Overview
overview
7Static
static
38b5adfe41e...18.exe
windows7-x64
78b5adfe41e...18.exe
windows10-2004-x64
7$APPDATA/a...ta.exe
windows7-x64
3$APPDATA/a...ta.exe
windows10-2004-x64
3$APPDATA/a...me.dll
windows7-x64
1$APPDATA/a...me.dll
windows10-2004-x64
1$APPDATA/a...ol.dll
windows7-x64
1$APPDATA/a...ol.dll
windows10-2004-x64
1$PLUGINSDI...ns.dll
windows7-x64
3$PLUGINSDI...ns.dll
windows10-2004-x64
3$PLUGINSDI...dl.dll
windows7-x64
3$PLUGINSDI...dl.dll
windows10-2004-x64
3$PLUGINSDI...em.dll
windows7-x64
3$PLUGINSDI...em.dll
windows10-2004-x64
3$PLUGINSDI...ss.dll
windows7-x64
3$PLUGINSDI...ss.dll
windows10-2004-x64
3AcdKantu.exe
windows7-x64
3AcdKantu.exe
windows10-2004-x64
3acdmenu.dll
windows7-x64
1acdmenu.dll
windows10-2004-x64
1acdmenu64.dll
windows7-x64
7acdmenu64.dll
windows10-2004-x64
7uninst.exe
windows7-x64
7uninst.exe
windows10-2004-x64
7$PLUGINSDI...ns.dll
windows7-x64
3$PLUGINSDI...ns.dll
windows10-2004-x64
3$PLUGINSDI...dl.dll
windows7-x64
3$PLUGINSDI...dl.dll
windows10-2004-x64
3$PLUGINSDI...em.dll
windows7-x64
3$PLUGINSDI...em.dll
windows10-2004-x64
3$PLUGINSDI...ss.dll
windows7-x64
3$PLUGINSDI...ss.dll
windows10-2004-x64
3General
-
Target
8b5adfe41e6da138fbb57b81cb75d29c_JaffaCakes118
-
Size
1.3MB
-
Sample
240601-w2r53abg24
-
MD5
8b5adfe41e6da138fbb57b81cb75d29c
-
SHA1
61a88637632c9172baf7de8864e5bf0ad67cb709
-
SHA256
1c788878ac935ed06193fa73cbabd973e85db05b07ec7413ed9dea4ea6c62899
-
SHA512
1717e00d165116590b3bd1b730485f3d2986e0d6bdaae7eb4a795ca5f8eb2a126f1a4dcf2e58ec109b8c3d10d42d7e6a50df30014fd28c32106717a431636457
-
SSDEEP
24576:m+IyIZUYgVFtrqtMJZuaXksqXZAQIRnsYRZB6PsNcgZDfB0Be:eZUluQua0sGZAxRZB5Ffv
Static task
static1
Behavioral task
behavioral1
Sample
8b5adfe41e6da138fbb57b81cb75d29c_JaffaCakes118.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
8b5adfe41e6da138fbb57b81cb75d29c_JaffaCakes118.exe
Resource
win10v2004-20240426-en
Behavioral task
behavioral3
Sample
$APPDATA/acdkantu/AcdData.exe
Resource
win7-20231129-en
Behavioral task
behavioral4
Sample
$APPDATA/acdkantu/AcdData.exe
Resource
win10v2004-20240426-en
Behavioral task
behavioral5
Sample
$APPDATA/acdkantu/AcdFrame.dll
Resource
win7-20240419-en
Behavioral task
behavioral6
Sample
$APPDATA/acdkantu/AcdFrame.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral7
Sample
$APPDATA/acdkantu/AcdTool.dll
Resource
win7-20240221-en
Behavioral task
behavioral8
Sample
$APPDATA/acdkantu/AcdTool.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral9
Sample
$PLUGINSDIR/InstallOptions.dll
Resource
win7-20240419-en
Behavioral task
behavioral10
Sample
$PLUGINSDIR/InstallOptions.dll
Resource
win10v2004-20240426-en
Behavioral task
behavioral11
Sample
$PLUGINSDIR/NSISdl.dll
Resource
win7-20240508-en
Behavioral task
behavioral12
Sample
$PLUGINSDIR/NSISdl.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral13
Sample
$PLUGINSDIR/System.dll
Resource
win7-20240215-en
