Overview
overview
5Static
static
3b25a72a6eb...18.exe
windows7-x64
3b25a72a6eb...18.exe
windows10-2004-x64
3$PLUGINSDI...ns.dll
windows7-x64
3$PLUGINSDI...ns.dll
windows10-2004-x64
3$PLUGINSDI...nu.dll
windows7-x64
3$PLUGINSDI...nu.dll
windows10-2004-x64
3CTTBasic.exe
windows7-x64
1CTTBasic.exe
windows10-2004-x64
1CTTService.exe
windows7-x64
1CTTService.exe
windows10-2004-x64
1DesktopFixer.exe
windows7-x64
1DesktopFixer.exe
windows10-2004-x64
1FProtMod.sys
windows7-x64
1FProtMod.sys
windows10-2004-x64
1FProtect.exe
windows7-x64
1FProtect.exe
windows10-2004-x64
1FileBackup.exe
windows7-x64
1FileBackup.exe
windows10-2004-x64
1FixedWall.exe
windows7-x64
5FixedWall.exe
windows10-2004-x64
5InstSvc.exe
windows7-x64
1InstSvc.exe
windows10-2004-x64
1MemRes.exe
windows7-x64
1MemRes.exe
windows10-2004-x64
1PrgFlt.dll
windows7-x64
1PrgFlt.dll
windows10-2004-x64
1ProgFilter.exe
windows7-x64
1ProgFilter.exe
windows10-2004-x64
1RsvAgent.exe
windows7-x64
1RsvAgent.exe
windows10-2004-x64
1SMFDApp.exe
windows7-x64
1SMFDApp.exe
windows10-2004-x64
1General
-
Target
b25a72a6eb89b0613ee736486f76a1d2_JaffaCakes118
-
Size
1.2MB
-
Sample
240616-jbv3tavcrf
-
MD5
b25a72a6eb89b0613ee736486f76a1d2
-
SHA1
e60ab9b0060859ea6a86c28e8ae902a0226f4134
-
SHA256
3d93eae1ef8aeb69ceb4797021d839c4e6f251d14abc2bf68d5e0eec68c7549a
-
SHA512
e464be3b54d02eed260bd094b2af3b04ec111e2e6707e23f2ba09dd46017f9a1593e5f36de5f3b99b3b219753d1ed1560e1ed160acd3e9be4d5079b792e3e828
-
SSDEEP
24576:ADLirUjp0Q2GVyM4xgr87v65iMBilOWRJPF7p:sLiQjRXx5r8L6kMBiTJp
Static task
static1
Behavioral task
behavioral1
Sample
b25a72a6eb89b0613ee736486f76a1d2_JaffaCakes118.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
b25a72a6eb89b0613ee736486f76a1d2_JaffaCakes118.exe
Resource
win10v2004-20240226-en
Behavioral task
behavioral3
Sample
$PLUGINSDIR/InstallOptions.dll
Resource
win7-20240508-en
Behavioral task
behavioral4
Sample
$PLUGINSDIR/InstallOptions.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral5
Sample
$PLUGINSDIR/StartMenu.dll
Resource
win7-20231129-en
Behavioral task
behavioral6
Sample
$PLUGINSDIR/StartMenu.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral7
Sample
CTTBasic.exe
Resource
win7-20240611-en
Behavioral task
behavioral8
Sample
CTTBasic.exe
Resource
win10v2004-20240226-en
Behavioral task
behavioral9
Sample
CTTService.exe
Resource
win7-20240508-en
Behavioral task
behavioral10
Sample
CTTService.exe
Resource
win10v2004-20240611-en
Behavioral task
behavioral11
Sample
DesktopFixer.exe
Resource
win7-20240508-en
Behavioral task
behavioral12
Sample
DesktopFixer.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral13
Sample
FProtMod.sys
Resource
win7-20240221-en
Behavioral task
behavioral14
Sample
FProtMod.sys
Resource
win10v2004-20240508-en
Behavioral task
