Overview

overview

7

Static

static

3

1c18452b19...18.exe

windows7-x64

7

1c18452b19...18.exe

windows10-2004-x64

7

$PLUGINSDI...RL.dll

windows7-x64

3

$PLUGINSDI...RL.dll

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$SMPROGRAM...Ø.lnk

windows7-x64

3

$SMPROGRAM...Ø.lnk

windows10-2004-x64

3

IFC22.dll

windows7-x64

3

IFC22.dll

windows10-2004-x64

3

ReflexiveA...de.dll

windows7-x64

1

ReflexiveA...de.dll

windows10-2004-x64

1

Ricochet.exe

windows7-x64

7

Ricochet.exe

windows10-2004-x64

7

readme.htm

windows7-x64

1

readme.htm

windows10-2004-x64

1

uninst.exe

windows7-x64

7

uninst.exe

windows10-2004-x64

7

ÐÂÔÆÈ...Ø.lnk

windows7-x64

1

ÐÂÔÆÈ...Ø.lnk

windows10-2004-x64

3

Analysis

  • max time kernel
    147s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    01/07/2024, 18:42

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    1c18452b1960318fe87a6925d7346ff4_JaffaCakes118.exe

  • Size

    12.2MB

  • MD5

    1c18452b1960318fe87a6925d7346ff4

  • SHA1

    c5d4d8f4b18b6c0b811c4ca76f09d34c4b5bffb0

  • SHA256

    f789c2e563491dbd82b480d1ad734d622cb8fe992428167d578f0df3c4e52c6f

  • SHA512

    e2783a84f9adffec62662f7ecefff8839735491608c4442723203da8f9db2b9e476264be02cd3eaacb1fa04dbe71dc12c6396dadf89e5af69d0e7785d2ef7ce7

  • SSDEEP

    393216:YR/GlPR31TsjWEU3BkMji85fOiNii2QwZ:IoR1TsqEwkMji4fnvTG

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 3 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

Processes

  • C:\Users\Admin\AppData\Local\Temp\1c18452b1960318fe87a6925d7346ff4_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\1c18452b1960318fe87a6925d7346ff4_JaffaCakes118.exe"
    1⤵
    • Loads dropped DLL
    PID:812

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\nsd423B.tmp\BrandingURL.dll
    Filesize

    4KB

    MD5

    71c46b663baa92ad941388d082af97e7

    SHA1

    5a9fcce065366a526d75cc5ded9aade7cadd6421

    SHA256

    bb2b9c272b8b66bc1b414675c2acba7afad03fff66a63babee3ee57ed163d19e

    SHA512

    5965bd3f5369b9a1ed641c479f7b8a14af27700d0c27d482aa8eb62acc42f7b702b5947d82f9791b29bcba4d46e1409244f0a8ddce4ec75022b5e27f6d671bce

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\nsd423B.tmp\InstallOptions.dll
    Filesize

    14KB

    MD5

    325b008aec81e5aaa57096f05d4212b5

    SHA1

    27a2d89747a20305b6518438eff5b9f57f7df5c3

    SHA256

    c9cd5c9609e70005926ae5171726a4142ffbcccc771d307efcd195dafc1e6b4b

    SHA512

    18362b3aee529a27e85cc087627ecf6e2d21196d725f499c4a185cb3a380999f43ff1833a8ebec3f5ba1d3a113ef83185770e663854121f2d8b885790115afdf

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\nsd423B.tmp\ioSpecial.ini
    Filesize

    372B

    MD5

    f7b3a1f22b21c803171fe5901ffe5349

    SHA1

    52c6761bbf0b4379ac24f37491174da3a5c648e1

    SHA256

    15cadb1d1e6f41cfbfd55dd2f4d1e5daf6a69638f5e769297b3e68f2b2dcaa83

    SHA512

    f2d516f392ebaf24a0b28fad42c6c9e3d724c78532d73664accdb9a57ad3f65d4cec62200d03b9c3ea63c8c091a4bee775fb074a0323842ea430d2b6c8db1984

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\nsd423B.tmp\ioSpecial.ini
    Filesize

    597B

    MD5

    feb271a546ed4b6be96b71948b820fef

    SHA1

    39dc19f269fb71f0e7f533df8d0e5cae4e995205

    SHA256

    984bdab021fc7a516c0ce1681c7a7477264d4ed33752a7e897509fd9b849e0aa

    SHA512

    a20b1745fbdae49657a45474a2e977a7e35a92cf219dfd1590e9dec76867b18b8fe5c18a2cb7cc3d98a33ed1a030e61daf7d536d37f62f69111079cbfad04195

    Download Submit