc747dfdc24cad59d8f660e3ba6ad51ace81599e8b42eee0ca04a6f1035b6

    • SSDEEP

      192:fX2JTP7k1E22X6HToyLJDOQc78JFJSNz8mWKNc/uPxNcj/EPASpP:fX2R27TvLJDOn78JFJkzlWKNpN+EP3

    Score
    1/10
    • Target

      xxx/sl

    • Size

      16KB

    • MD5

      a8b03eff9ba7e9b3d5176b1204c20a08

    • SHA1

      971b6f93b15c28dd72e8fdada7ddc0449b8bfeca

    • SHA256

      00f18bd9542e940377a4fb3711313d8f633bb96bbddd38579a9d8d7dd59320d1

    • SHA512

      d983905d23a4e99fd9586777b675121e2a6e7a42c32d477f95898cec92b8134f5811b469d458cd6d95c1c1d25e86439a56dd4c6a3279d13e51ccc1d65df6d6ce

    • SSDEEP

      384:fP05PnvcTrKngR88u3v3Zf15v2/w52XFdgo05:DrKgR88av3Zf15v2Y524o2

    Score
    1/10
    • Target

      xxx/std

    • Size

      14KB

    • MD5

      458bfb57bea37b400f135459068f8e82

    • SHA1

      34323bf56af2fc7105da5f64c1171aa28ebd5c4a

    • SHA256

      c81906d4fc30ef70deec4f3f25d8cc189953b2d41f03cd80dd66c3b02e5af522

    • SHA512

      5cf92159bde2ba9dfe2f1073e1b1dbde49083a4e666a9bfd4cce6557f4197e22249a185533016cfd9cd04ff25d6688959321af8e13f637e9d28eea7292a626ea

    • SSDEEP

      192:fgwUrURo3NxrWtyBcnfERKSYcN0j707Ygg3VcfpCVcG+mKeiMP:f44YNxaUBcnfeKSzawYrVGYV/RD9

    Score
    1/10
    • Target

      xxx/stream

    • Size

      8KB

    • MD5

      515e4b4b08dd8d4488516c9efdba9a8a

    • SHA1

      e2011b15fe673b40af2c72492d86214a5c9c917c

    • SHA256

      79d53e8d40b1e724a2940894a1b31ab51803782ae6bc6cf2abe90a8470ecffa1

    • SHA512

      a576e6a45b6f5a03c5c8331094dc128a054174a51acb0cff434b37cfc51f9ff10944a1abed817d86ece248483f68940d15ba04fc742c981344ec2cfcb01d1851

    • SSDEEP

      96:fDdKeZneTiF1+4rdfF1cgYI85HTI4RoS0SWOc6GIpYlioniweRR1hsngeuflG91:fhKeZeTi7+WOTI4N0SWOcwFR1hsvuS

    Score
    1/10
    • Target

      xxx/tty

    • Size

      6KB

    • MD5

      e99b9bf716695cdc826cd3e3b0f1b313

    • SHA1

      5d2ed29211c04e0941584e26c9e5ce858628451d

    • SHA256

      65e510d3ca296b51b8e028a59c921b15311173132af8c1acfb65f87dec1f848f

    • SHA512

      dcf0b5cc55887a1a99da458f7ab8e3480aa2c4bde2709a5b4da5fe29ff3536b0a686c9e9e275777735d3020aa34c369369667a346e61b38e73c2ef0b1d5e2f3c

    • SSDEEP

      96:fzBGCXW/AuT5XFUC9nAe9yBCpiof+ci4GFif436oWePSTbjgZMEVQhG2:fzokutVUC9nAe9yBC4of+cLXkST3R7n

    Score
    1/10
    • Target

      xxx/update

    • Size

      193B

    • MD5

      9add168be05b652bf0f09dae6feab59c

    • SHA1

      7339be51107cfc0703f553afd355df50e3937d47

    • SHA256

      21a4ee403c7865490f3a28675af06281a7a6061b39e8b8bc0396836c222d9b7d

    • SHA512

      5e8529ead0994d8451cc2977d00c4bccf6fc7a15d3e973acc758f925162e87f1fce05ce17ad30818e620c53d80e2702b7dbf0e28e18c87d71378bb4ecc7ebcff

