Overview
overview
7Static
static
310343bf892...18.exe
windows7-x64
710343bf892...18.exe
windows10-2004-x64
7$PLUGINSDI...ns.dll
windows7-x64
3$PLUGINSDI...ns.dll
windows10-2004-x64
3$PLUGINSDI...nu.dll
windows7-x64
3$PLUGINSDI...nu.dll
windows10-2004-x64
3$PLUGINSDI...em.dll
windows7-x64
3$PLUGINSDI...em.dll
windows10-2004-x64
3AxsUtils.dll
windows7-x64
1AxsUtils.dll
windows10-2004-x64
1CheckForUpdates.dll
windows7-x64
1CheckForUpdates.dll
windows10-2004-x64
1Interop.eW...ol.dll
windows7-x64
1Interop.eW...ol.dll
windows10-2004-x64
1LLCryptoLib.dll
windows7-x64
1LLCryptoLib.dll
windows10-2004-x64
1LiteActivate.dll
windows7-x64
1LiteActivate.dll
windows10-2004-x64
1LiteErrorReport.dll
windows7-x64
1LiteErrorReport.dll
windows10-2004-x64
1LiteSerializer.dll
windows7-x64
1LiteSerializer.dll
windows10-2004-x64
1Microsoft....el.dll
windows7-x64
1Microsoft....el.dll
windows10-2004-x64
1Microsoft....op.dll
windows7-x64
1Microsoft....op.dll
windows10-2004-x64
1NCryptXL.exe
windows7-x64
1NCryptXL.exe
windows10-2004-x64
1data/examp...le.xls
windows7-x64
1data/examp...le.xls
windows10-2004-x64
1data/examp...s.xlsx
windows7-x64
1data/examp...s.xlsx
windows10-2004-x64
1General
-
Target
10343bf892632ec266a3cc135e68a848_JaffaCakes118
-
Size
1.3MB
-
Sample
240626-bh65naxhnl
-
MD5
10343bf892632ec266a3cc135e68a848
-
SHA1
c4556986757e6aa60e40b04ef4078339ffaed4e6
-
SHA256
989b7036f1b50befeb7da1c6d1af00624e34c101c91a83e2e746a7f0ef484f29
-
SHA512
2807e3dc84495b4bcb2cf18646775d61a81f641a3efedcc8e1bdda5ca55aaa14b29c492ace8c8118fc76f293c8434dcb9d0fe97aacda8da98fc68e4f5742e43e
-
SSDEEP
24576:WlJPwvWtNp1jShEEtjIXr3f/BHW0lM35N8D8PLgcgh882I5PVavd26:IPwuj7ShEEtM7vp2aD2gVGs5Pkvd1
Static task
static1
Behavioral task
behavioral1
Sample
10343bf892632ec266a3cc135e68a848_JaffaCakes118.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
10343bf892632ec266a3cc135e68a848_JaffaCakes118.exe
Resource
win10v2004-20240611-en
Behavioral task
behavioral3
Sample
$PLUGINSDIR/InstallOptions.dll
Resource
win7-20240611-en
Behavioral task
behavioral4
Sample
$PLUGINSDIR/InstallOptions.dll
Resource
win10v2004-20240611-en
Behavioral task
behavioral5
Sample
$PLUGINSDIR/StartMenu.dll
Resource
win7-20240419-en
Behavioral task
behavioral6
Sample
$PLUGINSDIR/StartMenu.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral7
Sample
$PLUGINSDIR/System.dll
Resource
win7-20240221-en
Behavioral task
behavioral8
Sample
$PLUGINSDIR/System.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral9
Sample
AxsUtils.dll
Resource
win7-20240220-en
Behavioral task
behavioral10
Sample
AxsUtils.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral11
Sample
CheckForUpdates.dll
Resource
win7-20240611-en
Behavioral task
behavioral12
Sample
CheckForUpdates.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral13
Sample
Interop.eWebControl.dll
Resource
win7-20240611-en
Behavioral task
behavioral14
Sample
