Overview
overview
7Static
static
7e60c7397f6...18.exe
windows7-x64
7e60c7397f6...18.exe
windows10-2004-x64
7$PLUGINSDI...if.dll
windows7-x64
3$PLUGINSDI...if.dll
windows10-2004-x64
3$PLUGINSDI...os.dll
windows7-x64
3$PLUGINSDI...os.dll
windows10-2004-x64
3$PLUGINSDI...er.dll
windows7-x64
3$PLUGINSDI...er.dll
windows10-2004-x64
3$PLUGINSDI...nt.dll
windows7-x64
3$PLUGINSDI...nt.dll
windows10-2004-x64
3$PLUGINSDI...os.dll
windows7-x64
3$PLUGINSDI...os.dll
windows10-2004-x64
3$PLUGINSDI...em.dll
windows7-x64
3$PLUGINSDI...em.dll
windows10-2004-x64
3$PLUGINSDI...er.dll
windows7-x64
3$PLUGINSDI...er.dll
windows10-2004-x64
3$PLUGINSDI...rs.dll
windows7-x64
3$PLUGINSDI...rs.dll
windows10-2004-x64
3$PLUGINSDI...ay.dll
windows7-x64
7$PLUGINSDI...ay.dll
windows10-2004-x64
7$PLUGINSDI...gs.dll
windows7-x64
3$PLUGINSDI...gs.dll
windows10-2004-x64
3$PLUGINSDI...c2.dll
windows7-x64
3$PLUGINSDI...c2.dll
windows10-2004-x64
3$PLUGINSDI...on.dll
windows7-x64
7$PLUGINSDI...on.dll
windows10-2004-x64
7$TEMP/instloffer.exe
windows7-x64
3$TEMP/instloffer.exe
windows10-2004-x64
3$TEMP/license.rtf
windows7-x64
4$TEMP/license.rtf
windows10-2004-x64
1General
-
Target
e60c7397f68fbaf54e71ea6bf645d959_JaffaCakes118
-
Size
668KB
-
Sample
240407-2wva5ahb86
-
MD5
e60c7397f68fbaf54e71ea6bf645d959
-
SHA1
ebc0c70ee7189b041ab242eecab089b38aa357d9
-
SHA256
23641b1b717d089e09858d42a5b0627e239bb54980b81574fc5767793c6f8341
-
SHA512
a3102d37d93af407e3f4bed6743ab5d98a3a6eedee310238005af0ef61791e8f59474ffcab35846319f750239cbdd744032c03139bfb8ec4813c225eafb30b7a
-
SSDEEP
12288:xSWBINtJ8rSLE+rX9XZWJ8bSLEqzcs2o4Rjbtz/tJAE1UL:xWNz82LEgXZK8mLE4P4V5zAL
Behavioral task
behavioral1
Sample
e60c7397f68fbaf54e71ea6bf645d959_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
e60c7397f68fbaf54e71ea6bf645d959_JaffaCakes118.exe
Resource
win10v2004-20240226-en
Behavioral task
behavioral3
Sample
$PLUGINSDIR/AnimGif.dll
Resource
win7-20231129-en
Behavioral task
behavioral4
Sample
$PLUGINSDIR/AnimGif.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral5
Sample
$PLUGINSDIR/Anuncios.dll
Resource
win7-20240221-en
Behavioral task
behavioral6
Sample
$PLUGINSDIR/Anuncios.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral7
Sample
$PLUGINSDIR/BgWorker.dll
Resource
win7-20240221-en
Behavioral task
behavioral8
Sample
$PLUGINSDIR/BgWorker.dll
Resource
win10v2004-20240319-en
Behavioral task
behavioral9
Sample
$PLUGINSDIR/ButtonEvent.dll
Resource
win7-20240221-en
Behavioral task
behavioral10
Sample
$PLUGINSDIR/ButtonEvent.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral11
Sample
$PLUGINSDIR/ExecDos.dll
Resource
win7-20240215-en
Behavioral task
behavioral12
Sample
$PLUGINSDIR/ExecDos.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral13
