Overview
overview
10Static
static
7698020a6be...18.exe
windows7-x64
10698020a6be...18.exe
windows10-2004-x64
10$PLUGINSDI...nt.dll
windows7-x64
3$PLUGINSDI...nt.dll
windows10-2004-x64
3$PLUGINSDI...nd.dll
windows7-x64
10$PLUGINSDI...nd.dll
windows10-2004-x64
10$PLUGINSDI...dl.dll
windows7-x64
3$PLUGINSDI...dl.dll
windows10-2004-x64
3$PLUGINSDI...em.dll
windows7-x64
10$PLUGINSDI...em.dll
windows10-2004-x64
10$PLUGINSDI...te.dll
windows7-x64
3$PLUGINSDI...te.dll
windows10-2004-x64
3$PLUGINSDI...gs.dll
windows7-x64
3$PLUGINSDI...gs.dll
windows10-2004-x64
3$PLUGINSDI...om.dll
windows7-x64
10$PLUGINSDI...om.dll
windows10-2004-x64
10$PLUGINSDIR/xml.dll
windows7-x64
10$PLUGINSDIR/xml.dll
windows10-2004-x64
10$TEMP/$_89...in.dll
windows7-x64
10$TEMP/$_89...in.dll
windows10-2004-x64
10IGHT HACK ...09.exe
windows7-x64
1IGHT HACK ...09.exe
windows10-2004-x64
1KailleraClient.dll
windows7-x64
7KailleraClient.dll
windows10-2004-x64
7MenuRes.dll
windows7-x64
1MenuRes.dll
windows10-2004-x64
1Plugins/BILINEAR.dll
windows7-x64
1Plugins/BILINEAR.dll
windows10-2004-x64
1Plugins/aviout.dll
windows7-x64
1Plugins/aviout.dll
windows10-2004-x64
1Plugins/bi...ht.dll
windows7-x64
1Plugins/bi...ht.dll
windows10-2004-x64
1General
-
Target
698020a6be072ea51b7d567211d9e7b3_JaffaCakes118
-
Size
50.6MB
-
Sample
240523-dbxczsbd95
-
MD5
698020a6be072ea51b7d567211d9e7b3
-
SHA1
450806dfd7417595acae53348facaefe9e59ad84
-
SHA256
e51bac091a171091098a61a2706c410ff7896d04f1f82bcec6c8b42447544805
-
SHA512
b3e42c904f0c7ca1da8b5ac34b50b750457870f244209847496b435080874bb0d0de5ac2f8544621838b6038600aeac084ade9a45720df9d27afcb129c8199ad
-
SSDEEP
1572864:Q+EAwSRiSpQ9tig0IkEdQvWEO6/iSJCkvfh7D2KuI:3wMCXiek7uEogh7D2A
Behavioral task
behavioral1
Sample
698020a6be072ea51b7d567211d9e7b3_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
698020a6be072ea51b7d567211d9e7b3_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral3
Sample
$PLUGINSDIR/ButtonEvent.dll
Resource
win7-20240508-en
Behavioral task
behavioral4
Sample
$PLUGINSDIR/ButtonEvent.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral5
Sample
$PLUGINSDIR/MyNsisExtend.dll
Resource
win7-20240215-en
Behavioral task
behavioral6
Sample
$PLUGINSDIR/MyNsisExtend.dll
Resource
win10v2004-20240426-en
Behavioral task
behavioral7
Sample
$PLUGINSDIR/NSISdl.dll
Resource
win7-20240221-en
Behavioral task
behavioral8
Sample
$PLUGINSDIR/NSISdl.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral9
Sample
$PLUGINSDIR/System.dll
Resource
win7-20240221-en
Behavioral task
behavioral10
Sample
$PLUGINSDIR/System.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral11
Sample
$PLUGINSDIR/locate.dll
Resource
win7-20240508-en
Behavioral task
behavioral12
Sample
$PLUGINSDIR/locate.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral13
Sample
$PLUGINSDIR/nsDialogs.dll
Resource
win7-20240221-en
Behavioral task
behavioral14
Sample
$PLUGINSDIR/nsDialogs.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral15
