Overview
overview
7Static
static
3f227c340fe...18.exe
windows7-x64
7f227c340fe...18.exe
windows10-2004-x64
7$PLUGINSDI...os.dll
windows7-x64
3$PLUGINSDI...os.dll
windows10-2004-x64
3$PLUGINSDI...LL.dll
windows7-x64
3$PLUGINSDI...LL.dll
windows10-2004-x64
3$PLUGINSDI...em.dll
windows7-x64
3$PLUGINSDI...em.dll
windows10-2004-x64
3$PLUGINSDI...fo.dll
windows7-x64
3$PLUGINSDI...fo.dll
windows10-2004-x64
3$PLUGINSDI...me.exe
windows7-x64
7$PLUGINSDI...me.exe
windows10-2004-x64
7$TEMP/goog...up.exe
windows7-x64
1$TEMP/goog...up.exe
windows10-2004-x64
1$PLUGINSDI...ar.exe
windows7-x64
7$PLUGINSDI...ar.exe
windows10-2004-x64
7$TEMP/Goog...ed.exe
windows7-x64
7$TEMP/Goog...ed.exe
windows10-2004-x64
7$PLUGINSDI...ll.dll
windows7-x64
3$PLUGINSDI...ll.dll
windows10-2004-x64
3$PLUGINSDI...ed.dll
windows7-x64
1$PLUGINSDI...ed.dll
windows10-2004-x64
1$PLUGINSDI...r.html
windows7-x64
1$PLUGINSDI...r.html
windows10-2004-x64
$PLUGINSDI...LC.exe
windows7-x64
1$PLUGINSDI...LC.exe
windows10-2004-x64
1$PLUGINSDIR/inetc.dll
windows7-x64
3$PLUGINSDIR/inetc.dll
windows10-2004-x64
3$PLUGINSDI...gs.dll
windows7-x64
3$PLUGINSDI...gs.dll
windows10-2004-x64
3$PLUGINSDI...ec.dll
windows7-x64
3$PLUGINSDI...ec.dll
windows10-2004-x64
3General
-
Target
f227c340fed1251fa5810360d979e11f_JaffaCakes118
-
Size
3.3MB
-
Sample
240415-3bgd7sba42
-
MD5
f227c340fed1251fa5810360d979e11f
-
SHA1
b45806f85a8efa8aa923a09b28b26ee1fcfd97ba
-
SHA256
7d9250cd0475be93ee3de2f6d5976ea5b697c42fd90bee60175ab615146f1158
-
SHA512
bd721dbe20c21dbb0b40af30e6f1a7674545dee336a0b04c837aef066d3a1053c4049a3f3a2f4513beef5bc4d22001bee956e5e0cf9aff2023a1aba1a7a70e5f
-
SSDEEP
98304:OA5tlev5ZMT27VgPoF3msZUIk7r+qJiIMui9sh9l:OA5jiaP83msZLk7rd9
Static task
static1
Behavioral task
behavioral1
Sample
f227c340fed1251fa5810360d979e11f_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
f227c340fed1251fa5810360d979e11f_JaffaCakes118.exe
Resource
win10v2004-20240412-en
Behavioral task
behavioral3
Sample
$PLUGINSDIR/ExecDos.dll
Resource
win7-20240221-en
Behavioral task
behavioral4
Sample
$PLUGINSDIR/ExecDos.dll
Resource
win10v2004-20240412-en
Behavioral task
behavioral5
Sample
$PLUGINSDIR/LangDLL.dll
Resource
win7-20240319-en
Behavioral task
behavioral6
Sample
$PLUGINSDIR/LangDLL.dll
Resource
win10v2004-20240412-en
Behavioral task
behavioral7
Sample
$PLUGINSDIR/System.dll
Resource
win7-20240215-en
Behavioral task
behavioral8
Sample
$PLUGINSDIR/System.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral9