Sample
$PLUGINSDIR/System.dll
Resource
win7-20231129-en
Behavioral task
behavioral14
Sample
$PLUGINSDIR/System.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral15
Sample
$PLUGINSDIR/ThreadTimer.dll
Resource
win7-20240221-en
Behavioral task
behavioral16
Sample
$PLUGINSDIR/ThreadTimer.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral17
Sample
$PLUGINSDIR/ToolkitOffers.dll
Resource
win7-20240221-en
Behavioral task
behavioral18
Sample
$PLUGINSDIR/ToolkitOffers.dll
Resource
win10v2004-20240319-en
Behavioral task
behavioral19
Sample
$PLUGINSDIR/nsArray.dll
Resource
win7-20240221-en
Behavioral task
behavioral20
Sample
$PLUGINSDIR/nsArray.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral21
Sample
$PLUGINSDIR/nsDialogs.dll
Resource
win7-20240221-en
Behavioral task
behavioral22
Sample
$PLUGINSDIR/nsDialogs.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral23
Sample
$PLUGINSDIR/sarainetc2.dll
Resource
win7-20240221-en
Behavioral task
behavioral24
Sample
$PLUGINSDIR/sarainetc2.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral25
Sample
$PLUGINSDIR/version.dll
Resource
win7-20240221-en
Behavioral task
behavioral26
Sample
$PLUGINSDIR/version.dll
Resource
win10v2004-20231215-en
Behavioral task
behavioral27
Sample
$TEMP/instloffer.exe
Resource
win7-20240221-en
Behavioral task
behavioral28
Sample
$TEMP/instloffer.exe
Resource
win10v2004-20240226-en
Behavioral task
behavioral29
Sample
$TEMP/license.rtf
Resource
win7-20240221-en
Behavioral task
behavioral30
Sample
$TEMP/license.rtf
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
e60c7397f68fbaf54e71ea6bf645d959_JaffaCakes118
-
Size
668KB
-
MD5
e60c7397f68fbaf54e71ea6bf645d959
-
SHA1
ebc0c70ee7189b041ab242eecab089b38aa357d9
-
SHA256
23641b1b717d089e09858d42a5b0627e239bb54980b81574fc5767793c6f8341
-
SHA512
a3102d37d93af407e3f4bed6743ab5d98a3a6eedee310238005af0ef61791e8f59474ffcab35846319f750239cbdd744032c03139bfb8ec4813c225eafb30b7a
-
SSDEEP
12288:xSWBINtJ8rSLE+rX9XZWJ8bSLEqzcs2o4Rjbtz/tJAE1UL:xWNz82LEgXZK8mLE4P4V5zAL
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
-
-
Target
$PLUGINSDIR/AnimGif.dll
-
Size
9KB
-
MD5
200b6570553d00a76de8a5a6c9587f07
-
SHA1
08ca76a84cba8483ab34285d07909e08bdbf4a67
-
SHA256
8fb060b77728fbe347e294d1174a732db7cf9c99b187f8f332662c87683fd0a3
-
SHA512
01ab8aa80d7d5d3083f2e3016aab5dad29c0bbba18b225a5dde51b3bc6fa4c8c1278aec17d76bc5ee2b9ccb8532c22d79845162f752bba6ee12341b4d64304e8
-
SSDEEP
192:gOHvLYKKad68vn0YQRbqLGWSMRH00yQTbxDdHw:bvLXKa0OqRqS1MRH00HJdH
Score3/10 -
-
-
Target
$PLUGINSDIR/Anuncios.dll
-
Size
39KB
-
MD5
642543739542a79b1cd8576c70add738
-
SHA1
998a7cea2239f9925cd3796c5006edf532fab1c3
-
SHA256
4798cc15822262fd061c3a178874afa1e5535b911eb3094fc5bbf2e365866e8b