behavioral15
Sample
FProtect.exe
Resource
win7-20240611-en
Behavioral task
behavioral16
Sample
FProtect.exe
Resource
win10v2004-20240611-en
Behavioral task
behavioral17
Sample
FileBackup.exe
Resource
win7-20240611-en
Behavioral task
behavioral18
Sample
FileBackup.exe
Resource
win10v2004-20240611-en
Behavioral task
behavioral19
Sample
FixedWall.exe
Resource
win7-20240611-en
Behavioral task
behavioral20
Sample
FixedWall.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral21
Sample
InstSvc.exe
Resource
win7-20240220-en
Behavioral task
behavioral22
Sample
InstSvc.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral23
Sample
MemRes.exe
Resource
win7-20240221-en
Behavioral task
behavioral24
Sample
MemRes.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral25
Sample
PrgFlt.dll
Resource
win7-20240508-en
Behavioral task
behavioral26
Sample
PrgFlt.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral27
Sample
ProgFilter.exe
Resource
win7-20240611-en
Behavioral task
behavioral28
Sample
ProgFilter.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral29
Sample
RsvAgent.exe
Resource
win7-20240221-en
Behavioral task
behavioral30
Sample
RsvAgent.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral31
Sample
SMFDApp.exe
Resource
win7-20240508-en
Behavioral task
behavioral32
Sample
SMFDApp.exe
Resource
win10v2004-20240611-en
Malware Config
Targets
-
-
Target
b25a72a6eb89b0613ee736486f76a1d2_JaffaCakes118
-
Size
1.2MB
-
MD5
b25a72a6eb89b0613ee736486f76a1d2
-
SHA1
e60ab9b0060859ea6a86c28e8ae902a0226f4134
-
SHA256
3d93eae1ef8aeb69ceb4797021d839c4e6f251d14abc2bf68d5e0eec68c7549a
-
SHA512
e464be3b54d02eed260bd094b2af3b04ec111e2e6707e23f2ba09dd46017f9a1593e5f36de5f3b99b3b219753d1ed1560e1ed160acd3e9be4d5079b792e3e828
-
SSDEEP
24576:ADLirUjp0Q2GVyM4xgr87v65iMBilOWRJPF7p:sLiQjRXx5r8L6kMBiTJp
Score3/10 -
-
-
Target
$PLUGINSDIR/InstallOptions.dll
-
Size
12KB
-
MD5
444e1109d960c307df0ca2b33a24731b
-
SHA1
55e3b57d06128911ed4af44858d199d9b1945edc
-
SHA256
b3ba181120cd5b57e2cd5435bbd64c3257f7525ade359f89554e93f466692125
-
SHA512
9efdb45ee0eae73c24d3f01ff799160090f2b1f0f28ee8da3af52992fec220bf905070ce5a6cc1b5657642440ad29c22bc6889cd3ee1f674a908a935dcf4c2a8
-
SSDEEP
384:fKlm7i+c3QW6ckPhyDEaLny2bbBBIXwZ:Cqi8BcyhEhLfbbTI
Score3/10 -
-
-
Target
$PLUGINSDIR/StartMenu.dll
-
Size
6KB
-
MD5
f748f55ecad890512775dc822fb7c103
-
SHA1
127aabe086293cace375f8a3f337aa9ef87a1675
-
SHA256
25ba615c46a5aaf4693cf43b98e9151f056d701e9266c5671cd62fab29b50a13
-
SHA512
ae77d7217693cd51f4faffaeacb5845107a6d8fca08ffb81878c39f17a1170ed9e7340d5e8f7d9a7b30156b600660e77ff87c95c027a78823755a805ed3a4ae0
-
SSDEEP
96:Gm1C0Qaep2wbE+WH1/FMXF6CGQhFzK1KQ5NnhElMmV4d:xep2w5k/FyEt1gN
Score3/10 -
-
-
Target
CTTBasic.exe
-
Size
1.2MB
-
MD5
8b9ea50df0de8aa1abbb17fe46bb731d
