Overview
overview
8Static
static
8259c009732...18.exe
windows7-x64
7259c009732...18.exe
windows10-2004-x64
7$PLUGINSDI...ns.dll
windows7-x64
3$PLUGINSDI...ns.dll
windows10-2004-x64
3Code/Execute.exe
windows7-x64
1Code/Execute.exe
windows10-2004-x64
1Code/Start...rd.exe
windows7-x64
1Code/Start...rd.exe
windows10-2004-x64
1Code/Start...on.exe
windows7-x64
1Code/Start...on.exe
windows10-2004-x64
1Code/Test ...on.exe
windows7-x64
1Code/Test ...on.exe
windows10-2004-x64
1Code/XLTemplatePC.xls
windows7-x64
1Code/XLTemplatePC.xls
windows10-2004-x64
1Code/insta...rt.cmd
windows7-x64
1Code/insta...rt.cmd
windows10-2004-x64
1Code/insta...rt.cmd
windows7-x64
8Code/insta...rt.cmd
windows10-2004-x64
8Code/pdfviewer.exe
windows7-x64
1Code/pdfviewer.exe
windows10-2004-x64
1Code/regis...er.cmd
windows7-x64
1Code/regis...er.cmd
windows10-2004-x64
1Code/sfk.exe
windows7-x64
1Code/sfk.exe
windows10-2004-x64
1Code/sgd.exe
windows7-x64
1Code/sgd.exe
windows10-2004-x64
1Code/stop service.cmd
windows7-x64
1Code/stop service.cmd
windows10-2004-x64
1Code/testpdf.cmd
windows7-x64
3Code/testpdf.cmd
windows10-2004-x64
7Code/testpdf.pdf
windows7-x64
1Code/testpdf.pdf
windows10-2004-x64
1General
-
Target
259c0097328816b607375e3a739642ed_JaffaCakes118
-
Size
4.1MB
-
Sample
240704-vk48mazdjr
-
MD5
259c0097328816b607375e3a739642ed
-
SHA1
8636a2d9f9bafb2ae16aa9364c6875bc5c7bb1fa
-
SHA256
b7f210dbfe383522954656d839e5bea626d20de4a4c2ab8d61976d42a744f094
-
SHA512
48d81ca4b8c9340491443db0c32ebfa6e51fadac46e0945369f62f00d4ee992d4248f82eb3ba44bd81b253970ef5d2a5b1171470ce534fa19bacf1c5aafd995d
-
SSDEEP
98304:UUn1BeJrUzLS32qCnt4N3G9LPkCrfVACBPhK6dWyBWoHH1zkUMUMUR:UUToEyTCnqQ979fnBPVWjo2UMUMUR
Behavioral task
behavioral1
Sample
259c0097328816b607375e3a739642ed_JaffaCakes118.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
259c0097328816b607375e3a739642ed_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral3
Sample
$PLUGINSDIR/InstallOptions.dll
Resource
win7-20240419-en
Behavioral task
behavioral4
Sample
$PLUGINSDIR/InstallOptions.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral5
Sample
Code/Execute.exe
Resource
win7-20240508-en
Behavioral task
behavioral6
Sample
Code/Execute.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral7
Sample
Code/Start Dashboard.exe
Resource
win7-20240419-en
Behavioral task
behavioral8
Sample
Code/Start Dashboard.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral9
Sample
Code/Start Session.exe
Resource
win7-20240419-en
Behavioral task
behavioral10
Sample
Code/Start Session.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral11
Sample
Code/Test Connection.exe
Resource
win7-20240220-en
Behavioral task
behavioral12
Sample
Code/Test Connection.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral13
Sample
Code/XLTemplatePC.xls
Resource
win7-20240611-en
Behavioral task
behavioral14
Sample
Code/XLTemplatePC.xls
Resource
win10v2004-20240611-en
Behavioral task
behavioral15
Sample