    Score
    1/10
    • Target

      xxx/v

    • Size

      13KB

    • MD5

      a9c8a6e6efcb973610446500eef6ed30

    • SHA1

      4e587b64d26cf46cf91d3ad145e0897d366f451a

    • SHA256

      a5935a13b3c87d82e689068531b912fd04993b02b2a13cf2f6c013f88b3ea2b6

    • SHA512

      18aeafce1c9f3f0102ab295899265a4542a735406d32188be3183497a070042193bafcd5882c26015f91169e621b0c94ab771b10de9d2e7b6786f6f5ce20953a

    • SSDEEP

      192:fklKibGWjqWez0fgbinxEtmr7UwWxZ3v3Zf15v22Pd0BVcaydQqgD2:fBWj3eXbMUmr4Z3v3Zf15v22GVNyX

    Score
    1/10
    • Target

      xxx/v2

    • Size

      14KB

    • MD5

      14b02b5b4080022b3bc90134346e087c

    • SHA1

      0a7661a038f21a98fcc75e7e04d828b4c2fef114

    • SHA256

      e2fd65112b36219d771461a331c5b52ca7e9c1b55fc897361c29e53594ca9f22

    • SHA512

      585d4b65aeda22de019534b5edb90fe40e6e16e06569059ce60e96b5a14dc82e9089b5e37dcc7b99b56b1acc8a0871cbcab443ab79dd19de75984fa909e16aa1

    • SSDEEP

      192:fr+KlRdX4oilawb+ojEB3Oob+ZDv4oc/xicmof9y3k:fqK3dX6lawbDC3OIK4oOcYl/

    Score
    1/10
    • Target

      xxx/x

    • Size

      922B

    • MD5

      23b2d5d642e33321c20cff26af3e156e

    • SHA1

      97aa09b3545428ab494c9b3cf1197f3b7b90a981

    • SHA256

      a5b8cfc77b143a494926ab0719a52ca4a5bf545740714a2aadc4fba31b934d85

    • SHA512

      69553079784f77f4da6bcf24dda3b58be49d59782110d64827d62ce78161ee47e2743154cbe962e9a83f3b8b9219eeefe2c26d91a92fdf5ac233f1fe467544d7

    Score
    1/10

MITRE ATT&CK Enterprise v15

Tasks

static1

Score
1/10

behavioral1

defense_evasionexecutionpersistenceprivilege_escalatio
Score
7/10

behavioral2

defense_evasiondiscoveryexecutionpersistenceprivilege_escalatio
Score
7/10

behavioral3

defense_evasiondiscoveryexecutionpersistenceprivilege_escalatio
Score
7/10

behavioral4

defense_evasiondiscoveryexecutionpersistenceprivilege_escalatio
Score
7/10

behavioral5

Score
1/10

behavioral6

Score
1/10

behavioral7

Score
1/10

behavioral8

Score
1/10

behavioral9

Score
1/10

behavioral10

Score
1/10

behavioral11

Score
1/10

behavioral12

Score
1/10

behavioral13

Score
1/10

behavioral14

Score
1/10

behavioral15

Score
1/10

behavioral16

Score
1/10

behavioral17

Score
1/10

behavioral18

Score
1/10

behavioral19

Score
1/10

behavioral20

Score
1/10

behavioral21

Score
1/10

behavioral22

Score
1/10

behavioral23

Score
1/10

behavioral24

Score
1/10

behavioral25

Score
1/10

behavioral26

Score
1/10

behavioral27

Score
1/10

behavioral28

Score
1/10

behavioral29

Score
1/10

behavioral30

Score
1/10

behavioral31

Score
1/10

behavioral32

Score
1/10