Overview
overview
7Static
static
3a5fde8e070...18.exe
windows7-x64
7a5fde8e070...18.exe
windows10-2004-x64
7$APPDATA/T...ol.dll
windows7-x64
3$APPDATA/T...ol.dll
windows10-2004-x64
3$APPDATA/T...ib.dll
windows7-x64
1$APPDATA/T...ib.dll
windows10-2004-x64
1$APPDATA/T...er.dll
windows7-x64
1$APPDATA/T...er.dll
windows10-2004-x64
3$APPDATA/T...pc.dll
windows7-x64
1$APPDATA/T...pc.dll
windows10-2004-x64
1$APPDATA/T...in.dll
windows7-x64
3$APPDATA/T...in.dll
windows10-2004-x64
3$APPDATA/T...in.dll
windows7-x64
1$APPDATA/T...in.dll
windows10-2004-x64
1$APPDATA/T...ag.dll
windows7-x64
3$APPDATA/T...ag.dll
windows10-2004-x64
3$APPDATA/T...er.dll
windows7-x64
1$APPDATA/T...er.dll
windows10-2004-x64
1$APPDATA/T...UI.dll
windows7-x64
1$APPDATA/T...UI.dll
windows10-2004-x64
1$APPDATA/T...ar.exe
windows7-x64
1$APPDATA/T...ar.exe
windows10-2004-x64
1$APPDATA/T...in.exe
windows7-x64
7$APPDATA/T...in.exe
windows10-2004-x64
7$APPDATA/T...er.dll
windows7-x64
1$APPDATA/T...er.dll
windows10-2004-x64
1$APPDATA/T...it.dll
windows7-x64
1$APPDATA/T...it.dll
windows10-2004-x64
1$APPDATA/T...er.exe
windows7-x64
1$APPDATA/T...er.exe
windows10-2004-x64
1$APPDATA/T...er.dll
windows7-x64
1$APPDATA/T...er.dll
windows10-2004-x64
1General
-
Target
a5fde8e07093f846f45684f97ea3d1e7_JaffaCakes118
-
Size
4.5MB
-
Sample
240613-rn459aseje
-
MD5
a5fde8e07093f846f45684f97ea3d1e7
-
SHA1
19586079a8fb109f9717d1d9e6e79744cad05276
-
SHA256
e9662c3fd38d0cb02c47b7c1003e65ea925d3649e95ce15e584fb038ef88bf47
-
SHA512
fce48e1e500200bbb6d6676b31ceecc2dab977c6a552cc9bd8c6df45ce8d92d2afacc0d686872617990f45267f927a2935d17c7c0105013ca9662fc873cf91a0
-
SSDEEP
98304:cTagynTETU5lOTuSpOSJ+5mh40kmYSKN6Qwzbyujz+kn2nOlMTb:saBnOUhetJiH7mYSKBgbCkn/y
Static task
static1
Behavioral task
behavioral1
Sample
a5fde8e07093f846f45684f97ea3d1e7_JaffaCakes118.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
a5fde8e07093f846f45684f97ea3d1e7_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral3
Sample
$APPDATA/Tencent/QQMicroGameBox/1.0.8.7/Control.dll
Resource
win7-20240508-en
Behavioral task
behavioral4
Sample
$APPDATA/Tencent/QQMicroGameBox/1.0.8.7/Control.dll
Resource
win10v2004-20240611-en
Behavioral task
behavioral5
Sample
$APPDATA/Tencent/QQMicroGameBox/1.0.8.7/DuiLib.dll
Resource
win7-20240611-en
Behavioral task
behavioral6
Sample
$APPDATA/Tencent/QQMicroGameBox/1.0.8.7/DuiLib.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral7
Sample
$APPDATA/Tencent/QQMicroGameBox/1.0.8.7/InstallHelper.dll
Resource
win7-20240221-en
Behavioral task
behavioral8
Sample
$APPDATA/Tencent/QQMicroGameBox/1.0.8.7/InstallHelper.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral9
