Overview

overview

4

Static

static

3

864c721832...18.exe

windows7-x64

4

864c721832...18.exe

windows10-2004-x64

4

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...GR.dll

windows7-x64

1

$PLUGINSDI...GR.dll

windows10-2004-x64

1

$PLUGINSDI...IH.dll

windows7-x64

1

$PLUGINSDI...IH.dll

windows10-2004-x64

1

$PLUGINSDI...HS.dll

windows7-x64

1

$PLUGINSDI...HS.dll

windows10-2004-x64

1

$PLUGINSDI...HT.dll

windows7-x64

1

$PLUGINSDI...HT.dll

windows10-2004-x64

1

$PLUGINSDI...SY.dll

windows7-x64

1

$PLUGINSDI...SY.dll

windows10-2004-x64

1

$PLUGINSDI...EU.dll

windows7-x64

1

$PLUGINSDI...EU.dll

windows10-2004-x64

1

$PLUGINSDI...NU.dll

windows7-x64

1

$PLUGINSDI...NU.dll

windows10-2004-x64

1

$PLUGINSDI...SN.dll

windows7-x64

1

$PLUGINSDI...SN.dll

windows10-2004-x64

1

$PLUGINSDI...IN.dll

windows7-x64

1

$PLUGINSDI...IN.dll

windows10-2004-x64

1

$PLUGINSDI...RA.dll

windows7-x64

1

$PLUGINSDI...RA.dll

windows10-2004-x64

1

$PLUGINSDI...EB.dll

windows7-x64

1

$PLUGINSDI...EB.dll

windows10-2004-x64

1

$PLUGINSDI...UN.dll

windows7-x64

1

$PLUGINSDI...UN.dll

windows10-2004-x64

1

$PLUGINSDI...YE.dll

windows7-x64

1

$PLUGINSDI...YE.dll

windows10-2004-x64

1

$PLUGINSDI...ND.dll

windows7-x64

1

$PLUGINSDI...ND.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    120s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    31-05-2024 07:36

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    864c721832fa3a574f1193cab948b0a7_JaffaCakes118.exe

  • Size

    30.6MB

  • MD5

    864c721832fa3a574f1193cab948b0a7

  • SHA1

    01d40d7fb6b4ad298406fbfe8a740cb0eb8063da

  • SHA256

    894b77bd281f8ec661e5b08a9efe22aafffce0c82fdc64c5129024c4e0209f89

  • SHA512

    56f1d204be25743ea24d41a05eadda605cad72087cb43ee941a29c2e48fc51336e984fd885d1cc1e70d895ab643b101ecfa9e546da67a59f3fbfe39aa0bda208

  • SSDEEP

    786432:h/Vlzla5AsHsRfpxwKvHLHslX9KfxyaUrHQOuEu:hLgHse0HIp9K1MQO/u

Score
4/10

Malware Config

Signatures

  • Loads dropped DLL 28 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\864c721832fa3a574f1193cab948b0a7_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\864c721832fa3a574f1193cab948b0a7_JaffaCakes118.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: GetForegroundWindowSpam
    PID:2360

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\nsoF20.tmp\ioSpecial.ini
    Filesize

    1KB

    MD5

    76b99d2be514937bb57b8364d25e5f7b

    SHA1

    7e3e66975f646db99e9c1494814f41ec4386b811

    SHA256

    29d1590e659071b0d92ebb6764819136248214adee3aff1e8431f1944ec3a054

    SHA512

    87a142396ba2d10ae17fbc159d920167b8944b721284efabf9ffaf74bfea20b7ef1de1119473c2787a90450ac179dc5056036c993b4fdfd9d7db9253b5f00994

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\nsoF20.tmp\ioSpecial.ini
    Filesize

    1KB

    MD5

    3ca2dfe10635e575cb3e8f3dcde43b15

    SHA1

    b36f480dd275c6b3e8c3bcf1eff0eab52cc59573

    SHA256

    df838dfe0d1396ac45715c229743f0ce1524492e913f124e841079a4ad3359ac

    SHA512

    c9a214674edb07a7422f02cf629551642701ba81d76302e962db9c5663dc2d53c6048b59b34d59647de527cbbd7b7f88df892461902086f5898e6e6e6b90a259