-
SHA1
038264da5ea15d72a9d2b3fe110714a09163229d
-
SHA256
cda49792c57619378476413ff29d25ac012b7100c6624ea9474926a466194e4c
-
SHA512
ba53e204191149d0ac3e12168556252feb4558104d4d608e888de6844242a7e7854eb0fd5ef7d5bab6386a030c9cf058dbf5d75891023d561fc6dabbd0776e2e
-
SSDEEP
12288:Ue/z1jG178TUC1cZJJCF3RGiXt2HcZwoqo8m+v3Ox/OqwbvHKgPOZF8:Ue/1GqFaZJwXgHIs3OAqwzHK4OZF
Score1/10 -
-
-
Target
CTTService.exe
-
Size
148KB
-
MD5
5c9957d0c0989ff22a4ea0e09372e8d1
-
SHA1
c5a328ee52d623f70f00a5ea7c3248aa0b2e58b6
-
SHA256
126a37dea26e6f69ec49a3dcb34e49bc0440cc11144f44fc680768466f134790
-
SHA512
52214867856abcc2c94337913ac48dbacd20de88ba221ec402543faaa15f31b82c955e9e7455ef95a148d17d46552bf49642ab6dd5b5a901d94c92994ba5992f
-
SSDEEP
3072:zv055/Vz6fydNylxdmyTgnaJnd1lvxFtH8Scw:zv6z6fyXyj/1Lv8Zw
Score1/10 -
-
-
Target
DesktopFixer.exe
-
Size
28KB
-
MD5
ba8eb6ce4c96a6d6edde01dad4e716b4
-
SHA1
799abefd8a4bab718fc18091a848499295691e84
-
SHA256
8586b6a2197f7e128ef124773f5451d38867d5d768ffdcade3fe52c5449983e8
-
SHA512
1d9e114918ee482ad4008890615e5cf3a8357688be4a0bc9e2a8d97f8120c2d90dc23300ce8055df03034c5233d26022b97f5445516686414ae3fb508046a8ef
-
SSDEEP
384:2rJD/z6ybCn1VtvZAqzXl3iKN2rH1mlWwhfMY:2rJNbaRXXxh2sl5R
Score1/10 -
-
-
Target
FProtMod.sys
-
Size
22KB
-
MD5
22df0b1ddb206771260dd15f302fb1d5
-
SHA1
63947297835d30bf4e44ade1d21f144bbab277d0
-
SHA256
639a0075f550eee8f0078b43e3cb6cd06d2409cb49adeeb808a7762121fda667
-
SHA512
e4c1ca7e936f2d3af6eb84e4fac91bee2f98622cd1bea3c0a8085f64097e5d9ff0bcc556e311213ebd4aca004737933c212e87f5f83d05259be98eec81620ee0
-
SSDEEP
384:UmnqMdrov4UiGz2/MYaTJOmriAHOjMCx4P:UmjrvPo20Yo4mWWwS
Score1/10 -
-
-
Target
FProtect.exe
-
Size
212KB
-
MD5
75b54e62bb341a7ca4a7177222301ecc
-
SHA1
e86ea316461efb2f7512624d53043029add0eee3
-
SHA256
786c4e6c50a7745c2a565dd2cc397cabc42e27e1281ec8da2f74b5fe940442d6
-
SHA512
63fe3c887ffe8ba9eea125da105843a45ba0dbb85271ce44daef8761b4c40ce4a633475d07f8a30c7dd4da2b884019fe02a0dbc54f5894cedaae8aeac332de31
-
SSDEEP
6144:GHayPttIXizzz4vzzFcttFAzzY9zAttDzzI4zzt4zzRzhMtuz+zz0tHz/zTtQzKM:u54xcK
Score1/10 -
-
-
Target
FileBackup.exe
-
Size
36KB
-
MD5
bda56633acd2662b824bd713aea8a5ea
-
SHA1
80329b47dee920d413a9f38d8b1c5e02e538630d
-
SHA256
03f4363ad29bf1046494800cd04adc11a558ada0f710261a7e5e8aa63b991778
-
SHA512
b1cd051f73a3dcd8b356932eb496e5ede09cc48cc5b0028ffa82a5ce2714b2e5f6235ecc22d59e9d3667f178633be27f031c233359eb2632da4893c5cf83e5e0
-
SSDEEP
384:LQNOcTW4YfZM6iSFBO2GBzyUHc+pM8zhwr/VSOaj9q91QbnB3:LQNFTlEFi8BO2uyUPruEOoIDQF3
Score1/10 -
-
-
Target
FixedWall.exe
-
Size
20KB
-
MD5
008ea2428d504dca47d80ef48bdbcdca
-
SHA1
dfc7fc2fc7df398226cad8f4adcbeb204a7a2aed
-
SHA256
4771bd311e177c7fbb091618e5ed602642a1d70ee92fb6f63e87d5c320cb56bf
-
SHA512
