Overview
overview
7Static
static
7a6306c79f2...18.exe
windows7-x64
7a6306c79f2...18.exe
windows10-2004-x64
7$TEMP/BASSMOD.dll
windows7-x64
1$TEMP/BASSMOD.dll
windows10-2004-x64
1$TEMP/R2RJUCE.dll
windows7-x64
1$TEMP/R2RJUCE.dll
windows10-2004-x64
7$TEMP/keygen.exe
windows7-x64
7$TEMP/keygen.exe
windows10-2004-x64
7General
-
Target
a6306c79f2996f893dec6bc8fa94eb84_JaffaCakes118
-
Size
1.1MB
-
Sample
240613-sknvjayanq
-
MD5
a6306c79f2996f893dec6bc8fa94eb84
-
SHA1
f214638c62f123ad40cf093f97f14a174962c593
-
SHA256
9fac22e098a25975b035b01c42f1412d4daa60ffe0cffc51b71c2c8d65bec9a6
-
SHA512
4ae7666471127ad3fb956b62637d0878e1b584fed625f9cc3b29e19910b31c59e4cf4bd22100f8413fae44d99f9028124071f2228eb565c0ed80c3b2de0080f1
-
SSDEEP
24576:Wo6cLUSoUBJGnp7cxLy8ombKwS0DdHQWEeFB8bJ6otCZ:WhAOUGnp7HKd5fkFsZ
Behavioral task
behavioral1
Sample
a6306c79f2996f893dec6bc8fa94eb84_JaffaCakes118.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
a6306c79f2996f893dec6bc8fa94eb84_JaffaCakes118.exe
Resource
win10v2004-20240611-en
Behavioral task
behavioral3
Sample
$TEMP/BASSMOD.dll
Resource
win7-20240508-en
Behavioral task
behavioral4
Sample
$TEMP/BASSMOD.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral5
Sample
$TEMP/R2RJUCE.dll
Resource
win7-20240220-en
Behavioral task
behavioral6
Sample
$TEMP/R2RJUCE.dll
Resource
win10v2004-20240611-en
Behavioral task
behavioral7
Sample
$TEMP/keygen.exe
Resource
win7-20240611-en
Behavioral task
behavioral8
Sample
$TEMP/keygen.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
a6306c79f2996f893dec6bc8fa94eb84_JaffaCakes118
-
Size
1.1MB
-
MD5
a6306c79f2996f893dec6bc8fa94eb84
-
SHA1
f214638c62f123ad40cf093f97f14a174962c593
-
SHA256
9fac22e098a25975b035b01c42f1412d4daa60ffe0cffc51b71c2c8d65bec9a6
-
SHA512
4ae7666471127ad3fb956b62637d0878e1b584fed625f9cc3b29e19910b31c59e4cf4bd22100f8413fae44d99f9028124071f2228eb565c0ed80c3b2de0080f1
-
SSDEEP
24576:Wo6cLUSoUBJGnp7cxLy8ombKwS0DdHQWEeFB8bJ6otCZ:WhAOUGnp7HKd5fkFsZ
Score7/10-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Executes dropped EXE
-
Loads dropped DLL
-
-
-
Target
$TEMP/BASSMOD.dll
-
Size
33KB
-
MD5
e4ec57e8508c5c4040383ebe6d367928
-
SHA1
b22bcce36d9fdeae8ab7a7ecc0b01c8176648d06
-
SHA256
8ad9e47693e292f381da42ddc13724a3063040e51c26f4ca8e1f8e2f1ddd547f
-
SHA512
77d5cf66caf06e192e668fae2b2594e60a498e8e0ccef5b09b9710721a4cdb0c852d00c446fd32c5b5c85e739de2e73cb1f1f6044879fe7d237341bbb6f27822
-
SSDEEP
768:qQmS5iUgi5czW+DlrQOS1DeDdjgNtbX4O6DHix84H0:qQz5Tgof+DdpS1+djctLSHiZ0
Score1/10 -
-
-
Target
$TEMP/R2RJUCE.dll
-
Size
113KB
-
MD5
c4b4991d621f406e49d86757ee01dd40
-
SHA1
0570fb52e33f2434373ad74851c5811e8fb158d5
-
SHA256
7142f93fa14137d57971611435c0faac9a1eb9e2b628df26242eeb095558c968
-
SHA512
b38baa568ea77e77ff34c894f892bc868b321f6a7c481091c7d48e986fe078482b0ecf6123066bbe2f4d6d60aeb4e4c498cb2add2dd60dd876200b18d80b69f8
-
SSDEEP
3072:O+Es84qJJG9KXO6Z/7tt1jKlmELcUYd4ahCMUoNSj40NAH8u3+w3:O+mkk9jtfWYvWahZUooUYo8u3+A
Score7/10 -
-
-
Target
$TEMP/keygen.exe
-
Size
842KB
-
MD5
1c662492180514144db462edca9f9d20
-
SHA1
aa0c2cc7365c514ab75f5be46b0e73f07417c87d
-
SHA256
dffb8c5f3b46e41e1a1815f12b8df5f10b05ff71b94bc7d243cab33d13eaa625
-
SHA512
3a049cf4c9cadc7af1b4c1443c5f05f878a77ee07a9292faa9c49763ebfcb528370c35b97b7062ab3eb02d49a2df8a23f16a868230d36bcf6308183a663d411e
-
SSDEEP
24576:7umonR5f5pLT5LGWA94DxMefqDLr8J5pAua7ywd:7c5pLT5LPA9IxMKqDLr8J5pAzmwd
Score7/10 -