Sample
$APPDATA/Tencent/QQMicroGameBox/1.0.8.7/Ipc.dll
Resource
win7-20240419-en
Behavioral task
behavioral10
Sample
$APPDATA/Tencent/QQMicroGameBox/1.0.8.7/Ipc.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral11
Sample
$APPDATA/Tencent/QQMicroGameBox/1.0.8.7/Login.dll
Resource
win7-20240221-en
Behavioral task
behavioral12
Sample
$APPDATA/Tencent/QQMicroGameBox/1.0.8.7/Login.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral13
Sample
$APPDATA/Tencent/QQMicroGameBox/1.0.8.7/Main.dll
Resource
win7-20240611-en
Behavioral task
behavioral14
Sample
$APPDATA/Tencent/QQMicroGameBox/1.0.8.7/Main.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral15
Sample
$APPDATA/Tencent/QQMicroGameBox/1.0.8.7/MemDefrag.dll
Resource
win7-20240220-en
Behavioral task
behavioral16
Sample
$APPDATA/Tencent/QQMicroGameBox/1.0.8.7/MemDefrag.dll
Resource
win10v2004-20240611-en
Behavioral task
behavioral17
Sample
$APPDATA/Tencent/QQMicroGameBox/1.0.8.7/MouseRecorder.dll
Resource
win7-20240611-en
Behavioral task
behavioral18
Sample
$APPDATA/Tencent/QQMicroGameBox/1.0.8.7/MouseRecorder.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral19
Sample
$APPDATA/Tencent/QQMicroGameBox/1.0.8.7/MouseRecorderUI.dll
Resource
win7-20240611-en
Behavioral task
behavioral20
Sample
$APPDATA/Tencent/QQMicroGameBox/1.0.8.7/MouseRecorderUI.dll
Resource
win10v2004-20240611-en
Behavioral task
behavioral21
Sample
$APPDATA/Tencent/QQMicroGameBox/1.0.8.7/PinToTaskbar.exe
Resource
win7-20231129-en
Behavioral task
behavioral22
Sample
$APPDATA/Tencent/QQMicroGameBox/1.0.8.7/PinToTaskbar.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral23
Sample
$APPDATA/Tencent/QQMicroGameBox/1.0.8.7/Plugin.exe
Resource
win7-20240221-en
Behavioral task
behavioral24
Sample
$APPDATA/Tencent/QQMicroGameBox/1.0.8.7/Plugin.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral25
Sample
$APPDATA/Tencent/WebGamePlugin/1.0.3.9/HttpDownloader.dll
Resource
win7-20240508-en
Behavioral task
behavioral26
Sample
$APPDATA/Tencent/WebGamePlugin/1.0.3.9/HttpDownloader.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral27
Sample
$APPDATA/Tencent/WebGamePlugin/1.0.3.9/InstallerToolkit.dll
Resource
win7-20240419-en
Behavioral task
behavioral28
Sample
$APPDATA/Tencent/WebGamePlugin/1.0.3.9/InstallerToolkit.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral29
Sample
$APPDATA/Tencent/WebGamePlugin/1.0.3.9/Launcher.exe
Resource
win7-20240221-en
Behavioral task
behavioral30
Sample
$APPDATA/Tencent/WebGamePlugin/1.0.3.9/Launcher.exe
Resource
win10v2004-20240611-en
Behavioral task
behavioral31
Sample
$APPDATA/Tencent/WebGamePlugin/1.0.3.9/PluginManager.dll
