Overview

overview

6

Static

static

3

1a6c00140d...18.exe

windows7-x64

3

1a6c00140d...18.exe

windows10-2004-x64

3

$PLUGINSDI...dl.dll

windows7-x64

3

$PLUGINSDI...dl.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDIR/inetc.dll

windows7-x64

3

$PLUGINSDIR/inetc.dll

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

Extras/setup.exe

windows7-x64

3

Extras/setup.exe

windows10-2004-x64

3

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDIR/Math.dll

windows7-x64

3

$PLUGINSDIR/Math.dll

windows10-2004-x64

3

$PLUGINSDI...dl.dll

windows7-x64

3

$PLUGINSDI...dl.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDIR/inetc.dll

windows7-x64

3

$PLUGINSDIR/inetc.dll

windows10-2004-x64

3

$PLUGINSDI...ll.dll

windows7-x64

3

$PLUGINSDI...ll.dll

windows10-2004-x64

3

$PLUGINSDI...nz.dll

windows7-x64

3

$PLUGINSDI...nz.dll

windows10-2004-x64

3

$_122_/Sea...ar.dll

windows7-x64

6

$_122_/Sea...ar.dll

windows10-2004-x64

6

chrome/con...x.html

windows7-x64

1

chrome/con...x.html

windows10-2004-x64

1

chrome/con...ons.js

windows7-x64

3

chrome/con...ons.js

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1a6c00140d9aa46a13f4ab65e464ff58_JaffaCakes118

  • Size

    476KB

  • Sample

    240628-rghnnswfrk

  • MD5

    1a6c00140d9aa46a13f4ab65e464ff58

  • SHA1

    5da487a197323a0176ea34adcd7e18940adedd81

  • SHA256

    83f405fb27bfaee742b087b60172a74c4cc873ac08c0388387f628c456bde26b

  • SHA512

    a48641d14838f4913477a8508c412d1167d48fd2b48a5925598cf40d4916aa1db27e9bdcb423ccd37ecfbc78f452797857e71b106638d1cb5e1bec6cbcc9060b

  • SSDEEP

    12288:UJ0B2dbWU51sQHs+oNRU8iylQyrxyDrlwdSF0XVinY:Ug2dbZoNWayHLF0XAY

Score
6/10
adwareexecutionstealer

Malware Config

Targets

    • Target

      1a6c00140d9aa46a13f4ab65e464ff58_JaffaCakes118

    • Size

      476KB

    • MD5

      1a6c00140d9aa46a13f4ab65e464ff58

    • SHA1

      5da487a197323a0176ea34adcd7e18940adedd81

    • SHA256

      83f405fb27bfaee742b087b60172a74c4cc873ac08c0388387f628c456bde26b

    • SHA512

      a48641d14838f4913477a8508c412d1167d48fd2b48a5925598cf40d4916aa1db27e9bdcb423ccd37ecfbc78f452797857e71b106638d1cb5e1bec6cbcc9060b

    • SSDEEP

      12288:UJ0B2dbWU51sQHs+oNRU8iylQyrxyDrlwdSF0XVinY:Ug2dbZoNWayHLF0XAY

    Score
    3/10
    behavioral1behavioral2

    • Target

      $PLUGINSDIR/NSISdl.dll

    • Size

      14KB

    • MD5

      a5f8399a743ab7f9c88c645c35b1ebb5

    • SHA1

      168f3c158913b0367bf79fa413357fbe97018191

    • SHA256

      dacc88a12d3ba438fdae3535dc7a5a1d389bce13adc993706424874a782e51c9

    • SHA512

      824e567f5211bf09c7912537c7836d761b0934207612808e9a191f980375c6a97383dbc6b4a7121c6b5f508cbfd7542a781d6b6b196ca24841f73892eec5e977

    • SSDEEP

      192:tUZTobBDJ68r67wmsvJI5ad9cXzFOVu+mZ/P3p+57CvpVqDxVp01Dwn2GRPgsfA:6Bo/680dCI5adOjFOg9//p27uNw2Go