Interop.eWebControl.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral15
Sample
LLCryptoLib.dll
Resource
win7-20240221-en
Behavioral task
behavioral16
Sample
LLCryptoLib.dll
Resource
win10v2004-20240611-en
Behavioral task
behavioral17
Sample
LiteActivate.dll
Resource
win7-20231129-en
Behavioral task
behavioral18
Sample
LiteActivate.dll
Resource
win10v2004-20240611-en
Behavioral task
behavioral19
Sample
LiteErrorReport.dll
Resource
win7-20240508-en
Behavioral task
behavioral20
Sample
LiteErrorReport.dll
Resource
win10v2004-20240611-en
Behavioral task
behavioral21
Sample
LiteSerializer.dll
Resource
win7-20240419-en
Behavioral task
behavioral22
Sample
LiteSerializer.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral23
Sample
Microsoft.Office.Interop.Excel.dll
Resource
win7-20240611-en
Behavioral task
behavioral24
Sample
Microsoft.Office.Interop.Excel.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral25
Sample
Microsoft.Vbe.Interop.dll
Resource
win7-20240221-en
Behavioral task
behavioral26
Sample
Microsoft.Vbe.Interop.dll
Resource
win10v2004-20240611-en
Behavioral task
behavioral27
Sample
NCryptXL.exe
Resource
win7-20231129-en
Behavioral task
behavioral28
Sample
NCryptXL.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral29
Sample
data/examples/Example.xls
Resource
win7-20240508-en
Behavioral task
behavioral30
Sample
data/examples/Example.xls
Resource
win10v2004-20240611-en
Behavioral task
behavioral31
Sample
data/examples/RandomPasswords.xlsx
Resource
win7-20240611-en
Behavioral task
behavioral32
Sample
data/examples/RandomPasswords.xlsx
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
10343bf892632ec266a3cc135e68a848_JaffaCakes118
-
Size
1.3MB
-
MD5
10343bf892632ec266a3cc135e68a848
-
SHA1
c4556986757e6aa60e40b04ef4078339ffaed4e6
-
SHA256
989b7036f1b50befeb7da1c6d1af00624e34c101c91a83e2e746a7f0ef484f29
-
SHA512
2807e3dc84495b4bcb2cf18646775d61a81f641a3efedcc8e1bdda5ca55aaa14b29c492ace8c8118fc76f293c8434dcb9d0fe97aacda8da98fc68e4f5742e43e
-
SSDEEP
24576:WlJPwvWtNp1jShEEtjIXr3f/BHW0lM35N8D8PLgcgh882I5PVavd26:IPwuj7ShEEtM7vp2aD2gVGs5Pkvd1
Score7/10-
Loads dropped DLL
-
-
-
Target
$PLUGINSDIR/InstallOptions.dll
-
Size
14KB
-
MD5
d7b3f05ff44116b9080b5e69b2e86efd
-
SHA1
2535ecfa122041edb901ac667944e0f6814c4cd0
-
SHA256
40d66e085409445202dce1b5419449cc302d91be17614b521e3ccce473205db7
-
SHA512
414c6b410b35a8bb5a2c9fdd46dad63704484e1535155219b29a5bb886ded73f4b7ca3bafa726ce751e1c711a764938c9256106a90098263d6ff88bc017ec140
-
SSDEEP
192:X6JaVGQ+xI5EeuyvMmGpeWH2J5xprN+AxTyK72dwF7dBdcQOz:X6JaVh4I5rpPbTy+BdhO
Score3/10 -
-
-
Target
$PLUGINSDIR/StartMenu.dll
-
Size
7KB
-
MD5
80a55b35582678d845ccca04f52cada3
-
SHA1
82d1236218c95a34425b8831ef1627c0c5919dfa
-
SHA256
e66dd544c167c9ebb3d8ed18622276c350e5c97c076c7c81b514bab6446a3ca5
-
SHA512
c683793d4f264a76ffa5aab33be2a1aca154757f09a984e22b4281af19e9deaac5297a80ee9c92b8195e15db5b8b33f7d110707c05bf9c928c6e5561da559a62
-
SSDEEP