    Download Submit

  • \Users\Admin\AppData\Local\Temp\nsoF20.tmp\InstallOptions.dll
    Filesize

    15KB

    MD5

    67d8f4d5acdb722e9cb7a99570b3ded1

    SHA1

    f4a729ba77332325ea4dbdeea98b579f501fd26f

    SHA256

    fa8de036b1d9bb06be383a82041966c73473fc8382d041fb5c1758f991afeae7

    SHA512

    03999cc26a76b0de6f7e4e8a45137ee4d9c250366ac5a458110f00f7962158311eea5f22d3ee4f32f85aa6969eb143bdb8f03ca989568764ed2bc488c89b4b7f

    Download Submit

  • \Users\Admin\AppData\Local\Temp\nsoF20.tmp\Lang\BGR.dll
    Filesize

    201KB

    MD5

    a8c19e9627367a7a57875f8415afe0ae

    SHA1

    a9b581df1acd2f6b375821e1f8e1cd6ee521b22e

    SHA256

    5170aba03fbfc75510352ab5297ca2aa5578c8a3368642d615a578d1531f4bc7

    SHA512

    3dce81469a6fb09ddf41ea1cfce5d430ff7c53060a72a2376c85217c1ea79b948be8c6fa9c63bb36e4c549cf433063e3ff08e5e30b5372a601e55afd8371e014

    Download Submit

  • \Users\Admin\AppData\Local\Temp\nsoF20.tmp\Lang\BIH.dll
    Filesize

    182KB

    MD5

    adb6067ee1a7b395d460678f1ec9e318

    SHA1

    53a505e0677f1ae5138a7fbeca8817bf003eeb82

    SHA256

    a5268f21c215eeded6ec15b9ed3647639424eac4e8bae8487e9cb05280094e34

    SHA512

    4e98fd20ad9639c367d02a7f31d4f36a4852b64d4577224136463cd6276be819687d0f70efb626682a1bd1516b3806acaccc15597f01e2c649480521dbd5413d

    Download Submit

  • \Users\Admin\AppData\Local\Temp\nsoF20.tmp\Lang\CHS.dll
    Filesize

    75KB

    MD5

    1a0b6632804a2b8e6e7a1b8e120c650c

    SHA1

    fd70401de0da8a9428b1c40f7f5a3219dc7364a6

    SHA256

    6b7345bdf7bfc8d47beae7f9096f801f6dcef9f75bfe2c8ab925aacf5306e495

    SHA512

    7e7ebc536528caffa78f1c36f585559473a205518f9a60530922368f612a31d4e5c12370c79ee6519afd45b36a1b9c2cab50a497da5b2817cd67aa985f8be832

    Download Submit

  • \Users\Admin\AppData\Local\Temp\nsoF20.tmp\Lang\CHT.dll
    Filesize

    75KB

    MD5

    d05e57a45a06f6c7f27686aa5d7e295e

    SHA1

    d8f3917a20ec8f514a1f987fd13d917206a64a27

    SHA256

    9347a98b870702537de83e71389450963837997bddd1b14d4c6d9ab299fdf5e5

    SHA512

    9e8162a49e6580e7d3d25cc424dbcf0be8d914aadb7ab2ab7f4d712e241c99d9704d746f1f02239089708e0387ec694cb81fbe3bea254c0de367d0d0a9f20c7a

    Download Submit

  • \Users\Admin\AppData\Local\Temp\nsoF20.tmp\Lang\CSY.dll
    Filesize

    172KB

    MD5

    0c17531305dac97f2931ae9bd19be660

    SHA1

    5c41a9a5b78b0c74a8c3a18340e5140763cc6714

    SHA256

    b322a2cea166aa5d061e67036eee817e9c12b3f5b32b429c99e6064c00931874

    SHA512

    45340c256d6f85849fbd1a00ba92e8f1435c2d9449a08e023b0cec85fcb9456f84bee02289977f0822276ba66a097601e77904358e1cd20680206107b9804f26

    Download Submit

  • \Users\Admin\AppData\Local\Temp\nsoF20.tmp\Lang\DEU.dll
    Filesize

    211KB

    MD5

    06154230407fddbea99c6d9f254cc19b

    SHA1

    6cc46f978ba45d548e272b307c4eac808149edad

    SHA256

    c7441649017ad7923bf292eba1b304b8776f7497fd1dbb9deb8c73814e64a0d2

    SHA512

    3879ecebdae1a2f4d3d6f0888a4957ef0732b5266c754121eceaf0d959252a67291a2c80ee3e5af5fd820c54d0000f90fc6c4434b51b7c5a71cfdebc35dd0a50

