Overview
overview
7Static
static
3f0394c6194...18.exe
windows7-x64
7f0394c6194...18.exe
windows10-2004-x64
7$PLUGINSDI...em.dll
windows7-x64
3$PLUGINSDI...em.dll
windows10-2004-x64
3$PLUGINSDI...fo.dll
windows7-x64
3$PLUGINSDI...fo.dll
windows10-2004-x64
3$_13_/exte...st.dll
windows7-x64
1$_13_/exte...st.dll
windows10-2004-x64
1$_13_/exte...PCB.js
windows7-x64
1$_13_/exte...PCB.js
windows10-2004-x64
1$_13_/exte...Def.js
windows7-x64
1$_13_/exte...Def.js
windows10-2004-x64
1$_13_/exte...Inf.js
windows7-x64
1$_13_/exte...Inf.js
windows10-2004-x64
1$_13_/exte...prt.js
windows7-x64
1$_13_/exte...prt.js
windows10-2004-x64
1$_13_/exte...plt.js
windows7-x64
1$_13_/exte...plt.js
windows10-2004-x64
1$_13_/exte...ref.js
windows7-x64
1$_13_/exte...ref.js
windows10-2004-x64
1BabylonToolbarApp.dll
windows7-x64
1BabylonToolbarApp.dll
windows10-2004-x64
1BabylonToolbarEng.dll
windows7-x64
1BabylonToolbarEng.dll
windows10-2004-x64
1BabylonToo...br.dll
windows7-x64
1BabylonToo...br.dll
windows10-2004-x64
1BabylonToolbarsrv.exe
windows7-x64
1BabylonToolbarsrv.exe
windows10-2004-x64
1bh/BabylonToolbar.dll
windows7-x64
6bh/BabylonToolbar.dll
windows10-2004-x64
6General
-
Target
f0394c619492f9ee8cc3ac34dc1454f9_JaffaCakes118
-
Size
1.0MB
-
Sample
240415-d8s2tsgc41
-
MD5
f0394c619492f9ee8cc3ac34dc1454f9
-
SHA1
f91de9b2b7733b2f03b48e29c0c97be8f40ca5c4
-
SHA256
6a9fe92b79c4455d935dd6c226ffa173cbe852c461ae3f5d952a43f10cffa48d
-
SHA512
47cbec1f0d1acb79122f3824bcf6773bec0ad8e27725a6bfd087440a1f1455e55e4a7c527c54ac1657ac3c5fc1541eefc2f0649d2fa875de2d655b8cfd917315
-
SSDEEP
24576:avZJR4zjuGj6i7ztCAE0loe6XHe01ub43d:qZJR4rlBbQHe01ubed
Static task
static1
Behavioral task
behavioral1
Sample
f0394c619492f9ee8cc3ac34dc1454f9_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
f0394c619492f9ee8cc3ac34dc1454f9_JaffaCakes118.exe
Resource
win10v2004-20240412-en
Behavioral task
behavioral3
Sample
$PLUGINSDIR/System.dll
Resource
win7-20240221-en
Behavioral task
behavioral4
Sample
$PLUGINSDIR/System.dll
Resource
win10v2004-20240412-en
Behavioral task
behavioral5
Sample
$PLUGINSDIR/UserInfo.dll
Resource
win7-20240221-en
Behavioral task
behavioral6
Sample
$PLUGINSDIR/UserInfo.dll
Resource
win10v2004-20240412-en
Behavioral task
behavioral7
Sample
$_13_/extensions/[email protected]/components/FFHst.dll
Resource
win7-20240221-en
Behavioral task
behavioral8
Sample
$_13_/extensions/[email protected]/components/FFHst.dll
Resource
win10v2004-20240412-en
Behavioral task
behavioral9
Sample
$_13_/extensions/[email protected]/content/PPCB.js
Resource
win7-20231129-en
Behavioral task
behavioral10
Sample
$_13_/extensions/[email protected]/content/PPCB.js
Resource
win10v2004-20240226-en
Behavioral task
behavioral11
Sample
$_13_/extensions/[email protected]/content/bbylnDef.js
Resource
win7-20240221-en
