Overview

overview

7

Static

static

7

2420c5ca97...18.exe

windows7-x64

7

2420c5ca97...18.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

Languages/French.dll

windows7-x64

7

Languages/French.dll

windows10-2004-x64

7

htmlfr/frame.html

windows7-x64

1

htmlfr/frame.html

windows10-2004-x64

1

htmlfr/slideshow.html

windows7-x64

1

htmlfr/slideshow.html

windows10-2004-x64

1

htmlfr/thu...s.html

windows7-x64

1

htmlfr/thu...s.html

windows10-2004-x64

1

uninst.exe

windows7-x64

7

uninst.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    122s
  • max time network
    126s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    04/07/2024, 01:14

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    2420c5ca974624ab51e5849c6b749d14_JaffaCakes118.exe

  • Size

    116KB

  • MD5

    2420c5ca974624ab51e5849c6b749d14

  • SHA1

    41b159bbcbd6c1fb2a1218025ce059c81f3d9a51

  • SHA256

    40d4bc677804c8b7cbd4f13942682658546aee56746fecbd59e5eeef7da46c5f

  • SHA512

    5a22a7cbec6aad34c3e3fbda3ab4f3484d2d1f6039c4c41aca3f4351a849260965f5c29f26ab26acd0211d55a77ced4439d013dbaf8eb37c46d157c2a619f333

  • SSDEEP

    3072:INhR6b5yBSW45oXLqJXRiLdDnqTTs1MgWZvTGHSgc:ITCyxBXuJXRi5ne4anTGHbc

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2420c5ca974624ab51e5849c6b749d14_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\2420c5ca974624ab51e5849c6b749d14_JaffaCakes118.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: GetForegroundWindowSpam
    PID:1088

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\nsd1102.tmp\ioSpecial.ini
          Filesize

          748B

          MD5

          8ab14ccb53de0f14520a41bdb7a4d0ec

          SHA1

          6a8825423149e0af97fb86b4f031d32ecdbd3e93

          SHA256

          04c624f1ffc129ec6ab8a7b718de03d4d2a148bf4b10f40211f1d53f67bf31eb

          SHA512

          46fdd31327898a611316edf6422bd90356f123c85d850d3d8db5912395dc91875bb784b478672866016ec5d50c03b4210463fd8be6146c6955f47641522830d1

          Download Submit

        • \Users\Admin\AppData\Local\Temp\nsd1102.tmp\InstallOptions.dll
          Filesize

          14KB

          MD5

          5ae04445948261c85670059119df3dad

          SHA1

          f13313f7f3e465ea0bfb1190073bee4c5d10e56a

          SHA256

          5b604ab18f9b758c8d63faf682ca24789edce2cc8eec11d66dbc4adc5a50d5de

          SHA512

          e2e011dae67dc12088f2b92d048c6b5668027f82982a7191a12f3d875830e9b205f8dd49fc6ffb3ee452f0db4bb92d9497bdffdd324068923efcd038de81a3ab

          Download Submit