Overview

overview

7

Static

static

3

3093678f31...18.exe

windows7-x64

7

3093678f31...18.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...nu.dll

windows7-x64

3

$PLUGINSDI...nu.dll

windows10-2004-x64

3

ShowImage.exe

windows7-x64

1

ShowImage.exe

windows10-2004-x64

1

SmileScreenShot.exe

windows7-x64

1

SmileScreenShot.exe

windows10-2004-x64

1

uninst.exe

windows7-x64

7

uninst.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    141s
  • max time network
    153s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    10/05/2024, 19:03

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    3093678f3170aca9b98e852570e6fa54_JaffaCakes118.exe

  • Size

    144KB

  • MD5

    3093678f3170aca9b98e852570e6fa54

  • SHA1

    19b8cd48c5544d0dfde39670288e0990aff447f2

  • SHA256

    2f4f18afd4c4ef23a0cc5d37742f52e5d120bce654f6301ec92d82723ed7c3fb

  • SHA512

    0b59e77ae679dc17d705a06f8eaa5e5054a350ced280b2bd981d3f88b822222d380b0ba99075433cac1a1dd61a280de5912ee8c2c404c6db35dcab2467d2ec2c

  • SSDEEP

    3072:ukOplcjVhQcR45bNa6QzGFizTDM/M9L5khhyVplo3AIRjEc7ob:urlwH406QCMrM/MJ5kX0pIf3ob

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

Processes

  • C:\Users\Admin\AppData\Local\Temp\3093678f3170aca9b98e852570e6fa54_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\3093678f3170aca9b98e852570e6fa54_JaffaCakes118.exe"
    1⤵
    • Loads dropped DLL
    PID:3508
  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=3144 --field-trial-handle=2280,i,716736634476467098,11449718822158202904,262144 --variations-seed-version /prefetch:8
    1⤵
      PID:4836

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\Local\Temp\nsh3D34.tmp\InstallOptions.dll
      Filesize

      14KB

      MD5

      d753362649aecd60ff434adf171a4e7f

      SHA1

      3b752ad064e06e21822c8958ae22e9a6bb8cf3d0

      SHA256

      8f24c6cf0b06d18f3c07e7bfca4e92afce71834663746cfaa9ddf52a25d5c586

      SHA512

      41bf41add275867553fa3bd8835cd7e2a2a362a2d5670ccbfad23700448bad9fe0f577fb6ee9d4eb81dfc10d463b325b8a873fe5912eb580936d4ad96587aa6d

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\nsh3D34.tmp\ioSpecial.ini
      Filesize

      599B

      MD5

      70db9bb723366b1baf336ec53921c590

      SHA1

      75b845c893d700f5c03edfcb2e71f54f6e73262b

      SHA256

      6c8fba201423521aec948a6d311b9ec58add2fdf1c20dc114ebb2d6d336f87f6

      SHA512

      7b52e6740ce2391f7a6d27e1011360d0e61287318ac45814a561990b9432c9cdbec9de4c94a9b5a3f32e9baf197fb25b1e7e773a54c46507ff42c922e799b645

      Download Submit