fe22e0a3594bff1aaa8daa3d102e840bde89ea342a3e16dfb1ee298f08e5696f | Triage

Submit
Reports

Overview

overview

7

Static

static

3

201037d0ab...18.exe

windows7-x64

7

201037d0ab...18.exe

windows10-2004-x64

7

$1/Tablacu...ff.exe

windows7-x64

1

$1/Tablacu...ff.exe

windows10-2004-x64

1

$3/$APPDAT...er.exe

windows7-x64

7

$3/$APPDAT...er.exe

windows10-2004-x64

7

$PLUGINSDI...ss.dll

windows7-x64

3

$PLUGINSDI...ss.dll

windows10-2004-x64

3

$PLUGINSDI...ss.dll

windows7-x64

3

$PLUGINSDI...ss.dll

windows10-2004-x64

3

$R1/Tablacus.exe

windows7-x64

4

$R1/Tablacus.exe

windows10-2004-x64

3

$R1/TablacusApp.exe

windows7-x64

1

$R1/TablacusApp.exe

windows10-2004-x64

1

$R1/script...und.js

windows7-x64

3

$R1/script...und.js

windows10-2004-x64

3

$R1/script/common.js

windows7-x64

3

$R1/script/common.js

windows10-2004-x64

3

$R1/script/consts.js

windows7-x64

3

$R1/script/consts.js

windows10-2004-x64

3

$R1/script...g.html

windows7-x64

1

$R1/script...g.html

windows10-2004-x64

1

$R1/script/index.html

windows7-x64

1

$R1/script/index.html

windows10-2004-x64

1

$R1/script/index.js

windows7-x64

3

$R1/script/index.js

windows10-2004-x64

3

$R1/script...n.html

windows7-x64

1

$R1/script...n.html

windows10-2004-x64

1

$R1/script...s.html

windows7-x64

1

$R1/script...s.html

windows10-2004-x64

1

$R1/script/options.js

windows7-x64

3

$R1/script/options.js

windows10-2004-x64

3

Analysis

max time kernel
137s
max time network
158s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
07/05/2024, 08:41

Sharing

Copy URL Twitter E-mail

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

201037d0abd9a98db87dd8c16abcd32c_JaffaCakes118.exe

Resource

win7-20240419-en

discovery persistence

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

201037d0abd9a98db87dd8c16abcd32c_JaffaCakes118.exe

Resource

win10v2004-20240426-en

discovery persistence

windows10-2004-x64

7 signatures

150 seconds

Behavioral task

behavioral3

Sample

$1/TablacusInstallerStuff.exe

Resource

win7-20240220-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral4

Sample

$1/TablacusInstallerStuff.exe

Resource

win10v2004-20240426-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral5

Sample

$3/$APPDATA/TablacusApp/uninstaller.exe

Resource

win7-20231129-en

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral6

Sample

$3/$APPDATA/TablacusApp/uninstaller.exe

Resource

win10v2004-20240419-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral7

Sample

$PLUGINSDIR/nsProcess.dll

Resource

win7-20240221-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral8

Sample

$PLUGINSDIR/nsProcess.dll

Resource

win10v2004-20240419-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral9

Sample

$PLUGINSDIR/nsProcess.dll

Resource

win7-20240221-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral10

Sample

$PLUGINSDIR/nsProcess.dll

Resource

win10v2004-20240419-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral11

Sample

$R1/Tablacus.exe

Resource

win7-20231129-en

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral12

Sample

$R1/Tablacus.exe

Resource

win10v2004-20240419-en

windows10-2004-x64

4 signatures

150 seconds

Behavioral task

behavioral13

Sample

$R1/TablacusApp.exe

Resource

win7-20240215-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral14

Sample

$R1/TablacusApp.exe

Resource

win10v2004-20240226-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral15

Sample

$R1/script/background.js

Resource

win7-20240221-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral16

Sample

$R1/script/background.js

Resource

win10v2004-20240419-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral17

Sample

$R1/script/common.js

Resource

win7-20240419-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral18

Sample

$R1/script/common.js

Resource

win10v2004-20240419-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral19

Sample

$R1/script/consts.js

Resource

win7-20240221-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral20

Sample

$R1/script/consts.js

Resource

win10v2004-20240419-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral21

Sample

$R1/script/dialog.html

Resource

win7-20240220-en

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral22

Sample

$R1/script/dialog.html

Resource

win10v2004-20240419-en

windows10-2004-x64

6 signatures

150 seconds

Behavioral task

behavioral23

Sample

$R1/script/index.html

Resource

win7-20240221-en

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral24

Sample

$R1/script/index.html

Resource

win10v2004-20240419-en

windows10-2004-x64

6 signatures

150 seconds

Behavioral task

behavioral25

Sample

$R1/script/index.js

Resource

win7-20240221-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral26

Sample

$R1/script/index.js

Resource

win10v2004-20240226-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral27

Sample

$R1/script/location.html

Resource

win7-20240220-en

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral28

Sample

$R1/script/location.html

Resource

win10v2004-20240419-en

windows10-2004-x64

6 signatures

150 seconds

Behavioral task

behavioral29

Sample

$R1/script/options.html

Resource

win7-20240221-en

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral30

Sample

$R1/script/options.html

Resource

win10v2004-20240419-en

windows10-2004-x64

6 signatures

150 seconds

Behavioral task

behavioral31

Sample

$R1/script/options.js

Resource

win7-20240215-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral32

Sample

$R1/script/options.js

Resource

win10v2004-20240419-en

windows10-2004-x64

1 signatures

150 seconds

Report Analysis Logs

General

Target

$R1/TablacusApp.exe
Size

218KB
MD5

20ad237a9b92f1cd7640e9d461ac8bc4
SHA1

49114acedfa7be6429ebd0da5b5c1311a966e822
SHA256

044f03a47a95aab679f55a5bd9d323ce5cafb2ee6346d144831292e25247bb32
SHA512

a9fae0ccddbca9346fd78fe0f0de8455d1587dd4479b26ce26acffad76be1a0955b907b83a2cad9b56e1ecb73efd908e6698976d43b908b1f58b8eab02d5909b
SSDEEP

3072:JcQ2az64xmGkBcYDXyuci31hRcg2J/RKgNgbKLimkGwpW4/u6uBbEBEP+FJsQjA:SQvxmRvbcrJsGgbKfLwM4Grgq2Fiv

Score

1^/10

Malware Config

Signatures

Processes

C:\Users\Admin\AppData\Local\Temp\$R1\TablacusApp.exe
"C:\Users\Admin\AppData\Local\Temp\$R1\TablacusApp.exe"
1⤵
PID:4452

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=4160 --field-trial-handle=3084,i,4016110471176367543,14287608422419064331,262144 --variations-seed-version /prefetch:8
1⤵
PID:3580

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

© 2018-2025

Terms | Privacy