Overview

overview

7

Static

static

3

8d3387ca37...18.exe

windows7-x64

7

8d3387ca37...18.exe

windows10-2004-x64

7

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...dl.dll

windows7-x64

3

$PLUGINSDI...dl.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDIR/UAC.dll

windows7-x64

3

$PLUGINSDIR/UAC.dll

windows10-2004-x64

3

$PLUGINSDIR/inetc.dll

windows7-x64

3

$PLUGINSDIR/inetc.dll

windows10-2004-x64

3

$PLUGINSDI...er.dll

windows7-x64

3

$PLUGINSDI...er.dll

windows10-2004-x64

3

$PLUGINSDI...ec.dll

windows7-x64

3

$PLUGINSDI...ec.dll

windows10-2004-x64

3

$PROGRAMFI...le.exe

windows7-x64

7

$PROGRAMFI...le.exe

windows10-2004-x64

7

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...dl.dll

windows7-x64

3

$PLUGINSDI...dl.dll

windows10-2004-x64

3

$PLUGINSDI...ec.dll

windows7-x64

3

$PLUGINSDI...ec.dll

windows10-2004-x64

3

$TEMP/chrome.js

windows7-x64

3

$TEMP/chrome.js

windows10-2004-x64

3

Analysis

  • max time kernel
    121s
  • max time network
    126s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    02/06/2024, 06:45

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    8d3387ca379632c0516bc41636a5dcea_JaffaCakes118.exe

  • Size

    1.4MB

  • MD5

    8d3387ca379632c0516bc41636a5dcea

  • SHA1

    ad8b19655d18c343849a7bf0f447445ca56ec5e1

  • SHA256

    05e697efcba64236432c6e2a0d871fafefd00ac06b608cc096c38e85c2841495

  • SHA512

    406b7c3411aa3143cc955f4c9a50d3719a2eb8c6d968161f378ba307b9f82cb0dcaa54c4ddb33f1f1dfe0ef46b5abcbe7c0cc20244149af00d13da001b7d9488

  • SSDEEP

    24576:4E0+zh36rA0CzFvnsm6iGbQ/oIKikelvQ0ZTIz7O7n3:i+v1B0hi5A8TIi3

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 4 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\8d3387ca379632c0516bc41636a5dcea_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\8d3387ca379632c0516bc41636a5dcea_JaffaCakes118.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: GetForegroundWindowSpam
    PID:1740

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\nsd9B56.tmp\ioSpecial.ini
          Filesize

          1020B

          MD5

          da131a8407d7862f39846312ba4a8102

          SHA1

          791a8149fd797bfa3481c26802c6004f07267d05

          SHA256

          3ed9a622ce1e0689a7ced47c11e17c8584b0a31672866344f9344262c2c6de01

          SHA512

          b98518be5f1c6378b8ef9d13189dce9dc46af34288830465276e597b8c155f85ccd8aeef0174340d56ac19b1091131ca51f8e6d54d4f3a2ea828361bb4588a0b

          Download Submit

        • \Users\Admin\AppData\Local\Temp\nsd9B56.tmp\InstallOptions.dll
          Filesize

          14KB

          MD5

          325b008aec81e5aaa57096f05d4212b5

          SHA1

          27a2d89747a20305b6518438eff5b9f57f7df5c3

          SHA256

          c9cd5c9609e70005926ae5171726a4142ffbcccc771d307efcd195dafc1e6b4b

          SHA512

          18362b3aee529a27e85cc087627ecf6e2d21196d725f499c4a185cb3a380999f43ff1833a8ebec3f5ba1d3a113ef83185770e663854121f2d8b885790115afdf

          Download Submit

        • \Users\Admin\AppData\Local\Temp\nsd9B56.tmp\LangDLL.dll
          Filesize

          5KB

          MD5

          9384f4007c492d4fa040924f31c00166

          SHA1

          aba37faef30d7c445584c688a0b5638f5db31c7b

          SHA256

          60a964095af1be79f6a99b22212fefe2d16f5a0afd7e707d14394e4143e3f4f5

          SHA512

          68f158887e24302673227adffc688fd3edabf097d7f5410f983e06c6b9c7344ca1d8a45c7fa05553adcc5987993df3a298763477168d4842e554c4eb93b9aaaf

          Download Submit

        • \Users\Admin\AppData\Local\Temp\nsd9B56.tmp\UAC.dll
          Filesize

          17KB

          MD5

          09caf01bc8d88eeb733abc161acff659

          SHA1

          b8c2126d641f88628c632dd2259686da3776a6da

          SHA256

          3555afe95e8bb269240a21520361677b280562b802978fccfb27490c79b9a478

          SHA512

          ef1e8fc4fc8f5609483b2c459d00a47036699dfb70b6be6f10a30c5d2fc66bae174345bffa9a44abd9ca029e609ff834d701ff6a769cca09fe5562365d5010fa

          Download Submit

        • \Users\Admin\AppData\Local\Temp\nsd9B56.tmp\linker.dll
          Filesize

          7KB

          MD5

          122754bdae09014ed8be78a8dd3618c0

          SHA1

          8a1d4a0b8202d2261a12d97aebfe33144c274444

          SHA256

          67552ebf58e98e841dcd9f4213ad3eb134d595f04839771618f0bb1c48ea2b92

          SHA512

          7b9b5f8b52db793b4833a75bd8f122f28f2df00d43bd35efc831c2b8457009d51fe39874c691389c2fdc87ed411919b59da50199e3f719bd4cfb166367f185d9

          Download Submit