Overview

overview

7

Static

static

3

0fe0c073e9...18.exe

windows7-x64

7

0fe0c073e9...18.exe

windows10-2004-x64

7

$PLUGINSDI...er.dll

windows7-x64

3

$PLUGINSDI...er.dll

windows10-2004-x64

3

$PLUGINSDI...er.dll

windows7-x64

1

$PLUGINSDI...er.dll

windows10-2004-x64

1

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...dl.dll

windows7-x64

3

$PLUGINSDI...dl.dll

windows10-2004-x64

3

$PLUGINSDI...nu.dll

windows7-x64

3

$PLUGINSDI...nu.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...fo.dll

windows7-x64

3

$PLUGINSDI...fo.dll

windows10-2004-x64

3

BounceOut.exe

windows7-x64

3

BounceOut.exe

windows10-2004-x64

1

BounceRes.dll

windows7-x64

1

BounceRes.dll

windows10-2004-x64

1

Uninstall.exe

windows7-x64

7

Uninstall.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...fo.dll

windows7-x64

3

$PLUGINSDI...fo.dll

windows10-2004-x64

3

aminstall.dll

windows7-x64

1

aminstall.dll

windows10-2004-x64

3

Analysis

  • max time kernel
    147s
  • max time network
    154s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    25/06/2024, 23:12

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    0fe0c073e930737fa476ffd8baba79bc_JaffaCakes118.exe

  • Size

    3.0MB

  • MD5

    0fe0c073e930737fa476ffd8baba79bc

  • SHA1

    9c443d0c20201add50a56d10fde94d70ede4a16d

  • SHA256

    86d506e51a1954254d165ee33939a63ab0bd9d3e994ab74f668a478cd673c043

  • SHA512

    4962e332f6b302cbce646889d7d3ed9f12bed2d6645f6faccae49b187ffc4ac06f3f7d276c4212025e640023762a0b6c1afdb93e1a406149fb46094ecc23933e

  • SSDEEP

    98304:6yxQ2neF96/3IQfUeGzkAgwwc9/BrqyGjLea:6yxQCeFqIjzkK9JrqyqX

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\0fe0c073e930737fa476ffd8baba79bc_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\0fe0c073e930737fa476ffd8baba79bc_JaffaCakes118.exe"
    1⤵
    • Loads dropped DLL
    PID:4604

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\nso4400.tmp\InstallOptions.dll
          Filesize

          12KB

          MD5

          57db62366ef11fdc47922a02031f0492

          SHA1

          6d30db5285b653025f94e74b9b045870dc0aeb7a

          SHA256

          2338752092918db8e068d55bea61f8cdeb9be37b6e6d30a730d9703b169b08b4

          SHA512

          d0257e02370863e07feb9346b88d87a102089f0c48aea13e069e55a14f0f6db51fb3d5f41ed5d2f39e36b612f4b6194a6b7c059709808bfb23ded89d0b0a3db5

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\nso4400.tmp\System.dll
          Filesize

          10KB

          MD5

          b21538d9f049d3e3e8b666744d7ca36d

          SHA1

          b97fc58f9aa238758a7574a2e32dac4e97392f47

          SHA256

          9dbe958fd425903ffc2197a112bec4fa597284f9637fe8fd5685016f32e21334

          SHA512

          05d2c660a43519fd35daa3b4310419b33e61ce8557bde55942315ca59c3b9cb9fdeaea42c403ad78a54fa9923eaa712bcf5a10dea83619a18c4ef0c451e6d533

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\nso4400.tmp\ioSpecial.ini
          Filesize

          700B

          MD5

          1aa5de5c3510414b43c4d2f3c27773c9

          SHA1

          f347a6b57ca3f40d25d88fcc718f4883a78e4df5

          SHA256

          92ca0c4b75e7356a48a185d13b21e7bbb2f69ec52aaeaeb4013f487451bcb05f

          SHA512

          3adb83494ec9818aa17e4df1581a319555c719f16f7025228282570136f893dd3272e64621c4483ba0700150052f28c6c43c001caf3f5a614f5c2f82f0385be5

          Download Submit