Overview
overview
7Static
static
31a953973ae...18.exe
windows7-x64
71a953973ae...18.exe
windows10-2004-x64
7$PLUGINSDI...fo.dll
windows7-x64
3$PLUGINSDI...fo.dll
windows10-2004-x64
3$PLUGINSDI...LL.dll
windows7-x64
3$PLUGINSDI...LL.dll
windows10-2004-x64
3$PLUGINSDI...em.dll
windows7-x64
3$PLUGINSDI...em.dll
windows10-2004-x64
3$PLUGINSDI...fo.dll
windows7-x64
3$PLUGINSDI...fo.dll
windows10-2004-x64
3$PLUGINSDI...gs.dll
windows7-x64
3$PLUGINSDI...gs.dll
windows10-2004-x64
3Coral.dll
windows7-x64
3Coral.dll
windows10-2004-x64
3Coral.exe
windows7-x64
6Coral.exe
windows10-2004-x64
6CoralApp.dll
windows7-x64
1CoralApp.dll
windows10-2004-x64
3CoralDb.dll
windows7-x64
3CoralDb.dll
windows10-2004-x64
3CoralDownload.dll
windows7-x64
3CoralDownload.dll
windows10-2004-x64
3CoralRender.dll
windows7-x64
1CoralRender.dll
windows10-2004-x64
3CoralTrident.dll
windows7-x64
3CoralTrident.dll
windows10-2004-x64
3CoralUI.dll
windows7-x64
1CoralUI.dll
windows10-2004-x64
3CoralUI2.dll
windows7-x64
3CoralUI2.dll
windows10-2004-x64
3CoralUpdate.dll
windows7-x64
3CoralUpdate.dll
windows10-2004-x64
3General
-
Target
1a953973ae8428f6f44f37c6fdae3d68_JaffaCakes118
-
Size
3.8MB
-
Sample
240701-j9pzfs1dnh
-
MD5
1a953973ae8428f6f44f37c6fdae3d68
-
SHA1
13337723278cf301891f6372451123552b9bf97f
-
SHA256
a00efafb9deb99a99bfdd34f55818983e9cc675d1cac6b71b9fec4b0bea1aa56
-
SHA512
8547d333fc7d24a9e6662e4a34b7cf544783acc8c54b422f51ed81b3fa6819e93a07ba46bdb4bb0d31c7256abb748b20797475c849c5b026574a9f08b26879c1
-
SSDEEP
98304:cdaT/7lJGQLHsaVw+OCzYSnKaWFZ45wVtew/ORnC0N5:cA7lJhWg/KamcMIw/OF3v
Static task
static1
Behavioral task
behavioral1
Sample
1a953973ae8428f6f44f37c6fdae3d68_JaffaCakes118.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
1a953973ae8428f6f44f37c6fdae3d68_JaffaCakes118.exe
Resource
win10v2004-20240226-en
Behavioral task
behavioral3
Sample
$PLUGINSDIR/FileInfo.dll
Resource
win7-20240221-en
Behavioral task
behavioral4
Sample
$PLUGINSDIR/FileInfo.dll
Resource
win10v2004-20240611-en
Behavioral task
behavioral5
Sample
$PLUGINSDIR/KillProcDLL.dll
Resource
win7-20240611-en
Behavioral task
behavioral6
Sample
$PLUGINSDIR/KillProcDLL.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral7
Sample
$PLUGINSDIR/System.dll
Resource
win7-20240221-en
Behavioral task
behavioral8
Sample
$PLUGINSDIR/System.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral9
Sample
$PLUGINSDIR/UserInfo.dll
Resource
win7-20240611-en
Behavioral task
behavioral10
Sample
$PLUGINSDIR/UserInfo.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral11
Sample
$PLUGINSDIR/nsDialogs.dll
Resource
win7-20240611-en
Behavioral task
behavioral12
Sample
$PLUGINSDIR/nsDialogs.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral13
Sample
Coral.dll
Resource
win7-20231129-en
Behavioral task
behavioral14
Sample