Sample
$PLUGINSDIR/UserInfo.dll
Resource
win7-20240221-en
Behavioral task
behavioral10
Sample
$PLUGINSDIR/UserInfo.dll
Resource
win10v2004-20240412-en
Behavioral task
behavioral11
Sample
$PLUGINSDIR/g/PRFB-Chrome.exe
Resource
win7-20240221-en
Behavioral task
behavioral12
Sample
$PLUGINSDIR/g/PRFB-Chrome.exe
Resource
win10v2004-20240412-en
Behavioral task
behavioral13
Sample
$TEMP/googleupdatesetup.exe
Resource
win7-20240221-en
Behavioral task
behavioral14
Sample
$TEMP/googleupdatesetup.exe
Resource
win10v2004-20240412-en
Behavioral task
behavioral15
Sample
$PLUGINSDIR/g/PRFB-IEToolbar.exe
Resource
win7-20240215-en
Behavioral task
behavioral16
Sample
$PLUGINSDIR/g/PRFB-IEToolbar.exe
Resource
win10v2004-20240412-en
Behavioral task
behavioral17
Sample
$TEMP/GoogleToolbarInstaller_stub_signed.exe
Resource
win7-20240221-en
Behavioral task
behavioral18
Sample
$TEMP/GoogleToolbarInstaller_stub_signed.exe
Resource
win10v2004-20240412-en
Behavioral task
behavioral19
Sample
$PLUGINSDIR/g/gcapi_dll.dll
Resource
win7-20240221-en
Behavioral task
behavioral20
Sample
$PLUGINSDIR/g/gcapi_dll.dll
Resource
win10v2004-20240412-en
Behavioral task
behavioral21
Sample
$PLUGINSDIR/g/gtapi_signed.dll
Resource
win7-20240221-en
Behavioral task
behavioral22
Sample
$PLUGINSDIR/g/gtapi_signed.dll
Resource
win10v2004-20240412-en
Behavioral task
behavioral23
Sample
$PLUGINSDIR/g/gtb/toolbar.html
Resource
win7-20240221-en
Behavioral task
behavioral24
Sample
$PLUGINSDIR/g/gtb/toolbar.html
Resource
win10v2004-20240412-en
Behavioral task
behavioral25
Sample
$PLUGINSDIR/g/pfLC.exe
Resource
win7-20231129-en
Behavioral task
behavioral26
Sample
$PLUGINSDIR/g/pfLC.exe
Resource
win10v2004-20240412-en
Behavioral task
behavioral27
Sample
$PLUGINSDIR/inetc.dll
Resource
win7-20240221-en
Behavioral task
behavioral28
Sample
$PLUGINSDIR/inetc.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral29
Sample
$PLUGINSDIR/nsDialogs.dll
Resource
win7-20240221-en
Behavioral task
behavioral30
Sample
$PLUGINSDIR/nsDialogs.dll
Resource
win10v2004-20240412-en
Behavioral task
behavioral31
Sample
$PLUGINSDIR/nsExec.dll
Resource
win7-20240319-en
Behavioral task
behavioral32
Sample
$PLUGINSDIR/nsExec.dll
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
f227c340fed1251fa5810360d979e11f_JaffaCakes118
-
Size
3.3MB
-
MD5
f227c340fed1251fa5810360d979e11f
-
SHA1
b45806f85a8efa8aa923a09b28b26ee1fcfd97ba
-
SHA256
7d9250cd0475be93ee3de2f6d5976ea5b697c42fd90bee60175ab615146f1158
