Overview
overview
10Static
static
10126fff08a5...18.exe
windows7-x64
7126fff08a5...18.exe
windows10-2004-x64
7$PLUGINSDI...ns.dll
windows7-x64
3$PLUGINSDI...ns.dll
windows10-2004-x64
3Analizador.dll
windows7-x64
3Analizador.dll
windows10-2004-x64
3Ayuda.exe
windows7-x64
7Ayuda.exe
windows10-2004-x64
7E-mail_Marketing.exe
windows7-x64
10E-mail_Marketing.exe
windows10-2004-x64
10Extractor.exe
windows7-x64
1Extractor.exe
windows10-2004-x64
1Seguridad.dll
windows7-x64
3Seguridad.dll
windows10-2004-x64
3Servidor_em.exe
windows7-x64
1Servidor_em.exe
windows10-2004-x64
1libeay32.dll
windows7-x64
1libeay32.dll
windows10-2004-x64
1ssleay32.dll
windows7-x64
1ssleay32.dll
windows10-2004-x64
1uninst.exe
windows7-x64
7uninst.exe
windows10-2004-x64
7General
-
Target
126fff08a5955d42438875e98c23487e_JaffaCakes118
-
Size
4.6MB
-
Sample
240504-m47tvsca4s
-
MD5
126fff08a5955d42438875e98c23487e
-
SHA1
c358de8d49e52feb00342e2413b67448ec620ea5
-
SHA256
5c8976657c81b6efedcccafafc4fa3a9ad53f2c72abde0e8256ee9c1de0cbdf2
-
SHA512
32fdcd5d68dc367febd26a076f2db003f98fbf5248bac33b87904ec818e5bc43cad4904ce54307a652dcc5cce699ca854f539f8807520902ff5c865cbed0392e
-
SSDEEP
98304:qwoiFIZ3et8abLGAQfBIqtO/ZIpBrfhuM/etsIcqC3qK:qwl/hPQfBIf6phZx/osJqCh
Behavioral task
behavioral1
Sample
126fff08a5955d42438875e98c23487e_JaffaCakes118.exe
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
126fff08a5955d42438875e98c23487e_JaffaCakes118.exe
Resource
win10v2004-20240426-en
Behavioral task
behavioral3
Sample
$PLUGINSDIR/InstallOptions.dll
Resource
win7-20240221-en
Behavioral task
behavioral4
Sample
$PLUGINSDIR/InstallOptions.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral5
Sample
Analizador.dll
Resource
win7-20240215-en
Behavioral task
behavioral6
Sample
Analizador.dll
Resource
win10v2004-20240419-en
Behavioral task
behavioral7
Sample
Ayuda.exe
Resource
win7-20240215-en
Behavioral task
behavioral8
Sample
Ayuda.exe
Resource
win10v2004-20240419-en
Behavioral task
behavioral9
Sample
E-mail_Marketing.exe
Resource
win7-20240221-en
Behavioral task
behavioral10
Sample
E-mail_Marketing.exe
Resource
win10v2004-20240419-en
Behavioral task
behavioral11
Sample
Extractor.exe
Resource
win7-20240221-en
Behavioral task
behavioral12
Sample
Extractor.exe
Resource
win10v2004-20240426-en
Behavioral task
behavioral13
Sample
Seguridad.dll
Resource
win7-20240220-en
Behavioral task
behavioral14
Sample
Seguridad.dll
Resource
win10v2004-20240426-en
Behavioral task
behavioral15
Sample
Servidor_em.exe
Resource
win7-20240221-en
Behavioral task
behavioral16
Sample
Servidor_em.exe
Resource
win10v2004-20240419-en
Behavioral task
behavioral17
Sample
libeay32.dll
Resource
win7-20240221-en
Behavioral task