-
SHA512
08d7a118468056b76923694787ee2f88ab4d0e91a25b6195eaa1ccabb26c3834747a00591aa10e88d8f265eddfcb1365d20fb0a55eabb28e86ea76621516cd39
-
SSDEEP
768:iTrcSh2AD8wOZWzF9YhvhgtWmnTED8X/vxiTQxq:AoO4bwnYhZCxNx2A
Score3/10 -
-
-
Target
$PLUGINSDIR/BgWorker.dll
-
Size
2KB
-
MD5
33ec04738007e665059cf40bc0f0c22b
-
SHA1
4196759a922e333d9b17bda5369f14c33cd5e3bc
-
SHA256
50f735ab8f3473423e6873d628150bbc0777be7b4f6405247cddf22bb00fb6be
-
SHA512
2318b01f0c2f2f021a618ca3e6e5c24a94df5d00154766b77160203b8b0a177c8581c7b688ffe69be93a69bc7fd06b8a589844d42447f5060fb4bcf94d8a9aef
Score3/10 -
-
-
Target
$PLUGINSDIR/ButtonEvent.dll
-
Size
4KB
-
MD5
55788069d3fa4e1daf80f3339fa86fe2
-
SHA1
d64e05c1879a92d5a8f9ff2fd2f1a53e1a53ae96
-
SHA256
d6e429a063adf637f4d19d4e2eb094d9ff27382b21a1f6dccf9284afb5ff8c7f
-
SHA512
d3b1eec76e571b657df444c59c48cad73a58d1a10ff463ce9f3acd07acce17d589c3396ad5bdb94da585da08d422d863ffe1de11f64298329455f6d8ee320616
-
SSDEEP
96:hrA2+5HGZFYJf9D8IjDflDCoMzncsGSmE:hE2+5mMJfJ8v1zFGSm
Score3/10 -
-
-
Target
$PLUGINSDIR/ExecDos.dll
-
Size
5KB
-
MD5
ebcf9f71d804abab3c2e5ce4c17dc22e
-
SHA1
17d13084e75cbfa5fbfdd0025e9a0ee5772ae765
-
SHA256
d387b725afbd2a6f9b44999278d21025fae55b391e45f7751b88dfb13511a993
-
SHA512
5576396c2d885c039668d7f401eeee583eb4de39e8497c3aaec32d47f4417a522fe6786c111d50a5fba7570f50e84144ef3a8aea42677d170e79114343c3a4a1
-
SSDEEP
48:qNpugCjmWaZ+rnHAUiP9JLw/RHFtly5vorpSpSi7+5HCAx31Oglt6Zlrz9QH96AD:r0W1nHAfPPORHnooAU3xYglt6WwE
Score3/10 -
-
-
Target
$PLUGINSDIR/System.dll
-
Size
11KB
-
MD5
c17103ae9072a06da581dec998343fc1
-
SHA1
b72148c6bdfaada8b8c3f950e610ee7cf1da1f8d
-
SHA256
dc58d8ad81cacb0c1ed72e33bff8f23ea40b5252b5bb55d393a0903e6819ae2f
-
SHA512
d32a71aaef18e993f28096d536e41c4d016850721b31171513ce28bbd805a54fd290b7c3e9d935f72e676a1acfb4f0dcc89d95040a0dd29f2b6975855c18986f
-
SSDEEP
192:7DKnJZCv6VmbJQC+tFiUdK7ckD4gRXKQx+LQ2CSF:7ViJrtFRdbmXK8+PCw
Score3/10 -
-
-
Target
$PLUGINSDIR/ThreadTimer.dll
-
Size
3KB
-
MD5
c43953f463c22e048e45b402d190e77d
-
SHA1
b4a5e6567bed3c783af030df9418f91a7bac3040
-
SHA256
4e2a7c511e0f2ef46ac9002e0666f058ea5a4657371f086e2e4797393ee2fbf2
-
SHA512
18facd89f3dc55826b7aa0c02b8fdf3a1e6741850e4d9c264fb095e9da7956f6a4d331655ef00862948397d1a3f99d15243d03ef09c145a39c3b9a0c2ef4c974
Score3/10 -
-
-
Target
$PLUGINSDIR/ToolkitOffers.dll
-
Size
245KB
-
MD5
3c6a9490f32cf8aca12252188874dade
-
SHA1
4df69fe59c10f2cd6de472e5fc05eed5a489998b
-
SHA256
89ebab8d0675d7b79a3d0a455ec55d0b87aa0804cfd092e30f3d1142f0ce1109
-
SHA512
e8ce3378bb4cfb95cbe5ea0ad83fbf8e129cdfa0e724346b789c3f43c76b8a81d85b1c1b1c1c3fe7de0bf2b00e3c8fe485b2d784d8bbaf2221faa2ce20aa6be5
-
SSDEEP
3072:hb0VmAw9fh4OZGsz7dFG3plCyUSSOpITbI/o29OzU+VYeEuaQWkMx0mBo:hb0ont+PXCypeQgyDZQWbnBo