Sample
$PLUGINSDIR/nsRandom.dll
Resource
win7-20231129-en
Behavioral task
behavioral16
Sample
$PLUGINSDIR/nsRandom.dll
Resource
win10v2004-20240426-en
Behavioral task
behavioral17
Sample
$PLUGINSDIR/xml.dll
Resource
win7-20240221-en
Behavioral task
behavioral18
Sample
$PLUGINSDIR/xml.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral19
Sample
$TEMP/$_89_/MyNsisSkin.dll
Resource
win7-20240221-en
Behavioral task
behavioral20
Sample
$TEMP/$_89_/MyNsisSkin.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral21
Sample
IGHT HACK 2009.exe
Resource
win7-20240419-en
Behavioral task
behavioral22
Sample
IGHT HACK 2009.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral23
Sample
KailleraClient.dll
Resource
win7-20231129-en
Behavioral task
behavioral24
Sample
KailleraClient.dll
Resource
win10v2004-20240426-en
Behavioral task
behavioral25
Sample
MenuRes.dll
Resource
win7-20240221-en
Behavioral task
behavioral26
Sample
MenuRes.dll
Resource
win10v2004-20240426-en
Behavioral task
behavioral27
Sample
Plugins/BILINEAR.dll
Resource
win7-20240508-en
Behavioral task
behavioral28
Sample
Plugins/BILINEAR.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral29
Sample
Plugins/aviout.dll
Resource
win7-20240508-en
Behavioral task
behavioral30
Sample
Plugins/aviout.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral31
Sample
Plugins/bilinearlight.dll
Resource
win7-20240215-en
Behavioral task
behavioral32
Sample
Plugins/bilinearlight.dll
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
698020a6be072ea51b7d567211d9e7b3_JaffaCakes118
-
Size
50.6MB
-
MD5
698020a6be072ea51b7d567211d9e7b3
-
SHA1
450806dfd7417595acae53348facaefe9e59ad84
-
SHA256
e51bac091a171091098a61a2706c410ff7896d04f1f82bcec6c8b42447544805
-
SHA512
b3e42c904f0c7ca1da8b5ac34b50b750457870f244209847496b435080874bb0d0de5ac2f8544621838b6038600aeac084ade9a45720df9d27afcb129c8199ad
-
SSDEEP
1572864:Q+EAwSRiSpQ9tig0IkEdQvWEO6/iSJCkvfh7D2KuI:3wMCXiek7uEogh7D2A
-
Executes dropped EXE
-
Loads dropped DLL
-
-
-
Target
$PLUGINSDIR/ButtonEvent.dll
-
Size
4KB
-
MD5
fad9d09fc0267e8513b8628e767b2604
-
SHA1
bea76a7621c07b30ed90bedef4d608a5b9e15300
-
SHA256
5d913c6be9c9e13801acc5d78b11d9f3cd42c1b3b3cad8272eb6e1bfb06730c2
-
SHA512
b39c5ea8aea0640f5a32a1fc03e8c8382a621c168980b3bc5e2897932878003b2b8ef75b3ad68149c35420d652143e2ef763b6a47d84ec73621017f0273e2805
Score3/10 -
-
-
Target
$PLUGINSDIR/MyNsisExtend.dll
-
Size
596KB
-
MD5
37e4e1ab9aee0596c2fa5888357a63b0
-
SHA1
a5dba8c0a1bd936dca2b6a81f2dc9a3005f1a2b6
-
SHA256
ff4b245fea98cedd881ca102468623a449a0b40df0c557dd8a6ea32e788d56fe
-
SHA512
5cbab2872683079c6cc09423a2baf7107b5ac5731f336cd237fa93a4a4ee53a127963dc0ec0dbc6168b9b3d2c3a881c7663ce4ecd84d964628dd566395d49bb3
-
SSDEEP
12288:1QXznhWxifqPG8yDAay0BQeMrtQW27ZJ6ObWTE5lqtmsVsIdj:1QXznYybPJnWTE5lqwsKG
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-
-
-
Target
$PLUGINSDIR/NSISdl.dll
-
Size
14KB
-
MD5
