General

  • Target

    JaffaCakes118_c93f9dec5c4e315a7acc0dd44602a2fa

  • Size

    471KB

  • Sample

    250119-qwf8qazjhy

  • MD5

    c93f9dec5c4e315a7acc0dd44602a2fa

  • SHA1

    6dff3983393fd27b8bafc67cb56af27ad9525254

  • SHA256

    1f506b1a912c7d5bdc3bf270ac2647bbb7277a779719bc0bd664e0266d7cb52b

  • SHA512

    d67e1b953340f7a0a1d48fea6e31bc070a98eeb6208ed646504673d6e2bed547de7e9af5b3f3c68c220b9ffec3d1ce185d2bfda1a316ca82af8c82a83d9b72c2

  • SSDEEP

    12288:1liv40OJjFpWO+wnH1XYVlMg1Qmj/jME8tfHjlhhi+XY2:1wQ0OJjFpGwwigj/jMEmbD4+n

Malware Config

Targets

    • Target

      JaffaCakes118_c93f9dec5c4e315a7acc0dd44602a2fa

    • Size

      471KB

    • MD5

      c93f9dec5c4e315a7acc0dd44602a2fa

    • SHA1

      6dff3983393fd27b8bafc67cb56af27ad9525254

    • SHA256

      1f506b1a912c7d5bdc3bf270ac2647bbb7277a779719bc0bd664e0266d7cb52b

    • SHA512

      d67e1b953340f7a0a1d48fea6e31bc070a98eeb6208ed646504673d6e2bed547de7e9af5b3f3c68c220b9ffec3d1ce185d2bfda1a316ca82af8c82a83d9b72c2

    • SSDEEP

      12288:1liv40OJjFpWO+wnH1XYVlMg1Qmj/jME8tfHjlhhi+XY2:1wQ0OJjFpGwwigj/jMEmbD4+n

    Score
    4/10
    • Target

      $DESKTOP/Click to finish The Free YouTube Downloader Installation.exe

    • Size

      33KB

    • MD5

      0ef4c8f7cc4d3076bb92bd3563195f33

    • SHA1

      29ffbb6aab35957162288961016581dca40247c6

    • SHA256

      b5a04ef94a3c9b50e4d55d46e4700c0e202629951cb04fd48d99543cbe16442a

    • SHA512

      ad384ad4ad41d32af84ea384cd431ab547659599a3658bca9f29e350037cfcc05b5361d74cbe8a345c09903c68c6c1b019419b17f8ea572845683fe52ebc8231

    • SSDEEP

      768:6HJd0TpH2+bQ2dUWVX9Hfv1JMWmtLEJOyuBxG0D3mjfS3XJNCz:6pgpHzb9dZVX9fHMvG0D3XJNCz

    Score
    3/10
    • Target

      $PROGRAMFILES/YTD Setup/trafficplace-us-2-silent.exe

    • Size

      445KB

    • MD5

      87da014f6eafb7b5321fd7a30465d44e

    • SHA1

      2779674285377d194cd292920fc3aa17cb84bd64

    • SHA256

      ba2894df9dac11c409eb5f8ec442cee1e1ab310e59af6b7924c12e2b6da71548

    • SHA512

      ebbb117868e9f341d300c19f08d6dcc30f97832ea971019f075bcec00386bb02929f745c4bde25c6c79853b297c62ec3fb7b8461b6fc88630dc727cc8e921d4c

    • SSDEEP

      12288:5wlMxOJj4pWO+DnH8XYVQMgSQmj/jtn8tfHSlchi+XE:5wSxOJj4pGDnlg8/jtnm6y4+0

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Target

      $PLUGINSDIR/CustomLicense.dll

    • Size

      3KB

    • MD5

      3c4c9b038c7eb5223691586a42415fef

    • SHA1

      53eb3587f5313f9aae5aea8b92f7ceb45db19fc6

    • SHA256

      60f9263a1693ae5a18523ee5d0f37e512882edaea2b84a028279d7fe5bb305ae

    • SHA512

      a07843d793811ca6ea9be734c458209a1bb224297743e23304f48b65f38ea9ae5a570f99b5c23642431ecb5cb30bcb43848bb92e6529395c232c63f641143250