Coral.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral15
Sample
Coral.exe
Resource
win7-20240419-en
Behavioral task
behavioral16
Sample
Coral.exe
Resource
win10v2004-20240611-en
Behavioral task
behavioral17
Sample
CoralApp.dll
Resource
win7-20240508-en
Behavioral task
behavioral18
Sample
CoralApp.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral19
Sample
CoralDb.dll
Resource
win7-20240221-en
Behavioral task
behavioral20
Sample
CoralDb.dll
Resource
win10v2004-20240611-en
Behavioral task
behavioral21
Sample
CoralDownload.dll
Resource
win7-20240508-en
Behavioral task
behavioral22
Sample
CoralDownload.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral23
Sample
CoralRender.dll
Resource
win7-20240611-en
Behavioral task
behavioral24
Sample
CoralRender.dll
Resource
win10v2004-20240611-en
Behavioral task
behavioral25
Sample
CoralTrident.dll
Resource
win7-20240611-en
Behavioral task
behavioral26
Sample
CoralTrident.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral27
Sample
CoralUI.dll
Resource
win7-20231129-en
Behavioral task
behavioral28
Sample
CoralUI.dll
Resource
win10v2004-20240611-en
Behavioral task
behavioral29
Sample
CoralUI2.dll
Resource
win7-20240611-en
Behavioral task
behavioral30
Sample
CoralUI2.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral31
Sample
CoralUpdate.dll
Resource
win7-20240221-en
Behavioral task
behavioral32
Sample
CoralUpdate.dll
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
1a953973ae8428f6f44f37c6fdae3d68_JaffaCakes118
-
Size
3.8MB
-
MD5
1a953973ae8428f6f44f37c6fdae3d68
-
SHA1
13337723278cf301891f6372451123552b9bf97f
-
SHA256
a00efafb9deb99a99bfdd34f55818983e9cc675d1cac6b71b9fec4b0bea1aa56
-
SHA512
8547d333fc7d24a9e6662e4a34b7cf544783acc8c54b422f51ed81b3fa6819e93a07ba46bdb4bb0d31c7256abb748b20797475c849c5b026574a9f08b26879c1
-
SSDEEP
98304:cdaT/7lJGQLHsaVw+OCzYSnKaWFZ45wVtew/ORnC0N5:cA7lJhWg/KamcMIw/OF3v
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
-
-
Target
$PLUGINSDIR/FileInfo.dll
-
Size
46KB
-
MD5
25aa25fcec2065cdf81f77d2153a63a7
-
SHA1
e09b96d596323201ce5586daa16c9b8ecfaa7654
-
SHA256
ba62fc93cdd027de00af9cbaf31bf102d47fe9f1d74493ebf6faa2f2c9982435
-
SHA512
5de8b9ca1b38fba4f63756066d10a0312acafe9c051645fd192e500d1cff23a21845cec2d1fb1002ddf7002f9f6ae3962fd6087f3ab793d9630c33e35d6aba64
-
SSDEEP
768:tAZ9soz3qR9QI6vY+V882mIqfhvsXRi1wOieGtJOQ:uZ9jqR9dP+7hvx1wO4tJOQ
Score3/10 -
-
-
Target
$PLUGINSDIR/KillProcDLL.dll
-
Size
56KB
-
MD5
8a4b879da60260c2ba80b246ce514839
-
SHA1
8efbc9f5c4d8b18b0edb4a9f3745c162e85b97eb
-
SHA256
bf68ebbdcc0906e74156154fe70652d64410c754cee155e47216ceffdb77f9a0
-
SHA512
79f211b0af92c2efade03169e3108566cf7cdacecc4253ecb16b871957005c1691c163aa265b3a3430b9dcf951fe3ec8e9bec7c6b87e1bbc1066b3c56d6bf30e
-
SSDEEP
768:CWOfBb2ozjdNJhig26W7ziwgyQYnpoAtWYjOMbo:fOfooPlhIZWwgy3ltNxbo
Score3/10 -
-
-
Target
$PLUGINSDIR/System.dll
