General

  • Target

    JaffaCakes118_c0a3984acc2742aec2c3073592b51b8d2a74fc4f8fe3d52759ce6b51bfd2c9e2

  • Size

    660KB

  • Sample

    241223-qk8tlazrct

  • MD5

    7e454927ff374e6b6f847ad16d13be86

  • SHA1

    ed33fd85b9270004b6958b697cafdf52a62024af

  • SHA256

    c0a3984acc2742aec2c3073592b51b8d2a74fc4f8fe3d52759ce6b51bfd2c9e2

  • SHA512

    86d9771c68f583c146985a5409d4184c00afe1cae584ac47ba9ec99bf217de8e4839400a7afc2504b3c311de04788d2f56ca12773f0ca31c754d32e93d660f13

  • SSDEEP

    12288:tYJ7YaMPI+XCBy0atXuG5UjE+eDHUDBppTbeO4ey3THJ+O1:tYSmtH2XuG5UY1zypTb94eiTkO1

Malware Config

Targets

    • Target

      JaffaCakes118_c0a3984acc2742aec2c3073592b51b8d2a74fc4f8fe3d52759ce6b51bfd2c9e2

    • Size

      660KB

    • MD5

      7e454927ff374e6b6f847ad16d13be86

    • SHA1

      ed33fd85b9270004b6958b697cafdf52a62024af

    • SHA256

      c0a3984acc2742aec2c3073592b51b8d2a74fc4f8fe3d52759ce6b51bfd2c9e2

    • SHA512

      86d9771c68f583c146985a5409d4184c00afe1cae584ac47ba9ec99bf217de8e4839400a7afc2504b3c311de04788d2f56ca12773f0ca31c754d32e93d660f13

    • SSDEEP

      12288:tYJ7YaMPI+XCBy0atXuG5UjE+eDHUDBppTbeO4ey3THJ+O1:tYSmtH2XuG5UY1zypTb94eiTkO1

    • Guloader family

    • Guloader,Cloudeye

      A shellcode based downloader first seen in 2020.

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Target

      $PLUGINSDIR/System.dll

    • Size

      12KB

    • MD5

      cff85c549d536f651d4fb8387f1976f2

    • SHA1

      d41ce3a5ff609df9cf5c7e207d3b59bf8a48530e

    • SHA256

      8dc562cda7217a3a52db898243de3e2ed68b80e62ddcb8619545ed0b4e7f65a8

    • SHA512

      531d6328daf3b86d85556016d299798fa06fefc81604185108a342d000e203094c8c12226a12bd6e1f89b0db501fb66f827b610d460b933bd4ab936ac2fd8a88

    • SSDEEP

      192:Zjvco0qWTlt70m5Aj/lQ0sEWD/wtYbBHFNaDybC7y+XBz0QPi:FHQlt70mij/lQRv/9VMjzr

    Score
    3/10
    • Target

      System.Runtime.Serialization.dll

    • Size

      17KB

    • MD5

      99156404006678cb1e23415cbce56e16

    • SHA1

      11f2b0447f9fbd29d5b8125df0ebbb09624e2444

    • SHA256

      83e849c8b6766db6ca76748e364a36e83afd6f5842aa2c3b18ce8f73fb11e7ee

    • SHA512

      2244a507797f26154db7a47401fa64acccfd65ee5bc79d1e97fbefcfc814d5b6f9ffac37530064c4727a58f6cb0f7a25cd837feb42e7d4b4d491f603845d8de7

    • SSDEEP

      384:wpEvDj8NN2j7dLWg04BHWqlU/uPHRN7QoYWF//dJR9ztzH:wpEvDj8NAZP04BzlwMQoYWF//dj9zpH

    Score
    1/10
    • Target

      ipc.dll

    • Size

      33KB

    • MD5

      f2ac95e2d557b8a76f399eae34044d19

    • SHA1

      1835ac6a06600ae759bf8db48b7de8ec6cd3191c

    • SHA256

      9a1de06c12d0a9a948832d042871d5109005c0e6db16736dd56f96afffdb2ce3

    • SHA512

      e6d4c1293773e30ad1b9cb1ed6e30db706385dfc68019db57631a7c8a2adfbb505dccac483c09a4a54e07dbcb3cce58fa7fc8f32194e209907a64745c95f7eb6

    • SSDEEP

      384:eeoBN23/0InniyehBzBSddM9iwQGFBqm5g9Hg00lCCX4xsOlsybCWx15sa0eMD1:93//iKdM9m2Bb5g9jVsOlsyb7tq

    Score
    1/10

MITRE ATT&CK Enterprise v15

Tasks