Overview
overview
8Static
static
38c7d928bf5...18.exe
windows7-x64
78c7d928bf5...18.exe
windows10-2004-x64
7$APPDATA/A...er.dll
windows7-x64
8$APPDATA/A...er.dll
windows10-2004-x64
8$APPDATA/A...er.exe
windows7-x64
8$APPDATA/A...er.exe
windows10-2004-x64
8$PLUGINSDI...ol.dll
windows7-x64
3$PLUGINSDI...ol.dll
windows10-2004-x64
3$PLUGINSDI...dl.dll
windows7-x64
3$PLUGINSDI...dl.dll
windows10-2004-x64
3$PLUGINSDI...em.dll
windows7-x64
3$PLUGINSDI...em.dll
windows10-2004-x64
3$PLUGINSDI...gs.dll
windows7-x64
3$PLUGINSDI...gs.dll
windows10-2004-x64
3$PLUGINSDI...ec.dll
windows7-x64
3$PLUGINSDI...ec.dll
windows10-2004-x64
3$PLUGINSDI...nz.dll
windows7-x64
3$PLUGINSDI...nz.dll
windows10-2004-x64
3AGLoader.dll
windows7-x64
8AGLoader.dll
windows10-2004-x64
8AGUtils.dll
windows7-x64
1AGUtils.dll
windows10-2004-x64
1Anonymizer...er.exe
windows7-x64
8Anonymizer...er.exe
windows10-2004-x64
8uninstaller.exe
windows7-x64
7uninstaller.exe
windows10-2004-x64
7$PLUGINSDI...em.dll
windows7-x64
3$PLUGINSDI...em.dll
windows10-2004-x64
3$PLUGINSDI...ec.dll
windows7-x64
3$PLUGINSDI...ec.dll
windows10-2004-x64
3General
-
Target
8c7d928bf569a4e61ea103bf4acb3420_JaffaCakes118
-
Size
1.4MB
-
Sample
240602-b3dnvaee51
-
MD5
8c7d928bf569a4e61ea103bf4acb3420
-
SHA1
01abfac7c60a40ed9527892c907d3e7b0dcab0e1
-
SHA256
829707270ab77a8b13f815d57211bfaa2c6df5dccac0749ceb0dfbed66b1672b
-
SHA512
1b35dc8e941f69adb41f8668f551c1cdf5a651b4412ff90631b4100e49577b394ef2cabec98937543874215dfddf684907ccd4df574bdaa3848196d1916a1a45
-
SSDEEP
24576:PvcSfUxBQv1qUyZJlQVatTSgjXKPG9xuw5Pe9aPPXVRGDqxtcXudiapNIOYOf:ffUfQkLLxtTLXr9Uw5PbPlmiJgINIOFf
Static task
static1
Behavioral task
behavioral1
Sample
8c7d928bf569a4e61ea103bf4acb3420_JaffaCakes118.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
8c7d928bf569a4e61ea103bf4acb3420_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral3
Sample
$APPDATA/AGData/stuff/AGLoader.dll
Resource
win7-20231129-en
Behavioral task
behavioral4
Sample
$APPDATA/AGData/stuff/AGLoader.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral5
Sample
$APPDATA/AGData/stuff/AnonymizerLauncher.exe
Resource
win7-20240508-en
Behavioral task
behavioral6
Sample
$APPDATA/AGData/stuff/AnonymizerLauncher.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral7
Sample
$PLUGINSDIR/AccessControl.dll
Resource
win7-20240508-en
Behavioral task
behavioral8
Sample
$PLUGINSDIR/AccessControl.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral9
Sample
$PLUGINSDIR/NSISdl.dll
Resource
win7-20240215-en
Behavioral task
behavioral10
Sample
$PLUGINSDIR/NSISdl.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral11
Sample
$PLUGINSDIR/System.dll
Resource
win7-20240508-en
Behavioral task
behavioral12
Sample
$PLUGINSDIR/System.dll
Resource
win10v2004-20240426-en
Behavioral task
behavioral13
Sample
$PLUGINSDIR/nsDialogs.dll
Resource
win7-20231129-en
