Overview
overview
7Static
static
3b696088343...18.exe
windows7-x64
7b696088343...18.exe
windows10-2004-x64
7$PLUGINSDI...em.dll
windows7-x64
3$PLUGINSDI...em.dll
windows10-2004-x64
3$TEMP/1606...er.exe
windows7-x64
1$TEMP/1606...er.exe
windows10-2004-x64
1CalendarEntry.dll
windows7-x64
1CalendarEntry.dll
windows10-2004-x64
1CrashReport64.exe
windows7-x64
6CrashReport64.exe
windows10-2004-x64
6InstallHelper.exe
windows7-x64
1InstallHelper.exe
windows10-2004-x64
1calendar.exe
windows7-x64
1calendar.exe
windows10-2004-x64
1General
-
Target
b696088343889998be8f42ae20ae52d7_JaffaCakes118
-
Size
6.0MB
-
Sample
240617-d82nzasenh
-
MD5
b696088343889998be8f42ae20ae52d7
-
SHA1
8ddbb3986c8f8bc512d9ac46cd012e9d6a4033db
-
SHA256
cb64de530ca49c30d40f398ebc7e583432d5e1b2e35c1492ac80baa1e59fe49a
-
SHA512
04148ac447d621a3c6d7dd85aa9cd49ada6d9a529ac7d3490ee8328479b24e395638733a1418208f1c39986e1b59d0fe531b184b6b71faa5f83064a89c489de1
-
SSDEEP
98304:MPAoQsadAIHx5RiBoApr6ORk3ZoLesDfs2EHAOAuC+rcGUt0ojtSn2pv6P+fFtkg:cAdjx5RiBoAkAPzQ3rcvt0USGLp
Static task
static1
Behavioral task
behavioral1
Sample
b696088343889998be8f42ae20ae52d7_JaffaCakes118.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
b696088343889998be8f42ae20ae52d7_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral3
Sample
$PLUGINSDIR/System.dll
Resource
win7-20240611-en
Behavioral task
behavioral4
Sample
$PLUGINSDIR/System.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral5
Sample
$TEMP/160625D2_3173_44cb_81C2_97B72B98CE2C/InstallHelper.exe
Resource
win7-20240220-en
Behavioral task
behavioral6
Sample
$TEMP/160625D2_3173_44cb_81C2_97B72B98CE2C/InstallHelper.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral7
Sample
CalendarEntry.dll
Resource
win7-20240508-en
Behavioral task
behavioral8
Sample
CalendarEntry.dll
Resource
win10v2004-20240611-en
Behavioral task
behavioral9
Sample
CrashReport64.exe
Resource
win7-20231129-en
Behavioral task
behavioral10
Sample
CrashReport64.exe
Resource
win10v2004-20240226-en
Behavioral task
behavioral11
Sample
InstallHelper.exe
Resource
win7-20240611-en
Behavioral task
behavioral12
Sample
InstallHelper.exe
Resource
win10v2004-20240611-en
Behavioral task
behavioral13
Sample
calendar.exe
Resource
win7-20240611-en
Behavioral task
behavioral14
Sample
calendar.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
b696088343889998be8f42ae20ae52d7_JaffaCakes118
-
Size
6.0MB
-
MD5
b696088343889998be8f42ae20ae52d7
-
SHA1
8ddbb3986c8f8bc512d9ac46cd012e9d6a4033db
-
SHA256
cb64de530ca49c30d40f398ebc7e583432d5e1b2e35c1492ac80baa1e59fe49a
-
SHA512
04148ac447d621a3c6d7dd85aa9cd49ada6d9a529ac7d3490ee8328479b24e395638733a1418208f1c39986e1b59d0fe531b184b6b71faa5f83064a89c489de1
-
SSDEEP
98304:MPAoQsadAIHx5RiBoApr6ORk3ZoLesDfs2EHAOAuC+rcGUt0ojtSn2pv6P+fFtkg:cAdjx5RiBoAkAPzQ3rcvt0USGLp