behavioral18
Sample
libeay32.dll
Resource
win10v2004-20240419-en
Behavioral task
behavioral19
Sample
ssleay32.dll
Resource
win7-20240215-en
Behavioral task
behavioral20
Sample
ssleay32.dll
Resource
win10v2004-20240419-en
Behavioral task
behavioral21
Sample
uninst.exe
Resource
win7-20240221-en
Behavioral task
behavioral22
Sample
uninst.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
126fff08a5955d42438875e98c23487e_JaffaCakes118
-
Size
4.6MB
-
MD5
126fff08a5955d42438875e98c23487e
-
SHA1
c358de8d49e52feb00342e2413b67448ec620ea5
-
SHA256
5c8976657c81b6efedcccafafc4fa3a9ad53f2c72abde0e8256ee9c1de0cbdf2
-
SHA512
32fdcd5d68dc367febd26a076f2db003f98fbf5248bac33b87904ec818e5bc43cad4904ce54307a652dcc5cce699ca854f539f8807520902ff5c865cbed0392e
-
SSDEEP
98304:qwoiFIZ3et8abLGAQfBIqtO/ZIpBrfhuM/etsIcqC3qK:qwl/hPQfBIf6phZx/osJqCh
Score7/10-
Loads dropped DLL
-
-
-
Target
$PLUGINSDIR/InstallOptions.dll
-
Size
14KB
-
MD5
296a5f3179fa8d7a7a855eaf696ede44
-
SHA1
57aa5b71553ed282dd22c768e039a187f5c13f63
-
SHA256
ee0ad77e681c4d0fdf1d67df5f4ca03e6bdd8e3b05dfb47a83ad5c733ed62960
-
SHA512
bc527d1485f468e8d098057e0e38e8cb7aa6eb64d4ca30927b99b1552a3177b132b989015ff95bdf2ca046bf11a54b4b456f51e024fbc734fbb548c3499e53f6
-
SSDEEP
192:r6JaVGQ+xI5EeuyvMmGpeWH2J5xprN+AxTyK72dwF7dBdcQOz:r6JaVh4I5rpPbTy+BdhO
Score3/10 -
-
-
Target
Analizador.dll
-
Size
90KB
-
MD5
79712c20fe2155cf1ab4fa1b07969e9e
-
SHA1
1f45b7aa4c6434e3008d2b8cb9096e8d38dbc0d8
-
SHA256
b9ce82cf7b4f51617a04fe79489fa186a6750e071530d13b303435f739518a99
-
SHA512
ca75f89481f216842874b567e1a5746cb144680d7034470690e3466126f3fbf7dbd6b8f07be41cc98dc7b8f16a4ecfd0aac0fa6d48f44699d2de9592a7f2c3af
-
SSDEEP
1536:U2tof5xxLs8npufZTEoqphLaI+EqeO8uWGMtB5lKJP0uT4PP0uTzuBNGMG3UXBN:hK57A8nAxTEoqp+eOUtLI2uKUXr
Score3/10 -
-
-
Target
Ayuda.exe
-
Size
1.7MB
-
MD5
2e21ce4260d255c7dfc58bbaa21d20d2
-
SHA1
a042dc3f09edaee569d7b9fc5c1f901e1775a434
-
SHA256
97e933dfd6fe33126da146836f639b7cb9e152a26df08a36362dd823961bc7d6
-
SHA512
bc7a97da2580a6690483b95314641f17dd8e034831d48383c181322187958f3ce3c4ba97f706745074714f7324e6fa119d2b78f17eb1aa0be09fce2900bf9c7d
-
SSDEEP
49152:aMWUARVFZP6/KyhiIEltAplV3y7JRbgGK5BLhb76N:XwPX7+EIpX3yTbhK5BLZ76N
Score7/10 -
-
-
Target
E-mail_Marketing.exe
-
Size
6.1MB
-
MD5
76ff28758fd13b3d5a676241c926c58b
-
SHA1
70f6ef335a1270b12fcbcc01985e24ec62742444
-
SHA256
f388a08c09b113da055e7a1d668ab6aef0904dc3b8031184060a040909636d52
-
SHA512
b28b47e2eec8172fd37cd31910a2234f3e32785e9a580154ebbb98fbbc337f828ad7a9562b52c9f4a985957eea6d4078c1ed1b31080a4286daed2f2b2e8629c1
-
SSDEEP
98304:rpXf9QoQAjEccyG7w/LErbQ4BfLyQBmYs5j3:FP9Q3cI76LgBfLyQBz+3
Score10/10-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
ModiLoader First Stage