Resource
win7-20240611-en
Behavioral task
behavioral32
Sample
$APPDATA/Tencent/WebGamePlugin/1.0.3.9/PluginManager.dll
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
a5fde8e07093f846f45684f97ea3d1e7_JaffaCakes118
-
Size
4.5MB
-
MD5
a5fde8e07093f846f45684f97ea3d1e7
-
SHA1
19586079a8fb109f9717d1d9e6e79744cad05276
-
SHA256
e9662c3fd38d0cb02c47b7c1003e65ea925d3649e95ce15e584fb038ef88bf47
-
SHA512
fce48e1e500200bbb6d6676b31ceecc2dab977c6a552cc9bd8c6df45ce8d92d2afacc0d686872617990f45267f927a2935d17c7c0105013ca9662fc873cf91a0
-
SSDEEP
98304:cTagynTETU5lOTuSpOSJ+5mh40kmYSKN6Qwzbyujz+kn2nOlMTb:saBnOUhetJiH7mYSKBgbCkn/y
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Registers COM server for autorun
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
-
-
Target
$APPDATA/Tencent/QQMicroGameBox/1.0.8.7/Control.dll
-
Size
283KB
-
MD5
42a956f63027412fa5847c83eb2d0ff0
-
SHA1
b6048c3ffc21851b2bc27e8d4793b059e0ab9b50
-
SHA256
2d5a8f0dabb8d9a3ac2f016007b7ef2a5618c3fe53c5826db25c16f6fff1a67e
-
SHA512
ddbd7b29df746a426a76e825b2b2c9598f41a55459edcc8d3784e60f028c1a1ffd307bc4cc8dd1ab739d4bb5096de2ca12cde4319d2a8dcaa5e70b58bc9de134
-
SSDEEP
3072:naPwAxAFvnD0FczPjlZFmxsDau98JPaiFGTJfmmctXCGHNMsREDLx1W8QaqBRFF4:naoAwvD0MJmy98PHz4ygfOt0LbD
Score3/10 -
-
-
Target
$APPDATA/Tencent/QQMicroGameBox/1.0.8.7/DuiLib.dll
-
Size
340KB
-
MD5
5eab6935527b89555ec556fd65c4c092
-
SHA1
604df3faa212b4474cc279b26e2213f0210d4240
-
SHA256
201032351afa68f293944b41795def684a83e87c31970c2828c80c48f9db5ba3
-
SHA512
b5e15ae1c4a00022d285e70d10072f4e4034dbe07ced3a4ff2656c22a8c09615f93a3b4494c2beea2e19662cb83df81ff752ace4131dc4adcd313f8a729cced9
-
SSDEEP
6144:rnFarxjJIP5QWQnbxIAgrOKsJZS6Hk4u:rMrA5gnVKj4u
Score1/10 -
-
-
Target
$APPDATA/Tencent/QQMicroGameBox/1.0.8.7/InstallHelper.dll
-
Size
16KB
-
MD5
e619678068a4d7475386cabe2d218be6
-
SHA1
213cdfc0dd7aedf34328d54aa7e0d45037602a1d
-
SHA256
e3955d96a1b7a9dd78ae4a69d840f6b2b932e1ce615abc9aad529c91d3cc4ae9
-
SHA512
9c75e10f14ebb1af0fec92f1ef44de6d1824da3d3ecf8787380764589b8e1468a28bb51c3361031bd8c8f7cc17d17e1926a0ba3e0b5c135ec40e0e18658062ab
-
SSDEEP
384:Xm9wJVeRcmtjqvDcANEq8NEAnN7YJLW/NpqbJH:3VeOSANEqFAnNKLXbp
Score3/10 -
-
-
Target
$APPDATA/Tencent/QQMicroGameBox/1.0.8.7/Ipc.dll
-
Size
34KB
-
MD5
977f2f877b9c5adf18f812e7eaacc3cb
-
SHA1
0f8580c4d52cfa367d62a2e424f0ccfdc6934666
-
SHA256
9f18292543147be3afb24ceeacdfc123e5f6ed74091d11725e8733490112c965
-
SHA512
1d79a9753a90538b158aceb9bdcc01a3da211082541ac5fab25c1b33006ff04da963c53da13b0ac4dba1cb6b7b1c1cb500fa5e63715d4e12bd0a7da707358bcb
-
SSDEEP
768:uShNqZ1bWXGRYLNw4MGyP4yf1K2OKq1ai:1Nqby+4MGO4ytK2OKq1a
Score1/10 -
-
-
Target