    Score
    3/10
    behavioral3behavioral4

    • Target

      $PLUGINSDIR/System.dll

    • Size

      11KB

    • MD5

      c17103ae9072a06da581dec998343fc1

    • SHA1

      b72148c6bdfaada8b8c3f950e610ee7cf1da1f8d

    • SHA256

      dc58d8ad81cacb0c1ed72e33bff8f23ea40b5252b5bb55d393a0903e6819ae2f

    • SHA512

      d32a71aaef18e993f28096d536e41c4d016850721b31171513ce28bbd805a54fd290b7c3e9d935f72e676a1acfb4f0dcc89d95040a0dd29f2b6975855c18986f

    • SSDEEP

      192:7DKnJZCv6VmbJQC+tFiUdK7ckD4gRXKQx+LQ2CSF:7ViJrtFRdbmXK8+PCw

    Score
    3/10
    behavioral5behavioral6

    • Target

      $PLUGINSDIR/inetc.dll

    • Size

      20KB

    • MD5

      7569b23f19a0f5cb4c1d3b30a296c4bb

    • SHA1

      c5f3546b3c795e46445393960694a2341692ddc7

    • SHA256

      615bf32e15aaa8d58832df2298f75dd2b29ea5f25bf152c99630315cb618a31a

    • SHA512

      11663bf180f9540ad247957b6793f8afd1b4e66f3b692b4ad05735f07459dd524571245928c40e26e3de691472508f5632fcd4add1eebad559d504eca32c08a9

    • SSDEEP

      384:gBCwUYeQ8geEQyhUtXlcgCHe8DSMk8/UhU7ya4Lp0Ac9khYLMkIX0+GvRgbJ1:pwUEpet1cgCHe8DNN/UhUua4L

    Score
    3/10
    behavioral7behavioral8

    • Target

      $PLUGINSDIR/nsDialogs.dll

    • Size

      9KB

    • MD5

      c10e04dd4ad4277d5adc951bb331c777

    • SHA1

      b1e30808198a3ae6d6d1cca62df8893dc2a7ad43

    • SHA256

      e31ad6c6e82e603378cb6b80e67d0e0dcd9cf384e1199ac5a65cb4935680021a

    • SHA512

      853a5564bf751d40484ea482444c6958457cb4a17fb973cf870f03f201b8b2643be41bccde00f6b2026dc0c3d113e6481b0dc4c7b0f3ae7966d38c92c6b5862e

    • SSDEEP

      96:hBABCcnl5TKhkfLxSslykcxM2DjDf3GE+Xv8Xav+Yx4VndY7ndS27gA:h6n+0SAfRE+/8ZYxMdqn420

    Score
    3/10
    behavioral10behavioral9

    • Target

      Extras/setup.exe

    • Size

      427KB

    • MD5

      97f04bff306611e8326bb853c48a814d

    • SHA1

      ee3f34a00c27b5d7425ef13547448d5309a24941

    • SHA256

      8df541936aa17b762627b91d786bd29bbc5eb3744338b80723213bdf747feaeb

    • SHA512

      61d6efb6156f51f81cfe108dc01f3a4c7bd2819d12a8db36705c993a95577a1184fdec31c1a3e1b6d7e08d9d3fdfb18f1702ae0d9f3116e35308b0a7d4b6a347

    • SSDEEP

      12288:TXx0fgMd/+ealb2yzZS52HYX9Qil52wKuANHnI:TCpsb2yzZS52S352DT5nI

    Score
    3/10
    behavioral11behavioral12

    • Target

      $PLUGINSDIR/KillProcDLL.dll

    • Size

      4KB

    • MD5

      99f345cf51b6c3c317d20a81acb11012

    • SHA1

      b3d0355f527c536ea14a8ff51741c8739d66f727

    • SHA256

      c2689ba1f66066afce85ca6457ecd36370be0fe351c58422e45efd0948655c93

    • SHA512

      937aa75be84a74f2be3b54dc80fac02c17dad1915d924ef82ab354d2a49bc773ee6d801203c52686113783a7c7ea0e8ed8e673ba696d6d3212f7006e291ed2ef

    Score
    3/10
    behavioral13behavioral14

    • Target

      $PLUGINSDIR/Math.dll

    • Size

      66KB

    • MD5

      b140459077c7c39be4bef249c2f84535

    • SHA1

      c56498241c2ddafb01961596da16d08d1b11cd35

    • SHA256

      0598f7d83db44929b7170c1285457b52b4281185f63ced102e709bf065f10d67

    • SHA512

      fbcb19a951d96a216d73b6b3e005338bbb6e11332c6cc8c3f179ccd420b4db0e5682dc4245bd120dcb67bc70960eab368e74c68c7c165a485a12a7d0d8a00328

