Overview
overview
10Static
static
38e04860727...18.exe
windows7-x64
108e04860727...18.exe
windows10-2004-x64
10$PLUGINSDI...ns.dll
windows7-x64
3$PLUGINSDI...ns.dll
windows10-2004-x64
3$PLUGINSDI...em.dll
windows7-x64
3$PLUGINSDI...em.dll
windows10-2004-x64
3405.htm
windows7-x64
1405.htm
windows10-2004-x64
1SFhelper.dll
windows7-x64
1SFhelper.dll
windows10-2004-x64
1docbook-xsl-update
ubuntu-18.04-amd64
3docbook-xsl-update
debian-9-armhf
1docbook-xsl-update
debian-9-mips
docbook-xsl-update
debian-9-mipsel
head.js
windows7-x64
3head.js
windows10-2004-x64
3networkEve...ibe.js
windows7-x64
3networkEve...ibe.js
windows10-2004-x64
3parse_modified.js
windows7-x64
3parse_modified.js
windows10-2004-x64
3root.js
windows7-x64
3root.js
windows10-2004-x64
3General
-
Target
8e048607275f42adff61e4adfee9df0c_JaffaCakes118
-
Size
943KB
-
Sample
240602-n83alscb4w
-
MD5
8e048607275f42adff61e4adfee9df0c
-
SHA1
e371fddeb36b88381a7670a5fd32f6a0567d9124
-
SHA256
502a0e685078b5c44fd566ea2f14c7f998fbb1d04f6527a5c289bc661e6b9944
-
SHA512
0841226e5ed67a608047404b56f1ec97192bc446a06757b2bdc2c3bf9f7cfa3b9325bb9eb56cc81a30d289ce8624980ef752d1612a1ada53182575e404b1c00f
-
SSDEEP
24576:K4sjfOiXhamHfpQbcDCd6WklChjZbhpJnsgMxEjOf:4jfTYuocDC1hd3ZG5f
Static task
static1
Behavioral task
behavioral1
Sample
8e048607275f42adff61e4adfee9df0c_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
8e048607275f42adff61e4adfee9df0c_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral3
Sample
$PLUGINSDIR/InstallOptions.dll
Resource
win7-20240508-en
Behavioral task
behavioral4
Sample
$PLUGINSDIR/InstallOptions.dll
Resource
win10v2004-20240426-en
Behavioral task
behavioral5
Sample
$PLUGINSDIR/System.dll
Resource
win7-20240221-en
Behavioral task
behavioral6
Sample
$PLUGINSDIR/System.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral7
Sample
405.htm
Resource
win7-20240220-en
Behavioral task
behavioral8
Sample
405.htm
Resource
win10v2004-20240508-en
Behavioral task
behavioral9
Sample
SFhelper.dll
Resource
win7-20231129-en
Behavioral task
behavioral10
Sample
SFhelper.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral11
Sample
docbook-xsl-update
Resource
ubuntu1804-amd64-20240508-en
Behavioral task
behavioral12
Sample
docbook-xsl-update
Resource
debian9-armhf-20240226-en
Behavioral task
behavioral13
Sample
docbook-xsl-update
Resource
debian9-mipsbe-20240226-en
Behavioral task
behavioral14
Sample
docbook-xsl-update
Resource
debian9-mipsel-20240226-en
Behavioral task
behavioral15
Sample
head.js
Resource
win7-20240221-en
Behavioral task
behavioral16
Sample
head.js
Resource
win10v2004-20240426-en
Behavioral task
behavioral17
Sample
networkEventSubscribe.js
Resource
win7-20240508-en
Behavioral task
behavioral18
Sample
networkEventSubscribe.js
Resource
win10v2004-20240426-en
Behavioral task
behavioral19
Sample
parse_modified.js
Resource
win7-20240508-en
Behavioral task
behavioral20
Sample
parse_modified.js
Resource
win10v2004-20240508-en
Behavioral task
behavioral21
Sample
root.js
Resource
win7-20240508-en
Behavioral task
behavioral22
Sample
root.js
Resource
win10v2004-20240508-en
Malware Config
Extracted
sendsafe
UNREGISTERED
91.220.131.43:50003
91.220.131.43:50004
-
service_name
Enterprise Mailing Service
Targets
-
-
Target
8e048607275f42adff61e4adfee9df0c_JaffaCakes118
-
Size
943KB
-
MD5
8e048607275f42adff61e4adfee9df0c
-
SHA1
e371fddeb36b88381a7670a5fd32f6a0567d9124
-
SHA256
502a0e685078b5c44fd566ea2f14c7f998fbb1d04f6527a5c289bc661e6b9944
-
SHA512
0841226e5ed67a608047404b56f1ec97192bc446a06757b2bdc2c3bf9f7cfa3b9325bb9eb56cc81a30d289ce8624980ef752d1612a1ada53182575e404b1c00f