-
Size
11KB
-
MD5
a82b0479708b96c7bf4dd6b798aedee0
-
SHA1
7e47b402848a86bdddd5f0de8bb4620471caaab0
-
SHA256
72410442a894b8316da6ad469f03997ec17c0b0d117745bb6ac5cac3232c7d20
-
SHA512
02e07def3897d87d546c0cf1492191591be587f64ae5c165b9a91fb977585c65a860135eb8c102b67dede913ea935459ce70c4ca973b292122c8d097ab130d58
-
SSDEEP
192:hCZej3uzvJwqJMQKN4GbeWZksMI4ETWcEbcBZ8ep2Kra7y6G:hCi2HgN4GbeWmbI4Eybogia7y6
Score3/10 -
-
-
Target
$PLUGINSDIR/UserInfo.dll
-
Size
4KB
-
MD5
329f721e5109a9731f114c58c03ca6d1
-
SHA1
a2b346099a35792d80e1dfe8f408695ef07e05b5
-
SHA256
6a8aaa3940cc292bdc61603f51c2f8328a8d1614b998485e0de08347631615b6
-
SHA512
b6eedc986dd80157541be4d65490d0df2ef6ab3248800fb15e23f517ebcff3687c4d4cc51908cd779b50db5d76da6c946f4a05ddc79405248dd91566547cd7ca
Score3/10 -
-
-
Target
$PLUGINSDIR/nsDialogs.dll
-
Size
9KB
-
MD5
a3c40444a87d4fa00c4d3a432561917e
-
SHA1
3f9a66255f8f360f1702a3e28055a003fd2e0986
-
SHA256
813110186ec95d7f8294c7018d191983a96c20f5ba0b7c81d64406be92e98296
-
SHA512
4d9174e62448c599577045a3cf8150596ed27611ce065945ab85b9488126e60357a9892d7faef25d69c416a929c605fabb2f7de87371293fc2d4e8299686666e
-
SSDEEP
192:0zQhZDqlJcKISw99ioU3MSfwLF/+nhHUbsdz:0zoZDGKYw9goWyFGBUmz
Score3/10 -
-
-
Target
Coral.dll
-
Size
583KB
-
MD5
afac79e92e3785299f191e74de3f366a
-
SHA1
d00b781bffff2967a434bc8cb69d4e6202e6f57c
-
SHA256
e2fd8e0e1de3035c9cddc201fea8cbdc89f91e89bfd60a1ab70bfd317e3043b8
-
SHA512
212f730fcd0c587ca3920c4dfbcf1266a96c87bb045f2b0ee7e80e0551c97b2978be0024ff14e3afc4e6025d273fe7508de1d7ec08d6d5ba24201a0f502f5806
-
SSDEEP
12288:hvixHSC0MYWG50tUvuhyGiCHnUgNGzaf3/l/2jjSj:hvixyC0MYWG50Wvu7HNGzaf3/l/wSj
Score3/10 -
-
-
Target
Coral.exe
-
Size
391KB
-
MD5
f22c19dda6a7b1ee28a17c96da81708a
-
SHA1
2e562cd48ac73b66fdfe66389c57b05abc205be2
-
SHA256
2f54d182dc21951bf4bc083bc479bf5afa7fc3ce2bc0d4153fc122824d94ea43
-
SHA512
9c370d716f88db992e424f6899a50962eea9f19478022263c95cdc06d15d5663e8a25c2dede8b6728407e75b8c201fa162b91e5b747188f77e37b83c1c37234b
-
SSDEEP
6144:H0bHfnkqOFQl7ZpbJelj7vC18dViTXCix327:UTfOG7ZpbJ0LXibC97
Score6/10-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
-
-
Target
CoralApp.dll
-
Size
109KB
-
MD5
007807250a94f82a475c21908f840ea5
-
SHA1
187cba9542083eefab386b2f51610a3a9eed0fde
-
SHA256
f8af22dcba5f19703cf3a8bb36b14c7c8f1c4797dbc383844f78db3eacbcf4cd
-
SHA512
58c48e86a9635bac92569fcd5afa48508c96a833576eedd76efb010883f0e711baab18f79bfa92be71a5b85256b60bbc9ab3bb2da3243a460d37e3aee898d241
-
SSDEEP
3072:0fbZOmtLctOIJ2B5H4vNdvEKl19U16LS3HOgZAwXjSy:8FOmtgtOS2B54ga19U1j3HOgZ1
Score3/10 -
-
-
Target
CoralDb.dll
-
Size
1.0MB
-
MD5
c97b98c70ec8e4407879270b3ffe8984
-
SHA1
f226b353a5090931186842b36f01fb6d3f089760
-
SHA256
4e7b5abf6df3b4ca12e1edb1543344452446da9ac3fdb27e5bf754ae09906714
-
SHA512
f8f3eca681855bbaee443053f8429c4785838edb379588beb501fa6ac6d0de8ea6c2ec9136a3d8a0005bb48efd7fd7a2a9741eb78d3dca8e49081ee4a817275b
