Overview
overview
7Static
static
3a42fdb487c...18.exe
windows7-x64
7a42fdb487c...18.exe
windows10-2004-x64
7$PLUGINSDIR/INetC.dll
windows7-x64
3$PLUGINSDIR/INetC.dll
windows10-2004-x64
3$PLUGINSDIR/LogEx.dll
windows7-x64
3$PLUGINSDIR/LogEx.dll
windows10-2004-x64
3$PLUGINSDI...em.dll
windows7-x64
3$PLUGINSDI...em.dll
windows10-2004-x64
3$PLUGINSDI...a3.dll
windows7-x64
3$PLUGINSDI...a3.dll
windows10-2004-x64
3$PLUGINSDI...ap.dll
windows7-x64
3$PLUGINSDI...ap.dll
windows10-2004-x64
3$PLUGINSDI...er.exe
windows7-x64
1$PLUGINSDI...er.exe
windows10-2004-x64
1$PLUGINSDI...gs.dll
windows7-x64
3$PLUGINSDI...gs.dll
windows10-2004-x64
3$PLUGINSDI...ec.dll
windows7-x64
3$PLUGINSDI...ec.dll
windows10-2004-x64
3$PLUGINSDI...or.exe
windows7-x64
1$PLUGINSDI...or.exe
windows10-2004-x64
1$_26_/$_26...а.exe
windows7-x64
$_26_/$_26...а.exe
windows10-2004-x64
General
-
Target
a42fdb487c23bf03be12625440274e2e_JaffaCakes118
-
Size
3.1MB
-
Sample
240613-g586esxcqd
-
MD5
a42fdb487c23bf03be12625440274e2e
-
SHA1
321b906fa6d6af58a36fe1f2ea33bd6f0d3fcc66
-
SHA256
46e5084d576eff3dc3215cf0568acf665b65169492b4450e9fc2e439934967be
-
SHA512
1971d216002d274a1ca751dbc1510de81f605d4eee499dea12fa60db6434836f1331c95f489416a0aa320b04ae538bc9acd6c7e3211809803fb82427f56128a4
-
SSDEEP
98304:fbM+txnqQwcSs738OZlzI7avzSNmdX/5v4Z:fbvtKsDHbzWoSNmBxv
Static task
static1
Behavioral task
behavioral1
Sample
a42fdb487c23bf03be12625440274e2e_JaffaCakes118.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
a42fdb487c23bf03be12625440274e2e_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral3
Sample
$PLUGINSDIR/INetC.dll
Resource
win7-20240611-en
Behavioral task
behavioral4
Sample
$PLUGINSDIR/INetC.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral5
Sample
$PLUGINSDIR/LogEx.dll
Resource
win7-20240508-en
Behavioral task
behavioral6
Sample
$PLUGINSDIR/LogEx.dll
Resource
win10v2004-20240611-en
Behavioral task
behavioral7
Sample
$PLUGINSDIR/System.dll
Resource
win7-20240508-en
Behavioral task
behavioral8
Sample
$PLUGINSDIR/System.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral9
Sample
$PLUGINSDIR/botva3.dll
Resource
win7-20240611-en
Behavioral task
behavioral10
Sample
$PLUGINSDIR/botva3.dll
Resource
win10v2004-20240611-en
Behavioral task
behavioral11
Sample
$PLUGINSDIR/chac_nsis_wrap.dll
Resource
win7-20240220-en
Behavioral task
behavioral12
Sample
$PLUGINSDIR/chac_nsis_wrap.dll
Resource
win10v2004-20240611-en
Behavioral task
behavioral13
Sample
$PLUGINSDIR/downloader.exe
Resource
win7-20240221-en
Behavioral task
behavioral14
Sample
$PLUGINSDIR/downloader.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral15
Sample
$PLUGINSDIR/nsDialogs.dll
Resource
win7-20240508-en
Behavioral task
behavioral16
Sample
$PLUGINSDIR/nsDialogs.dll
Resource
win10v2004-20240611-en
Behavioral task
