Overview

overview

7

Static

static

7

2184325fa8...18.exe

windows7-x64

7

2184325fa8...18.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

Dload.exe

windows7-x64

6

Dload.exe

windows10-2004-x64

6

DuiDui.exe

windows7-x64

1

DuiDui.exe

windows10-2004-x64

1

mfc42.dll

windows7-x64

1

mfc42.dll

windows10-2004-x64

1

uninst.exe

windows7-x64

7

uninst.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    91s
  • max time network
    122s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    03/07/2024, 07:22

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    2184325fa88f1ce308ff71bf626d7963_JaffaCakes118.exe

  • Size

    1.1MB

  • MD5

    2184325fa88f1ce308ff71bf626d7963

  • SHA1

    c3bea953168c200bc0d4a4586efd20b755ce372f

  • SHA256

    965ec7a1cfe65aef444052482199c1c5c4690df8ce2b766831aa51559ff35cf9

  • SHA512

    d907c2bdacbc17734f272e00b5b59c6eb1ed5fff5ade7b8406c70dacee085fa1222a5139a866c91f74afc11a1be5d4fc5e51ce856bc4e60338ebf50f8f152608

  • SSDEEP

    24576:c8cdEowPWjp2Uzb+bCGzVyR86VKNMn+tIp1iwrn2UgQXoy:TcvwPA2CGgR8Mtn1p1Tn2rQXR

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

Processes

  • C:\Users\Admin\AppData\Local\Temp\2184325fa88f1ce308ff71bf626d7963_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\2184325fa88f1ce308ff71bf626d7963_JaffaCakes118.exe"
    1⤵
    • Loads dropped DLL
    PID:4196

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\nso4316.tmp\InstallOptions.dll
          Filesize

          12KB

          MD5

          444e1109d960c307df0ca2b33a24731b

          SHA1

          55e3b57d06128911ed4af44858d199d9b1945edc

          SHA256

          b3ba181120cd5b57e2cd5435bbd64c3257f7525ade359f89554e93f466692125

          SHA512

          9efdb45ee0eae73c24d3f01ff799160090f2b1f0f28ee8da3af52992fec220bf905070ce5a6cc1b5657642440ad29c22bc6889cd3ee1f674a908a935dcf4c2a8

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\nso4316.tmp\ioSpecial.ini
          Filesize

          625B

          MD5

          19f4f4e56092a7e036fa895eb9ec04a4

          SHA1

          5ed5de6a70b49e932351efe55041abd5e282f919

          SHA256

          aa77acc5553feca92c028b4c5ebefc38c9be6d4adb3a53cee6fe363516003c98

          SHA512

          f50aab43d6a1728928428e88ae18b0fd2bd9563a246fdd8baa9bd8a352d4e5be77a46bfaa1f4b869e0ddd763956243094f7586326cb1616ebdfa660fef9e0b15

          Download Submit