    Score
    3/10
    • Target

      $PLUGINSDIR/GetVersion.dll

    • Size

      6KB

    • MD5

      5264f7d6d89d1dc04955cfb391798446

    • SHA1

      211d8d3e7c2b2f57f54a11cb8bc4fa536df08acc

    • SHA256

      7d76c7dd8f7cd5a87e0118dacb434db3971a049501e22a5f4b947154621ab3d4

    • SHA512

      80d27ee2f87e2822bd5c8c55cc3d1e49beebb86d8557c92b52b7cbea9f27882d80e59eefa25e414eecee268a9a6193b6b50b748de33c778b007cde24ef8bcfb7

    • SSDEEP

      96:E12Z84uiwpGTVTDSpaHYfniz0R3GhCvXY6Ix5vdR7pBi46AQ5Vu4:2STVTGwYhR3GhCvy5vH7pBi46AQ5Vu

    Score
    3/10
    • Target

      $PLUGINSDIR/KillProcDLL.dll

    • Size

      4KB

    • MD5

      99f345cf51b6c3c317d20a81acb11012

    • SHA1

      b3d0355f527c536ea14a8ff51741c8739d66f727

    • SHA256

      c2689ba1f66066afce85ca6457ecd36370be0fe351c58422e45efd0948655c93

    • SHA512

      937aa75be84a74f2be3b54dc80fac02c17dad1915d924ef82ab354d2a49bc773ee6d801203c52686113783a7c7ea0e8ed8e673ba696d6d3212f7006e291ed2ef

    Score
    3/10
    • Target

      $PLUGINSDIR/Math.dll

    • Size

      66KB

    • MD5

      b140459077c7c39be4bef249c2f84535

    • SHA1

      c56498241c2ddafb01961596da16d08d1b11cd35

    • SHA256

      0598f7d83db44929b7170c1285457b52b4281185f63ced102e709bf065f10d67

    • SHA512

      fbcb19a951d96a216d73b6b3e005338bbb6e11332c6cc8c3f179ccd420b4db0e5682dc4245bd120dcb67bc70960eab368e74c68c7c165a485a12a7d0d8a00328

    • SSDEEP

      1536:0P43WZ4Ql60gam+2MwRmPeqFVHbQH0ZZ1Iet:0wU609VMH0T/t

    Score
    3/10
    • Target

      $PLUGINSDIR/NSISdl.dll

    • Size

      14KB

    • MD5

      a5f8399a743ab7f9c88c645c35b1ebb5

    • SHA1

      168f3c158913b0367bf79fa413357fbe97018191

    • SHA256

      dacc88a12d3ba438fdae3535dc7a5a1d389bce13adc993706424874a782e51c9

    • SHA512

      824e567f5211bf09c7912537c7836d761b0934207612808e9a191f980375c6a97383dbc6b4a7121c6b5f508cbfd7542a781d6b6b196ca24841f73892eec5e977

    • SSDEEP

      192:tUZTobBDJ68r67wmsvJI5ad9cXzFOVu+mZ/P3p+57CvpVqDxVp01Dwn2GRPgsfA:6Bo/680dCI5adOjFOg9//p27uNw2Go

    Score
    3/10
    • Target

      $PLUGINSDIR/System.dll

    • Size

      11KB

    • MD5

      c17103ae9072a06da581dec998343fc1

    • SHA1

      b72148c6bdfaada8b8c3f950e610ee7cf1da1f8d

    • SHA256

      dc58d8ad81cacb0c1ed72e33bff8f23ea40b5252b5bb55d393a0903e6819ae2f

    • SHA512

      d32a71aaef18e993f28096d536e41c4d016850721b31171513ce28bbd805a54fd290b7c3e9d935f72e676a1acfb4f0dcc89d95040a0dd29f2b6975855c18986f