a5f8399a743ab7f9c88c645c35b1ebb5
-
SHA1
168f3c158913b0367bf79fa413357fbe97018191
-
SHA256
dacc88a12d3ba438fdae3535dc7a5a1d389bce13adc993706424874a782e51c9
-
SHA512
824e567f5211bf09c7912537c7836d761b0934207612808e9a191f980375c6a97383dbc6b4a7121c6b5f508cbfd7542a781d6b6b196ca24841f73892eec5e977
-
SSDEEP
192:tUZTobBDJ68r67wmsvJI5ad9cXzFOVu+mZ/P3p+57CvpVqDxVp01Dwn2GRPgsfA:6Bo/680dCI5adOjFOg9//p27uNw2Go
Score3/10 -
-
-
Target
$PLUGINSDIR/System.dll
-
Size
67KB
-
MD5
bd05feb8825b15dcdd9100d478f04e17
-
SHA1
a67d82be96a439ce1c5400740da5c528f7f550e0
-
SHA256
4972cca9555b7e5dcb6feef63605305193835ea63f343df78902bbcd432ba496
-
SHA512
67f1894c79bbcef4c7fedd91e33ec48617d5d34c2d9ebcd700c935b7fe1b08971d4c68a71d5281abac97e62d6b8c8f318cc6ff15ea210ddcf21ff04a9e5a7f95
-
SSDEEP
1536:2IfbmtOpUtoqoQvfDrghNT+2w8mbJ1/NfSttVx:bfi4GoqVvbaNXubJ1JI
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-
-
-
Target
$PLUGINSDIR/locate.dll
-
Size
17KB
-
MD5
7d3317f57c1a368480ace3c0ca804eeb
-
SHA1
d4c7e185bc64aac82339f51ba6c21cf0713c9f1a
-
SHA256
d88a04c1e39db583eaad727fd390fe599ab10198ee040bfbdd22daefadbd2372
-
SHA512
5598c2e6caa2f66edd48f8c8305e054d4b0740b5f2b7ed92cf197a13ac66ba99a32013d34b3c2e28d007ab7979eb90a50681324eb736b1410e7df1902e4ec32a
-
SSDEEP
384:ev/vPBkA6dK8wiLe45naPji7hpx2kRV+qgm:evyvwiNnGji7Xxjc8
Score3/10 -
-
-
Target
$PLUGINSDIR/nsDialogs.dll
-
Size
9KB
-
MD5
c10e04dd4ad4277d5adc951bb331c777
-
SHA1
b1e30808198a3ae6d6d1cca62df8893dc2a7ad43
-
SHA256
e31ad6c6e82e603378cb6b80e67d0e0dcd9cf384e1199ac5a65cb4935680021a
-
SHA512
853a5564bf751d40484ea482444c6958457cb4a17fb973cf870f03f201b8b2643be41bccde00f6b2026dc0c3d113e6481b0dc4c7b0f3ae7966d38c92c6b5862e
-
SSDEEP
96:hBABCcnl5TKhkfLxSslykcxM2DjDf3GE+Xv8Xav+Yx4VndY7ndS27gA:h6n+0SAfRE+/8ZYxMdqn420
Score3/10 -
-
-
Target
$PLUGINSDIR/nsRandom.dll
-
Size
77KB
-
MD5
d86b2899f423931131b696ff659aa7ed
-
SHA1
007ca98f5d7921fe26fb9b8bd8a822dd5ae09ed6
-
SHA256
8935cba8e9b276daa357a809e0eca3bebf3fdc6d0d3466ab37fb2cbbfacd3a94
-
SHA512
9a4437ab484e4e22597c642d21b0107a063a208a582df3a5bf276466ad8d0ba9aeebac6de8dcf1372939984bb187d58e94c799918cfbe80e85c958bf0a537fc7
-
SSDEEP
1536:/lKXi95r2UwOpUtoqoQvfDrghNT+2w8mbJ1/NfSttVx:sgr2eGoqVvbaNXubJ1JI
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-
-
-
Target
$PLUGINSDIR/xml.dll
-
Size
175KB
-
MD5
0ad70d0ebf9562e53f2fd9518c3b04a3
-
SHA1
4de4487e4d1e87b782eceb3b74d9510cc28b0c70
-
SHA256
3bd4a099f0e0eefeaacfdba6c0ab760b6e9250167ba6a30eafaa668ca53ce5e9
-
SHA512
f75e089f7eb44071f227cd9705b8e44982429f889f93230e98095aac60afc1bdd39a010787235c171cd9fb9ead8023043b147022ab007e8cf1c3204064905719
-
SSDEEP
3072:vzjLkarn7O+n9z2L6whFtGF42bKgGoqVvbaNXubJ1JI:vzP7n7O7L6K2lqVvWIdjI
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-
-
-
Target
$TEMP/$_89_/MyNsisSkin.dll
-
Size
384KB
-
MD5
a6039ed51a4c143794345b29f5f09c64
-
SHA1
ef08cb5dfa598d9d5b43b8af49f54b2c7dac00d4
-
SHA256
95ae945504972cadcf2ccfb2b3d02ea8cade3ee53f2f2082e8b40b61f660877a
-
SHA512