$APPDATA/Tencent/QQMicroGameBox/1.0.8.7/Login.dll
-
Size
381KB
-
MD5
2ab2c4544bade164352f48481fad759f
-
SHA1
245521d3d39d9c44f5cd8939492afc24a14bf164
-
SHA256
52fecb1c9334e71a55bfa6c1ed57ad0f38aa66c7940daad3f46fd3561f300864
-
SHA512
b316c768084b4691a1865a6c4afc9b41e133a50dbdf13fbe6e9d050aaac3060ed8fff8eb96b191b4d928c2246a70ce70a65109d94339dde1844eb964670fe237
-
SSDEEP
6144:ZCTBnL8a+gZTVAXW7ZmhxkbNWjw27dlmVD/eKkgn1EDS5Shdj0QsEx6Q1xRS6+qg:E98a+gZTVQW7ZmhxX8wDKkgn1YS5ShNu
Score3/10 -
-
-
Target
$APPDATA/Tencent/QQMicroGameBox/1.0.8.7/Main.dll
-
Size
254KB
-
MD5
51ae6d73e58fb89e68945bea01111637
-
SHA1
4147460e942672d1eac54eefe50172dfd7be4267
-
SHA256
0841e4d588e4e66c234a55bcef62e11c45769af3a663075612c66e66281b346a
-
SHA512
7c90a82793e68a35ed01ac1026a9dd8ddf37b3a65ea5ff9c7d11da8bc7ed91d6c196198363e64dfc926c5751bd408b7d25252f03f764f2a4b612caab513223b6
-
SSDEEP
3072:ZLam80MvzR3BwF9ei2ga+xantqUBQ+dQ7C1+qoO16VP+yx:Ud0MvzR3BwF8i2leG1+qoO16s
Score1/10 -
-
-
Target
$APPDATA/Tencent/QQMicroGameBox/1.0.8.7/MemDefrag.dll
-
Size
87KB
-
MD5
75cce9c3cab0ffbc6bc051c9bbac1894
-
SHA1
28ddfe372327ac5566b1ef051f5a2d25e456d68a
-
SHA256
bec6c1235910fe26809d28292d06e2dafa7276f56cc436f17cad301ba24e2a3e
-
SHA512
d6b842bf6543506028f63d1f97d8ab4b43f42ff669a5a34a5fc16e012e1cb071b1b4a835ce7bd5b5f2ec6675fc103e4b7c0b38cf756f8cb917c7bc4529c0bdb7
-
SSDEEP
1536:LTGnaa7tA8qPy9PoYRIKZxfpTCE4DdySLLU1URveWeX3mN3tXlJ:Lw9tmoFjjX3mhtXl
Score3/10 -
-
-
Target
$APPDATA/Tencent/QQMicroGameBox/1.0.8.7/MouseRecorder.dll
-
Size
33KB
-
MD5
84a812a3aba2082b7e4be6494380c52e
-
SHA1
9db3c5c95d5f4eb9bcefd7c6e7fba4d14390276d
-
SHA256
29812961d259b128ae2fbae769491694dfae52e6144675c3e203f43e5afb6e1d
-
SHA512
310676250ffea0e8d85b5aa8fc441ddc892a290ecc96282c96af148d7f8f5502ca30a9b849c05f27c9d05c2204f8cd64d029a11678d2e37babc1d77e12ebdff9
-
SSDEEP
768:quwqfinaTZlY3CMvi4WlZ9b5C7OkoFjOt4aP8JZzCCd:LNinadlGCMrWlZu+jOt/TC
Score1/10 -
-
-
Target
$APPDATA/Tencent/QQMicroGameBox/1.0.8.7/MouseRecorderUI.dll
-
Size
171KB
-
MD5
755feaff7fb53c6c6f505fa30583d809
-
SHA1
48956834d7d6249593266d32b64e90e18ce652ac
-
SHA256
5a9133d1efac33cdc49c73326a0038d0c47235fa20531ec03aefc1a354bb4fde
-
SHA512
3ad5164e94819a27035afdcf8449133119efdf2cbbb39062760382cc8b8f052971643e5de05d26c7d8dbe4120b0e7301d649688260de6d3617cd34cd661124a0
-
SSDEEP
3072:Uqze8pueCLNdBKmQpIsChuCHqViOHfsw:UN8hCLbBbh5HqViOHUw
Score1/10 -
-
-
Target
$APPDATA/Tencent/QQMicroGameBox/1.0.8.7/PinToTaskbar.exe
-
Size
59KB
-
MD5
f462fde662913b7bee2563c3784ba263
-
SHA1
3cf8b7c73efe13b882965e7b83f3757ce15df306
-
SHA256
175239a5614fb27c2f914d07930984534b77ffa3c3ed98c3f8954134c92481d6
-
SHA512