    • SSDEEP

      192:7DKnJZCv6VmbJQC+tFiUdK7ckD4gRXKQx+LQ2CSF:7ViJrtFRdbmXK8+PCw

    Score
    3/10
    • Target

      $PLUGINSDIR/inetc.dll

    • Size

      20KB

    • MD5

      2f94245152dbd233e248909f9c01c578

    • SHA1

      ab4e5879c001b36a2f9ff214946599fd015edda9

    • SHA256

      4c4d85eb9725fc7fade03467990e3dd9671c29a7870c97e69babc2cb3c9adef9

    • SHA512

      f92830de27d6663be5e0df9e32cd88732bc7ee93b14c1ded65258c325d22436400801aff1124f40400c6c3b3c16e71deb08436714716f3888d13a8a6b6a32231

    • SSDEEP

      384:vBCwUYeQ8geEQyhUtXlcgCHe8DSMk8/UhU7ya4L+0Ac9khYLMkIX0+GvRgbJ1:owUEpet1cgCHe8DNN/UhUua4L

    Score
    3/10
    • Target

      $PLUGINSDIR/linker.dll

    • Size

      6KB

    • MD5

      8450b29ee8d592c208ba1aaf6ee50267

    • SHA1

      75096da057bc85cef63bb0eec168652ea75cf618

    • SHA256

      53aa57e582dc56421c1191a0a9efac9c36960b903b7d825f3b9682605ec2b612

    • SHA512

      d23a3057053a1f36f5eb212ae0b09b9b0b41e50b8a6a20bbc46c12c51199ad0bca741bcce17534488158e8f2b9470dbdac2aa059688b7588a05778c40d461039

    • SSDEEP

      48:q/XgJspkvsIWyuS3fyVLkmqbIWXGuDNcGo+FLtLFSfrPIk2vIhll:4gJsFIWjS3qVomqIixo+9tLFUr4vMl

    Score
    3/10
    • Target

      $PLUGINSDIR/md5dll.dll

    • Size

      8KB

    • MD5

      a7d710e78711d5ab90e4792763241754

    • SHA1

      f31cecd926c5d497aba163a17b75975ec34beb13

    • SHA256

      9b05dd603f13c196f3f21c43f48834208fed2294f7090fcd1334931014611fb2

    • SHA512

      f0ca2d6f9a8aeac84ef8b051154a041adffc46e3e9aced142e9c7bf5f7272b047e1db421d38cb2d9182d7442bee3dd806618b019ec042a23ae0e71671d2943c0

    • SSDEEP

      96:YV2qpbvYSflug0Dvxn6GuKM9sh1gdrN9+oB7FT9WibOoBZcko5N/:Yt5lugRK8hlvbwkKV

    Score
    3/10
    • Target

      $PLUGINSDIR/nsDialogs.dll

    • Size

      9KB

    • MD5

      c10e04dd4ad4277d5adc951bb331c777

    • SHA1

      b1e30808198a3ae6d6d1cca62df8893dc2a7ad43

    • SHA256

      e31ad6c6e82e603378cb6b80e67d0e0dcd9cf384e1199ac5a65cb4935680021a

    • SHA512

      853a5564bf751d40484ea482444c6958457cb4a17fb973cf870f03f201b8b2643be41bccde00f6b2026dc0c3d113e6481b0dc4c7b0f3ae7966d38c92c6b5862e

    • SSDEEP

      96:hBABCcnl5TKhkfLxSslykcxM2DjDf3GE+Xv8Xav+Yx4VndY7ndS27gA:h6n+0SAfRE+/8ZYxMdqn420