    Download Submit

  • \Users\Admin\AppData\Local\Temp\nsoF20.tmp\Lang\ENU.dll
    Filesize

    167KB

    MD5

    07f50095946a5da2d6291bf308fe8ec9

    SHA1

    7f958b88dd52f39b26bca0fc698a0ee934dd71e9

    SHA256

    02aba64dce9e6b71ef0f28cc4911ce9ea2dab6131c082706e8eeb7377a29a937

    SHA512

    8e224e2fefd37585e28795cbef292b01b0c127225d06ae7941f5aaea76fce97fc3cbc3b8b42d8e09fbd5eac4602984232ee1c20842dca0044f302ccfc4fa7f41

    Download Submit

  • \Users\Admin\AppData\Local\Temp\nsoF20.tmp\Lang\ESN.dll
    Filesize

    202KB

    MD5

    637a1f13341869b538614e7a44de8742

    SHA1

    d8d64a42f416b388ca3a1d14282ea6f8f586f08c

    SHA256

    7abc93a9ac56686520a59a55c65470462a1f4964a9d97ef9bb984733ee7c50e0

    SHA512

    5b12522f9dbe81192e2890d5a774f72acaeee8a67d487b7195cb0f89d02c4fa60dd3b4698f5bbc7f8ece7cd317821cfff6cd57e3785e1f77eb206e6ec3c85a46

    Download Submit

  • \Users\Admin\AppData\Local\Temp\nsoF20.tmp\Lang\FIN.dll
    Filesize

    180KB

    MD5

    3884760b1d881a03a459d1b676b1e92e

    SHA1

    58f61073880a7fcac670b3f886a98ac683195be4

    SHA256

    45aee8c6cf72737d9696ceab691955f10071d52c724c39cb540b0199ad676ca7

    SHA512

    61c1fb61469b6057e8282b619e0acb71d050aa3ab7c0234adbeae546b407b4377bc52ad9ff97c1fd0ec5b18d6edea54c853c905079f5be361adc0561acb916c6

    Download Submit

  • \Users\Admin\AppData\Local\Temp\nsoF20.tmp\Lang\FRA.dll
    Filesize

    206KB

    MD5

    5034c9e8301c7f673c81f583b1dba127

    SHA1

    6d77e46dc7de58e2c731cfc124d3ebe75dd18da1

    SHA256

    e2fce7145d92d9da50778290ef1387a412c91dae586dcf0231099d402381297c

    SHA512

    1bf51366f12c026d9d79b26d3b13b49ec55ffcc17cf939e9b8436e7eb1ad650186c7d51aa272c8765a9c786c8da79b482a327586c2ea9b7042947e5574badb5b

    Download Submit

  • \Users\Admin\AppData\Local\Temp\nsoF20.tmp\Lang\HEB.dll
    Filesize

    143KB

    MD5

    6cb47840c8d1960f6a401e520a5c7d64

    SHA1

    5fcc28405ca503fa27c7047b25a8a696e52b984f

    SHA256

    24cee96663153086dd37dc2af3fedd2e6fe215f2c086a39a2af81c1d97cac099

    SHA512

    8a7496ea2b27ae445460aacae59f6e16ada6bc14834f7b41b87454d2f8ea080cdd93732c1d9902becb07829333ad7f24ed53b785dec1c4fbd92d0534ca4346b6

    Download Submit

  • \Users\Admin\AppData\Local\Temp\nsoF20.tmp\Lang\HUN.dll
    Filesize

    180KB

    MD5

    7c43a19698e4ab18858439df9701e9e9

    SHA1

    bb72e52cf0bf05648ba22ad7ce1b71e2e80a355c

    SHA256

    ab4f06900968e5e4ef65888e6cfc61fb6ae46a455465e98f6ea45e67a8e75aba

    SHA512

    e91a88f930a7213ad3196dd6076fea172d5a6fade4bec67029083662d94928b6b87c7879170b5d5dcb3229f5ccd28928f17ed887bb69448b207f6362ee3d523e

    Download Submit

  • \Users\Admin\AppData\Local\Temp\nsoF20.tmp\Lang\HYE.dll
    Filesize

    171KB

    MD5

    eb17a1a5caa1b6466e1d4c3852b3299f

    SHA1

    7781b62557bd0f995eab55c06ed84452b6337b48

    SHA256

    d19134c5245f7a7f5af158beab74fc9b42f672baed9b0ff104f9697f599eae1c

    SHA512

    98a85bac78dd48268bf7af5d97160cb4fdf52d622ed74e7579efe7c2084a69cac77f92f962cfb24bbb6e7c876e6109762ece84f8dd704221991925203344abbe