Behavioral task
behavioral12
Sample
$_13_/extensions/[email protected]/content/bbylnDef.js
Resource
win10v2004-20240412-en
Behavioral task
behavioral13
Sample
$_13_/extensions/[email protected]/content/btnInf.js
Resource
win7-20240221-en
Behavioral task
behavioral14
Sample
$_13_/extensions/[email protected]/content/btnInf.js
Resource
win10v2004-20240412-en
Behavioral task
behavioral15
Sample
$_13_/extensions/[email protected]/content/mtrprt.js
Resource
win7-20240319-en
Behavioral task
behavioral16
Sample
$_13_/extensions/[email protected]/content/mtrprt.js
Resource
win10v2004-20240412-en
Behavioral task
behavioral17
Sample
$_13_/extensions/[email protected]/content/tmplt.js
Resource
win7-20240221-en
Behavioral task
behavioral18
Sample
$_13_/extensions/[email protected]/content/tmplt.js
Resource
win10v2004-20240412-en
Behavioral task
behavioral19
Sample
$_13_/extensions/[email protected]/defaults/preferences/instlPref.js
Resource
win7-20240221-en
Behavioral task
behavioral20
Sample
$_13_/extensions/[email protected]/defaults/preferences/instlPref.js
Resource
win10v2004-20240412-en
Behavioral task
behavioral21
Sample
BabylonToolbarApp.dll
Resource
win7-20240221-en
Behavioral task
behavioral22
Sample
BabylonToolbarApp.dll
Resource
win10v2004-20240412-en
Behavioral task
behavioral23
Sample
BabylonToolbarEng.dll
Resource
win7-20240221-en
Behavioral task
behavioral24
Sample
BabylonToolbarEng.dll
Resource
win10v2004-20240412-en
Behavioral task
behavioral25
Sample
BabylonToolbarTlbr.dll
Resource
win7-20240220-en
Behavioral task
behavioral26
Sample
BabylonToolbarTlbr.dll
Resource
win10v2004-20240412-en
Behavioral task
behavioral27
Sample
BabylonToolbarsrv.exe
Resource
win7-20240221-en
Behavioral task
behavioral28
Sample
BabylonToolbarsrv.exe
Resource
win10v2004-20240226-en
Behavioral task
behavioral29
Sample
bh/BabylonToolbar.dll
Resource
win7-20240221-en
Malware Config
Targets
-
-
Target
f0394c619492f9ee8cc3ac34dc1454f9_JaffaCakes118
-
Size
1.0MB
-
MD5
f0394c619492f9ee8cc3ac34dc1454f9
-
SHA1
f91de9b2b7733b2f03b48e29c0c97be8f40ca5c4
-
SHA256
6a9fe92b79c4455d935dd6c226ffa173cbe852c461ae3f5d952a43f10cffa48d
-
SHA512
47cbec1f0d1acb79122f3824bcf6773bec0ad8e27725a6bfd087440a1f1455e55e4a7c527c54ac1657ac3c5fc1541eefc2f0649d2fa875de2d655b8cfd917315
-
SSDEEP
24576:avZJR4zjuGj6i7ztCAE0loe6XHe01ub43d:qZJR4rlBbQHe01ubed
Score7/10-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
-
-
Target
$PLUGINSDIR/System.dll
-
Size
11KB
-
MD5
c17103ae9072a06da581dec998343fc1
-
SHA1
b72148c6bdfaada8b8c3f950e610ee7cf1da1f8d
-
SHA256
dc58d8ad81cacb0c1ed72e33bff8f23ea40b5252b5bb55d393a0903e6819ae2f
-
SHA512
d32a71aaef18e993f28096d536e41c4d016850721b31171513ce28bbd805a54fd290b7c3e9d935f72e676a1acfb4f0dcc89d95040a0dd29f2b6975855c18986f
-
SSDEEP
192:7DKnJZCv6VmbJQC+tFiUdK7ckD4gRXKQx+LQ2CSF:7ViJrtFRdbmXK8+PCw