-
SSDEEP
24576:NopftMsUXD8fv+A8x1+RsZnnIIQvzNnqf4P9pTmboiiSDEgd4:IeGx8LIef4P9pTmboiiS5d4
Score3/10 -
-
-
Target
CoralDownload.dll
-
Size
294KB
-
MD5
6973407fda8c04e298013976ed07eb88
-
SHA1
fdc718fac0f1e122083f75771bffc32da90a8d38
-
SHA256
5c53566c36ae2d03aec24711ea33dba5d60f8943306a70a15c52836ab99545f0
-
SHA512
2e4af02cd94d72934c66e919d7f023b483491edafedbe0d59cd1118d098cd9e51bd07d7fe37f9d27955ee1a94bbe891b8037376c83705d33f47bca20a061ec80
-
SSDEEP
6144:xCWOzeJPd9gBXI7ne1K5ioaxNele6HGiLmG1zPwYaCOAntYm8iPgf:cWOFBX8ne1qDHGi6G1rwlCl8ogf
Score3/10 -
-
-
Target
CoralRender.dll
-
Size
137KB
-
MD5
832bf20d1d1ed5c247ed7367508dd428
-
SHA1
9715a09440933d558e208af914ab730e0e4789ef
-
SHA256
e1b1f74f7048c9d4bdba657912b622481271e8ac7519d1ff2ea7b38d68090253
-
SHA512
5550991e2f010585956df506d9c2c6a636afa556c29462e56cbf6c3ad26dcd493dd235f1e26f21529a07fee485d7398e61cb4ae9d78a85a8514d2b93263a0016
-
SSDEEP
3072:hpJqiHpl8l71rgDi8cEBGi5Nkl3fUUJ0oYl0WuZYODtM2tBnRPV:giHn8YBGiu0DSjZYODtMIxV
Score3/10 -
-
-
Target
CoralTrident.dll
-
Size
506KB
-
MD5
993b059afd143fcd153d4aa1e456a5bb
-
SHA1
8a7bdd26b963b65cd490f25c21340f5f10dccb1d
-
SHA256
aecae09d1637cd5910b06fa41ee73fb2cdde6c8756a535152c6fec9cb4b9253b
-
SHA512
dc5dc8ca1f4ee7a88ad43b790d1563ff27c335df6931eaa0041cf78c4602a56792c93c6a1cfa71b42693c91dd76366186b27b3f63c7f05a3440fb97f47761d0d
-
SSDEEP
6144:3lkKz9RPBkGKRHTNbxuecoTlj7DifMw9OrJhNVtUV3SY+2ad1TXc+fcOgCiSC:nBWTNnhcfMagraJrOTX33C
Score3/10 -
-
-
Target
CoralUI.dll
-
Size
1.4MB
-
MD5
2c157ecdaf8a1cec3106f214db9dd974
-
SHA1
a0505c990694c03b349fbc7597935807c0bfcf52
-
SHA256
6662595d4183df68a822c715ed3ea07e0db1c7478b76747ecfc737fc183b0aa4
-
SHA512
f52c4419d64426aa6a914a46a2885b77a488d2442e4b34109d569222c187a9a42872745eb0603221791cc4aae119bdfcf0776d597a5f08aebccbd051462c773a
-
SSDEEP
24576:olq4VOZD8+hakWpXo9AadfnzcSknBC9BE8xHRwjZPMaNdrsnIy8R:zEy8+hak9a691oOedrsIy8R
Score3/10 -
-
-
Target
CoralUI2.dll
-
Size
1.2MB
-
MD5
f9cc511af5284c1de27cd87a76aa684b
-
SHA1
c1319584ef86228eb76b51c816024554e54e450e
-
SHA256
43e5e9f9e40a9cff4580e31d69a7c2851184ac69d98a7ffa1c768e2e17e14505
-
SHA512
d4ef4b62c07b262cc9d760645f6e819b41e28b1207ab9f1a968bc7584b4c63a2cf09c5b0e0a56384f1777f06a0887ced5172b32f05e940b92013b3f262e8c153
-
SSDEEP
12288:SBwyZS6XWlDHxZbbyRf6gPudrREVtKPZzeResv7PKxGQ/tY7YrDt:SBwyZBGZHjbuxPudAteaR2xGQVY7YrDt
Score3/10 -
-
-
Target
CoralUpdate.dll
-
Size
352KB
-
MD5
7b1938124b07781bea91fae264e99f87
-
SHA1
39ff40d2b9d1e5f51a2d9817d801c4242d21763e
-
SHA256
281bd67d445ccc728f5a92fb8200e306cd8d4d311a6a9edcb8c9760cf9d1ea93
-
SHA512
6bee84c135c60496eb79b272afbb5881cc3c1ac82bcf370b40209b5532d3922fec7be4b5af05044ef644146cda7d0baa32f344b86a40f1c27d416bb758c743bd
-
SSDEEP
6144:NiQRHSkgCAoHD/LDtwd3Zp5VsjInbJC65iRnGik0MPAcTHe1OjDxW6aOgoftcl:BZAoj/L2d31QoiRnGilcTHYOPJ0l
Score3/10 -