Overview
overview
10Static
static
30afc9b07d4...18.exe
windows7-x64
100afc9b07d4...18.exe
windows10-2004-x64
7$PLUGINSDI...em.dll
windows7-x64
3$PLUGINSDI...em.dll
windows10-2004-x64
3$PLUGINSDI...gs.dll
windows7-x64
3$PLUGINSDI...gs.dll
windows10-2004-x64
3class.noobSlide.js
windows7-x64
1class.noobSlide.js
windows10-2004-x64
1exit.jsp15...8.html
windows7-x64
1exit.jsp15...8.html
windows10-2004-x64
1uninst.exe
windows7-x64
7uninst.exe
windows10-2004-x64
7$PLUGINSDI...em.dll
windows7-x64
3$PLUGINSDI...em.dll
windows10-2004-x64
3General
-
Target
0afc9b07d41ebdabc1d23559452d07d3_JaffaCakes118
-
Size
282KB
-
Sample
240501-drj3laef2x
-
MD5
0afc9b07d41ebdabc1d23559452d07d3
-
SHA1
a48c8c48f446835cb3a2522180223a3a9fe5349d
-
SHA256
ac349ddf5d93a43f30ab2566ea00404e017a87b5c715f2b258624e5e488d16ea
-
SHA512
1f87126b326954cc01a98c6469c6204f6b2f85d41c0217ef835b311a7674ecf0d075fe47a63131cd183a6fc1a37ee289ecae8edad3ca5f52bce72757103370e9
-
SSDEEP
6144:tGC7W7BUagKatVsWNMV+qUCp9GwmZFT254EyLvYsoKDLZKDEACZMH:/a7fgt6MK/GwmTa+LwsoyoEACyH
Static task
static1
Behavioral task
behavioral1
Sample
0afc9b07d41ebdabc1d23559452d07d3_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
0afc9b07d41ebdabc1d23559452d07d3_JaffaCakes118.exe
Resource
win10v2004-20240419-en
Behavioral task
behavioral3
Sample
$PLUGINSDIR/System.dll
Resource
win7-20240221-en
Behavioral task
behavioral4
Sample
$PLUGINSDIR/System.dll
Resource
win10v2004-20240419-en
Behavioral task
behavioral5
Sample
$PLUGINSDIR/nsDialogs.dll
Resource
win7-20231129-en
Behavioral task
behavioral6
Sample
$PLUGINSDIR/nsDialogs.dll
Resource
win10v2004-20240426-en
Behavioral task
behavioral7
Sample
class.noobSlide.js
Resource
win7-20240419-en
Behavioral task
behavioral8
Sample
class.noobSlide.js
Resource
win10v2004-20240419-en
Behavioral task
behavioral9
Sample
exit.jsp1550152078.html
Resource
win7-20240221-en
Behavioral task
behavioral10
Sample
exit.jsp1550152078.html
Resource
win10v2004-20240419-en
Behavioral task
behavioral11
Sample
uninst.exe
Resource
win7-20240220-en
Behavioral task
behavioral12
Sample
uninst.exe
Resource
win10v2004-20240419-en
Behavioral task
behavioral13
Sample
$PLUGINSDIR/System.dll
Resource
win7-20240221-en
Behavioral task
behavioral14
Sample
$PLUGINSDIR/System.dll
Resource
win10v2004-20240419-en
Malware Config
Extracted
C:\MSOCache\All Users\{90140000-0117-0409-0000-0000000FF1CE}-C\_README_2CK9TM_.hta
Targets
-
-
Target
0afc9b07d41ebdabc1d23559452d07d3_JaffaCakes118
-
Size
282KB
-
MD5
0afc9b07d41ebdabc1d23559452d07d3
-
SHA1
a48c8c48f446835cb3a2522180223a3a9fe5349d
-
SHA256
ac349ddf5d93a43f30ab2566ea00404e017a87b5c715f2b258624e5e488d16ea
-
SHA512
1f87126b326954cc01a98c6469c6204f6b2f85d41c0217ef835b311a7674ecf0d075fe47a63131cd183a6fc1a37ee289ecae8edad3ca5f52bce72757103370e9
-
SSDEEP
6144:tGC7W7BUagKatVsWNMV+qUCp9GwmZFT254EyLvYsoKDLZKDEACZMH:/a7fgt6MK/GwmTa+LwsoyoEACyH
Score10/10-