Score3/10 -
-
-
Target
$PLUGINSDIR/UserInfo.dll
-
Size
4KB
-
MD5
7579ade7ae1747a31960a228ce02e666
-
SHA1
8ec8571a296737e819dcf86353a43fcf8ec63351
-
SHA256
564c80dec62d76c53497c40094db360ff8a36e0dc1bda8383d0f9583138997f5
-
SHA512
a88bc56e938374c333b0e33cb72951635b5d5a98b9cb2d6785073cbcad23bf4c0f9f69d3b7e87b46c76eb03ced9bb786844ce87656a9e3df4ca24acf43d7a05b
Score3/10 -
-
-
Target
$_13_/extensions/[email protected]/components/FFHst.dll
-
Size
332KB
-
MD5
8e2011c48e80d56c2a1d08d28326a9e5
-
SHA1
4a1c4e6014583494fc241df9016bc8b49af6a027
-
SHA256
5baf6676dc85eb5b4061a07892d04405019af4722fe192bc14a5fde40064d82c
-
SHA512
5ea7ea1197ac3b70c74ac54a4690c25959a9cd788d18f51adc66e9184b450401b50a4f4d6b6614e55f15fad47bc2f7c1c344d0fd3123faa8f906eee60295c4da
-
SSDEEP
3072:A884+TyS0QkJOGj1WyeQdgtA9M3j6K0W0yaShWYJAieXbqcRV8UFNWd/gzR1Dde5:DLJnCjHGzShbJnc8UFreoKbiG0UfpPr
Score1/10 -
-
-
Target
$_13_/extensions/[email protected]/content/PPCB.js
-
Size
1020B
-
MD5
071b62b69ea367351ab08e3b9b2d4713
-
SHA1
56740405bd308b0e8ee9824954e3c04a9eae8df6
-
SHA256
ccf4018afaa89816df8ebeda5de35d942e4e2d1900cadb19dce1ec9ccc26b8bd
-
SHA512
9cdb37e743e5628cc8192a555358b9186d83a9f09db295ec09f121f4937b10ecb2079ce871e163bc30d290d2f1824be1159f347b776277fc4f0669b85474a60d
Score1/10 -
-
-
Target
$_13_/extensions/[email protected]/content/bbylnDef.js
-
Size
522B
-
MD5
1e91944edf7493ea49e86ed9b56a14df
-
SHA1
df8b2a5cd965b071e3fd8b2405a928c4ae7c854d
-
SHA256
02aba832ee1a51d44c00d3b627c77d022186ffe48bf7cd5aeb3969527140cd0a
-
SHA512
4b7564f05b2de5221a6a544fc80081166b02929dccbff4bf93cae31ac8ac7553c6a409b6ce230537b82380f4ed98cd43866ca2a6b614d38b21c513c4d3068534
Score1/10 -
-
-
Target
$_13_/extensions/[email protected]/content/btnInf.js
-
Size
1KB
-
MD5
e60d44c3ddf9982575aeef2649bde4f8
-
SHA1
310cf40361431fcd257a6cd292cda46e100a532f
-
SHA256
77b4d8bc57eb640815997250c64ee6d71a64c3584f46d94c1f9caa68c5fb7091
-
SHA512
b83df30b77f658fa8ad200257ad546893587908bdefcb269611f15a864c250f7a2e78557db2ceb580f0fbcd5b6519f0505c5c14295b41388e195b219ab7792ab
Score1/10 -
-
-
Target
$_13_/extensions/[email protected]/content/mtrprt.js
-
Size
4KB
-
MD5
95ba7c16d98e446412e097c370a6f660
-
SHA1
e61b808c3fe04a3f6f573510c5f94be0d3e6f251
-
SHA256
3f3ecc6f36aed33447b45ca8b4d0a1784d6744c7a8c4f28042e4b1173bc25c2e
-
SHA512
cb6d9516142599a7dd53ba722c7fdd72025332ea74d7e45600a6460f4415757d5632fad6a2b7288b6dcccd8a6e7960fd9b9560eb1501fcf86cccfd19c51ea51f
-
SSDEEP
96:QzJdAUaJsuFETgbwWiueGdA70GNWbZ3w9V3Cq4Di:oyUaJYTgk1uea6N8Z3w9V3CdDi
Score1/10 -
-
-
Target
$_13_/extensions/[email protected]/content/tmplt.js
-
Size
7KB
-
MD5
ae6b7bb925f76c14e06cce500ebbc8ca
-
SHA1
61630e438c7e659409b2629a78c25bd7d3295184
-
SHA256
fe078bc40ffc977388a1f93d81858e901addbf2239bef51f5fe5f2a29fef5d64
-
SHA512