Score3/10 -
-
-
Target
$PLUGINSDIR/nsArray.dll
-
Size
6KB
-
MD5
f8462e9d1d7fd39789afca89ab6d6046
-
SHA1
7e9a518e15b7490245d2bef11a73f209c8d8d59b
-
SHA256
48941e9f5c92a33f1e60a7a844d562dd77ce736fd31b5503c980b49679dfe85e
-
SHA512
57dee2253abd7d17d53811d5e95237f9434288518fb043645524a517786db2d8a91df86a6da732c620f12ad0e7ea30a923b8d5f3de386c65bd3ff240bc0dff69
-
SSDEEP
96:TjGBPJ762z6gjutipI+h7jz5ozZt/aYfA7EfXxLfAZi:/ix7ibUpIS+Xa1wX2Zi
Score7/10-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
-
-
Target
$PLUGINSDIR/nsDialogs.dll
-
Size
9KB
-
MD5
c10e04dd4ad4277d5adc951bb331c777
-
SHA1
b1e30808198a3ae6d6d1cca62df8893dc2a7ad43
-
SHA256
e31ad6c6e82e603378cb6b80e67d0e0dcd9cf384e1199ac5a65cb4935680021a
-
SHA512
853a5564bf751d40484ea482444c6958457cb4a17fb973cf870f03f201b8b2643be41bccde00f6b2026dc0c3d113e6481b0dc4c7b0f3ae7966d38c92c6b5862e
-
SSDEEP
96:hBABCcnl5TKhkfLxSslykcxM2DjDf3GE+Xv8Xav+Yx4VndY7ndS27gA:h6n+0SAfRE+/8ZYxMdqn420
Score3/10 -
-
-
Target
$PLUGINSDIR/sarainetc2.dll
-
Size
172KB
-
MD5
4ef7a82508258875ca4e684fb216a3cb
-
SHA1
aadf65260945eb2bf7ec07d622aa609757b44cfc
-
SHA256
8cfa8ac6ce078a961e33771d69dd4ce10fbc2e8e84cc4fec7afbe20a40d9a6aa
-
SHA512
9cc57392faba3b8da7c6aa4c71b39d0fcd8d0b5871ce839647acf917d396de5ea6d1c9be6ab4457460751f8d40748e84e323c651371e89a9beb2f0a50cf6cc06
-
SSDEEP
3072:MW2YXDpNYCy32SHyE1k7skVOiIJz6Kp+rBF:MW2YTIJzk7skVjIY
Score3/10 -
-
-
Target
$PLUGINSDIR/version.dll
-
Size
6KB
-
MD5
ebc5bb904cdac1c67ada3fa733229966
-
SHA1
3c6abfa0ddef7f3289f38326077a5041389b15d2
-
SHA256
3eba921ef649b71f98d9378dee8105b38d2464c9ccde37a694e4a0cd77d22a75
-
SHA512
fa71afcc166093fbd076a84f10d055f5a686618711d053ab60d8bd060e78cb2fdc15fa35f363822c9913413251c718d01ddd6432ab128816d98f9aabf5612c9f
-
SSDEEP
96:nPtMckE1e91BopVyXwUhn3f1I0vOKeoqO4d8QvS9:n1MMuOUhdI0c04yV9
Score7/10 -
-
-
Target
$TEMP/instloffer.exe
-
Size
164KB
-
MD5
a0f05f4703af66e89f3cbde7aed8a719
-
SHA1
549e703a1c4e7ce7b05f49fbd7d1d38c5d959e05
-
SHA256
7133696bfa5556914a68547d0f719c9bcb521c7ad72bf7d579faa9c5e8a76650
-
SHA512
b781b2d04ce514395f4df376e2013f750695653ceda70100202b1819e8de0134a57a502f0c2037aab65e176b3024533c26a08ec4d5b9e6466f0d5c1286578311
-
SSDEEP
3072:+gXdZt9P6D3XJ8kpwHIDLqJO4cJSNhh67Ywksl/LSLEDTOBuDOOG:+e34ukiHtJO9ZBSLE+jN
Score3/10 -
-
-
Target
$TEMP/license.rtf
-
Size
15KB
-
MD5
99917b934514b67ddd06924a946af785
-
SHA1
033d04e7bb31cb5af832009f95666954dfe7b1ce
-
SHA256
34f4ff37f1f1a5157b420eada86cc5b0af5c95118eb38c0b71c9273b22ff2294
-
SHA512
402b913d3594461f67a27fdfc4f4632f5db7db8bda0591b01e4e2b4dbc701f2f4ecf10eee8559820f14478def4f5f33b0eb083fa8273a43c243d2aba191b0c2d
-
SSDEEP
192:doyiN15CHjJn5PWkt1I71jz/G1n3mSxvOrTa//OTdcofTNvdVn+Xx9uN:OyUw+oIFze1n3phma/23dUB+
Score4/10 -