-
SHA512
bd721dbe20c21dbb0b40af30e6f1a7674545dee336a0b04c837aef066d3a1053c4049a3f3a2f4513beef5bc4d22001bee956e5e0cf9aff2023a1aba1a7a70e5f
-
SSDEEP
98304:OA5tlev5ZMT27VgPoF3msZUIk7r+qJiIMui9sh9l:OA5jiaP83msZLk7rd9
Score7/10-
Loads dropped DLL
-
-
-
Target
$PLUGINSDIR/ExecDos.dll
-
Size
5KB
-
MD5
a7cd6206240484c8436c66afb12bdfbf
-
SHA1
0bb3e24a7eb0a9e5a8eae06b1c6e7551a7ec9919
-
SHA256
69ac56d2fdf3c71b766d3cc49b33b36f1287cc2503310811017467dfcb455926
-
SHA512
b9ee7803301e50a8ec20ab3f87eb9e509ea24d11a69e90005f30c1666acc4ed0a208bd56e372e2e5c6a6d901d45f04a12427303d74761983593d10b344c79904
-
SSDEEP
48:6jOBtU/BXN8kUByyy/Aklkcrkyg7Vg5RibGoTCTo0gqVeeaeQqzM5rv774YRljmB:y/DMy4ncrkyg7tbpQFLUEYRxe
Score3/10 -
-
-
Target
$PLUGINSDIR/LangDLL.dll
-
Size
5KB
-
MD5
9384f4007c492d4fa040924f31c00166
-
SHA1
aba37faef30d7c445584c688a0b5638f5db31c7b
-
SHA256
60a964095af1be79f6a99b22212fefe2d16f5a0afd7e707d14394e4143e3f4f5
-
SHA512
68f158887e24302673227adffc688fd3edabf097d7f5410f983e06c6b9c7344ca1d8a45c7fa05553adcc5987993df3a298763477168d4842e554c4eb93b9aaaf
-
SSDEEP
48:iV6pAvmNC6iMPUptxEZK65x/AmvycNSmwVsOYJyvrpXptp/JvR0Jlof5d2:2811GED5ZTvycNSmwVsTJuftpZR0Sd2
Score3/10 -
-
-
Target
$PLUGINSDIR/System.dll
-
Size
11KB
-
MD5
c17103ae9072a06da581dec998343fc1
-
SHA1
b72148c6bdfaada8b8c3f950e610ee7cf1da1f8d
-
SHA256
dc58d8ad81cacb0c1ed72e33bff8f23ea40b5252b5bb55d393a0903e6819ae2f
-
SHA512
d32a71aaef18e993f28096d536e41c4d016850721b31171513ce28bbd805a54fd290b7c3e9d935f72e676a1acfb4f0dcc89d95040a0dd29f2b6975855c18986f
-
SSDEEP
192:7DKnJZCv6VmbJQC+tFiUdK7ckD4gRXKQx+LQ2CSF:7ViJrtFRdbmXK8+PCw
Score3/10 -
-
-
Target
$PLUGINSDIR/UserInfo.dll
-
Size
4KB
-
MD5
7579ade7ae1747a31960a228ce02e666
-
SHA1
8ec8571a296737e819dcf86353a43fcf8ec63351
-
SHA256
564c80dec62d76c53497c40094db360ff8a36e0dc1bda8383d0f9583138997f5
-
SHA512
a88bc56e938374c333b0e33cb72951635b5d5a98b9cb2d6785073cbcad23bf4c0f9f69d3b7e87b46c76eb03ced9bb786844ce87656a9e3df4ca24acf43d7a05b
Score3/10 -
-
-
Target
$PLUGINSDIR/g/PRFB-Chrome.exe
-
Size
569KB
-
MD5
e7e73ebcd63a21abff82f946d7216be1
-
SHA1
09763441c0cd7eac0199a0f546f667e4cfc7eb0b
-
SHA256
dfda459984d2daf5e81905e75b01f84604bb3388f655ae70b0c61c9bb28b1320
-
SHA512
1ef7d1c6bb4979752b382bf7549e4fff9d3bdef203a5600d1ef798ba443508ab6b1ad1428c9233556297ec24c955542dab4e9652a5d1169302cc11507714a6cf
-
SSDEEP
12288:6mt6wVOkXAQjfbE2YCyz+/UcYyOk3jFZcngtv9e+l:pt6yOIo2xy6MlTkuCle+l
Score7/10-
Executes dropped EXE
-