Contacts a large (576) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Deletes itself
-
Loads dropped DLL
-
Sets desktop wallpaper using registry
-
Suspicious use of SetThreadContext
-
-
-
Target
$PLUGINSDIR/System.dll
-
Size
11KB
-
MD5
3e6bf00b3ac976122f982ae2aadb1c51
-
SHA1
caab188f7fdc84d3fdcb2922edeeb5ed576bd31d
-
SHA256
4ff9b2678d698677c5d9732678f9cf53f17290e09d053691aac4cc6e6f595cbe
-
SHA512
1286f05e6a7e6b691f6e479638e7179897598e171b52eb3a3dc0e830415251069d29416b6d1ffc6d7dce8da5625e1479be06db9b7179e7776659c5c1ad6aa706
-
SSDEEP
192:eP24sihno00Wfl97nH6T2enXwWobpWBTU4VtHT7dmN35OlbSl:T8QIl975eXqlWBrz7YLOlb
Score3/10 -
-
-
Target
$PLUGINSDIR/nsDialogs.dll
-
Size
9KB
-
MD5
dbdbf4017ff91c9de328697b5fd2e10a
-
SHA1
b597a5e9a8a0b252770933feed51169b5060a09f
-
SHA256
be60a00f32924ccbe03f9914e33b8e1ad8c8a1ca442263a69896efba74925b36
-
SHA512
3befc15aab0a5dbe7fde96155b0499d385f2799b1a2d47ce04f37b5804006b1c6c4fff93d3cedb56a2a8172b23752b6f9dc6168cfce3596b91def3247836cf10
-
SSDEEP
96:33YnIxFkDUGZpKSmktse3GpmD8pevbE9cxSgB5PKtAtYE9v5E9KntrmfVEB3YdkS:33YIvGZDdtP8pevbg0PuAYK56NyoIFI
Score3/10 -
-
-
Target
class.noobSlide.js
-
Size
5KB
-
MD5
3a6fe43abdae2fd995b4e3f950f50eaf
-
SHA1
c06f2c2f2099dff0250876da914d5604f2e3d1ab
-
SHA256
768890b85f055b7437e7a8813ad93cf8ebd0b58fe4f7faf625d06a430ea2ce98
-
SHA512
2308b662ca70c8a6dd58ad5ace8660e633ac544993e76312c4d5eca95a916d8af1937fb43a830db282ae3bdf69639c552b28273d596c74ac24a61fad127aefcc
-
SSDEEP
96:6/HtzS70XjxRuSERdHlHa6eqfbH0c5Rn5dDzyqFW3Yrbd8lR:oNzSQ7oRTHleqfbH0MRfSqFtV87
Score1/10 -
-
-
Target
exit.jsp1550152078.html
-
Size
4KB
-
MD5
f7d3bf026cc87844b2999093390b26df
-
SHA1
1dd20b1bc524ef816c7a9ce32c6ab593318ec1c6
-
SHA256
ab656a286464fa341ccf5bdc415d6da82f1df34f394a24501c051670e86622a2
-
SHA512
d7c781af6eb54e8981029af92870440abe6a6caaa296e848db397ee120bdc282724639fec313a093045968b1275a847e77382c5a26c4438ebf19884f147bf712
-
SSDEEP
96:V3opRxcslG+v2ayKtX70fEzOHVK2ZhbfPvbwHDH0JaJ3JOx:V3axcr+Jx708z0K2ZpH3
Score1/10 -
-
-
Target
uninst.exe
-
Size
74KB
-
MD5
824c6a64db468ffa51a3adcc94eb4357
-
SHA1
55ff974e05d677b92d9ffe09a87fe2fcffdc2cfb
-
SHA256
7a19501139f17d9fc5cfd90719e391775b5596a258cd3167838473b692f913ee
-
SHA512
b46dcb2800cf2853a621e73c4d982510b9252747544bffc5ef4c2c304c2219937a7fc7be4716801b5ddbe3e35f307160cc5b614af888771baa3a3113ea3d13f6
-
SSDEEP
1536:FFI4LGXy7W7EJGb90DcYzIagmYRN5L9A5AuG+TFgeK7Bj:/IWGC7W7BuDcYzIaxqZ9AVTF7MBj
Score7/10-
Executes dropped EXE
-
Loads dropped DLL
-
-
-
Target
$PLUGINSDIR/System.dll
-
Size
11KB
-
MD5
3e6bf00b3ac976122f982ae2aadb1c51
-
SHA1
caab188f7fdc84d3fdcb2922edeeb5ed576bd31d
-
SHA256
4ff9b2678d698677c5d9732678f9cf53f17290e09d053691aac4cc6e6f595cbe
-
SHA512
1286f05e6a7e6b691f6e479638e7179897598e171b52eb3a3dc0e830415251069d29416b6d1ffc6d7dce8da5625e1479be06db9b7179e7776659c5c1ad6aa706
-
SSDEEP
192:eP24sihno00Wfl97nH6T2enXwWobpWBTU4VtHT7dmN35OlbSl:T8QIl975eXqlWBrz7YLOlb
Score3/10 -