Behavioral task
behavioral14
Sample
$PLUGINSDIR/System.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral15
Sample
$PLUGINSDIR/nsProcess.dll
Resource
win7-20240220-en
Behavioral task
behavioral16
Sample
$PLUGINSDIR/nsProcess.dll
Resource
win10v2004-20240426-en
Behavioral task
behavioral17
Sample
AcdKantu.exe
Resource
win7-20231129-en
Behavioral task
behavioral18
Sample
AcdKantu.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral19
Sample
acdmenu.dll
Resource
win7-20240221-en
Behavioral task
behavioral20
Sample
acdmenu.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral21
Sample
acdmenu64.dll
Resource
win7-20240215-en
Behavioral task
behavioral22
Sample
acdmenu64.dll
Resource
win10v2004-20240426-en
Behavioral task
behavioral23
Sample
uninst.exe
Resource
win7-20240508-en
Behavioral task
behavioral24
Sample
uninst.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral25
Sample
$PLUGINSDIR/InstallOptions.dll
Resource
win7-20240220-en
Behavioral task
behavioral26
Sample
$PLUGINSDIR/InstallOptions.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral27
Sample
$PLUGINSDIR/NSISdl.dll
Resource
win7-20240221-en
Behavioral task
behavioral28
Sample
$PLUGINSDIR/NSISdl.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral29
Sample
$PLUGINSDIR/System.dll
Resource
win7-20240508-en
Behavioral task
behavioral30
Sample
$PLUGINSDIR/System.dll
Resource
win10v2004-20240426-en
Behavioral task
behavioral31
Sample
$PLUGINSDIR/nsProcess.dll
Resource
win7-20240221-en
Behavioral task
behavioral32
Sample
$PLUGINSDIR/nsProcess.dll
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
8b5adfe41e6da138fbb57b81cb75d29c_JaffaCakes118
-
Size
1.3MB
-
MD5
8b5adfe41e6da138fbb57b81cb75d29c
-
SHA1
61a88637632c9172baf7de8864e5bf0ad67cb709
-
SHA256
1c788878ac935ed06193fa73cbabd973e85db05b07ec7413ed9dea4ea6c62899
-
SHA512
1717e00d165116590b3bd1b730485f3d2986e0d6bdaae7eb4a795ca5f8eb2a126f1a4dcf2e58ec109b8c3d10d42d7e6a50df30014fd28c32106717a431636457
-
SSDEEP
24576:m+IyIZUYgVFtrqtMJZuaXksqXZAQIRnsYRZB6PsNcgZDfB0Be:eZUluQua0sGZAxRZB5Ffv
Score7/10-
Loads dropped DLL
-
-
-
Target
$APPDATA/acdkantu/AcdData.exe
-
Size
164KB
-
MD5
0b8a1516041e36808f6b463b52685128
-
SHA1
88fb0373a22ad20310924161fb162fd04a71d881
-
SHA256
6af62c1e0f56102a805e784fd52111eab9524c0d656cbd2d95617edeff0a5b99
-
SHA512
11f14d2163f5c4670b45b645839113c510c72eda0584033e27725d2ab2a666f7ed740e41030b47cfd5e8f6727b38311fe00c7f29b483fa71e8566d49b02a0b42
-
SSDEEP
3072:QSE3ryNcgThPejBOpeLgRKYnLJzXDDaX5NDOKIi:QSEbyNcghmB+eLgwYnFyy
Score3/10 -
-
-
Target
$APPDATA/acdkantu/AcdFrame.dll
-
Size
556KB
-
MD5
29cc1f4d82e26595654b24051038e6cd
-
SHA1
dee74c0ae7e5a30f3fa767f18a70807da38045f1
-
SHA256
91e003295112f820afce8948d16c3e806c7cc4710784b58a4625529faf61d081
-
SHA512
f1f39567448bf9c4992adb91e6746d444189cede1e4a63c284b3e57fa0b4d5a05774e89323ca341e1eea2d6e623232c9128fdea29d2f4bf2ad3d2b059b896aa6
-
SSDEEP