Loads dropped DLL
-
-
-
Target
$TEMP/googleupdatesetup.exe
-
Size
549KB
-
MD5
01e1716a03b513f6538e022dd0ec6ea5
-
SHA1
9bbbf3b31340f4b049fd97ccfd34b2a03ac4ec39
-
SHA256
d31b7c8cf3207b19e18e899523a3d7caabf8fd1ac5cca38a4bada87516333091
-
SHA512
ccf065518cab5f34001f61f2e7f5350862c75b1b8cab7a8697712bbf4fb28789496229422a7cddaa68befb7d93afab3c37e799d4b267c300d56333f5a15cada6
-
SSDEEP
12288:LxTKk7QjSbE2xSyz+FUFYkOu3jgQcngtK7++T:lbY20y6qeVuqCCNT
Score1/10 -
-
-
Target
$PLUGINSDIR/g/PRFB-IEToolbar.exe
-
Size
261KB
-
MD5
0317731c895f6280262515f5fa739ae3
-
SHA1
cb5834416618d6112afecc016e10f35eb5043507
-
SHA256
f153974256596e473c74d9d4139daa49fd078879e69001056e99ab353d06927b
-
SHA512
4b17d37c638349c54ec3f10b1bd7901fabac4e69a49641a89bcfc1826a1d3f520593a785092bab4e68845b8997af8c2bd889485a06e84284d67fa4ca32b360c2
-
SSDEEP
6144:Pmt6MnbXt2svZLLIb/TbVPXe8DyF8dT6OVk17gJT6uWEeG:Pmt6kbXt2+ZLkbBPefskNgJT6BG
Score7/10-
Executes dropped EXE
-
Loads dropped DLL
-
Registers COM server for autorun
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
-
-
Target
$TEMP/GoogleToolbarInstaller_stub_signed.exe
-
Size
229KB
-
MD5
39d998e29dc9277c8762070901e69a32
-
SHA1
ebd09f3ec33b4e56ebc3eccc0107689d4c5a2bca
-
SHA256
ad68cfbbd2765be47b430cb0b3b527ade826e43c2ed6681ce6b9b5b44c8f18ff
-
SHA512
cec7b2dad52ea5015c1a7b819fc1c3287325711b43dee50827f90b9f890dd4d34acacfa1fb65e3f0e62835dfaf0b1c93cde84274c78caf76e1cded8e327d7834
-
SSDEEP
6144:M3wpq8sDsLLIb/TKVPXe8D0F8dT63VkiHFBGeWIY4AfJrrUZ:M3ssDsLkbiPenXkMNWIYzxrgZ
Score7/10-
Executes dropped EXE
-
Loads dropped DLL
-
Registers COM server for autorun
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
-
-
Target
$PLUGINSDIR/g/gcapi_dll.dll
-
Size
62KB
-
MD5
f6400e8bdca118c6b5170c172fcbc06e
-
SHA1
992d2d0ee1f1621dd6fc0452d26ffcb65c30a95f
-
SHA256
c66dedc708c1ff94b16c46951570887f528e542bbb3e5574ba314fbb736a9cb4
-
SHA512
15fb3eb080e91284709d759b9b051051f64f47850b2a108d7c8f9b334237a630573c5c96eaee2a70b635ce74eabeb46c53178f1986e985819140d8fe88b3f143
-
SSDEEP
768:ozZ68lZ3rnZg8akat6Nn4gHyMsBkX1wM1zROnIaxHHyQPHKOEkmmX:oIorha56BrHNsCwqzRKIaVSQfdEkme
Score3/10 -
-
-
Target
$PLUGINSDIR/g/gtapi_signed.dll
-
Size
71KB
-
MD5
61bc40d1fad9e0faa9a07219b90ba0e4
-
SHA1
5b5c3badedba915707000d2047eaf13f27b8925e
-
SHA256
89e157a4f61d7d18180cb7f901c0095da3b7a5cc5a9fd58d710099e5f0ee505a
-
SHA512
fa341aa975c471082b4b6c380f794d1e9ab3939382972cfb9e1dbb3491f68296ad1cedc8f03736921c8e133f62432997de29642e223c2a97f1cab5ce91d68af9
-
SSDEEP