    Download Submit

  • \Users\Admin\AppData\Local\Temp\nsoF20.tmp\Lang\IND.dll
    Filesize

    174KB

    MD5

    1bd9259e77558a5a4a91234b6542b60e

    SHA1

    029ed4f9091d1a689bcff764a9b82412c3461412

    SHA256

    998cd7a27b92c1306bb0121bf81d45eb9fa385c1099a5a791b737c46140cd7b9

    SHA512

    d9cae5ba8c574617a936189b084f7f6d9599293d512c2d123b60c050f4644cdf541e058657a50b599a24a5a611392e474a9ce126ad6e10e58c9960cd1ac2cf59

    Download Submit

  • \Users\Admin\AppData\Local\Temp\nsoF20.tmp\Lang\ITA.dll
    Filesize

    200KB

    MD5

    299b3aee9eecfbde477571280c21b282

    SHA1

    103838848137f010083ff97b0c9a59318e01a5f9

    SHA256

    e88930c27295b0bb22711c5364c695f58de5d4881c027ffc99f9d58d07fec818

    SHA512

    bdbfa936b03fd1a5bca991371ae9370d719d0daa850a660c7c5c3df949dc66d21a9d4a4fad657d0bacb1a1f4040c76300f1770c7781702e2f7321d7fb1f60fa5

    Download Submit

  • \Users\Admin\AppData\Local\Temp\nsoF20.tmp\Lang\JPN.dll
    Filesize

    110KB

    MD5

    5bcc8382c5cfc05b4f06cde6814b3598

    SHA1

    9e9aec60f53ddc6655651fe444162d3501b00547

    SHA256

    5cb535aee16228b1e58afc3f49d8710fd5ada4557a341a940c5b76c9c3414308

    SHA512

    b8739b2e35b7b3ef998b0d6548d891629867dfcce4b812b4c082a13bf2a3081064475c70d8806a4daafa099834a38c6ef00ca049eb97d44327836009b75e38f4

    Download Submit

  • \Users\Admin\AppData\Local\Temp\nsoF20.tmp\Lang\PLK.dll
    Filesize

    185KB

    MD5

    0cd12620ddd86fdcac7816a86f7ed6bc

    SHA1

    7beebe372b7e7dde3ebc899f7ae5857ffdc3ca31

    SHA256

    f70c9e68b04a416652161c04f78f4c857d2c2a5809af149e0eb528eda70270b4

    SHA512

    1f8c5f56197f6c1e8d03a266f44a38bb36451e9a8c796a3264657dc4e9f7034fa51a058dbee70a3a2f6935baa809e45d939a294dd84ab60f8409169d5bb1a01e

    Download Submit

  • \Users\Admin\AppData\Local\Temp\nsoF20.tmp\Lang\PTB.dll
    Filesize

    192KB

    MD5

    19873379eedd9389faf3ebddb9c3e020

    SHA1

    f2ab74be4c8e697ad428dfba9783a00b682350e8

    SHA256

    eb06652579bbfc5298d23a674cc4d679ac63096e061e1e0a5eb73a5fdd667e73

    SHA512

    66736072e6e9661779fb97e9c37579da549d1239dd6f3fcc412a354ebc0b081366ea56a7f7911115aab08f657d25ce5c090de8b0b0a732d959cdc3e721ba3860

    Download Submit

  • \Users\Admin\AppData\Local\Temp\nsoF20.tmp\Lang\RUS.dll
    Filesize

    190KB

    MD5

    4ba1d97e7e08c4f326436d0f9ab594d0

    SHA1

    6ee24420449237dda8cdb82d53cb2334702aa61d

    SHA256

    c2f34bc64b00010f898269a95b5955ef9e8e058c9583ad1091a8893194b5cfec

    SHA512

    9adbd3543586d7dafb71f91b5bbdbcd3c0f5f277101e3b2e84f5994fa2b3e66bac04b1c18c93c43ecb0807e5ee627722557ff946aaa9add7783f7cf9fb6de1a1

    Download Submit

  • \Users\Admin\AppData\Local\Temp\nsoF20.tmp\Lang\SRL.dll
    Filesize

    180KB

    MD5

    fc4dc3f14c5aa113de75896b43d17d2d

    SHA1

    5a8364e7425d3b8c80aa3c85ae3538a5ef0ee576

    SHA256

    c2ce07b42b01b011b2c9802e76857097929eccb2d137afae7a244315a5a70f64

    SHA512

    ab2e339fed618d205ad6d406d4568d8366438fc2e753e4a59f4fce7770099fe51ca1468750322c189e4c41bba2382cba2537d9d066259741c1bf478ce8cbdf56