12288:Qi6Yh+5ZKiX1CuwZOT88YNwK5F75ECx6:Qi6rrwZOTYNp5Z5E
Score1/10 -
-
-
Target
$APPDATA/acdkantu/AcdTool.dll
-
Size
286KB
-
MD5
9764f7b55aa2cde9621cba580638760f
-
SHA1
41812a98e14f97605d3c7159cf1a254adac2e478
-
SHA256
3952f80ff3db0c278d19863b402a4d3b6b44cad01d1cbe032e277c45c0ecc9f8
-
SHA512
c02f0cc3ff8fee905244ad04a93698ecc9855e1b656fd8554d646a7101cd7de04a8e8f0195269d0232bcef1e27e737aa8e974cc5f83d9316f8c5f8b737931f59
-
SSDEEP
6144:yxdxmhWRWc9ikpM4skX1nigfSrbGacdHmsOPNo/GeFys85wfDTBqpj1x:yx7mhWRDLnii/OFo/GeFys85wfDTspj
Score1/10 -
-
-
Target
$PLUGINSDIR/InstallOptions.dll
-
Size
14KB
-
MD5
325b008aec81e5aaa57096f05d4212b5
-
SHA1
27a2d89747a20305b6518438eff5b9f57f7df5c3
-
SHA256
c9cd5c9609e70005926ae5171726a4142ffbcccc771d307efcd195dafc1e6b4b
-
SHA512
18362b3aee529a27e85cc087627ecf6e2d21196d725f499c4a185cb3a380999f43ff1833a8ebec3f5ba1d3a113ef83185770e663854121f2d8b885790115afdf
-
SSDEEP
192:86d+dHXLHQOPiY53uiUdigyU+WsPdc/A1A+2jwK72dwF7dBEnbok:86UdHXcIiY535zBt2jw+BEnbo
Score3/10 -
-
-
Target
$PLUGINSDIR/NSISdl.dll
-
Size
14KB
-
MD5
a5f8399a743ab7f9c88c645c35b1ebb5
-
SHA1
168f3c158913b0367bf79fa413357fbe97018191
-
SHA256
dacc88a12d3ba438fdae3535dc7a5a1d389bce13adc993706424874a782e51c9
-
SHA512
824e567f5211bf09c7912537c7836d761b0934207612808e9a191f980375c6a97383dbc6b4a7121c6b5f508cbfd7542a781d6b6b196ca24841f73892eec5e977
-
SSDEEP
192:tUZTobBDJ68r67wmsvJI5ad9cXzFOVu+mZ/P3p+57CvpVqDxVp01Dwn2GRPgsfA:6Bo/680dCI5adOjFOg9//p27uNw2Go
Score3/10 -
-
-
Target
$PLUGINSDIR/System.dll
-
Size
11KB
-
MD5
c17103ae9072a06da581dec998343fc1
-
SHA1
b72148c6bdfaada8b8c3f950e610ee7cf1da1f8d
-
SHA256
dc58d8ad81cacb0c1ed72e33bff8f23ea40b5252b5bb55d393a0903e6819ae2f
-
SHA512
d32a71aaef18e993f28096d536e41c4d016850721b31171513ce28bbd805a54fd290b7c3e9d935f72e676a1acfb4f0dcc89d95040a0dd29f2b6975855c18986f
-
SSDEEP
192:7DKnJZCv6VmbJQC+tFiUdK7ckD4gRXKQx+LQ2CSF:7ViJrtFRdbmXK8+PCw
Score3/10 -
-
-
Target
$PLUGINSDIR/nsProcess.dll
-
Size
4KB
-
MD5
05450face243b3a7472407b999b03a72
-
SHA1
ffd88af2e338ae606c444390f7eaaf5f4aef2cd9
-
SHA256
95fe9d92512ff2318cc2520311ef9145b2cee01209ab0e1b6e45c7ce1d4d0e89
-
SHA512
f4cbe30166aff20a226a7150d93a876873ba699d80d7e9f46f32a9b4753fa7966c3113a3124340b39ca67a13205463a413e740e541e742903e3f89af5a53ad3b
Score3/10 -
-
-
Target
AcdKantu.exe
-
Size
1.9MB
-
MD5
3b7f94b1383e1a2dbf44488723a1cef2
-
SHA1
96aec536852f0eb52a95e5f6aecace9433fffa5c
-
SHA256
71359a641985139c4043d36f6b6b823c4e5168db6c73313bec98c218070b9b70
-
SHA512
d9730279e48872a15b7745eb04832c6123f92d06077024dd604edd7703c72b9a2969ac031425b16beb60ae8ae02b81a9dc6863162eb9e301de5c1a69a1ffec59
-
SSDEEP
24576:6UaPHmrt0XQFJq7l+Phwaz/YHz3P6nuu6yszPHeiJY/4f0Kxfoe38KVmayidL9m+:tdXF/CcU2f611RTL3lEwTv4K
Score3/10 -
-
-
Target
acdmenu.dll
-
Size
110KB
-
MD5
39aaeffbf0ddc0e6ff68c45348bf43fa
-
SHA1
931a6a03461bd975171df62efa8d4407f77b9b4c
-
SHA256
afc42827989b91470f30961555be2748faeb5eb0cf15b06d28b83622a1354bd7
-
SHA512