95928919c84c65108f80c587218d568380071f099b93180d1883642cf51873deb740381afa58b1a38cb84641fad1e815b21b0a065f5bdc95e0f7d3c0edb9f62c
-
SSDEEP
96:ZJpFZ7+xMkgTXM7qp3NDBPFrpR1pvAiz8v9JVXA96wDsdUslRydFkbsqBuu7hqTN:Z3F+MtXMep3xBPFrpbRzzNa5cybExaPC
Score1/10 -
-
-
Target
$_13_/extensions/[email protected]/defaults/preferences/instlPref.js
-
Size
54B
-
MD5
ad2bc56295f1909f75aaa5e010e2835d
-
SHA1
466215893a8f9ee026a649dee0741cda79857f8a
-
SHA256
89aeb2c79621dc3663b15c7267fc1ef4997e72f30f042d11404291d8463ab288
-
SHA512
36d06498fcdfaff2c514ef0ee453e76ffe45aa3df17aca05fe7cb1d1f67c3f5b0f2f08c04eb036f84abf93dc3b4992ccb5e5b2d4bf5ef21b81463d0af5bef992
Score1/10 -
-
-
Target
BabylonToolbarApp.dll
-
Size
316KB
-
MD5
5f933c75510ce7064600770488159453
-
SHA1
fd431f71a4a06601df970c160c6f027cdb487454
-
SHA256
c3aa14523d496a8cb780e568e2dc8fbd52b18d252cdf9b5ec223b6d3788ce82a
-
SHA512
68a2eb4f5785cb3355409e662513fd54ecf6afea6fc67b18f3bbc7f0fd3724c7ade9bb0cafb2afa89d98fc8e81ecf4864de627bee65e44d0a3f50150deb55c86
-
SSDEEP
6144:jboP92HPoeRIsTErfUeLJ5XMvFc8VDgG:voPOPoVYErUe1eFc8V
Score1/10 -
-
-
Target
BabylonToolbarEng.dll
-
Size
412KB
-
MD5
ce5d74d6ac19e94164de0506d46b8ae8
-
SHA1
460787519719512980c651e12faea1ea0f248ba1
-
SHA256
b56d0b4d10fcf0d3a7b06880e8f0b25922f51b9fcf90aac5851e822a87ae44b1
-
SHA512
79bfb453bb6a259b847a7577a5f5549b65c472c9aff775b2a48bcf8f8cfc7dd6660354445523264f604de53c95238be2f1399e768538959192217262c565c350
-
SSDEEP
6144:tuabG7qeE0ZYckd8pFnracGJ+ZYCaIam4s2Q7pY6OxYYW:MabGqeE0ZYSFnO/GYJIam4s2uO2YW
Score1/10 -
-
-
Target
BabylonToolbarTlbr.dll
-
Size
180KB
-
MD5
cf158fac1864ee97bfe3221285fec23a
-
SHA1
329020bc3cb47fab48a978df697aa1d1e919f117
-
SHA256
8d22f5c4b285edd6237712941a51c14036861d44e68760eb64a4325a9c4f90b8
-
SHA512
b412d067d5ed9b5b9d581220c71a307956d6a5427c37e0a033a145f42cc8845f1f6bfee71dfa577cb83a8d8b0408c8244994554be60881f0a85770d44675d072
-
SSDEEP
3072:SN9By1nS1BFZKiaoNQadIlD8vX7N3DPa5jerH3D:C9B/rnuadIc4erHT
Score1/10 -
-
-
Target
BabylonToolbarsrv.exe
-
Size
280KB
-
MD5
000a83380536df86efe77d020d812f96
-
SHA1
93ccca1325a0037ab108ea3417eeaf166d510b76
-
SHA256
97e8af15a48dbd5c2a57ef6b8bdbd135a47fe9a86570253206477990ed7cc29c
-
SHA512
7b96aeab7b725060094c841eb3208e9e17f1a3c41dd9dfefacb2f521794c10056ccc4191ee9390bced07c94474dcc36525e9057d1217ae574fe323cb48a62c28
-
SSDEEP
3072:6ky8UtwkBCApNnbbnWJUSnFJhkRbHdr1fqpDUnnS7dbkd6Z/IKBlUqH6A/rT/aHv:6T8vqhfb9SFohdZUUnnS7jZdH6UyktO
Score1/10 -
-
-
Target
bh/BabylonToolbar.dll
-
Size
220KB
-
MD5
91bcffe9095dfe033125add31ee7ffc1
-
SHA1
2e62ade3fd726db37e23a16e6961433035a50d44
-
SHA256
5d2c82a9186fb144245456e12c55744c2ff2b38a50294bda6d881e66e18e9d46
-
SHA512
e666822cdbd9d6fa88b0936c6403c24d109aecdc28f78ebc27a73a17ee989600932ccafd6362b6687d473bd0c49d98f058076d91d985683f4a73df9fb464a19a
-
SSDEEP
3072:Gbz/nWHs6djQbOCfYV6ZeDBXD+VWqpbfv5iF8cdN:azh6ebVQKkqxgFlN
-