    Download Submit

  • \Users\Admin\AppData\Local\Temp\nsoF20.tmp\Lang\SVE.dll
    Filesize

    173KB

    MD5

    7a2e2ac04316c42ae64fd143f3224fe5

    SHA1

    3e9d8758cb3b6c15fcba4d744cf234e0d3b84cca

    SHA256

    666e8b463af4fc49da55896940f78219a21495b289a4ab80af4198c1fce79fe6

    SHA512

    4db3620ca0661e32f89cc01f57709dc0d110af2828a8ce547e32c352e8fc5b166ca6990a7c79db7afea4dc8bd4935e081c9bfe0e429ae8d47312508aa17518a9

    Download Submit

  • \Users\Admin\AppData\Local\Temp\nsoF20.tmp\Lang\TRK.dll
    Filesize

    181KB

    MD5

    cf33ccf6d089755e41ff6f7550e3f0b2

    SHA1

    e7511ad41802b306673eeee47abc29bfa540dc65

    SHA256

    113c3eb494589d2cdf414737831b341e1dceb4fe201d9e31d4b677a4ba991f78

    SHA512

    73d4bab1e08c98f80d76c02f6f5cc8bf9d3ae9e2e8401f426388be8b4e18bf2b65a6542c7cb7c3805eec6070832bfa998a607d6546d0cb582bd1a9490158f537

    Download Submit

  • \Users\Admin\AppData\Local\Temp\nsoF20.tmp\Lang\UKR.dll
    Filesize

    189KB

    MD5

    4dc6100bd651d592d34bda57d4b24546

    SHA1

    594239a46c5e7468ea5120833b41060cc02c7a3a

    SHA256

    47d3b9eaf82a6587bdc4f41b830577d4d987314c23efa92848580832fbab2614

    SHA512

    15ac233461c154acfec5294c75a8768640ff105136ce2273ced708df49bfb1cde59b5241e1f80d94b47f6577d2640f46bb9db71e22becb62a05e6a5df06ea0af

    Download Submit

  • \Users\Admin\AppData\Local\Temp\nsoF20.tmp\System.dll
    Filesize

    11KB

    MD5

    0ac4d26689bd27aa2856b96007be3cfa

    SHA1

    e149c1f77ac35cb335f4b33d258df4420580e514

    SHA256

    9e7ac4e2ca2fec46ab51d5b6d4868c76de684f65d375482c37be4be39bcf3b49

    SHA512

    8040a48231ddade86991652e9cb72e9a487766730032abe52c713562cf914092e5397a328b6d59464846cc5ff0d00dea92e6ed69d9b480acae8c6053addb3b58

    Download Submit

  • \Users\Admin\AppData\Local\Temp\nsoF20.tmp\setuphlp.dll
    Filesize

    5.6MB

    MD5

    14e96012472b8f9101311fb65c79b736

    SHA1

    4d245991f6ca623b844ae1ad5125a4b2007cc2c8

    SHA256

    63fd154629c415bf63648fd1375fa86348ab863ef87bab3524825e620b6015f4

    SHA512

    3ceeab432eca30c85b5958b5f48de52185906148f4f654547c9afaec6524ed5adaf8f292f69dcdff9c36069b5d9981a4a04999d7f5690cc16efad13b7951f7cc

    Download Submit

  • \Users\Admin\AppData\Local\Temp\nsoF20.tmp\sptdintf.dll
    Filesize

    50KB

    MD5

    3862c98f3676f3fd8bf4759db17cf273

    SHA1

    8ce5ca251376345220fa502930e4339cfbd7721d

    SHA256

    1c7d5e42ff3bc5e1a0ecd01fa68633dc67515b3a06e660fcd2d22d6ea436a6f1

    SHA512

    1836a39ad1bf17e086836298323cc36538174d991aa2e9ee4fd8b4594e88aad1723fd875501f2e256e2b358fc88a84cd564b5bef79eca2b51af4880c9646f396

    Download Submit

  • memory/2360-66-0x0000000074DD0000-0x0000000074DDF000-memory.dmp

    Filesize

    60KB

    Download

  • memory/2360-251-0x0000000074DD0000-0x0000000074DDF000-memory.dmp

    Filesize

    60KB

    Download