Code/install firefox ssl_cert.cmd
Resource
win7-20240508-en
Behavioral task
behavioral16
Sample
Code/install firefox ssl_cert.cmd
Resource
win10v2004-20240611-en
Behavioral task
behavioral17
Sample
Code/install ie ssl_cert.cmd
Resource
win7-20240508-en
Behavioral task
behavioral18
Sample
Code/install ie ssl_cert.cmd
Resource
win10v2004-20240611-en
Behavioral task
behavioral19
Sample
Code/pdfviewer.exe
Resource
win7-20240220-en
Behavioral task
behavioral20
Sample
Code/pdfviewer.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral21
Sample
Code/register pdfviewer.cmd
Resource
win7-20240221-en
Behavioral task
behavioral22
Sample
Code/register pdfviewer.cmd
Resource
win10v2004-20240611-en
Behavioral task
behavioral23
Sample
Code/sfk.exe
Resource
win7-20240611-en
Behavioral task
behavioral24
Sample
Code/sfk.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral25
Sample
Code/sgd.exe
Resource
win7-20240611-en
Behavioral task
behavioral26
Sample
Code/sgd.exe
Resource
win10v2004-20240611-en
Behavioral task
behavioral27
Sample
Code/stop service.cmd
Resource
win7-20240508-en
Behavioral task
behavioral28
Sample
Code/stop service.cmd
Resource
win10v2004-20240508-en
Behavioral task
behavioral29
Sample
Code/testpdf.cmd
Resource
win7-20240419-en
Behavioral task
behavioral30
Sample
Code/testpdf.cmd
Resource
win10v2004-20240611-en
Behavioral task
behavioral31
Sample
Code/testpdf.pdf
Resource
win7-20240220-en
Behavioral task
behavioral32
Sample
Code/testpdf.pdf
Resource
win10v2004-20240611-en
Malware Config
Targets
-
-
Target
259c0097328816b607375e3a739642ed_JaffaCakes118
-
Size
4.1MB
-
MD5
259c0097328816b607375e3a739642ed
-
SHA1
8636a2d9f9bafb2ae16aa9364c6875bc5c7bb1fa
-
SHA256
b7f210dbfe383522954656d839e5bea626d20de4a4c2ab8d61976d42a744f094
-
SHA512
48d81ca4b8c9340491443db0c32ebfa6e51fadac46e0945369f62f00d4ee992d4248f82eb3ba44bd81b253970ef5d2a5b1171470ce534fa19bacf1c5aafd995d
-
SSDEEP
98304:UUn1BeJrUzLS32qCnt4N3G9LPkCrfVACBPhK6dWyBWoHH1zkUMUMUR:UUToEyTCnqQ979fnBPVWjo2UMUMUR
Score7/10-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
-
-
Target
$PLUGINSDIR/InstallOptions.dll
-
Size
13KB
-
MD5
9b2bdf058d377da28704af9ca3ef1142
-
SHA1
0fc0d7fbc4c3a65eec33d9577ed38e545b3cc04b
-
SHA256
92f34db47c34d6867e6928d4a9cd27747ff642392c0e361f9cab2f5d8c4df300
-
SHA512
ba0c2a312732832874642f6ca8d3b5aa4274da5cbb3a09d990b442becdf9a1abb98c61c5cbbb55f6a5341d2997388d01f93f69e4946e923a1892c7621775b93f
-
SSDEEP
192:pK6RrZcTOIiQP00nXGqk3XsGZ4djZbfhhjv6WoF1dBaRp:I6RNcTPPVXG0kIjZbXjv6bBu
Score3/10 -
-
-
Target
Code/Execute.exe
-
Size
129KB
-
MD5
c1bd8a80d0d2f4a9fa39e7a3742c6af8
-
SHA1
6d8f947c726253d3e88b0a6206f96def96aae235
-
SHA256
bb68b2a0ca4cbb3b7b2c7128481a7409693153741f1c386e57073a3a394098b3
-
SHA512
5aea67a11bfde333e0d2cbbf5fb720f9534db65c5f8fe7d4843b787622e9f6bc7ca6154fe4ca1de0cc75b46b1240748c486cb2e5efed24ac4ac56313a59f92e2
-
SSDEEP
3072:m/6kNR1WJSx3gbfnbmMzJxIURL5KZ/KvnOU9V0:U6IiSuXKURHvE
Score1/10 -
-
-
Target
Code/Start Dashboard.exe
-
Size