Behavioral task
behavioral14
Sample
$PLUGINSDIR/nsDialogs.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral15
Sample
$PLUGINSDIR/nsExec.dll
Resource
win7-20240220-en
Behavioral task
behavioral16
Sample
$PLUGINSDIR/nsExec.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral17
Sample
$PLUGINSDIR/nsisunz.dll
Resource
win7-20240221-en
Behavioral task
behavioral18
Sample
$PLUGINSDIR/nsisunz.dll
Resource
win10v2004-20240426-en
Behavioral task
behavioral19
Sample
AGLoader.dll
Resource
win7-20240221-en
Behavioral task
behavioral20
Sample
AGLoader.dll
Resource
win10v2004-20240426-en
Behavioral task
behavioral21
Sample
AGUtils.dll
Resource
win7-20231129-en
Behavioral task
behavioral22
Sample
AGUtils.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral23
Sample
AnonymizerLauncher.exe
Resource
win7-20240221-en
Behavioral task
behavioral24
Sample
AnonymizerLauncher.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral25
Sample
uninstaller.exe
Resource
win7-20240419-en
Behavioral task
behavioral26
Sample
uninstaller.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral27
Sample
$PLUGINSDIR/System.dll
Resource
win7-20240508-en
Behavioral task
behavioral28
Sample
$PLUGINSDIR/System.dll
Resource
win10v2004-20240426-en
Behavioral task
behavioral29
Sample
$PLUGINSDIR/nsExec.dll
Resource
win7-20240221-en
Behavioral task
behavioral30
Sample
$PLUGINSDIR/nsExec.dll
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
8c7d928bf569a4e61ea103bf4acb3420_JaffaCakes118
-
Size
1.4MB
-
MD5
8c7d928bf569a4e61ea103bf4acb3420
-
SHA1
01abfac7c60a40ed9527892c907d3e7b0dcab0e1
-
SHA256
829707270ab77a8b13f815d57211bfaa2c6df5dccac0749ceb0dfbed66b1672b
-
SHA512
1b35dc8e941f69adb41f8668f551c1cdf5a651b4412ff90631b4100e49577b394ef2cabec98937543874215dfddf684907ccd4df574bdaa3848196d1916a1a45
-
SSDEEP
24576:PvcSfUxBQv1qUyZJlQVatTSgjXKPG9xuw5Pe9aPPXVRGDqxtcXudiapNIOYOf:ffUfQkLLxtTLXr9Uw5PbPlmiJgINIOFf
Score7/10-
Loads dropped DLL
-
-
-
Target
$APPDATA/AGData/stuff/AGLoader.dll
-
Size
1.2MB
-
MD5
b35ece38c4ebaa98a3d0181a900040d6
-
SHA1
740a3ebd1996cc666b904412bf729016c01b89b6
-
SHA256
e7ab168866f91c1417de25ff30c4c128edf8559e03892d5817c9eacd05b230cf
-
SHA512
fcb75bf969b805b3798486d2d21ef1b8664e0c62da79c72f9b94a75112220ec921aeacc4c3cdc04026d0fd043222449c08f17a5cf7d38447a276b602047c0adb
-
SSDEEP
24576:qPfS9KwYiHns+4mlx9SP6d6UE2cp+oGZhIs9fLt0cj1o1lWmO6IFZfyAJ58SmP8H:EcKwYiH359SP6d6F0hFTxD8SmGmE++Qg
Score8/10-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Drops file in System32 directory
-
-
-
Target
$APPDATA/AGData/stuff/AnonymizerLauncher.exe
-
Size
768KB
-
MD5
45d7082dbb723119fbc1d81274079f02
-
SHA1
25a932ca9790a9603cbdebf06363d004a1035fa4
-
SHA256
01b3b36d8b16ef4ba002255c49e3f452fc3fa60ebf2b36dcb31bdd181befc4ed
-
SHA512
c6aa003f28716b716fc0fb48fc9747ee6abe0ac8de358ce2cc229601585eb7a99d6542e351841eee1bd96ab231a8fe5d3d651539a7da26f9bb73e6986f5442a3
