Overview
overview
7Static
static
7ab365d31e7...18.exe
windows7-x64
3ab365d31e7...18.exe
windows10-2004-x64
3$PLUGINSDI...er.dll
windows7-x64
3$PLUGINSDI...er.dll
windows10-2004-x64
3$PLUGINSDI...7z.dll
windows7-x64
3$PLUGINSDI...7z.dll
windows10-2004-x64
3$PLUGINSDI...ls.dll
windows7-x64
3$PLUGINSDI...ls.dll
windows10-2004-x64
3$PLUGINSDI...em.dll
windows7-x64
3$PLUGINSDI...em.dll
windows10-2004-x64
3$PLUGINSDI...rl.dll
windows7-x64
3$PLUGINSDI...rl.dll
windows10-2004-x64
3$PLUGINSDIR/nsDM.dll
windows7-x64
3$PLUGINSDIR/nsDM.dll
windows10-2004-x64
3$PLUGINSDI...il.dll
windows7-x64
3$PLUGINSDI...il.dll
windows10-2004-x64
3Launcher.exe
windows7-x64
6Launcher.exe
windows10-2004-x64
72.0.1.14/B...rt.exe
windows7-x64
32.0.1.14/B...rt.exe
windows10-2004-x64
32.0.1.14/D...ce.exe
windows7-x64
72.0.1.14/D...ce.exe
windows10-2004-x64
72.0.1.14/DmMain.dll
windows7-x64
32.0.1.14/DmMain.dll
windows10-2004-x64
32.0.1.14/GPBase.dll
windows7-x64
32.0.1.14/GPBase.dll
windows10-2004-x64
32.0.1.14/GPLogin.dll
windows7-x64
32.0.1.14/GPLogin.dll
windows10-2004-x64
32.0.1.14/GPRender.exe
windows7-x64
12.0.1.14/GPRender.exe
windows10-2004-x64
12.0.1.14/G...rm.exe
windows7-x64
72.0.1.14/G...rm.exe
windows10-2004-x64
7General
-
Target
ab365d31e7e949098d533855500ad28f_JaffaCakes118
-
Size
4.6MB
-
Sample
240614-yp4z7stdph
-
MD5
ab365d31e7e949098d533855500ad28f
-
SHA1
852e65fd92f26fc46a82a3c1d219de7a1c5a0d33
-
SHA256
b285fe3977d0bd1f5ab5f72021675a5a4e6e4735cdb1d9a798b2baa08b1d7cd9
-
SHA512
2f6daa54d06787a517e63da80052f2bca9630d670721f57ab2447c1c775475fc2d04cc750596ae3b0fb9b840b16a5a806a6122db68d5f9bd0283cd33ecb233e0
-
SSDEEP
98304:FywMtxH5fEmDbwyHo2XHotY1hOqGxFamZ4V8UTmex2C6re:FdiH5ckbwyFHotY3DE/oLx6re
Behavioral task
behavioral1
Sample
ab365d31e7e949098d533855500ad28f_JaffaCakes118.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
ab365d31e7e949098d533855500ad28f_JaffaCakes118.exe
Resource
win10v2004-20240611-en
Behavioral task
behavioral3
Sample
$PLUGINSDIR/BgWorker.dll
Resource
win7-20240508-en
Behavioral task
behavioral4
Sample
$PLUGINSDIR/BgWorker.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral5
Sample
$PLUGINSDIR/NSIS7z.dll
Resource
win7-20240220-en
Behavioral task
behavioral6
Sample
$PLUGINSDIR/NSIS7z.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral7
Sample
$PLUGINSDIR/StdUtils.dll
Resource
win7-20240221-en
Behavioral task
behavioral8
Sample
$PLUGINSDIR/StdUtils.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral9
Sample
$PLUGINSDIR/System.dll
Resource
win7-20240508-en
Behavioral task
behavioral10
Sample
$PLUGINSDIR/System.dll
Resource
win10v2004-20240611-en
Behavioral task
behavioral11
Sample
$PLUGINSDIR/nsCurl.dll
Resource
win7-20240221-en
Behavioral task
behavioral12
Sample
$PLUGINSDIR/nsCurl.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral13
Sample
$PLUGINSDIR/nsDM.dll
Resource
win7-20231129-en
Behavioral task
behavioral14
Sample