abd61fadba1be03b1ce0c0a3170bbeb03b13407a358072583b3162e141890aa9e1b4b4d5e4b9ef0186a094dfcc6f0031f0f9e6c8a2a48108a2e32a81f553c9d7
-
SSDEEP
768:uFFO3kMNCUiLliok4g8TanMKb4PwaHbT46rtiJ8P5tY:uFFy9iL3kb8TanMbP7HhP5
Score1/10 -
-
-
Target
$APPDATA/Tencent/QQMicroGameBox/1.0.8.7/Plugin.exe
-
Size
384KB
-
MD5
2ced752334d86db514bacfa7ec8620e2
-
SHA1
953be96eb015a06f037d10d145adc370406142e4
-
SHA256
2c5ad631ab961b2e89b94f49216b3fde08af727f6814c2688b904747d20aca4e
-
SHA512
727b33fc2973d5989dcc7f070fada974fbb809a2610aba4c3a4bbc4652a744811f598282a79656df76b92882bbb482ec943abf928c8c24b78a1d1a16334690d3
-
SSDEEP
6144:9EUXXW9p8wdn8z7092JexonWT1Sjqmj5uPdO7MSt8GQj+wTR:9EgW9pJB83092UonW8jRos7Co2
Score7/10-
Loads dropped DLL
-
Registers COM server for autorun
-
-
-
Target
$APPDATA/Tencent/WebGamePlugin/1.0.3.9/HttpDownloader.dll
-
Size
96KB
-
MD5
5916d371edbc4195bfb1b185156bff46
-
SHA1
6285c359ef4b1c5c879e80953636fbd09e6c11c8
-
SHA256
3ec418fa0051083e9dbe6e697b70ac91d56b7528c1dd8c83d33abfbda2e1f63c
-
SHA512
091f494f72407606a43a2ecb9aed2085d2809c0d71369a5d0c587d00238d9edc8746d794039b96855061f433bb17c76595e7fcce75f896e96c02da199743f542
-
SSDEEP
1536:VybBc/0jR1sRBfkkIRjnwbE2buAz5K7kfnzbEKbh5hgdt:Vybi/FRBHsnAuKbph5hO
Score1/10 -
-
-
Target
$APPDATA/Tencent/WebGamePlugin/1.0.3.9/InstallerToolkit.dll
-
Size
84KB
-
MD5
412b08c23bc4e78e9aabb9f2527ab012
-
SHA1
66e57245b23354f17ea4f1486af9b9f1b5852e3d
-
SHA256
539cbd9a37643849695a2dad6501c8d8ced660448526eb24e4a9ed2169d1ece6
-
SHA512
e5f3bd19afd51b4f1549295b70f90729b111368b3a1ba704e2901c707ce1da9e5b2ce91187a924ad0ab879a62c440f7af3887b0f8f4514b9693e98e581b7ca24
-
SSDEEP
1536:2eJB6up30pOVVkyH2r+w1ezxxnruiGG44wqtNWIfbbQEHw/VEKbg0SAoF/s5v5fi:rJpKpOVU+3nr8abQEHw/VEKbg0SAoF/j
Score1/10 -
-
-
Target
$APPDATA/Tencent/WebGamePlugin/1.0.3.9/Launcher.exe
-
Size
450KB
-
MD5
6fdc9b18b092803170da3db0ca5b5762
-
SHA1
d6405c992a296f4468b1b56c01fc9aeba62638f8
-
SHA256
1419eb9787459d3e611c36d7fff608865cd6052d9703c0e92d12e037bd12af08
-
SHA512
1ca2bf6966e9f7671c2dee1c4171c4f2591f3bb587e6a4d44e408ba7de6bf6cec3de082924d65929923210746f02563540d299deefc0362b07eb9603d4479ec9
-
SSDEEP
12288:TFo6FjmSZ2ylqBlMzYzVIAhM7QeG+HW8K:Ttm62ylEMyVIAK0q
Score1/10 -
-
-
Target
$APPDATA/Tencent/WebGamePlugin/1.0.3.9/PluginManager.dll
-
Size
82KB
-
MD5
da6d9b9fe7b876cd516adbd501d8586e
-
SHA1
63fece81acfb987567174325a9f59584390a66f0
-
SHA256
dccb12e664c682908e925f424a2182df741e687fc41f95a95f6b53ba4d9d37f3
-
SHA512
a023416928f77acac78e688f57084ec6b1aa65c75fb3c7d9e93ee6df6ae162f94b9134375d05323baf68b5efd17dd71dfe3c3dbff92e1dc87b5cab1888e6ddeb
-
SSDEEP
768:0aFAll5NRrPbaeacG69kDPXumR1Yip2LmdX4qJgCv9Y/1F7ChFkKI0PLHPFFvCFs:0fqek6mR1Zp2CdZ2/1F7wk0jXCz5sJW
Score1/10 -