0ed3d0c070bfd91e2355aec5a30ad5cbaf6949c965af5e0ee1ecf2edd5f5aeba3819b4667a0301f8b52c8fd56d3bae35fa4f77063d56c8f89055784d0c0a30a8
-
SSDEEP
6144:yOrNKQjNQnWqJolkFucBm1fXr9ICcYerKJbYm3IyU5qVvWIdjI:y4NKQjNQfqOuEm1fXncdrKJbJgtIdj
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-
-
-
Target
IGHT HACK 2009.exe
-
Size
10.9MB
-
MD5
fba74ba6f31f3dc11a0cf37419a8535a
-
SHA1
1418671f8a07a88658a5d00d61ea9d309ec199e1
-
SHA256
f69738d7afd8ba6196b65b4ce1be886cf911b5bdf188663f87127e4d532ff74b
-
SHA512
03332e1d97046a0797ef33324ff848531ce867a79e7b7d87e1044a5c2a93229238bb7db87e7ee246c0afe0705a7a2ff84483f3b8f3965add42078435cb4cdf3a
-
SSDEEP
196608:B9DF3gtf30cJGe6uTl9UFQA27bmuTlAbn4SxJeexEXFsFF65/oBsQQ:B73If30cJGer0B277ALtMCEXEFMMDQ
Score1/10 -
-
-
Target
KailleraClient.dll
-
Size
31KB
-
MD5
556d7b02a310438694ef2c99a6f916c0
-
SHA1
54dccd82fea94544012963c32eeb491dd5253234
-
SHA256
ef92ab4990079626ad402537ba05a9116ef48f1734081a433c5a5edc6ae79706
-
SHA512
890c6bcdce98d774162567dd739f54ab3a5c9d3562c19296a9cab752d73022c38491a4e1aa365c896cc62d7862fbd75f1b3e29d60eb088d555181c13dd045e9b
-
SSDEEP
768:2diLLbKGYg0H17PJc/3zJlQpn2YPrAR5tfP5k0cb/:KKXOP17PerAY+ARDBLk/
Score7/10 -
-
-
Target
MenuRes.dll
-
Size
212KB
-
MD5
07ddfae24bc83bba3c0a218ca7a5ae0d
-
SHA1
ed34ca6e9bd81ccada2d21ba086033166d6f719e
-
SHA256
9e2f7291cb47e41bce7002a534b2f3845a819e674d9c887f3f0fda1cdf0a8ead
-
SHA512
691bae3a11d894ffe5dbce1d29c41bffb98a4fb63ed9df16442e8822e513ee8fa293fbf244653f16e6c63ceef0d0b8bffe1f7f61410f8a3ae0e3bbd4c49cc0cc
-
SSDEEP
768:LTZC7f93nnqvQCDN3HY31S4gSyIF+jgG596x2y/lLw8hLgzw:LTZFy/lLZ+w
Score1/10 -
-
-
Target
Plugins/BILINEAR.DLL
-
Size
4KB
-
MD5
bf6f6fb662d778213cff462021a99d79
-
SHA1
d7fd55131106dc75533b809ea9011d16227a22af
-
SHA256
49296daa1bf5d4f288e93dc812b9312089c8642284f30ff703ff358ee89beec5
-
SHA512
b89aec98481c3205d73bad34d00f20b9a8a07032029af618d8aa324e3fec9fcd4e07417082db756d73f6b4d0313d6568a10bbe353773b572fea1e52a31983933
-
SSDEEP
24:etGS4NBII/qXXPP3C7qRKgctuDHl73pWuslqMujgy5pSd+lwNxJ3KynB:64NwnPP3iq3Dx70zqM5JUKayn
Score1/10 -
-
-
Target
Plugins/aviout.dll
-
Size
172KB
-
MD5
831f80c5ebf1f0b5ed35a7936fff16f0
-
SHA1
57b85ceb848c7547f8b4eb2ba4282670b64bd6c8
-
SHA256
f4c9531f0cd2c1d1e0f516e8282e88ec97c5bd65f6db3e02dadfc31d79e9af1a
-
SHA512
961eb8acae8501463353813471316dd55d384c0780eba0ab483011638cb635afe98f39c722f21ae44de651917d32eea336b8e1e3cf763b1393cdb479076228f7
-
SSDEEP
1536:QEJ57McjQOIEKWTrL0ltyhpuG5lv2RVKUIJnvHo9+N:Qe5wcjQjpWTroltyhwCv4ytvHo9+N
Score1/10 -
-
-
Target
Plugins/bilinearlight.dll
-
Size
4KB
-
MD5
722ebb5a52b3e4a815400a5f31309352
-
SHA1
601dbb0f73f0309cf3a8cf9782c72c45621874e7
-
SHA256
d5f02b45ddff88a8ea18b8119eda4e6bd78d56e42eb215f87f6205bd658bc576
-
SHA512
1cdcf2d327f90800dbff4e9d3bb20db09d9cb1a1b9cad2c70d9fb20c21fb2b125a23cb3fe9af52fefcf013813a6a4805fcfa7fc9811ded9ce9407928ce6816db
-
SSDEEP
24:etGSPOHucIo1DGgGDc7XyPOfaRKqtzHlw3pv2qFslqMujgy5pSd+lBzzJFtGItts:6POOC6xDYiPOCpwN2DqM5JUp92It/e
Score1/10 -