Overview

overview

7

Static

static

3

6dfb490d34...18.exe

windows7-x64

7

6dfb490d34...18.exe

windows10-2004-x64

7

$PLUGINSDI...er.dll

windows7-x64

3

$PLUGINSDI...er.dll

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...dl.dll

windows7-x64

3

$PLUGINSDI...dl.dll

windows10-2004-x64

3

Help.chm

windows7-x64

1

Help.chm

windows10-2004-x64

1

Right Clic...er.exe

windows7-x64

1

Right Clic...er.exe

windows10-2004-x64

1

Tools/File...or.exe

windows7-x64

1

Tools/File...or.exe

windows10-2004-x64

1

Tools/File...lp.chm

windows7-x64

1

Tools/File...lp.chm

windows10-2004-x64

1

Tools/New ...lp.chm

windows7-x64

1

Tools/New ...lp.chm

windows10-2004-x64

1

Tools/New ...or.exe

windows7-x64

1

Tools/New ...or.exe

windows10-2004-x64

1

Tools/Righ...lp.chm

windows7-x64

1

Tools/Righ...lp.chm

windows10-2004-x64

1

Tools/Righ...IE.exe

windows7-x64

1

Tools/Righ...IE.exe

windows10-2004-x64

1

Tools/Righ...lp.chm

windows7-x64

1

Tools/Righ...lp.chm

windows10-2004-x64

1

Tools/Righ...er.exe

windows7-x64

1

Tools/Righ...er.exe

windows10-2004-x64

1

Tools/Righ...32.dll

windows7-x64

1

Tools/Righ...32.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    149s
  • max time network
    153s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240426-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
  • submitted
    24-05-2024 09:04

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    6dfb490d34058e5e8f42d327660afce2_JaffaCakes118.exe

  • Size

    3.9MB

  • MD5

    6dfb490d34058e5e8f42d327660afce2

  • SHA1

    f777c539f2828fb1bff07e25b0d508124ddc75d6

  • SHA256

    8f3cfcedaf845387e4f7d07c77db62ad6f3c6856995ed8e0d1cdcecef17e0bbc

  • SHA512

    ff37d47fab5db4d7c5723451afbcdba8364b73824e0ecbd3343c8b6db22bdc22af709055a00678f15c3696f0d5bf7ef16b46d29fef962ca92a6e6b4aabb5dcd7

  • SSDEEP

    98304:2SfN44PXT7uyojhy2fHIvuEIedSWuS/sf0vAjFsnfhszBNGPRfg5:9vPTqyojkiHIvuwdhI1I8BIPBg5

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 2 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

Processes

  • C:\Users\Admin\AppData\Local\Temp\6dfb490d34058e5e8f42d327660afce2_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\6dfb490d34058e5e8f42d327660afce2_JaffaCakes118.exe"
    1⤵
    • Loads dropped DLL
    PID:1856

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\nsg55A3.tmp\InstallOptions.dll
    Filesize

    14KB

    MD5

    8d5a5529462a9ba1ac068ee0502578c7

    SHA1

    875e651e302ce0bfc8893f341cf19171fee25ea5

    SHA256

    e625dcd0188594b1289891b64debddeb5159aca182b83a12675427b320bf7790

    SHA512

    101da2c33f47bd85b8934318e0f0b72f820afc928a2a21e2c7823875e3a0e830f7c67f42b4c2f30596eaa073617790c89700c0d95b7949ec617e52800b61d462

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\nsg55A3.tmp\LangDLL.dll
    Filesize

    5KB

    MD5

    77ff758c10c66937de6d86c388aa431c

    SHA1

    14bd5628eaf8a12b55cd38f9560c839cb21ce77a

    SHA256

    6a033e367714ec0d13fca0589c165bdbf4d1dac459fa7ec7415815223fa3c008

    SHA512

    319837951be276a179ead69efcd24bd7566061abc7997ea782af50bd4b0d69e5ec1a6e4cdeb2825bafedf87edf03380396b7bcf58682b6a3a824c8dc4b966bda

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\nsg55A3.tmp\ioSpecial.ini
    Filesize

    703B

    MD5

    228787a3adb17c9095bff9cf80d1056c

    SHA1

    76fc65c8d4e0bf2020caaad100f2e8e1e662724a

    SHA256

    edbcb094f341b4d04e01fc9a369779c6050987e0a5075dcd39c79fad14aa9dc1

    SHA512

    4b6b47e55191410a36acf3b6271a8c3ae0e381a3ced8807d1d7abae63688c3a48ce4a941120160b4cfdc57eacb1c7671994360a0a66840d546cfca28b790e67b

    Download Submit