behavioral17
Sample
$PLUGINSDIR/nsExec.dll
Resource
win7-20240508-en
Behavioral task
behavioral18
Sample
$PLUGINSDIR/nsExec.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral19
Sample
$PLUGINSDIR/uidcreator.exe
Resource
win7-20240611-en
Behavioral task
behavioral20
Sample
$PLUGINSDIR/uidcreator.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral21
Sample
$_26_/$_26_/Чистилка.exe
Resource
win7-20240508-en
Behavioral task
behavioral22
Sample
$_26_/$_26_/Чистилка.exe
Resource
win10v2004-20240611-en
Malware Config
Targets
-
-
Target
a42fdb487c23bf03be12625440274e2e_JaffaCakes118
-
Size
3.1MB
-
MD5
a42fdb487c23bf03be12625440274e2e
-
SHA1
321b906fa6d6af58a36fe1f2ea33bd6f0d3fcc66
-
SHA256
46e5084d576eff3dc3215cf0568acf665b65169492b4450e9fc2e439934967be
-
SHA512
1971d216002d274a1ca751dbc1510de81f605d4eee499dea12fa60db6434836f1331c95f489416a0aa320b04ae538bc9acd6c7e3211809803fb82427f56128a4
-
SSDEEP
98304:fbM+txnqQwcSs738OZlzI7avzSNmdX/5v4Z:fbvtKsDHbzWoSNmBxv
Score7/10-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
-
-
Target
$PLUGINSDIR/INetC.dll
-
Size
38KB
-
MD5
48480c6a0a2de397f7af72ae719cef2e
-
SHA1
77d1ffab3d180c3eea49a43af05cc33bfdd507f5
-
SHA256
02395503380774991895d2b21a9df8b6224fbe44844b66c42c6be9a748d83215
-
SHA512
357df1ba4eb6ab29431f4a91d720c8694f54317b6d0c5d026a3dd9aaa40cb045844bf8bb46b1f3c29866d6b1685ba0f41c6bf150b77ae7e445c89e304c193552
-
SSDEEP
384:gICPY5u3YhNky7BNiM0eeTvkGrHlZis+2YG9utZeNFKTg/YDjPZYOu07bbThjFA:z11HwICZNFK/ggbwQ/k+ogNNX8
Score3/10 -
-
-
Target
$PLUGINSDIR/LogEx.dll
-
Size
44KB
-
MD5
0f96d9eb959ad4e8fd205e6d58cf01b8
-
SHA1
7c45512cbdb24216afd23a9e8cdce0cfeaa7660f
-
SHA256
57ede354532937e38c4ae9da3710ee295705ea9770c402dfb3a5c56a32fd4314
-
SHA512
9f3afb61d75ac7b7dc84abcbf1b04f759b7055992d46140dc5dcc269aed22268d044ee8030f5ea260bbb912774e5bbb751560c16e54efa99c700b9fc7d48832c
-
SSDEEP
384:w4NSXFjXCATBAQR4F1Y5u6I3wa4W7KNP66BjLjyXB0JyuDchv8EnohgSil2X:woaF+ATCQye/I3KWmxj00Jyb8Enov
Score3/10 -
-
-
Target
$PLUGINSDIR/System.dll
-
Size
25KB
-
MD5
8f883aead7ed5a4efc29c7c39a692657
-
SHA1
4396eed07e01952d45cc175a9d6acec936103a97
-
SHA256
6cb2ac8ace1d8b2d7fd052498897d6a0060bfbf158a0a9bfa60b66543adae1d5
-
SHA512
f7f46cc8acec8a51da06f36173517353a8bd2d1933c86846c8d91c281f17bb86d243eadd52ad57261bdf27bd3e1a8831bdc1b88453d4586999e31a0511b4cda8
-
SSDEEP
768:zbUzmursDLF5vHDf+VsCPAUz33ZZZZZZZZZZZZZZZZZZZZZZ5xE:PUHyFFTux
Score3/10 -
-
-
Target
$PLUGINSDIR/botva3.dll
-
Size
91KB
-
MD5
918dd71651933f1b0ef90a6b4b332939
-
SHA1
405d3ae4bad64214662e6084ba073c045c0bc993
-
SHA256
103dc199509c5ba8b96ceb2a26fd063e6953aaa192c37d8a429aaf2e305fbb5c
-
SHA512
3d16e80484443eb785b458be05fd8c0ffae2c1805210294b6c316c4da2f657f3179592f0752ee57f8d315f6541ea26fe27a3fa2ee77619b30d8854aae5c0591e
-
SSDEEP
1536:O1YpKnz56cJZRjJmdZwWWQpDa26NSSWx9Tq:O1YpKnzQvU1QpFSWx9Tq