$PLUGINSDIR/nsDM.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral15
Sample
$PLUGINSDIR/nsUtil.dll
Resource
win7-20240611-en
Behavioral task
behavioral16
Sample
$PLUGINSDIR/nsUtil.dll
Resource
win10v2004-20240611-en
Behavioral task
behavioral17
Sample
Launcher.exe
Resource
win7-20240220-en
Behavioral task
behavioral18
Sample
Launcher.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral19
Sample
2.0.1.14/BugReport.exe
Resource
win7-20240221-en
Behavioral task
behavioral20
Sample
2.0.1.14/BugReport.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral21
Sample
2.0.1.14/DaemonService.exe
Resource
win7-20240221-en
Behavioral task
behavioral22
Sample
2.0.1.14/DaemonService.exe
Resource
win10v2004-20240611-en
Behavioral task
behavioral23
Sample
2.0.1.14/DmMain.dll
Resource
win7-20231129-en
Behavioral task
behavioral24
Sample
2.0.1.14/DmMain.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral25
Sample
2.0.1.14/GPBase.dll
Resource
win7-20240508-en
Behavioral task
behavioral26
Sample
2.0.1.14/GPBase.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral27
Sample
2.0.1.14/GPLogin.dll
Resource
win7-20240611-en
Behavioral task
behavioral28
Sample
2.0.1.14/GPLogin.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral29
Sample
2.0.1.14/GPRender.exe
Resource
win7-20240611-en
Behavioral task
behavioral30
Sample
2.0.1.14/GPRender.exe
Resource
win10v2004-20240226-en
Behavioral task
behavioral31
Sample
2.0.1.14/GPlatform.exe
Resource
win7-20240221-en
Behavioral task
behavioral32
Sample
2.0.1.14/GPlatform.exe
Resource
win10v2004-20240611-en
Malware Config
Targets
-
-
Target
ab365d31e7e949098d533855500ad28f_JaffaCakes118
-
Size
4.6MB
-
MD5
ab365d31e7e949098d533855500ad28f
-
SHA1
852e65fd92f26fc46a82a3c1d219de7a1c5a0d33
-
SHA256
b285fe3977d0bd1f5ab5f72021675a5a4e6e4735cdb1d9a798b2baa08b1d7cd9
-
SHA512
2f6daa54d06787a517e63da80052f2bca9630d670721f57ab2447c1c775475fc2d04cc750596ae3b0fb9b840b16a5a806a6122db68d5f9bd0283cd33ecb233e0
-
SSDEEP
98304:FywMtxH5fEmDbwyHo2XHotY1hOqGxFamZ4V8UTmex2C6re:FdiH5ckbwyFHotY3DE/oLx6re
Score3/10 -
-
-
Target
$PLUGINSDIR/BgWorker.dll
-
Size
2KB
-
MD5
33ec04738007e665059cf40bc0f0c22b
-
SHA1
4196759a922e333d9b17bda5369f14c33cd5e3bc
-
SHA256
50f735ab8f3473423e6873d628150bbc0777be7b4f6405247cddf22bb00fb6be
-
SHA512
2318b01f0c2f2f021a618ca3e6e5c24a94df5d00154766b77160203b8b0a177c8581c7b688ffe69be93a69bc7fd06b8a589844d42447f5060fb4bcf94d8a9aef
Score3/10 -
-
-
Target
$PLUGINSDIR/NSIS7z.dll
-
Size
403KB
-
MD5
d3850d9ef1d81d2ee2e0a1583e3292f8
-
SHA1
36a88c987ac8fff6d97f5eea9af5c7421f0496ae
-
SHA256
47ee083861b20a03a751593073dfb533a0aa447833bfb190a73732c7efb2a2b2
-
SHA512
3af395aeb470f4f5f26d2072811be2d15e90597ed40d5f1a6ab53e6b66f8a143785868db0476cbf129751cee2ae070ddad179848830e1215393c826101f9caac
-
SSDEEP
12288:PwuK6S/tEe0pY+IOLFZMMR2u6qpYvuhX:PwuK6S/toFF2+pY2
Score3/10 -
-
-
Target
$PLUGINSDIR/StdUtils.dll
-
Size
94KB
-
MD5