    Score
    3/10
    • Target

      $PLUGINSDIR/nsisunz.dll

    • Size

      40KB

    • MD5

      5f13dbc378792f23e598079fc1e4422b

    • SHA1

      5813c05802f15930aa860b8363af2b58426c8adf

    • SHA256

      6e87ecb7f62039fbb6e7676422d1a5e75a32b90dde6865dcb68ee658ba8df61d

    • SHA512

      9270635a5294482f49e0292e26d45dd103b85fe27dc163d44531b095c5f9dbde6b904adaf1a888ba3c112a094380394713c796f5195b2566a20f00b42b6578e5

    • SSDEEP

      384:KExN66Yf2xL5Q4IsjuUjUZfqRDpImexpf88FwHxXvjX3hwlHt6oIfESxSHoOO8n9:O2x64GcVpI3xC8ynToIf1SIOhW4

    Score
    3/10
    • Target

      $_121_/SearchToolbar.dll

    • Size

      264KB

    • MD5

      5ddb11ea4ae68dc90c4d3eb427c290d3

    • SHA1

      855fd8074c9033c1e96e32fedac938fb88e9cba8

    • SHA256

      193b2f27e5fdcd1c5a489ae0421e0105ec2255e800e448508fd54e44c3d2b54a

    • SHA512

      50f9f084930b6bca9f6bdb2c8304824c7d8b417ba12119cc99d5c96e3f7313878335354bb3cc32860c398ef512ba84db70e4c6d60c685556e778567c52b77212

    • SSDEEP

      6144:SEoLo0+YodgQx4edCEQjWNONnMSPKcY+KQ0CkkkkkkkkkkkFCkkkkkkkkkkkWCkc:TQv+xGjWNONnMavYskkkkkkkkkkkskkU

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

    • Target

      chrome/content/index.html

    • Size

      4KB

    • MD5

      42330e928a5b4297d5a2936d890040d1

    • SHA1

      62154c53ad56ce6814e0944c69a084e0404fa607

    • SHA256

      1c18c15e414cca50c0557e05aff6f8e62a3e1be56c295188b9e70c0fe83df9e2

    • SHA512

      ede51f6d907bc12098291e6b58dfae82618f12c00574d0278a2ca3afb8f1b81d62aae8ae616b7450bccb46c373eda6dd65b72c7a4ae19144f2cba4c9c6926e5a

    • SSDEEP

      48:SYhR76fA64sNsT0s7pxrNCEEBFSQCOUwBf1WMkF6SoHHU5KHdXYxWCJB1xij0Vsm:97lrpvCpWSLKh0do9rx/Yg7poaAs0e

    Score
    3/10

MITRE ATT&CK Enterprise v15

Tasks

static1

Score
3/10

behavioral1

discovery
Score
4/10

behavioral2

discovery
Score
4/10

behavioral3

discovery
Score
3/10

behavioral4

discovery
Score
3/10

behavioral5

discoveryspywarestealer
Score
7/10

behavioral6

discoveryspywarestealer
Score
7/10

behavioral7

discovery
Score
3/10

behavioral8

discovery
Score
3/10

behavioral9

discovery
Score
3/10

behavioral10

discovery
Score
3/10

behavioral11

discovery
Score
3/10

behavioral12

discovery
Score
3/10

behavioral13

discovery
Score
3/10

behavioral14

discovery
Score
3/10

behavioral15

discovery
Score
3/10

behavioral16

discovery
Score
3/10

behavioral17

discovery
Score
3/10

behavioral18

discovery
Score
3/10

behavioral19

discovery
Score
3/10

behavioral20

discovery
Score
3/10

behavioral21

discovery
Score
3/10

behavioral22

discovery
Score
3/10

behavioral23

discovery
Score
3/10

behavioral24

discovery
Score
3/10

behavioral25

discovery
Score
3/10

behavioral26

discovery
Score
3/10

behavioral27

discovery
Score
3/10

behavioral28

discovery
Score
3/10

behavioral29

adwarediscoverystealer
Score
6/10

behavioral30

adwarediscoverystealer
Score
6/10

behavioral31

discovery
Score
3/10

behavioral32

discovery
Score
3/10