Score3/10 -
-
-
Target
$PLUGINSDIR/chac_nsis_wrap.dll
-
Size
42KB
-
MD5
c726ba8dbf5bda67361f87d4f7d97421
-
SHA1
0a5a580aa8ee449ee789a44f97c5af382a6918d5
-
SHA256
f77c707da2a5a32af6a6112425e137c814fd4bde2d0f97a126d937e02b56961c
-
SHA512
ce522dc894219b1c915b0fef4117140aff72e43c21d3b1cd4c09b044a9067724d4617c5549d9597b17f8bc0dc1d5f530a2f9785058c141b5ea4f7edf2349d020
-
SSDEEP
384:fSgUaF6Zck7ujUCY2W026rN0CxYkQNhJu0Wb7bQTxOCpLrT9O9tkXZwkjO6OAbcE:KPaF6Bu280CxYPOz7dCpHTQ/ktb+39K
Score3/10 -
-
-
Target
$PLUGINSDIR/downloader.exe
-
Size
183KB
-
MD5
7df933c48f70841613a9f0092b5e4a31
-
SHA1
2c64c8627fc179cb76b0533552ca6ae74a6234cb
-
SHA256
8e553e9aa721db167bdeaf7748bb09d4f497e3a469fd09b6a995ea25d378f1fb
-
SHA512
33d6a428ee974be9ef1f51ae4a9980fe61e75a5a63e9b5810419eeb7eb5a53da4fcc6028503d766a266b7a2420fe0be6cd96c8a3329bfdd423e78df71c011ab2
-
SSDEEP
3072:S5E+dvekDIzKs71X1hzfe0gVqq+JgkdGnucerMQe0fnknlSb:S5lJc1Be+3LIonknlSb
Score1/10 -
-
-
Target
$PLUGINSDIR/nsDialogs.dll
-
Size
12KB
-
MD5
ef6f4e1e713809e854d0d3caa3b4576e
-
SHA1
f5e70aa82107ed2f5ddb45419d8d9f5555c64db4
-
SHA256
cc568b5b7d98906c18bf0603b8f2b30d69e5c6a023316b9591048a650e34b17d
-
SHA512
37c83e4cbc2bcb0edd354f250af259daf221f10697ed887f657cec1048fd3edf57f1677da6b71800eee709954ad725550e29d6fc36857456a829e5e1217d85aa
-
SSDEEP
192:vxOdn3UWGd3ILZkc5ouEaD/SX9q2bQMN8o1+jy3bilzZZZZmqO1OHvx66X4B:ZOdn37LZkSo4D/SX9zUMNZSjlzZZZZmT
Score3/10 -
-
-
Target
$PLUGINSDIR/nsExec.dll
-
Size
10KB
-
MD5
0c89a682de6166dc1057695dc2504a65
-
SHA1
8f976f59bc29529b5ed8a2e5a9fb12ff502fdd47
-
SHA256
23df16f070ee7de7c4931b0d01a5c888bdcda9c033c680a0d0a4b84856999cd5
-
SHA512
3bbbbc8d7c3371359c78220c95f51a3f1d53f31f1bd92a25726c09149431db77bea8d0788de502a4fc8b07fd43b892ab96ae25927ff492734f97f126764c02cc
-
SSDEEP
192:JyYCGibOud8m6wDZGZ7Xjy3SZVyLDC1pT1qFbH:u+vv9JZVyLDC1Ab
Score3/10 -
-
-
Target
$PLUGINSDIR/uidcreator.exe
-
Size
214KB
-
MD5
5c61d297ff7d48ad2b01e17527142633
-
SHA1
d37fc7714ed29d9b8591613083d1f47bd438b391
-
SHA256
fc909bdd4af5ef9831714d8d527e86475300d72d4a1853f955f254b3948fb40e
-
SHA512
463eca51b9c8d87e946af760d482bdebdb09f50524a8994c5ef0b4dbdefda04b802eaedfbb2969ef2780cf0062137cedf2aca0b895b050de7c5cbb7d67903a69
-
SSDEEP
3072:iAPBoJ5KG456dw26qvyKA5Vk8ZKdV9fBqJJdel1H/jv+1zOAg0Fujo0CE6ARsK+S:ivJZ+QPvyrc8c9UJsAOh6GstS
Score1/10 -
-
-
Target
$_26_/$_26_/Чистилка.exe
-
Size
3.0MB
-
MD5
d5f66329a37af45e8fb63430df7ce661
-
SHA1
fc83e71d191b702f44254a51a35a8be3260bba7c
-
SHA256
0898146db2f04f684d319a75db71936d66c4c0c605e388cff855a235fbc5614d
-
SHA512
e559c6e3093d7ee0b5c50ff467b5c63b3ae149f215cb72e33cc907545bfaeecf0011221293f68c546f8f07e9200b14a6830123a9384f9b776388378c05fcc0b7
-
SSDEEP
49152:aqSh5zRZwYeMQc+2niI043PsU6Zq3y5x43TaOpvPhc/pqYL6zSHh0znQvbvIGXs:aqSh5zRZwYeMMIV3PsU6Z8y6TaOphYL9
Score1/10 -