Overview

overview

7

Static

static

7

faa518475f...18.exe

windows7-x64

7

faa518475f...18.exe

windows10-2004-x64

7

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...fo.dll

windows7-x64

3

$PLUGINSDI...fo.dll

windows10-2004-x64

3

$PLUGINSDI...ca.dll

windows7-x64

3

$PLUGINSDI...ca.dll

windows10-2004-x64

3

$PLUGINSDI...om.dll

windows7-x64

7

$PLUGINSDI...om.dll

windows10-2004-x64

7

Analysis

  • max time kernel
    148s
  • max time network
    159s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    19/04/2024, 15:54

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    faa518475ff86715f180ef9ad7c94381_JaffaCakes118.exe

  • Size

    230KB

  • MD5

    faa518475ff86715f180ef9ad7c94381

  • SHA1

    0a50a62a470ff48eb9bc6ad68476a72b19c638d9

  • SHA256

    206ee38d03caffc4059994ebe63e2f6d176d287617c3196f847188d66241b11d

  • SHA512

    6919dac22c2aa2d6ca3fa492e5495569fd3bd646ad82590ada6ce8b8b78dfc8a2c809380dac1af119729105b462c5c5c0ec46e1bcbea3f6bd18cac25e8d839da

  • SSDEEP

    3072:LQIURTXJqORfcc4VQgH1wOzUUUcI/CUAJkAoG0z/ZMh0FyzA5JT:Ls4ORt4nH1zf5VUAmASzyPi

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 7 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

Processes

  • C:\Users\Admin\AppData\Local\Temp\faa518475ff86715f180ef9ad7c94381_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\faa518475ff86715f180ef9ad7c94381_JaffaCakes118.exe"
    1⤵
    • Loads dropped DLL
    PID:3844
  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=4156 --field-trial-handle=2304,i,6987730730348465820,3913273227385401271,262144 --variations-seed-version /prefetch:8
    1⤵
      PID:4744

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\Local\Temp\nsf5E3A.tmp\System.dll
      Filesize

      11KB

      MD5

      c17103ae9072a06da581dec998343fc1

      SHA1

      b72148c6bdfaada8b8c3f950e610ee7cf1da1f8d

      SHA256

      dc58d8ad81cacb0c1ed72e33bff8f23ea40b5252b5bb55d393a0903e6819ae2f

      SHA512

      d32a71aaef18e993f28096d536e41c4d016850721b31171513ce28bbd805a54fd290b7c3e9d935f72e676a1acfb4f0dcc89d95040a0dd29f2b6975855c18986f

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\nsf5E3A.tmp\UserInfo.dll
      Filesize

      4KB

      MD5

      7579ade7ae1747a31960a228ce02e666

      SHA1

      8ec8571a296737e819dcf86353a43fcf8ec63351

      SHA256

      564c80dec62d76c53497c40094db360ff8a36e0dc1bda8383d0f9583138997f5

      SHA512

      a88bc56e938374c333b0e33cb72951635b5d5a98b9cb2d6785073cbcad23bf4c0f9f69d3b7e87b46c76eb03ced9bb786844ce87656a9e3df4ca24acf43d7a05b

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\nsf5E3A.tmp\inetca.dll
      Filesize

      20KB

      MD5

      134b93f8bd1f82cd2f1b06c878580703

      SHA1

      29cdbce7a2caf1f7e4d2a139c42336d490074665

      SHA256

      45153adf50541316468e2b189a0f8127be9fb29e2f920e7eeaa6aceb438db8c4

      SHA512

      f970c38debb6631dab7369e2bc96237f16a8fd328d9d35a2b54cb688e1807f62cc6d63230afe89ce5c3945097ae4466872c72929a9623adde3ee57bddf54b692

      Download Submit