-
-
-
Target
Extractor.exe
-
Size
220KB
-
MD5
1ced1b979203a7e4265ab844e807f64d
-
SHA1
1227bf074ac939c23a689687c48ad58b50d04c78
-
SHA256
25aa8133652829d5cc8284fd2dabc2a43ed1209e37414523e5e2b663feb4c602
-
SHA512
893513fa46bc926475932c43c842e453254dfb325f069b77affc587eae1642d9914c0db69d521e154d6ffbdd2cd007bed5e30c065eb170390d8a32863ce6a2eb
-
SSDEEP
6144:sny3kJ/IJzJKuCpCuEfbxWl3K8acHDc7ZkvF:gXhizJTCpCuEfbm4cjc7e
Score1/10 -
-
-
Target
Seguridad.dll
-
Size
228KB
-
MD5
4937dfb56023d9f33727c10865986943
-
SHA1
cf9aa6877fda04af48d9319a226704b4bf46f177
-
SHA256
50165ef998d9ee7c5ce29f07d95c48e4d72ba1dffbdc8c2165373d5de22aa8fd
-
SHA512
2879db9aa169e412ede7f26ed5f5dfd1313947b3b781ea1cf7ff4bb52bf98af53fc9d130442e11910de344e5ec74d669f17412fa0278a38ebee5a65c3eece863
-
SSDEEP
6144:bWoYdXW4FXVrt8y6lDHy7Qea/66nmdnFnJnJ3/n0vJXH0eYGe:yoSXW4frt8yoGa/b
Score3/10 -
-
-
Target
Servidor_em.exe
-
Size
843KB
-
MD5
e6ac282d40cf400c94d103d0bbcf513c
-
SHA1
2815b404e72edaee8f5d792aafd4772f36c5bfac
-
SHA256
0369ca889e4633817eb29361b91a190de4e09eaa276d02b01ff43ef1113c5cd1
-
SHA512
a997557d722b254e42aeb1950c7a770905b8afdbf0b3f263317fc0db769e79cf249c4c5fcbc10ee43faecf426827a62ce6ce57c9cc9c76c8bae9008231e016e2
-
SSDEEP
12288:7rLeWwy/TXBtU5f+EltYgBWcQeay/MTc2HS6L8OlhcmH7C3yiJqHT:7eCBmWElCZcQeRkVSQ8O3Z7CCJ
Score1/10 -
-
-
Target
libeay32.dll
-
Size
1.3MB
-
MD5
a724f5da0a0184b5668ef2d85a7346e0
-
SHA1
7181fffaa6b8f0f29cf7cdd1b1b859c2b956d399
-
SHA256
7f2284d3cca6171e50b47eabc4fddc8cd2c9641cab4edb12b26694427f559848
-
SHA512
d9916d6581e5c25b6479445aef604e9e2dae6d64e1e7c6784516ef20616d2a8ab4253816ed7edbc289caaa9f1c88c6ba8441e8205616874ded5fd126644b83f2
-
SSDEEP
24576:2ztZk+KpPT5xWiqKZc6ZetcmQXFwYyzEuugANpopyeqwkVQ3I:HrPWzaDetcmQXFwYyugupozqbVQ3I
Score1/10 -
-
-
Target
ssleay32.dll
-
Size
330KB
-
MD5
d34ecd24706dcfff478fe6fbe79026a9
-
SHA1
e11540244a99a5d7c95643f14cce042de1710ac7
-
SHA256
4a55ba7288d61c50d5f852c1d07877da46b036c49559e648006839a3cb932a55
-
SHA512
16de6747156d1f7d6260e29a40706e4f81bc36e45246431bfcf0c097e8b598ed907edd4049240f080971efed07483876fad339a8940bda41d6ac6103fdf3b915
-
SSDEEP
6144:5cJ4T6sWJwGzhK5smGmU+c0nxAF1ONpDlXLMNFXpF6IA/Tr/NE4PB0JvMCGomJCX:5cJ4esWJwGzhK5smGH+c0nxAF1OpDlbo
Score1/10 -
-
-
Target
uninst.exe
-
Size
33KB
-
MD5
c51798315db65135c51f2574fa021096
-
SHA1
21882402dcf0e253e74cb19f6b76b5ff57e8cc25
-
SHA256
829cbfdb3bd8a54320ab6084c415ff3025a39ef72a58a6c465782c3a51707ec6
-
SHA512
45db5e2f36b58c9e6adce2fc66974cda111bae9d851f70f6f35d9d19201634acc56e6b7f372d730e1b8f1335a4af89d60ad2115827cddce54d53a441fd64cbb1
-
SSDEEP
768:TXKsDnvuB3hRx867tuXLx5Ro2NP0u6X71F38s1mJlHu4:LKsTvudhg67q1mX7BmJlHz
Score7/10-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-