Overview
overview
7Static
static
74434d1217b...18.exe
windows7-x64
74434d1217b...18.exe
windows10-2004-x64
7$PLUGINSDI...ns.dll
windows7-x64
3$PLUGINSDI...ns.dll
windows10-2004-x64
3$PLUGINSDI...fo.dll
windows7-x64
1$PLUGINSDI...fo.dll
windows10-2004-x64
1$PLUGINSDI...em.dll
windows7-x64
3$PLUGINSDI...em.dll
windows10-2004-x64
3$TEMP/WIC.exe
windows7-x64
7$TEMP/WIC.exe
windows10-2004-x64
7$TEMP/WinI...45.exe
windows7-x64
7$TEMP/WinI...45.exe
windows10-2004-x64
7HVMRuntm.dll
windows7-x64
1HVMRuntm.dll
windows10-2004-x64
1Newtonsoft.Json.dll
windows7-x64
1Newtonsoft.Json.dll
windows10-2004-x64
1RWXComLibrary.dll
windows7-x64
1RWXComLibrary.dll
windows10-2004-x64
1UpdateLab.dll
windows7-x64
3UpdateLab.dll
windows10-2004-x64
3tmp/Update.exe
windows7-x64
1tmp/Update.exe
windows10-2004-x64
1�...��.exe
windows7-x64
1�...��.exe
windows10-2004-x64
3�...��.exe
windows7-x64
1�...��.exe
windows10-2004-x64
1General
-
Target
4434d1217b742207e5d822c72d67dcfd_JaffaCakes118
-
Size
9.8MB
-
Sample
240515-c4tbcsdc6v
-
MD5
4434d1217b742207e5d822c72d67dcfd
-
SHA1
53aca2401d972a0972c6fae5932885b5398dfe59
-
SHA256
4ae8ae74bdc501408035742fe6d460fd6f4a6274e4ff57a6671177c24641ae9f
-
SHA512
39b3e38224c8b721ff9caabde118d7265a3ee4496541863b931cb72d84d8536b84505db1848465dde6306b063a426d5cedd5fadb2044ba8c91d60c91db82cd5c
-
SSDEEP
196608:zfJsguhKJAfGi1cMyhyEr1NI38ddB3r7ruwhDDF8qqKBTNrz8TDXZgpL3T:e8AfGi1nyh5dHPuwx/NrgHmVT
Behavioral task
behavioral1
Sample
4434d1217b742207e5d822c72d67dcfd_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
4434d1217b742207e5d822c72d67dcfd_JaffaCakes118.exe
Resource
win10v2004-20240426-en
Behavioral task
behavioral3
Sample
$PLUGINSDIR/InstallOptions.dll
Resource
win7-20240221-en
Behavioral task
behavioral4
Sample
$PLUGINSDIR/InstallOptions.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral5
Sample
$PLUGINSDIR/MoreInfo.dll
Resource
win7-20240419-en
Behavioral task
behavioral6
Sample
$PLUGINSDIR/MoreInfo.dll
Resource
win10v2004-20240426-en
Behavioral task
behavioral7
Sample
$PLUGINSDIR/System.dll
Resource
win7-20240220-en
Behavioral task
behavioral8
Sample
$PLUGINSDIR/System.dll
Resource
win10v2004-20240426-en
Behavioral task
behavioral9
Sample
$TEMP/WIC.exe
Resource
win7-20231129-en
Behavioral task
behavioral10
Sample
$TEMP/WIC.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral11
Sample
$TEMP/WinInstaller45.exe
Resource
win7-20240215-en
Behavioral task
behavioral12
Sample
$TEMP/WinInstaller45.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral13
Sample
HVMRuntm.dll
Resource
win7-20240508-en
Behavioral task
behavioral14
Sample
HVMRuntm.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral15
Sample
Newtonsoft.Json.dll
Resource
win7-20240221-en
Behavioral task
behavioral16
Sample
Newtonsoft.Json.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral17
Sample
RWXComLibrary.dll
Resource
win7-20240221-en
Behavioral task
behavioral18
Sample
RWXComLibrary.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral19
Sample
UpdateLab.dll
Resource
win7-20240220-en
Behavioral task
behavioral20
Sample
UpdateLab.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral21
Sample