1536:/J6IYeD05jIx9A1jV0PAy/DTPJocNmk8SwD3QVS9JBhp9:/JL3m0l/JocNmowD3QVS9Jx9
Score1/10 -
-
-
Target
$PLUGINSDIR/g/gtb/toolbar.html
-
Size
1KB
-
MD5
710e195c62e071083ac9670370128ae0
-
SHA1
03bb8f527234594e8013ee858e00541f4e28eeb7
-
SHA256
684a5f12b74a6e6bdecf8b91c4d6db418fd1a056063d8d681afeab2f38590788
-
SHA512
7a61eafeca722e36d28afdcc659db8ec7bd5457fa910b47e93cc82527be68e27b96edde63ec8d6ba3d332598b0894d51a64592cf576f4a6fcb8e963aa7ecc1b1
Score1/10 -
-
-
Target
$PLUGINSDIR/g/pfLC.exe
-
Size
37KB
-
MD5
f0884f1aced37d66c4b8431c17073de2
-
SHA1
83491e15aa082b710ca0f4a4c577e82ca83b5b3c
-
SHA256
3884331e8b828b6a2f3d1ea0a9b806f3455c4f5c054e76fe033878241f68d21a
-
SHA512
abeebe9820974c483e3dd4730563b842413d9c206e588590561d2633827a8af6c7e17427776a52d00d8df6bd6a7ba9efeba03c402254b27edd2af6880fcd3df7
-
SSDEEP
384:IACB1SxmqTDe7wtSaLoMX+Y9KxhzANnDzR+HuVyM8fXRFCky4qSByjDdTDOubgrU:WB1qyNaLovhzqnD2uMcky4riDN6Pi++5
Score1/10 -
-
-
Target
$PLUGINSDIR/inetc.dll
-
Size
20KB
-
MD5
8d8fdad7e153d6b82913f6fdc407d12c
-
SHA1
aabbeed33cd5221e4cb22aab6e48310df94facfd
-
SHA256
e727c8bba6686c4814602f2bc089af4b4cf3498d1dbe1a08d8c4732da5ba046b
-
SHA512
42bc0ce1aca63904c34025307fd4b1d9f480ae47e42e7dfa48bbbf8286d947de2989435ad7a748951291307949217afeebcd31d10a1356c9366d3187085773a2
-
SSDEEP
384:0B/JF+HUI+LzlKSYWwgdHEINlWya4LL0Ac9khYLMkIX0+GBxgW+x:WFo72lvYWwgy8Fa4LX
Score3/10 -
-
-
Target
$PLUGINSDIR/nsDialogs.dll
-
Size
9KB
-
MD5
c10e04dd4ad4277d5adc951bb331c777
-
SHA1
b1e30808198a3ae6d6d1cca62df8893dc2a7ad43
-
SHA256
e31ad6c6e82e603378cb6b80e67d0e0dcd9cf384e1199ac5a65cb4935680021a
-
SHA512
853a5564bf751d40484ea482444c6958457cb4a17fb973cf870f03f201b8b2643be41bccde00f6b2026dc0c3d113e6481b0dc4c7b0f3ae7966d38c92c6b5862e
-
SSDEEP
96:hBABCcnl5TKhkfLxSslykcxM2DjDf3GE+Xv8Xav+Yx4VndY7ndS27gA:h6n+0SAfRE+/8ZYxMdqn420
Score3/10 -
-
-
Target
$PLUGINSDIR/nsExec.dll
-
Size
6KB
-
MD5
acc2b699edfea5bf5aae45aba3a41e96
-
SHA1
d2accf4d494e43ceb2cff69abe4dd17147d29cc2
-
SHA256
168a974eaa3f588d759db3f47c1a9fdc3494ba1fa1a73a84e5e3b2a4d58abd7e
-
SHA512
e29ea10ada98c71a18273b04f44f385b120d4e8473e441ce5748cfa44a23648814f2656f429b85440157988c88de776c6ac008dc38bf09cbb746c230a46c69fe
-
SSDEEP
96:M7GUb+YNfwgcr8zyKwZ5S4JxN8BS0ef9/3VI9d0qqyVgNk32E:eKgfwgcr8zylsB49Ud0qJVgNX
Score3/10 -
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Browser Extensions
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Modify Registry
3Subvert Trust Controls
1Install Root Certificate
1