General
-
Target
025738643df8f114d2146e8735b49d23_JaffaCakes118
-
Size
1.3MB
-
Sample
240622-qlfjfazbqe
-
MD5
025738643df8f114d2146e8735b49d23
-
SHA1
77215471901f0f7e325a91e82ef6b755350750c1
-
SHA256
0e01ea2c54fe331fbfb39992df7834cba58d464852ac3c2673022ee3820fb760
-
SHA512
fc9c935040126941064f6dbb92809bf9dbe270288d707488d036fb0b45f0521095236046bc347bacc48375f7206b771710f2488fb6adc37a559f9d1f6b4fb686
-
SSDEEP
24576:Qb2OLkPAu1EYg/9/BqY5/V850VqMWyQCsQqyZECuxNbqXb6X:G2pPv2Yg/9/hk0VNWy9lqNb8b6X
Static task
static1
Behavioral task
behavioral1
Sample
025738643df8f114d2146e8735b49d23_JaffaCakes118.exe
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
025738643df8f114d2146e8735b49d23_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral3
Sample
$PLUGINSDIR/InstallOptions.dll
Resource
win7-20240508-en
Behavioral task
behavioral4
Sample
$PLUGINSDIR/InstallOptions.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral5
Sample
findtop_setup_09.exe
Resource
win7-20240220-en
Behavioral task
behavioral6
Sample
findtop_setup_09.exe
Resource
win10v2004-20240611-en
Malware Config
Targets
-
-
Target
025738643df8f114d2146e8735b49d23_JaffaCakes118
-
Size
1.3MB
-
MD5
025738643df8f114d2146e8735b49d23
-
SHA1
77215471901f0f7e325a91e82ef6b755350750c1
-
SHA256
0e01ea2c54fe331fbfb39992df7834cba58d464852ac3c2673022ee3820fb760
-
SHA512
fc9c935040126941064f6dbb92809bf9dbe270288d707488d036fb0b45f0521095236046bc347bacc48375f7206b771710f2488fb6adc37a559f9d1f6b4fb686
-
SSDEEP
24576:Qb2OLkPAu1EYg/9/BqY5/V850VqMWyQCsQqyZECuxNbqXb6X:G2pPv2Yg/9/hk0VNWy9lqNb8b6X
Score7/10-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
-
-
Target
$PLUGINSDIR/InstallOptions.dll
-
Size
14KB
-
MD5
325b008aec81e5aaa57096f05d4212b5
-
SHA1
27a2d89747a20305b6518438eff5b9f57f7df5c3
-
SHA256
c9cd5c9609e70005926ae5171726a4142ffbcccc771d307efcd195dafc1e6b4b
-
SHA512
18362b3aee529a27e85cc087627ecf6e2d21196d725f499c4a185cb3a380999f43ff1833a8ebec3f5ba1d3a113ef83185770e663854121f2d8b885790115afdf
-
SSDEEP
192:86d+dHXLHQOPiY53uiUdigyU+WsPdc/A1A+2jwK72dwF7dBEnbok:86UdHXcIiY535zBt2jw+BEnbo
Score3/10 -
-
-
Target
findtop_setup_09.exe
-
Size
1.3MB
-
MD5
582f2e8f7307c44f3ce3f0e4189cebb3
-
SHA1
d1e02afffe899bc8d55dcf5acc2a8b1a38790d0d
-
SHA256
e00b01670253c987ff1761257cb9967d677acdef711dde43347a6242c4518fc8
-
SHA512
89c49664611a8d7aecd98eebd3d1a814a420b603d93ca39614bd8d35f656d6956c1ea3206e359c3c6dbf6df06a13ff9a5841e2f257662fd37d9df6b38c8a2fc6
-
SSDEEP
24576:QnvzXWRAGDcNZxW9/BzY0hzi082AZqrWebiJyZugux2TrhbICLX:QvSA/NZxW9/S0o0AZUWepvq2TdbICD
Score7/10-
Executes dropped EXE
-
Loads dropped DLL
-