    • SSDEEP

      1536:0P43WZ4Ql60gam+2MwRmPeqFVHbQH0ZZ1Iet:0wU609VMH0T/t

    Score
    3/10
    behavioral15behavioral16

    • Target

      $PLUGINSDIR/NSISdl.dll

    • Size

      14KB

    • MD5

      a5f8399a743ab7f9c88c645c35b1ebb5

    • SHA1

      168f3c158913b0367bf79fa413357fbe97018191

    • SHA256

      dacc88a12d3ba438fdae3535dc7a5a1d389bce13adc993706424874a782e51c9

    • SHA512

      824e567f5211bf09c7912537c7836d761b0934207612808e9a191f980375c6a97383dbc6b4a7121c6b5f508cbfd7542a781d6b6b196ca24841f73892eec5e977

    • SSDEEP

      192:tUZTobBDJ68r67wmsvJI5ad9cXzFOVu+mZ/P3p+57CvpVqDxVp01Dwn2GRPgsfA:6Bo/680dCI5adOjFOg9//p27uNw2Go

    Score
    3/10
    behavioral17behavioral18

    • Target

      $PLUGINSDIR/System.dll

    • Size

      11KB

    • MD5

      c17103ae9072a06da581dec998343fc1

    • SHA1

      b72148c6bdfaada8b8c3f950e610ee7cf1da1f8d

    • SHA256

      dc58d8ad81cacb0c1ed72e33bff8f23ea40b5252b5bb55d393a0903e6819ae2f

    • SHA512

      d32a71aaef18e993f28096d536e41c4d016850721b31171513ce28bbd805a54fd290b7c3e9d935f72e676a1acfb4f0dcc89d95040a0dd29f2b6975855c18986f

    • SSDEEP

      192:7DKnJZCv6VmbJQC+tFiUdK7ckD4gRXKQx+LQ2CSF:7ViJrtFRdbmXK8+PCw

    Score
    3/10
    behavioral19behavioral20

    • Target

      $PLUGINSDIR/inetc.dll

    • Size

      20KB

    • MD5

      2f94245152dbd233e248909f9c01c578

    • SHA1

      ab4e5879c001b36a2f9ff214946599fd015edda9

    • SHA256

      4c4d85eb9725fc7fade03467990e3dd9671c29a7870c97e69babc2cb3c9adef9

    • SHA512

      f92830de27d6663be5e0df9e32cd88732bc7ee93b14c1ded65258c325d22436400801aff1124f40400c6c3b3c16e71deb08436714716f3888d13a8a6b6a32231

    • SSDEEP

      384:vBCwUYeQ8geEQyhUtXlcgCHe8DSMk8/UhU7ya4L+0Ac9khYLMkIX0+GvRgbJ1:owUEpet1cgCHe8DNN/UhUua4L

    Score
    3/10
    behavioral21behavioral22

    • Target

      $PLUGINSDIR/md5dll.dll

    • Size

      8KB

    • MD5

      a7d710e78711d5ab90e4792763241754

    • SHA1

      f31cecd926c5d497aba163a17b75975ec34beb13

    • SHA256

      9b05dd603f13c196f3f21c43f48834208fed2294f7090fcd1334931014611fb2

    • SHA512

      f0ca2d6f9a8aeac84ef8b051154a041adffc46e3e9aced142e9c7bf5f7272b047e1db421d38cb2d9182d7442bee3dd806618b019ec042a23ae0e71671d2943c0

    • SSDEEP

      96:YV2qpbvYSflug0Dvxn6GuKM9sh1gdrN9+oB7FT9WibOoBZcko5N/:Yt5lugRK8hlvbwkKV

    Score
    3/10
    behavioral23behavioral24

    • Target

      $PLUGINSDIR/nsisunz.dll

    • Size

      40KB

    • MD5

      5f13dbc378792f23e598079fc1e4422b

    • SHA1

      5813c05802f15930aa860b8363af2b58426c8adf

    • SHA256

      6e87ecb7f62039fbb6e7676422d1a5e75a32b90dde6865dcb68ee658ba8df61d

    • SHA512

      9270635a5294482f49e0292e26d45dd103b85fe27dc163d44531b095c5f9dbde6b904adaf1a888ba3c112a094380394713c796f5195b2566a20f00b42b6578e5