tmp/Update.exe
Resource
win7-20231129-en
Behavioral task
behavioral22
Sample
tmp/Update.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral23
Sample
.exe
Resource
win7-20240215-en
Behavioral task
behavioral24
Sample
.exe
Resource
win10v2004-20240426-en
Behavioral task
behavioral25
Sample
.exe
Resource
win7-20240508-en
Behavioral task
behavioral26
Sample
.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
4434d1217b742207e5d822c72d67dcfd_JaffaCakes118
-
Size
9.8MB
-
MD5
4434d1217b742207e5d822c72d67dcfd
-
SHA1
53aca2401d972a0972c6fae5932885b5398dfe59
-
SHA256
4ae8ae74bdc501408035742fe6d460fd6f4a6274e4ff57a6671177c24641ae9f
-
SHA512
39b3e38224c8b721ff9caabde118d7265a3ee4496541863b931cb72d84d8536b84505db1848465dde6306b063a426d5cedd5fadb2044ba8c91d60c91db82cd5c
-
SSDEEP
196608:zfJsguhKJAfGi1cMyhyEr1NI38ddB3r7ruwhDDF8qqKBTNrz8TDXZgpL3T:e8AfGi1nyh5dHPuwx/NrgHmVT
Score7/10-
Loads dropped DLL
-
-
-
Target
$PLUGINSDIR/InstallOptions.dll
-
Size
14KB
-
MD5
325b008aec81e5aaa57096f05d4212b5
-
SHA1
27a2d89747a20305b6518438eff5b9f57f7df5c3
-
SHA256
c9cd5c9609e70005926ae5171726a4142ffbcccc771d307efcd195dafc1e6b4b
-
SHA512
18362b3aee529a27e85cc087627ecf6e2d21196d725f499c4a185cb3a380999f43ff1833a8ebec3f5ba1d3a113ef83185770e663854121f2d8b885790115afdf
-
SSDEEP
192:86d+dHXLHQOPiY53uiUdigyU+WsPdc/A1A+2jwK72dwF7dBEnbok:86UdHXcIiY535zBt2jw+BEnbo
Score3/10 -
-
-
Target
$PLUGINSDIR/MoreInfo.dll
-
Size
22KB
-
MD5
e66ec77c5d463f67192e22e4133e0fb3
-
SHA1
df18d6761ce408993261d64466c50b63c98aadc2
-
SHA256
85239f5799e0f9b0b3051f46c99e637af7511960299d84db41c003c09422718d
-
SHA512
839f83f42682cab943ed3ee304375e3d56ec0fcd0528b12c372444edec5102457d44dc89f2ef55125a05815376555d31123a783971432f4e46bede6655da5865
-
SSDEEP
384:aOzLkdGyyCMy8yjGNrCY0dIbyMDXfbkqjroflPZ/Az+x7NFLqFkLxK:HC38yjG9SSjkqj2U+x7N9jx
Score1/10 -
-
-
Target
$PLUGINSDIR/System.dll
-
Size
11KB
-
MD5
c17103ae9072a06da581dec998343fc1
-
SHA1
b72148c6bdfaada8b8c3f950e610ee7cf1da1f8d
-
SHA256
dc58d8ad81cacb0c1ed72e33bff8f23ea40b5252b5bb55d393a0903e6819ae2f
-
SHA512
d32a71aaef18e993f28096d536e41c4d016850721b31171513ce28bbd805a54fd290b7c3e9d935f72e676a1acfb4f0dcc89d95040a0dd29f2b6975855c18986f
-
SSDEEP
192:7DKnJZCv6VmbJQC+tFiUdK7ckD4gRXKQx+LQ2CSF:7ViJrtFRdbmXK8+PCw
Score3/10 -
-
-
Target
$TEMP/WIC.exe
-
Size
1.8MB
-
MD5
c35549f10403957b10fe0c1c427639c5
-
SHA1
e652c934173b97070e341537ef5a0d7d71869de6
-
SHA256
0220074b8c8a6623f516386ea13b29d75c44fd1533a7c57c8196cd305c648055
-
SHA512
67c088d789484eb36d01291049aa3aa22603039d18c89d8bdb1b112101d4444c1bb6a303ca9c32a8cffed282d19d85d7a6b4bd740475be8a60c97cf1e5c1a152
-
SSDEEP
49152:oQtgFmbBiztD9wmT+nLDGqjAkTFCrSURGksHf/R:oSgFzztD9T3qjLUJRG5HB
Score7/10-
Executes dropped EXE
-
Loads dropped DLL
-
-
-
Target
$TEMP/WinInstaller45.exe
-
Size
3.2MB
-
MD5
448447e0ba4560cd558eddb5f5b0809e
-
SHA1
86e1cc622dbf4979717b8f76ad73220cdb70400b
-
SHA256
acd589b57ed104b5e04a7ce28dc166654c09060c9c31ae8e2c9301fa098bbfa5
-
SHA512
77561d2ddfc80f5e97dd49f9eda22c04bb5f0be37ba0432513fd9bfa8e16acce069e7cc4c1be45f3b8ca16fc8e262d17efb5bf45653ff7746c86518a8114eb9f
-
SSDEEP
49152:9Ud8g4X/jCb21UhH35rTHhrnwtGVyaB3C1CvEqm+eYIDNVU16j/dbr4imHHXNv/k:ed8/XrU21ArTJnXVyoIqcYAK4MicHN
