Overview
overview
7Static
static
37b3491e002...18.exe
windows7-x64
67b3491e002...18.exe
windows10-2004-x64
6$PLUGINSDI...em.dll
windows7-x64
3$PLUGINSDI...em.dll
windows10-2004-x64
3$TEMP/petronel.dll
windows7-x64
1$TEMP/petronel.dll
windows10-2004-x64
3WindNinja-...ll.exe
windows7-x64
7WindNinja-...ll.exe
windows10-2004-x64
7Analysis
-
max time kernel
4s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
28/05/2024, 01:15
Static task
static1
Behavioral task
behavioral1
Sample
7b3491e0028d443f11989efaeb0fbec2_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
7b3491e0028d443f11989efaeb0fbec2_JaffaCakes118.exe
Resource
win10v2004-20240426-en
Behavioral task
behavioral3
Sample
$PLUGINSDIR/System.dll
Resource
win7-20240221-en
Behavioral task
behavioral4
Sample
$PLUGINSDIR/System.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral5
Sample
$TEMP/petronel.dll
Resource
win7-20231129-en
Behavioral task
behavioral6
Sample
$TEMP/petronel.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral7
Sample
WindNinja-2.0.1/Uninstall.exe
Resource
win7-20240419-en
Behavioral task
behavioral8
Sample
WindNinja-2.0.1/Uninstall.exe
Resource
win10v2004-20240508-en
General
-
Target
7b3491e0028d443f11989efaeb0fbec2_JaffaCakes118.exe
-
Size
809KB
-
MD5
7b3491e0028d443f11989efaeb0fbec2
-
SHA1
e2efe60cb8bd67840f9a8bf92b57ade97e406a88
-
SHA256
f9c67313230bfc45ba8ffe5e6abeb8b7dc2eddc99c9cebc111fcd7c50d11dc80
-
SHA512
d9aa8ca4b073b8cfcd64993f63154e38bd0e7f29158c9b152cca9810f957ac2aba7092ee3ccbe2bdfeef3ebed20c30c476d7c6cca6f672bf3ceec103b13f5f3f
-
SSDEEP
24576:6j5M2MNQTkxLYHdDPO/p5gzBs+nTgn0fZKscuEfao:S5tMNQqY9DPUussTgnwVcRfao
Malware Config
Signatures
-
Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
Processes
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
11KB
MD53f176d1ee13b0d7d6bd92e1c7a0b9bae
SHA1fe582246792774c2c9dd15639ffa0aca90d6fd0b
SHA256fa4ab1d6f79fd677433a31ada7806373a789d34328da46ccb0449bbf347bd73e
SHA5120a69124819b7568d0dea4e9e85ce8fe61c7ba697c934e3a95e2dcfb9f252b1d9da7faf8774b6e8efd614885507acc94987733eba09a2f5e7098b774dfc8524b6
-
Filesize
10KB
MD5437b11c6cce872c4c7e94b30e5812997
SHA1219f7dcf754dba48c53cf3cde5637cc4adceb3cc
SHA2564a5164acce1c631285a09353b11e318426800801cac515bde8e76a10bac6130f
SHA51211ea28de7d274a58eda40e2eda176de898558cea2cff4045b27f4282baa5d0cfed1cc1c4f49abb7bbcf79fa70585424e9ce5dd642fe5f98a7db948a21b2442c2