Overview

overview

7

Static

static

3

035a63c0c2...18.exe

windows7-x64

7

035a63c0c2...18.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

FlvPlayer.exe

windows7-x64

1

FlvPlayer.exe

windows10-2004-x64

1

apps/ffmpeg.exe

windows7-x64

1

apps/ffmpeg.exe

windows10-2004-x64

1

help_Web F...er.chm

windows7-x64

1

help_Web F...er.chm

windows10-2004-x64

1

player/flvplayer.html

windows7-x64

1

player/flvplayer.html

windows10-2004-x64

1

player/flv...w.html

windows7-x64

1

player/flv...w.html

windows10-2004-x64

1

uninst.exe

windows7-x64

7

uninst.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    51s
  • max time network
    54s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    23/06/2024, 22:48

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    035a63c0c261105e96d936c6404fa057_JaffaCakes118.exe

  • Size

    2.4MB

  • MD5

    035a63c0c261105e96d936c6404fa057

  • SHA1

    a32fe1241b2c507684bb59538de19485cbcbb25a

  • SHA256

    c4865e85bf77580a76cf37177dc0e4c0c5e4a471437111e891f55ea7b557cafe

  • SHA512

    e9143993d45c294d626ede9abaef48d09c0d0b8685d694f3db27b4131352ac665324f6cd20daca3bc0e366886939162d446c9cdd41ebe9552941499b9856e03c

  • SSDEEP

    49152:B1fPKD+oqO1x5LwVCprUHJM+2TNx+K9XEMrJlSoHY6cOqzAytOtNNORM:B18xHbLsarIGNxpEsJUm+OqzAyaz

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

Processes

  • C:\Users\Admin\AppData\Local\Temp\035a63c0c261105e96d936c6404fa057_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\035a63c0c261105e96d936c6404fa057_JaffaCakes118.exe"
    1⤵
    • Loads dropped DLL
    PID:3184

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\nso42C8.tmp\InstallOptions.dll
          Filesize

          14KB

          MD5

          0dc0cc7a6d9db685bf05a7e5f3ea4781

          SHA1

          5d8b6268eeec9d8d904bc9d988a4b588b392213f

          SHA256

          8e287326f1cdd5ef2dcd7a72537c68cbe4299ceb1f820707c5820f3aa6d8206c

          SHA512

          814dd17ebb434f4a3356f716c783ab7f569f9ee34ce5274fa50392526925f044798f8006198ac7afe3d1c2ca83a2ca8c472ca53fec5f12bbfbbe0707abacd6b0

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\nso42C8.tmp\ioSpecial.ini
          Filesize

          734B

          MD5

          c87b5efbb4f8ffcc6451b94cb56d00f8

          SHA1

          a3712f267a3e609cea1334344fb027da95725263

          SHA256

          9dbbddc0335796f11ed25f4e91df34e338df7978d52a834b33882c3aa104edad

          SHA512

          cff8ccc49d149755bba196f7740052304c42e69822735222921afaf5fbafbc5b149e9423df71f32076c19d6a129bc49f96d444b50fe69a1838e02a91633bfcad

          Download Submit