-
SSDEEP
24576:XF2c+HG0WO99a64eaogHasDgKd9iFirsi6q9mdkmWEfYfgM7:VhAN99a64eG6GYG9md8EfOD7
Score8/10-
Downloads MZ/PE file
-
-
-
Target
$PLUGINSDIR/AccessControl.dll
-
Size
15KB
-
MD5
f894e7068ee5f5b4489d7acdde7112c9
-
SHA1
79ec857791ad4ac76673b05e6fc44e55315424ef
-
SHA256
3948484bc6a6e8652c2220be411cdcabab73eab46578faca8c0bd01d3ea290ab
-
SHA512
e85b2bdc27b9721425bb03393e8aad897647053c77d7862ea541e03dc896173af6eaaf182514d46464d560d15c6b9d4652690885426ac1c68e2b9dd8d632e816
-
SSDEEP
192:VUmFdGZ2ESi0SGlIO1yn3B+boYt0/SNFdTmUJJimGf/5b2xlUqyWWKCi1wlLjck2:FdGZ2ESnTqkddTm43saIvy
Score3/10 -
-
-
Target
$PLUGINSDIR/NSISdl.dll
-
Size
21KB
-
MD5
cecfad78f8506dcfb68a64300637c16f
-
SHA1
532f96e9536adc3e6c7c58649c82183cffdfcccf
-
SHA256
4efbad5e185e0b77f7d2ff7a377db8a4a210c062e46f89ae79d8fe05dab18dcf
-
SHA512
3d86df842766667f24e4430dbc9d2534dd0ce628dadfef647e6dd2591e8b5e11d7c4bf75adb6f9faab453b7817b30462a0e6a981c370ad77b46baef5d443c20b
-
SSDEEP
384:bCGI+uz/G3ZPRHncbDmMWj5aa3ZUFZJGEdnz4mPZnfePPLB/xc:2GUz/G3JYmMGaKZUXJGEdzXRm1Jc
Score3/10 -
-
-
Target
$PLUGINSDIR/System.dll
-
Size
16KB
-
MD5
bc96b91bfe7885a31d698d10035e6321
-
SHA1
31ba2971426a153f6bd3e489eb233d06f2f23bfd
-
SHA256
32e4679375c55c962c09bac07ea00a74c1305edd22d048a71020e1a3fbf4cbc0
-
SHA512
075e0241ed54b99e5ddee120f28a8d070e1decee9d3ed8869acd16ef2c0d9154c2e86a52d195c10d3bf4039108b8fc50b3c5b898761fa7bd68903c8e55b1f03c
-
SSDEEP
192:6N2gQuUwXzioj4KALV2upWzVd7q1QDXEbBZ8KxHdGzyS/KxBUbBnf7qFBe+PjPBE:ZJoiO8V2upW7vQjS/7nfePPLB/SDp
Score3/10 -
-
-
Target
$PLUGINSDIR/nsDialogs.dll
-
Size
15KB
-
MD5
c8e7aacaa3417f95e5225c8dcd6fbf7b
-
SHA1
f79a5e6cac28a126ffba0edc5cf2e21ce96c17ff
-
SHA256
053406225b73b44047c354890ab9ad4c8b57cb000aae3e3d30a9b3a60023535e
-
SHA512
6400a7d8dca3b2407221d023a8b053d5d055c2ff454708f288a206d6c547afa4e034a6e1caee906c680d85b7229de91ef5df3614560c4545655d711842fcdf72
-
SSDEEP
192:SbcunjqjIcESwFlioU3M0LLF/t8t9pKSfOiLhnf7qFBe+PjPB/WhmEe:SbcSjFCw6oWPFl8jfOiFnfePPLB/tr
Score3/10 -
-
-
Target
$PLUGINSDIR/nsExec.dll
-
Size
11KB
-
MD5
150e08573da69bd9962e6110ae38b34f
-
SHA1
d51102abe78b1a2ff60bb2a92cf5f5aad0cbe961
-
SHA256
aecc5b69c6584968f1280cba55fa5b7edb54e8c94f38e5af028ea1f7ebe38f28
-
SHA512
2255d020877864fb8ea5f591da7f14b3b42d24a2ce8801e7003ab30931ebd2d28f5ced53f9fc69ef169116523c65dec6ebb396b490ee806747d2817693f160fa
-
SSDEEP
192:M/SUG7lhvov36S5FcUjliSEI5LuQr8nf7qFBe+PjPB/WhmhGXhh:MSUUhvU6qFRMSEId4nfePPLB/fGxh
Score3/10 -
-
-
Target
$PLUGINSDIR/nsisunz.dll
-
Size
93KB
-
MD5
f8f74a4d00a8d8768196a35ec2cb03d8
-
SHA1
494098f8442f9e05134a97471c3490426720ebd1
-
SHA256
f57013986085f0f665d6f9760d8264481f0fdb72b78f346bd57a803e305aafcc
-
SHA512
0b6600367fa7a2960bebb2208f5fa098ecbb606e937cee6179faff614a1e9b12ede6938c92aae5e1fe7ce1c2eb49b404821ce64a8eec9868c05dc36b902666c3
-
SSDEEP
1536:YPmnCuZs9reYWvAHvXhxQdJeY3tMCo9NTJwd6aimHr5jr5T51NTBq:YPmnCuZs9KoPX6rA9Nl2Rrt51hBq