96:Z+LBC0x22epxPEvC4FkWE+in1/FMvsCGRfRFqCB5t/GhEl5VN:Z+lepxPE1r8/FtmCDt+g5v
Score3/10 -
-
-
Target
$PLUGINSDIR/System.dll
-
Size
10KB
-
MD5
4fbb4a2cd711fc1fe84f3dc30c491dc9
-
SHA1
888e01ae6e64e7326f88df9a30587f699eab154a
-
SHA256
c3b05f4faf5e8903d5b4cb4a8ce4bbf2e8144725b98d8787d51c117b6efa9bc2
-
SHA512
92dcf99672a5935065df6492e27abb653679f1db6dcddfde87cd14260c94a870327826b23cc2f338381b3eb53d07c1a3867806f6ff94533db5195b895a856847
-
SSDEEP
192:CO6dJA/ruAFEiUdWWE6hE5RYUdJfbub1argMO:XKAFERdlxhGRYUzqZar
Score3/10 -
-
-
Target
AxsUtils.dll
-
Size
56KB
-
MD5
2795def15a66cc8d256fc43055f0b320
-
SHA1
c13d42abb6a38227060655ae3cea1edaf806c4a9
-
SHA256
d2848e639eed2ea7556a3f719c90beaa5b40c54f5539e8d741db283061cd7136
-
SHA512
fa04d864cb04724fba0e4e93452adb333cec6a1ce38b68d0c7a00984b0206fe397d86066e0a178baecf0966c6a9924269547a14eb7e084a76ae9b7654e57b1e0
-
SSDEEP
1536:MSZkGBXrijbS0xrF4FbtLIS1igH5J3b+:Zu+weWFWgIJ3q
Score1/10 -
-
-
Target
CheckForUpdates.dll
-
Size
56KB
-
MD5
7a9228eeeaee70fc8e44e3d23e2b5241
-
SHA1
ddd435d20ac865d3d091c0f4a7a269031615ffb1
-
SHA256
4d48e3c20b1257e95c669cbe885886926a9b01a71548ca49a1d5ac3bd51bc413
-
SHA512
197492ba7018ed25be6575831c511610d93de1ffc939f6ac2bacc983e181d0bdde03b0be53a8d3cf854956cb582a1339fb1d7fc54fcbd510f673870dca516593
-
SSDEEP
768:/ieK488greUMInDnsIziLEVAc/YZQ/Oji7fNEj0p:/iygreUMInbxCE+xQ/OO7fNEj0p
Score1/10 -
-
-
Target
Interop.eWebControl.dll
-
Size
24KB
-
MD5
dde80a1a4f091ea6dc8f9c6922266426
-
SHA1
9afffaa30ae179561d16947e4f1ad9834dd73731
-
SHA256
61c831ced0f601566880ecebef8ee92455aacdf8b66dcdfc0e46edb804f85425
-
SHA512
e926d203316ba7c771f8bf828a577454097569442a3dfff04e17f04585a467b13710b578416f2e9d051f2c359f79266b839877fadf6d2d40bbb08b1a76eec33c
-
SSDEEP
384:lzFiVZarLBJ3YTdlt8s6C3ncsP05GB3gicQK7v0yuPGw1b+7ChHg3uko:lsZKbyL8sbJPHT
Score1/10 -
-
-
Target
LLCryptoLib.dll
-
Size
328KB
-
MD5
b506f3663377be613d7bf1eed242d09c
-
SHA1
6a452889d760e8736345599c11b6df22bdc090e7
-
SHA256
a89095a29da119c99a393da8ce2f4a21c726df6358c8813877d5662ace310ba0
-
SHA512
c8210808d43e4e21e8151038406e422247f36c0793ba1a1050a5bbe08c1c1174a714223797baff4293cc3e19e4d6df721d4ea8b2ce224e2d079aad8dec47c563
-
SSDEEP
3072:f4HtmRmdNYA2D51QnhufmV/zahudDzwvgQOFpwHILP9EpHs5pPSdFD4sw9kWVaIx:f80A29GhuQ46Ios4tBMgxiIY0tNfZb
Score1/10 -
-
-
Target
LiteActivate.dll
-
Size
67KB
-
MD5
4754228b03a6dadcdef72700b4d997f5
-
SHA1
88c803125612a98aef652b700b1f0df3a2f33974
-
SHA256
74551dbf1af4b17479af295dd1e2109271ba7ae3dba6fe8847b0b887d44101e9
-
SHA512
46294ae68005ce86c9de7b629ce7ab3b794384cd6026f4ff14d98309d78f454e5bc52ad9fb35a7133790f802257c670d07ef61645b82ca90daa06b347f29e076
-
SSDEEP
768:EJi/dqJq+80/3jwSUSbAy9OVudsW3ptYSnmuAs32ueKY8dcUz+1wqlrE3Q2elzxy:lkZAyYUXTY8ruKJSUzA5S3/e9ibbdr
Score1/10 -
-
-
Target
LiteErrorReport.dll
-
Size
27KB
-
MD5
fab3d9ff98af217fb30fb05c7cb683e2
-
SHA1
cd0190528be623b9b7d57f1353ea0b5695b8f0de
-
SHA256
43782a254693aa267f63ff49b2bf0b9b01a953b13c0ae45e4e10ae838b88cb94
-
SHA512