    • SSDEEP

      384:KExN66Yf2xL5Q4IsjuUjUZfqRDpImexpf88FwHxXvjX3hwlHt6oIfESxSHoOO8n9:O2x64GcVpI3xC8ynToIf1SIOhW4

    Score
    3/10
    behavioral25behavioral26

    • Target

      $_122_/SearchToolbar.dll

    • Size

      264KB

    • MD5

      5ddb11ea4ae68dc90c4d3eb427c290d3

    • SHA1

      855fd8074c9033c1e96e32fedac938fb88e9cba8

    • SHA256

      193b2f27e5fdcd1c5a489ae0421e0105ec2255e800e448508fd54e44c3d2b54a

    • SHA512

      50f9f084930b6bca9f6bdb2c8304824c7d8b417ba12119cc99d5c96e3f7313878335354bb3cc32860c398ef512ba84db70e4c6d60c685556e778567c52b77212

    • SSDEEP

      6144:SEoLo0+YodgQx4edCEQjWNONnMSPKcY+KQ0CkkkkkkkkkkkFCkkkkkkkkkkkWCkc:TQv+xGjWNONnMavYskkkkkkkkkkkskkU

    Score
    6/10
    adwarestealer

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

      stealeradware
    behavioral27behavioral28

    • Target

      chrome/content/index.html

    • Size

      4KB

    • MD5

      42330e928a5b4297d5a2936d890040d1

    • SHA1

      62154c53ad56ce6814e0944c69a084e0404fa607

    • SHA256

      1c18c15e414cca50c0557e05aff6f8e62a3e1be56c295188b9e70c0fe83df9e2

    • SHA512

      ede51f6d907bc12098291e6b58dfae82618f12c00574d0278a2ca3afb8f1b81d62aae8ae616b7450bccb46c373eda6dd65b72c7a4ae19144f2cba4c9c6926e5a

    • SSDEEP

      48:SYhR76fA64sNsT0s7pxrNCEEBFSQCOUwBf1WMkF6SoHHU5KHdXYxWCJB1xij0Vsm:97lrpvCpWSLKh0do9rx/Yg7poaAs0e

    Score
    1/10
    behavioral29behavioral30

    • Target

      chrome/content/options.js

    • Size

      862B

    • MD5

      164f860017d7ff5d06f98748deef2347

    • SHA1

      c126d87bd1094f4e4adc2eca45fa18fe1b34f059

    • SHA256

      72665610da8329bcfb4862d02ffb7d4786f8dfde1d32d131a188a597ee94ebf8

    • SHA512

      41fb406e2c63f421b2b491bbedf0c497c1f78a6de467a015fa4a16447be3b28f8f62a249bb2a88fd70e3331b9b6a7db994e2eae21b42a57ff281406ebe2847f4

    Score
    3/10
    execution
    behavioral31behavioral32

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Command and Scripting Interpreter

1
T1059

JavaScript

1
T1059.007

Persistence

Browser Extensions

1
T1176

Privilege Escalation

Defense Evasion

Modify Registry

3
T1112

Credential Access

Discovery

System Information Discovery

3
T1082

Query Registry

1
T1012

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

Score
3/10

behavioral1

Score
3/10

behavioral2

Score
3/10

behavioral3

Score
3/10

behavioral4

Score
3/10

behavioral5

Score
3/10

behavioral6

Score
3/10

behavioral7

Score
3/10

behavioral8

Score
3/10

behavioral9

Score
3/10

behavioral10

Score
3/10

behavioral11

Score
3/10

behavioral12

Score
3/10

behavioral13

Score
3/10

behavioral14

Score
3/10

behavioral15

Score
3/10

behavioral16

Score
3/10

behavioral17

Score
3/10

behavioral18

Score
3/10

behavioral19

Score
3/10

behavioral20

Score
3/10

behavioral21

Score
3/10

behavioral22

Score
3/10

behavioral23

Score
3/10

behavioral24

Score
3/10

behavioral25

Score
3/10

behavioral26

Score
3/10

behavioral27

adwarestealer
Score
6/10

behavioral28

adwarestealer
Score
6/10

behavioral29

Score
1/10

behavioral30

Score
1/10

behavioral31

execution
Score
3/10

behavioral32

execution
Score
3/10