Score7/10-
Executes dropped EXE
-
Loads dropped DLL
-
-
-
Target
$PLUGINSDIR/System.dll
-
Size
11KB
-
MD5
bf712f32249029466fa86756f5546950
-
SHA1
75ac4dc4808ac148ddd78f6b89a51afbd4091c2e
-
SHA256
7851cb12fa4131f1fee5de390d650ef65cac561279f1cfe70ad16cc9780210af
-
SHA512
13f69959b28416e0b8811c962a49309dca3f048a165457051a28a3eb51377dcaf99a15e86d7eee8f867a9e25ecf8c44da370ac8f530eeae7b5252eaba64b96f4
-
SSDEEP
192:0N2gQuUwXzioj4KALV2upWzVd7q1QDXEbBZ8KxHdGzyS/Kx:rJoiO8V2upW7vQjS/
Score3/10 -
-
-
Target
$TEMP/160625D2_3173_44cb_81C2_97B72B98CE2C/InstallHelper.exe
-
Size
1.2MB
-
MD5
d302f62656d9715f4eaae56867fcd287
-
SHA1
b649e0ee41bf55184133b0076fbafb8c58328c68
-
SHA256
086c0fbfc34284263d3bb5a99d5369ecccf39d1c6a54e10026496248979b66a0
-
SHA512
6258c6df977823dd1f287389eb52bf1096674c32cf5569af02f99b3292051a8c78fc6647d4efad5cf97db107f413e44a77f6d04e823bdc3cfa61bb7e99554fb6
-
SSDEEP
24576:glEdheSsWGnKRVbU8O0vtiTtvzAVrbQL7DbNJYm1nX/JIU:uahbsWGnKQitgtrAVyEm1nXj
Score1/10 -
-
-
Target
CalendarEntry.dll
-
Size
154KB
-
MD5
ab3971cf063a85f244ec318a877b3354
-
SHA1
fbf0280bb4067c1a0cccbda7a01e89e7a90c7f58
-
SHA256
bc779c091a0a89023bc22b273a4a3880ce8e5006f73b782aa37b8a8f68cbf0b2
-
SHA512
f32e9fc3723f4fafddfab9c740f35df5189d0970f723346e83243a80af954f9e209f5756f2738b1228bda6c40b25763a9ffe541d240b840ef1cdd6e75e708485
-
SSDEEP
3072:XEUtZ/ZE/RNWXuXJfQJ+i/Fz3CbGLSZQATXR1TXRP5wrdCl0Dq+Bp5pxQ5bmj+HV:0Cq/RNdF14FGbt5TXR1TXR3+BlxQRV
Score1/10 -
-
-
Target
CrashReport64.exe
-
Size
1.0MB
-
MD5
1048032e022b0d159c5730ba4d5d5c7f
-
SHA1
04f966737e807907f7204f1454b0ac9f1195756d
-
SHA256
b233b9413c5497e8233247c8d6c704384d5d8cf749cc87a36577bf97456c9420
-
SHA512
23870e7d79f14e616e482f30ffa06debbbe430d2571a8a1d448cb2531e35e48865f72f8e317a18b69f43e2e146e47a1f83e4193c3ebb316fd36c93311b280379
-
SSDEEP
24576:bMVLo6H7ERoae4qU6uXwASKtmRThHVrbZie:ELoAwqNASKMRThnie
Score6/10-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
-
-
Target
InstallHelper.exe
-
Size
1.2MB
-
MD5
d302f62656d9715f4eaae56867fcd287
-
SHA1
b649e0ee41bf55184133b0076fbafb8c58328c68
-
SHA256
086c0fbfc34284263d3bb5a99d5369ecccf39d1c6a54e10026496248979b66a0
-
SHA512
6258c6df977823dd1f287389eb52bf1096674c32cf5569af02f99b3292051a8c78fc6647d4efad5cf97db107f413e44a77f6d04e823bdc3cfa61bb7e99554fb6
-
SSDEEP
24576:glEdheSsWGnKRVbU8O0vtiTtvzAVrbQL7DbNJYm1nX/JIU:uahbsWGnKQitgtrAVyEm1nXj
Score1/10 -
-
-
Target
calendar.exe
-
Size
3.7MB
-
MD5
ed9a744b4e7c8802f831447e4df0119c
-
SHA1
a1fdbecddc8afd747f9c55720f48407fa738ae68
-
SHA256
6a6c5362caa77f3ceb89661d35d23742630df02646c9559dce9f2dedd85ca017
-
SHA512
b40ce3fab76766c49d90eadb9df3fe9650ebaf661f40282f31ef9a7d5dc1e54a440036d137b86af6b6b49ccba25fd60ed91b72dc32c77ec117dd7078c80d95c3
-
SSDEEP
49152:k0DvtJWrS+ITow9TBpvt5X1I0hxkCR24kAl+J+HD0noAJ7WIxTU7JU76:JNoMHPkCY3AlJookoy76
Score1/10 -