e8f066c402689931b432772af139525cccee4041f5496c2eddb0fe2a19da5359f74e9cfe2b41d0387daccaaab7cd5a2523625bc9cadc5605dd4419c6d9e6aa7d
-
SSDEEP
192:3TuYHvFF8OqLKP1oync2BoL5QkRLseOCJY+:PHvr1u2ilPHPY+
Score5/10-
Sets desktop wallpaper using registry
-
-
-
Target
InstSvc.exe
-
Size
44KB
-
MD5
14be7f2feb710da436ac0c5f7e3cf8cc
-
SHA1
c982d2a626e8a4f2de4f138ad72eea43d5617325
-
SHA256
c90114fb04bde69d368bc66633d94cf6458ff3d63fbaf8c0d4d497b60450a3c3
-
SHA512
25b6a539b5412cd30258b0a4c6ec894f566b0a37ecf0db582b78fc1b36b24af792e6456a5b5f2caff7df607c65f9dec85dd8eb19ed0d2aa791df5ba13558624b
-
SSDEEP
768:ALPyaODboiCfcee1nOiBSbf3kjnIm0XxZ8/3qP/eaN7hNhYk:ALaaX7f+RvSf3InabRP/eaN7hNhYk
Score1/10 -
-
-
Target
MemRes.exe
-
Size
48KB
-
MD5
b8fc4c4c7ff512f3bb9ffa1d05f5b4be
-
SHA1
416f873eed02e8ed1bba4b35468a0897c73b185b
-
SHA256
85fd848cceec940f09fd9f057cfd4cee488a66a6b68204bd45674ce061564c46
-
SHA512
624a2ddd2ba4b53c5ac459efa1c8ac48c0e90c364da0e472987cc07eabe9fd830b9d721601e0ad0253694950bb1fb469d45d397666127e7772b9863738256b65
-
SSDEEP
768:YxSFGwjUG0hjSAj7kmqo7tSE3tG+wftg:YdhjQmqIdStg
Score1/10 -
-
-
Target
PrgFlt.dll
-
Size
48KB
-
MD5
4b307f6e45854a7716d9f21d20a7f01f
-
SHA1
a08358675dc5e0283fb7b3781c8b785e182eac42
-
SHA256
ac4ac5772b482419de932b892dd4a72ec1738bc1849e3f4c84f1c8c39ed2af26
-
SHA512
2a2f484db826ad9101ac37fbf8ed0924bf30262e8b203c1395242b0337433dc981d6a7bbaff717f708d1842732631dfeb3771ddf33a7b7c1fa8483598470bc16
-
SSDEEP
384:fzjUwbPqTfNaTbRw6yCLFfsV2L7vmMMXJ3jy4CF5JudORkPZmttMQoUt:fzb+TVafCOfsV2LKljWF5Jg+ttCU
Score1/10 -
-
-
Target
ProgFilter.exe
-
Size
28KB
-
MD5
0af05b600c5f42a8a9aae84459ead1af
-
SHA1
a8220e8d6883c0aef1531d05e5aa694c3bff2c04
-
SHA256
04c12f29facfeb860ad497fc18681fc1b53fd622dcbde2a1892651da5997212e
-
SHA512
0ec87ed89c7fc99477a8e667084331b51a5841bc319e169d6f7a3a6b9354a0f54c6146dbdc39058185585f1f8fa5930fc7107f9d4002e7266744d1dbdc752cd7
-
SSDEEP
384:UAGHokqwvK78NuxqD6V8MP+sfQbhfQ+y1RxX+:UAbkrN+BisDQ9Q+E/u
Score1/10 -
-
-
Target
RsvAgent.exe
-
Size
24KB
-
MD5
f7248886ee9d640f1d4e038508edc3ee
-
SHA1
ef8b655bd157965781013e2174091f694de2c3b3
-
SHA256
01a63867af798fd57226518718da18322bd12806484f8d632855bb788265f0e9
-
SHA512
9a9f417fc45cb00afd1b5e7539e41743f6e52428b1ffe9065bb61693fa907ffa5e5d264208eb9a9716f39551a6692d5a42a41e9503d694ec58c6600dd759316a
-
SSDEEP
384:POCBg7uarwdWP3bZl61UPXkCWZirfMbL1QnYNG:GCBg7uarOuIOXkCW6MbBSY
Score1/10 -
-
-
Target
SMFDApp.exe
-
Size
216KB
-
MD5
772e018c498302e3e96d67ce8f250414
-
SHA1
0366f692f94fed356e0e5a899e9d414c3daa1a17
-
SHA256
f668c34d2d34cb9bf3598f237ab737309cf28a79d5c7edb0e09c070bebf55701
-
SHA512
4a5f4cdddb72a97d24b0fa21d86a6506b9c22247d58b5fe3f76c9ff6a74e3af0933b6e2158fbe6f334075ce42fd37d156fae28b1f990ef0f1a92d699c3271eba
-
SSDEEP
1536:rfuINR2To1NpsTtPm+eVdHc0dWuVK/BgtuFpYYaA+3:jJ10TtKVdHpQJgcFSYaA+
Score1/10 -