-
SSDEEP
24576:K4sjfOiXhamHfpQbcDCd6WklChjZbhpJnsgMxEjOf:4jfTYuocDC1hd3ZG5f
Score10/10-
SendSafe payload
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-
-
-
Target
$PLUGINSDIR/InstallOptions.dll
-
Size
14KB
-
MD5
eee2912bd1ee421cf1f1dfb1cc327d97
-
SHA1
c5d3741ddb195718c9b17923eb6abfb7a732bdc1
-
SHA256
e560384c5298ee2123e8340e716b2c4680f51b4d0347995ba3290dbd1130c6c0
-
SHA512
1808a068386c790d8ad5096d9fededcfa6e5688e3a68f2499418456c9cafd7b837c811298e6570212155b4a3d6038c1749cfcd9d1b86f090f66d1a5301adecb2
-
SSDEEP
192:qcOqh13v5z+dHeMR2QwHu5S9i/yULWWBZYJCSJyejPK72dwF7dBKEw:qcD13v5SdHeMRRKkwsejP+BV
Score3/10 -
-
-
Target
$PLUGINSDIR/System.dll
-
Size
11KB
-
MD5
883eff06ac96966270731e4e22817e11
-
SHA1
523c87c98236cbc04430e87ec19b977595092ac8
-
SHA256
44e5dfd551b38e886214bd6b9c8ee913c4c4d1f085a6575d97c3e892b925da82
-
SHA512
60333253342476911c84bbc1d9bf8a29f811207787fdd6107dce8d2b6e031669303f28133ffc811971ed7792087fe90fb1faabc0af4e91c298ba51e28109a390
-
SSDEEP
96:UPDYcJ+nx4vVp76JX7zBlkCg21Fxz4THxtrqw1at0JgwLEjo+OB3yUVCdl/wNj+l:UPtkuWJX7zB3kGwfy0nyUVsxCjOMb1u
Score3/10 -
-
-
Target
405.htm
-
Size
1KB
-
MD5
1c7d2b2fddd34b82883053f74613a7f1
-
SHA1
5ded4a3340c5baa2f7875a09234200662a5fb6c5
-
SHA256
f42aa8b08eac61b29a5cddc51819a28a692b69480948f7d003485c0dbddedd8b
-
SHA512
2d54662a2a3f852d88e27232a93e5807bfa84be55460f4d9c9d2082d22e7818a337d75edb3fcdbf2fd5e6e34721722df16ada243576ace9598701a51797f50db
Score1/10 -
-
-
Target
SFhelper.dll
-
Size
54KB
-
MD5
742b299f76eeffe057a63574c295ce75
-
SHA1
b7ab39b8c0958885b55ff6ca4bce31d077445596
-
SHA256
887634e1ad732a47bb0823144957b18e5376dac6dc228c4e69c8bf1dc99de34a
-
SHA512
ad539f025dbd38fcb8dcc3ba8cb571a51fc7c94ef833ee1e4f980338e6f0ef9a3cada0cf8707b2cefaeee15ba35f35a75822f8c85e34052ce5ba44af3abbbef2
-
SSDEEP
1536:HXyKXRJLlX1RDFUaKXLXgWknZGUGCWg9HuARKgy:iKX9FUaKGWg9HuARK7
Score1/10 -
-
-
Target
docbook-xsl-update
-
Size
1KB
-
MD5
d485a5cd6ca8feeebc079fcc6e914fc2
-
SHA1
55994d62a8a6c6ea39f1e9c5792fa1343839f2e8
-
SHA256
6785bc061d585d645cd76d14828928133433cdb329ccc694541f8321f424460a
-
SHA512
498eec9a93437c580d8f9f92c575330554c9e48a47af4015d32cd6fb03aebb863b1bf084df7a237feea59d477b6a835d59c43ceec07d4d8d048053282de365dc
Score3/10 -
-
-
Target
head.js
-
Size
25B
-
MD5
19ebe25a2df3c27bfc3c692ba7ce9158
-
SHA1
f7f5514d24f03611b055af2fc9a541ecf579142e
-
SHA256
f5f9b7e1859d47775dfe65573624e84f1e2d6f9c2a3a08f684b8148cefb720e8
-
SHA512
76c4e82aa9bf6d64c956788eacb9c8bc13db2e626c44a548ab7a49dda9569ea06b48dc46b92e725ce2ab4a7a7124cf01565923adbc7a4c529ac429184639659b
Score3/10 -
-
-
Target
networkEventSubscribe.jsx
-
Size
552B
-
MD5
5139dc87baf5a54c2394d650626ee46a
-
SHA1
7ef31929c9bbff6047a21b041db8027dead84b2f
-
SHA256
c42c59b298bdfeb22070a10dd34521c4cca4cc2545dfff7a46dc0f30dc0aed28
-
SHA512
3fd93b6707d4294b9ec4c9f975410c0856ceec40f16731921689103e767ee223418f6b8a3018cffef30df4465fdabc59758778cdeeb464fd0243b57df3f25b8b
Score3/10 -
-
-
Target
parse_modified.js
-
Size
249B
-
MD5
f4af9905064ddad61a598d99b164bfc5
-
SHA1
7f57425bf9a1728d4d3657aa8137ac11e1c7b8f3
-
SHA256
e350afcbf6527342cd85d99f091ce9acdbf2a1a2f64c95202786dc8fde8e2a26
-
SHA512
b720070caa9023e2cfe7367c07ec1e3bc382289d6bc79a69b5a5e8a444de2ff278f5788127fcf6a47bf066d13eae33a24b7d3d5d5dede65a9945e0f4b096e899
Score3/10 -
-
-
Target
root.js
-
Size
480B
-
MD5
5108677a8071102d99a65dba00c2b243
-
SHA1
467a90b3eec3d8930495e4129a9ad6cda838a9fb
-
SHA256
bb0c776e9e011b5bcf3d4f313a4aa4b2a3a5ba9f26430d34c55df05e8dc4c0f0
-
SHA512
7ba1e1782428ef68b96b29e29fb13bfa3d46a8a10ef361fb70737897336724dda42b697e646a0183f4d2f417111fc9973843d33856da0dce527bd462d24ddf43
Score3/10 -