0061a96c8ff17ad0927aae65b5dfe06b
-
SHA1
9d1bd69d930ccda683e6b7c2c0d1dbe3b54861fe
-
SHA256
2aaef1ed8a25097b3a807568daeffd3320fa29d6de66df90a57beaa8df8949cf
-
SHA512
c6b887a4e1682ba1e126c93bc4d886c7f1ce392f97866e631c5b8a945824cbefc9af2429a14c2dac3b16d97bd33195d4378a7e92ae53fdeb47197452d4d90fc4
-
SSDEEP
1536:0yy+i55jAPWrI5qXgcAZ5c4DB5G7NXE9eOO2xwN:3y+i5i+kEQcAZXGx0cr2xw
Score3/10 -
-
-
Target
$PLUGINSDIR/System.dll
-
Size
10KB
-
MD5
56a321bd011112ec5d8a32b2f6fd3231
-
SHA1
df20e3a35a1636de64df5290ae5e4e7572447f78
-
SHA256
bb6df93369b498eaa638b0bcdc4bb89f45e9b02ca12d28bcedf4629ea7f5e0f1
-
SHA512
5354890cbc53ce51081a78c64ba9c4c8c4dc9e01141798c1e916e19c5776dac7c82989fad0f08c73e81aaba332dad81205f90d0663119af45550b97b338b9cc3
-
SSDEEP
192:uv+cJZE61KRWJQO6tFiUdK7ckK4k7l1XRBm0w+NiHi1GSJ:uf6rtFRduQ1W+fG8
Score3/10 -
-
-
Target
$PLUGINSDIR/nsCurl.dll
-
Size
450KB
-
MD5
6a221b227b7885b5aec037482d33a4c8
-
SHA1
f9fd36464773e3f1c22e7fe7afaf9dc39b596c50
-
SHA256
2e1e6ef482cb655de23a5ce4a5b206d50f0ba8676d03df2caf0e01d20978619d
-
SHA512
a31bd6b98f736148401635a86d40c2d00813eae4817e321553e3dc110a496d83596cd34ef992600a1353831811bb83313c50d3862dc4fa2ea6ab87c3baeeeb12
-
SSDEEP
12288:nJQrptp9d6QBFaye79Folo5i/bUF6LsEWRBh+WdbKMCktYD29yM669uO7Vje:neptoBcbM/SK9Je
Score3/10 -
-
-
Target
$PLUGINSDIR/nsDM.dll
-
Size
658KB
-
MD5
3fd2319741b4c2eccb9ba941c73bc196
-
SHA1
9d9515fe01e731d8798c893a2c1fc5cac8839f6f
-
SHA256
07bfbd8942db358344e1a3259add6f2a8cf0152f39a529a9323e1f67c119fbf5
-
SHA512
52d70e29ae2b9773b052cf451d57d8a4313be9bf2139b75de952d7ec44630f8d4fa2ae7c47919deee31c9c462e8a0292a18d0e6812d165e23eb3104d11298a86
-
SSDEEP
12288:HV4eJ08cBim3qev6vbxUxZU2drcs4YnmthjmsywJLiGibk3Iq0xOrOGyp4jln5NH:15J01izln5siaKE/sTVSE
Score3/10 -
-
-
Target
$PLUGINSDIR/nsUtil.dll
-
Size
145KB
-
MD5
0bcfa4ec930d26bb4a1245cc3d2962b8
-
SHA1
34816a9dce9c2137bfe6d3ec1b152b9521d57623
-
SHA256
81d970704ae1c26fd9400cb002c9a0efdc46ae85768c01a27bc6486c506dcc61
-
SHA512
11b49001130c92795527b8d757ca36d16f16ce52a71772348be128a346d53753d073f53b5e4f4e4ee7eda4d03aaebcf8d185ccce225fc62e3972812be0bd392f
-
SSDEEP
3072:ud1VOLqqs2WNpt3pVgAd9VJkp/nJGGxdeDfl:uBNphpZd9VJAxGV
Score3/10 -
-
-
Target
Launcher.exe
-
Size
576KB
-
MD5
6bcaef62067ceaad6f39a13bb757feae
-
SHA1
617945a3457f87b0917a30b10d1bfc53fe554d4d
-
SHA256
8e357015aaf2efd4612f2c3edcf0eae6432ddfcde0f6028e66230e97e0151837
-
SHA512
ba1d82b8e3c2608cfc1cb1ba7fbc1ec76f4ea728cacaf4c7007b32dde8aa76a5c09b4d341b838913cd13bcb29dd5654c57459f55ddb5f263b35640eeab8aff7f
-
SSDEEP
12288:SEVwLN67lrllsZxsj8tvfr1yIaVhw9oU2ZO8G:6IDlsssTaZU2ZO
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
-
-
Target
2.0.1.14/BugReport.exe
-
Size
266KB
-
MD5
6ab018f604e0130298c55478c5a4d632
-
SHA1
6a2eb5f461659ac3eba60d2122429779ad8fbe63
-
SHA256
faf3573d83a672c944f1570a5f38ea5356a82910052f4d43bcd64a294a192c1e
-
SHA512
facbb8c6a1d65b0ead997c7338b212e031626abc019da2c043a23782cf76cbc59fb0c8c9669e7eeef2d67dbf2da6cb4d10bf5243ea2ee7dc192a9edea14f8278