Score7/10-
Executes dropped EXE
-
Loads dropped DLL
-
-
-
Target
HVMRuntm.dll
-
Size
916KB
-
MD5
ee94b27481462fa0997f6ed1f72b497b
-
SHA1
338d28727db2a8db7c7ecdb365ed9f09dc503c0d
-
SHA256
d8fa8a5e4d628d00e886898b9b41e05a67ef24fc9238762febde14318986a55f
-
SHA512
3a43072472df076fd0f97e8ed75911351458700b304e0a2b296a82e151475093c8b86b28c1321e8ffe77d7b11d8d9ab37dbb79407e560ed2cc129591c5fac8ac
-
SSDEEP
12288:TdayLXN0ka+y+RbA3ylj2KbDonJKgp1vUu/4o6jlQnKRf0gfhYUvKu3vcagP:TdjX8SA3y+IrBinKneVu3vcX
Score1/10 -
-
-
Target
Newtonsoft.Json.dll
-
Size
492KB
-
MD5
5e02ddaf3b02e43e532fc6a52b04d14b
-
SHA1
67f0bd5cfa3824860626b6b3fff37dc89e305cec
-
SHA256
78bedd9fce877a71a8d8ff9a813662d8248361e46705c4ef7afc61d440ff2eeb
-
SHA512
38720cacbb169dfc448deef86af973eafefa19eaeb48c55c58091c9d6a8b12a1f90148c287faaaa01326ec47143969ad1b54ee2b81018e1de0b83350dc418d1c
-
SSDEEP
12288:axrplPT3qwNBC3wl1zVh0Yg0pJy/qleTpfZLQ0so/VHjh:a1plPGwNBC3UOwVeLQ0so/VH
Score1/10 -
-
-
Target
RWXComLibrary.dll
-
Size
361KB
-
MD5
9f232432948e9ee30cb9aab2ea32e7c3
-
SHA1
07395143ae965bf09cdc0cfd6779ba3ecc2ad2b1
-
SHA256
bfbe05089b28b63b2caf0510b188c218d789fbe329efd015e319b5eb91e3e6cd
-
SHA512
f92d37bb8f825e3a3c664509d27df7a220104118b6e64da145000a919d04f1b8ffaab3c50a10a6e623818796a9c8eff23700f7359ee7a702fd2594f1802d8649
-
SSDEEP
6144:cOKOohMMeXUkmBVrLuDUcS4XeKgHesLInFuWbSYvf:cOKOohkYBhuDa4uK6enFupG
Score1/10 -
-
-
Target
UpdateLab.dll
-
Size
1.4MB
-
MD5
61922006f8598c2cd1feeaef86fa520b
-
SHA1
bde66e97c23803cf27daf0862ef4a51807d2bb26
-
SHA256
ab7839aa69a53872f23302a27f45ffadaf9fec07197abcc7f63d6e15b3145d36
-
SHA512
093214af42cb893b25b512b2d5e8b88addb2d779c23f0d458ef220c4d5940e776ef4dc269121529a741a6e6782857c639fb87eb01166dbee01747acf54eb0e58
-
SSDEEP
24576:0kF+DsfUqhxWZItZvZbGqVkL9+1OH7C9uTkVo9FdVDPKvcKTqWpRo2p3nRwcF/qV:8s8q6Zwhrkqk7C5o9XVjKtTqW82p3nRN
Score3/10 -
-
-
Target
tmp/Update.exe
-
Size
3.0MB
-
MD5
1436140890c4c9b93888946cd15f8b13
-
SHA1
59d9ea2c7f768d42b79d26a368a094c3b3601f0a
-
SHA256
07b52da0006968213d98812c33c3fe2360f241757b3340e3a7bc5726d9e08827
-
SHA512
a79be4c528255cf3a24c8febb4be79616e745e8a68795f954a2933401d1db7db38615463369e7f8fc6df71a38ec0e6105ae88b38a8a4532a07bdd10d73c1ed4a
-
SSDEEP
49152:ogEV8LRW3HZQvB+SVyAC8bUOodO0c+36ou5OW/ezR9YTDTn:WqLs3HZgvUO0c66ou5OW/ezR9KT
Score1/10 -
-
-
Target
.exe
-
Size
912KB
-
MD5
df93062a73c05387744f1e4eeff384c9
-
SHA1
e37ab223f05ad68caad3ad4dd2c02d3a1e06a150
-
SHA256
cad9e2d52d7362222340bd154b0c02eab4d7ce695f4fe3fd218b5fed0fe82d70
-
SHA512
7b176a7e61071bcfbab16fc6809062fad518b5a0aaf7226ad66418f3040fea4e8dcc9d1eb78aa569ac3c9a2a09df826b2f7ba2561093628c7d139126d0b072a5
-
SSDEEP
6144:SvsQGtfr6BtjOp3LIGNbv5ZLpdSjam2MHwwGuzxXc6CJ6VS2Uf6Ma:M2IjOplUZzxRCJ6VRUfZ
Score3/10 -
-
-
Target
.exe
-
Size
32KB
-
MD5
0ccc79cf30316a2034fd11f259ec7de7
-
SHA1
0e065dd9223687ff7bdccae84d4810f46d240fc4
-
SHA256
88cab342cd8c1b845737afa3363a9715958d25437f343271c33a716b4bce79fc
-
SHA512
82e091041aeeef7d103592e74adfca77b6bb8708a9ae90da607892afe7a6d540f9cbf1e2a20e8c1cf29ac2716bc3710a3fe7c184eb6660305636331d625304da
-
SSDEEP
768:FZlbbKJrIyN0kEHMoIl88CzvtvgrcDzc:FjscyFN88CzvtvgrSzc
Score1/10 -