Score3/10 -
-
-
Target
AGLoader.dll
-
Size
1.2MB
-
MD5
b35ece38c4ebaa98a3d0181a900040d6
-
SHA1
740a3ebd1996cc666b904412bf729016c01b89b6
-
SHA256
e7ab168866f91c1417de25ff30c4c128edf8559e03892d5817c9eacd05b230cf
-
SHA512
fcb75bf969b805b3798486d2d21ef1b8664e0c62da79c72f9b94a75112220ec921aeacc4c3cdc04026d0fd043222449c08f17a5cf7d38447a276b602047c0adb
-
SSDEEP
24576:qPfS9KwYiHns+4mlx9SP6d6UE2cp+oGZhIs9fLt0cj1o1lWmO6IFZfyAJ58SmP8H:EcKwYiH359SP6d6F0hFTxD8SmGmE++Qg
Score8/10-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Drops file in System32 directory
-
-
-
Target
AGUtils.dll
-
Size
101KB
-
MD5
58b75874e57fc16e9579f49d898a1117
-
SHA1
1e8281fac2e5aaf9970d5a77559e2449f961c31d
-
SHA256
b2adb83998c127492d9c22dc7b2571b576dba3c96e1f814b8836bb84a668d1f3
-
SHA512
40fbc4d1c3bdc712374084d79b477aea59cf153b99f8a917e34d82331181b0d9ce7952323688fdf0ea9b0b3ff511bfba17686f20da28fbb31ce24a217bb94be6
-
SSDEEP
1536:9wonkElPyO5ANfm/aUWfFphAGXP+7sJWsQYF+NsWJW/cd4mSw7UOukY:sO5sm/aUWfF/xClsQBWu4mSw7HPY
Score1/10 -
-
-
Target
AnonymizerLauncher.exe
-
Size
768KB
-
MD5
45d7082dbb723119fbc1d81274079f02
-
SHA1
25a932ca9790a9603cbdebf06363d004a1035fa4
-
SHA256
01b3b36d8b16ef4ba002255c49e3f452fc3fa60ebf2b36dcb31bdd181befc4ed
-
SHA512
c6aa003f28716b716fc0fb48fc9747ee6abe0ac8de358ce2cc229601585eb7a99d6542e351841eee1bd96ab231a8fe5d3d651539a7da26f9bb73e6986f5442a3
-
SSDEEP
24576:XF2c+HG0WO99a64eaogHasDgKd9iFirsi6q9mdkmWEfYfgM7:VhAN99a64eG6GYG9md8EfOD7
Score8/10-
Downloads MZ/PE file
-
-
-
Target
uninstaller.exe
-
Size
119KB
-
MD5
fad952c3911d0be2a5037f1aba028278
-
SHA1
6772bf6ca4226be971440655296cc1d03556248e
-
SHA256
19cb8608752b9925f21a81876b8b6da72aeeedc873291dfa5c1085ce0ef748e2
-
SHA512
c3a51f9c912d62b27e48b70fb6c627f33bcb944a24f4377d2e52e16de055ff4a1bff03afc0a030f9bfbad3f4298f366cf6200068b80fd9bdff43d59d9711df1d
-
SSDEEP
3072:85BuYAVrgUCPniceApej922VexMkGTo2PW:850gUCampew2UmkGToP
Score7/10-
Executes dropped EXE
-
Loads dropped DLL
-
-
-
Target
$PLUGINSDIR/System.dll
-
Size
16KB
-
MD5
bc96b91bfe7885a31d698d10035e6321
-
SHA1
31ba2971426a153f6bd3e489eb233d06f2f23bfd
-
SHA256
32e4679375c55c962c09bac07ea00a74c1305edd22d048a71020e1a3fbf4cbc0
-
SHA512
075e0241ed54b99e5ddee120f28a8d070e1decee9d3ed8869acd16ef2c0d9154c2e86a52d195c10d3bf4039108b8fc50b3c5b898761fa7bd68903c8e55b1f03c
-
SSDEEP
192:6N2gQuUwXzioj4KALV2upWzVd7q1QDXEbBZ8KxHdGzyS/KxBUbBnf7qFBe+PjPBE:ZJoiO8V2upW7vQjS/7nfePPLB/SDp
Score3/10 -
-
-
Target
$PLUGINSDIR/nsExec.dll
-
Size
11KB
-
MD5
150e08573da69bd9962e6110ae38b34f
-
SHA1
d51102abe78b1a2ff60bb2a92cf5f5aad0cbe961
-
SHA256
aecc5b69c6584968f1280cba55fa5b7edb54e8c94f38e5af028ea1f7ebe38f28
-
SHA512
2255d020877864fb8ea5f591da7f14b3b42d24a2ce8801e7003ab30931ebd2d28f5ced53f9fc69ef169116523c65dec6ebb396b490ee806747d2817693f160fa
-
SSDEEP
192:M/SUG7lhvov36S5FcUjliSEI5LuQr8nf7qFBe+PjPB/WhmhGXhh:MSUUhvU6qFRMSEId4nfePPLB/fGxh
Score3/10 -