-
SSDEEP
6144:Qzvo01uE8D7i1IIQL14aon1WCPyj6NB+M4TBTvs/3N81OviSh:Qzvo01viiSIQOR1WCPyj63+M4TdvsS3
Score3/10 -
-
-
Target
2.0.1.14/DaemonService.exe
-
Size
565KB
-
MD5
ba1434c2c54eaa1755527c2efee450d0
-
SHA1
14a794a89035188665ede87e5e4eef285e438530
-
SHA256
224be3088596aea28b4f7892439c8fb11960178b2b3f4976b8a4262bf4d276c5
-
SHA512
d5799f492a4c08d8a8a2a4aae79f94de8d62d7e67b6d7e37029faec69a5ee9b8564b6755486a1208c8b1ad1e8c6f2a7fa5bd4ed4f93c0cdfd577583c72dcbb94
-
SSDEEP
12288:HM1m5pWfWBXm4equ26QaBvlk1BqEufgfiVdqT:s1heT8plMBqEDfwE
Score7/10-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
-
-
Target
2.0.1.14/DmMain.dll
-
Size
1.3MB
-
MD5
324c06bde03d0f7df5957c69b361d05b
-
SHA1
a3bdc39f15071380ddd73736b23cbafabb31968f
-
SHA256
c06d83d2aac79b481530821b0917a475e089d38eb45cd52a525e4cf9f1ddf270
-
SHA512
2e5f995887f7c885104c52f0c6271ad5f4183e71abed20da0b395dc03e6acc2d9a447900296de48b19af441d52829fa2221f7f7b565b5e59a3f74ce328b88570
-
SSDEEP
24576:Z50jWHjzFZYm/1K2fQDIArICJRriL4YARrjRAyuu3BGI4B:v7VqiBB
Score3/10 -
-
-
Target
2.0.1.14/GPBase.dll
-
Size
1010KB
-
MD5
08be53c783040d3818be0b0e8236fc42
-
SHA1
e88c081cc26fc259f2be4719ce7dbe4263f19ee6
-
SHA256
e53b2aa4df2171fef54b1b70851b922ffe609f5711987235e5434d2ca330c03d
-
SHA512
da988f84ec9188f166c6b95ec721571b2aa37fcedafdf079b31ac123dcd4b3a4f93ed81a0c3cce3b2edba8dc9bd1ceab2c12c5a76c34af26a5793a8047c0ac18
-
SSDEEP
12288:8lR0DnFifkjromZgObeWAxIQcqGYjf8Vu7DnO3/v0PtsEWs4+HTs8iQ6y9vkMA9s:tngNUqHO2W3+YxQ6y9MV4hZOh2v9
Score3/10 -
-
-
Target
2.0.1.14/GPLogin.dll
-
Size
639KB
-
MD5
a1f2ef2f06ef852690c54f4085c982e1
-
SHA1
55856a86a8e879fc892aff7db532de43ee694a0a
-
SHA256
fc850654906a6c3649e7de53df1a212c3e989696c57622e3e5af8c032d9381f0
-
SHA512
2936327033aebb090b24491c84f0a6dd922e9baa489ed7ccb45909646d50552e6c1b92fa3c247c127ea6a496a0c97d8b352f065aabdc9d88ceb95aefa2ef6658
-
SSDEEP
12288:i6as2oAxGtfHz6FIxFS3xqn6Jjc+daNsTp:RFAxGtFMx+6Jjc1Ns
Score3/10 -
-
-
Target
2.0.1.14/GPRender.exe
-
Size
150KB
-
MD5
ab7cc4e164b82cce0e0cbdb688ac3d9a
-
SHA1
1ef263bff4bebd0128613e1974c61a71e562b61b
-
SHA256
8f56cf27a0b735e5adad6ea4162ca0c6a1e6077d5e4252f2a69cef4ca293352f
-
SHA512
d4fbbb6c11cb89e43b2a34d392ea77e99a5e232262010caefb5d758d9c1f5e1fa1417c2234ed64ea92b292bedb07af944455dda10bec10a09132cb69a5d566d7
-
SSDEEP
3072:uYYmY7wTYV1pGYnAUFdYf0hWCFbOqOkmqwUwphc4I36Ft4KKoXyOXKtK:uz1LUkrqFtZKoXyOa
Score1/10 -
-
-
Target
2.0.1.14/GPlatform.exe
-
Size
1.2MB
-
MD5
e7d7dcc8625b4a0e5beb3aaba1206def
-
SHA1
bf97e814da1a57c645faa1f6c45577598af0a252
-
SHA256
854e769a4004f28813e52b555a4fdc37ca9066efb32919984a9d65dbe5c90314
-
SHA512
4200357517a355cb4b6748ec21696a7fbddd99f9e08a3c6d2b5b1e5f44971d9ad2537e15dfe76169ef98227e2b46b5a2f00fff9424243f3bf8c3c0df94b6a5fe
-
SSDEEP
12288:PeFK96gO2U04Q0Xqn2XmSJ3PAgOIjwCKILETMwok/rll3pMj11ydegfSCuAPFx00:Zq2UvnCjbrlEj7y1fSCuAti/
Score7/10-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-