7c121aa9c4c586f2c75ec52bffb4b7a05239b728c6ed49d8b8bfe958d75e3bb10880e6394ebc3b6561b0c44f45f187ffa56f2b68bca395435c74742cbaccf243
-
SSDEEP
1536:CbB1qq2A1S0yvJQl/t5uCF2aRmbR2H6frkWwfEBqLf/bhnUAEyf7hB153EGp:CbBsTpvel/3y/q6t2hnfEyhn53EGp
Score1/10 -
-
-
Target
acdmenu64.dll
-
Size
127KB
-
MD5
612e301b35b4242a0c160e997c89411d
-
SHA1
85b48e5b52aef8c02e615a015b4b6a6a9cbcbbb4
-
SHA256
81f65f02933c9e45f5d8e9a79a0c8c784c34d7b8a1e8c8f9e712a797a4a7edc5
-
SHA512
a5e29de5ec98360a49f4c1b7f188c9e47a6a4c3ccc0de53ba4f45585045ce1291a45eae26ef8c34d063672c86ea73730b263113e075dc132d609d116458b45fa
-
SSDEEP
3072:f6AHa0M0772Y42vjJ2niwQp1eXF49ARe9hG5rnO:SA60M07u2bJ2IpUXL49hwnO
Score7/10-
Registers COM server for autorun
-
-
-
Target
uninst.exe
-
Size
87KB
-
MD5
d1a68b77b386fb95320dc2896907a06d
-
SHA1
ef96cb99f8f5ab55cb2f67701049bbbf66689e7d
-
SHA256
f4ec47ca1c8aa3344c5bee7a5993cf2107daf0ba362246c21710d259cd9f6975
-
SHA512
f59f7f7eac35230e7c530705919ccd9419cdd8a6385ea52d53316d6345d97c6d2944dac2ef2f45d8b364e7cbb47ab2869f3331bb9c0eb9ce564de4b55ba37bf5
-
SSDEEP
1536:VQpQ5EP0ijnRTXJOfFcJNk/qiVYsJRZRqqP4PE0lveoY+wGk725:VQIURTXJrmiixZRng8ivoGk725
Score7/10-
Executes dropped EXE
-
Loads dropped DLL
-
-
-
Target
$PLUGINSDIR/InstallOptions.dll
-
Size
14KB
-
MD5
325b008aec81e5aaa57096f05d4212b5
-
SHA1
27a2d89747a20305b6518438eff5b9f57f7df5c3
-
SHA256
c9cd5c9609e70005926ae5171726a4142ffbcccc771d307efcd195dafc1e6b4b
-
SHA512
18362b3aee529a27e85cc087627ecf6e2d21196d725f499c4a185cb3a380999f43ff1833a8ebec3f5ba1d3a113ef83185770e663854121f2d8b885790115afdf
-
SSDEEP
192:86d+dHXLHQOPiY53uiUdigyU+WsPdc/A1A+2jwK72dwF7dBEnbok:86UdHXcIiY535zBt2jw+BEnbo
Score3/10 -
-
-
Target
$PLUGINSDIR/NSISdl.dll
-
Size
14KB
-
MD5
a5f8399a743ab7f9c88c645c35b1ebb5
-
SHA1
168f3c158913b0367bf79fa413357fbe97018191
-
SHA256
dacc88a12d3ba438fdae3535dc7a5a1d389bce13adc993706424874a782e51c9
-
SHA512
824e567f5211bf09c7912537c7836d761b0934207612808e9a191f980375c6a97383dbc6b4a7121c6b5f508cbfd7542a781d6b6b196ca24841f73892eec5e977
-
SSDEEP
192:tUZTobBDJ68r67wmsvJI5ad9cXzFOVu+mZ/P3p+57CvpVqDxVp01Dwn2GRPgsfA:6Bo/680dCI5adOjFOg9//p27uNw2Go
Score3/10 -
-
-
Target
$PLUGINSDIR/System.dll
-
Size
11KB
-
MD5
c17103ae9072a06da581dec998343fc1
-
SHA1
b72148c6bdfaada8b8c3f950e610ee7cf1da1f8d
-
SHA256
dc58d8ad81cacb0c1ed72e33bff8f23ea40b5252b5bb55d393a0903e6819ae2f
-
SHA512
d32a71aaef18e993f28096d536e41c4d016850721b31171513ce28bbd805a54fd290b7c3e9d935f72e676a1acfb4f0dcc89d95040a0dd29f2b6975855c18986f
-
SSDEEP
192:7DKnJZCv6VmbJQC+tFiUdK7ckD4gRXKQx+LQ2CSF:7ViJrtFRdbmXK8+PCw
Score3/10 -
-
-
Target
$PLUGINSDIR/nsProcess.dll
-
Size
4KB
-
MD5
05450face243b3a7472407b999b03a72
-
SHA1
ffd88af2e338ae606c444390f7eaaf5f4aef2cd9
-
SHA256
95fe9d92512ff2318cc2520311ef9145b2cee01209ab0e1b6e45c7ce1d4d0e89
-
SHA512
f4cbe30166aff20a226a7150d93a876873ba699d80d7e9f46f32a9b4753fa7966c3113a3124340b39ca67a13205463a413e740e541e742903e3f89af5a53ad3b
Score3/10 -