da35e0ed906056970772c1bcb370914e3c2e9e99b4e6a5dea68ed7a87eaf5875129cfc6df105a5031b512806612c890287fc4357d42e60e42c71985449a493cf
-
SSDEEP
384:qA74Koke735bTBYlSXSHVa+U8bUcZ9L9S8TD1lca9Ycl9Fc69Ucs9VcE9K9c9K5M:F7Db6GjZILZSBZBvGTL
Score1/10 -
-
-
Target
LiteSerializer.dll
-
Size
24KB
-
MD5
19293c1f655ec857fdac782cefefd1a0
-
SHA1
6620e108d4dd321f0e1a65029d5ff0ae6322cf66
-
SHA256
9d6ba69765330357a778c04199e836bf11182d6d44f4f2687197b198a93d2990
-
SHA512
e0f624e72efb6803e4d88c61588bbafd1f93b4b1b148ba200bf10cd364a247b1741011411b71c52f10101390768b68aae4f80b90d7712c4dc143bf7f2caa51c6
-
SSDEEP
192:+VE5tSOd5GZLeJDX1mALp/LuvgWJrcOSK/WmWbYrR:AqlJDMGNLuvgWJrcOScVrR
Score1/10 -
-
-
Target
Microsoft.Office.Interop.Excel.dll
-
Size
1.2MB
-
MD5
a7004e928e942661ec897ca12f9300c5
-
SHA1
3445422061e483f6ab97a52e085365c55f45e16d
-
SHA256
538e5c335779dccc6b0c4926e9221d8ba384580786e06a8e1363c716c61a6492
-
SHA512
acf3e9110ad68ce3db219fecbb10587004c4c4b11fb9526567b76b1911e518ceedb200a0402c6270e182ceb98a8c0430ba3030700975c752937a44c4cf9c9ffe
-
SSDEEP
24576:q8bmFgfKZUzud4XSRsrWVQvapEDetLFb7itE3OZwj3MNCzAZW/EV67YBOH8dSj1i:q8bmFgfKZUzud4XSRsrWVQvapEDetLFc
Score1/10 -
-
-
Target
Microsoft.Vbe.Interop.dll
-
Size
62KB
-
MD5
84af255fcfd9f5d41a4a5fba78c73f63
-
SHA1
61b235b2f14833846d2529a3475a4342e5d3328f
-
SHA256
eea5779834836be1b1a4dc3253df50cc15b7158ef1d5296cbc147114598000f4
-
SHA512
d45927614916d2172f308619a2e10644040bed904f8ce9cdef7af65044e3a4461ad0f18abd0d6a445ddd4ada754561c5ca813d0b4eafc55e3631b7c763ffca91
-
SSDEEP
768:7FYZSI4M0bOBU4tCs4E4aKnw5IgvLtVR3I5DKeWR8YapJ9x6jL3baeVQ:7FYZSI4VsjtCsiw5IgvZjlE6jHaeVQ
Score1/10 -
-
-
Target
NCryptXL.exe
-
Size
346KB
-
MD5
b505ba4c2531253e89a36beec8c7f176
-
SHA1
8e0f7cc82aef3667563ec8691bd5856055279ced
-
SHA256
1d1432c19a4e580ca40e685f626e84875f780385430a964aa4e873e520e152ab
-
SHA512
1264546b782cb1e8431b8d9bd8762482fa48a5566bd0bcc49940a685fb3be203c7a584c9b8217acc0466ba2d830d30752c233574d397a7fe60d5a7112a6ab31d
-
SSDEEP
6144:GhV4Sy2YS54LihMXC5DCTXTR4LihMXC5DCDwb:GP4Sy2YS54u2FJ4u2FDwb
Score1/10 -
-
-
Target
data/examples/Example.xls
-
Size
42KB
-
MD5
b56d8d13e8427f398f4cb6cf82ff1b91
-
SHA1
dbab16746ed51b18b0149c1067bd0487fd008827
-
SHA256
f3af8fbeccba1b4269588d5c3f896aff7255c4bf56d6630c128cc46d72996a6f
-
SHA512
cac32c6733c5b4e0c13fbba47bd3bfc48581fee70aac7217880ba50b7382eede137b242cb110e605312c458ee121ee02ae10c8a1f70fea7723fbc833c15103d7
-
SSDEEP
768:ut1WYNwjib9k1BWqeXagnEo/heRwDlmjBeixIxS0L2Nzr2sgiHlAOY:uiYNwjib9k1BWqeXagnEo/heRwDlmjBU
Score1/10 -
-
-
Target
data/examples/RandomPasswords.xlsx
-
Size
31KB
-
MD5
1b83128c32c1fa621a6fe8abb8a7f671
-
SHA1
5c1eb26d5e49bb3262354f869615dd3fd4464208
-
SHA256
3915013da2ba2d9a96d7eb9637b47f97ce98074cb35500f0411e69a20cd88235
-
SHA512
a053b294d8c6bb92bd938d351cb795480d80ac1b77e8a9e0a3d39ebc33378d99012135743badb6486d014defa579a72804edc025874b62506f371f7cdb091f8d
-
SSDEEP
768:mjScXBZsdCXSWhgJ6pjG04NY2ppJEhQPwgf:mOo/k8ShqjG04NVECr
Score1/10 -