129KB
-
MD5
ee110cf01b318ff413e2434a03c75de7
-
SHA1
bcb8816c96ac3d31e35e174bd7aa37e51fd2c98d
-
SHA256
5def6996e905c9cf584c3ee71fa09960be6a83e24e9d8f0327c649f93a8695be
-
SHA512
61f155db7f37c8937b8b85307126aea59eaa82999442f914b87ba480e2a28c526ba9379d9963b8009abde25789a7b7197d938be17fa5d96865c4133feb3f8d21
-
SSDEEP
3072:m/6kNR1WJSx3gbfnbmMzJxIURL5KZ/KNKrqu1Wtxle9VH:U6IiSuXKURHu1Wtxlq
Score1/10 -
-
-
Target
Code/Start Session.exe
-
Size
129KB
-
MD5
9e0b4e50415765cadb82425d196aa73a
-
SHA1
e8edbebb277e65ffb38cfba69009c05912024d69
-
SHA256
a9da4e157af96028a259e191f2f1278f02c58854782321c98a4e1c1c783d5beb
-
SHA512
348334b662d52aa39c2d55ea51062fffc7863c18ed91cbb4371358a103af0516b872b1d3029d64779d57879b596c546ca1aa966aab298c1f7fa3a95e3f43f672
-
SSDEEP
3072:m/6kNR1WJSx3gbfnbmMzJxIURL5KZ/KE1/AHEH9V/:U6IiSuXKURHE1Ws
Score1/10 -
-
-
Target
Code/Test Connection.exe
-
Size
129KB
-
MD5
11a1947aaaeb2d51127ded629d34b283
-
SHA1
9b5c4533c0cbbfbe1c32ebd01fe2cdacc1780bc4
-
SHA256
e8dfd25b9a60baf1a8ecb476d993be7c30ac0de26716797967090866c497f0f5
-
SHA512
ce0f110be4b44419b391e3b88eea6ded9b6394dc77fd7e6f3301ce2e0cd48f81952237a7fb1389ffa7844ae9e8540dc3e80ef95c26346b7db91cb94ef206df13
-
SSDEEP
3072:m/6kNR1WJSx3gbfnbmMzJxIURL5KZ/Kxo9V4:U6IiSuXKURHxb
Score1/10 -
-
-
Target
Code/XLTemplatePC.xlt
-
Size
25KB
-
MD5
3fcb948d8e6caab24ddb5e7ab6a883c9
-
SHA1
514a2a5b5402b7548750e6b27c32e1748f8afc00
-
SHA256
99d1739cecdc2d75703bd1fc3a44838952e4f9b8ce1f4b4a9ab69272256fa09c
-
SHA512
cdeaeb6e7980ba204f4a6720815deeb763195bd2e14ab5282c83e629582c6ecbe588200b357c7663bf303416b03abcf6a401ce86ab22a22fdd18c5e1a753e6f4
-
SSDEEP
192:5SuX/43AgdLSUX0ad/H7WYvwbIHYYJyaVH8wBORsWdRODzQlWLbM1e3EdpX5UNaH:FuFd/7WstHvBVHdBAdIPgWla97a3K
Score1/10 -
-
-
Target
Code/install firefox ssl_cert.cmd
-
Size
59B
-
MD5
896c70862e5ba37b05ddcb6c21c37ffb
-
SHA1
ea6428e7e41736198e106ce3bb94b26c408d4812
-
SHA256
e11023ae9e1719f9d62cdab38608231c1895e62c8e670f06601e8baaf2043de4
-
SHA512
068d64e75e7d3e486b8049773fae735cd53efcea6c24be0cf7481e4100284a06444092fb38523ffc08e3850cbbda4d244d8d63aa8514fd2cde1fc6a80be52057
Score1/10 -
-
-
Target
Code/install ie ssl_cert.cmd
-
Size
12B
-
MD5
4a755c74079333024fdbf5506ce329fa
-
SHA1
7a04ba472e65b61ee90cdceac54ac214c19d6d44
-
SHA256
7a914b496b23b9b7854c297e8bd3185d430e4aca505eada266817311b5a73161
-
SHA512
63235332a6310f13f1cffaf0678edd62ad3ebe13844ee45a4356af063426017e534d4374bcae42f6e8207bf64097e08df40fc03eef15c58d059e7d84b42bef7d
Score8/10-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
-
-
Target
Code/pdfviewer.exe
-
Size
3.9MB
-
MD5
654af68e9819729b4eb2dceb8511af00
-
SHA1
06b1b45a753940dbd4dea750260454b0e3d70ebe
-
SHA256
df0a41e765afe4e8d1961bb7cc085bb339d4d6f04776c009b33fd58fccbf7317
-
SHA512
9c4ea783353d749d00a3855fd51fe3de76b33805704689a913c0bbd945962f627f5c7149afe83627e140931488992048d68c9fdb3dddc77b5e2a274eb739dac9
-
SSDEEP
49152:0hn1HDzuUGk2oEZCjA7LuZ1yn8gRoPeW4JE956jk:un1jaUwGA+Z1ytREvD6A
Score1/10 -
-
-
Target
Code/register pdfviewer.cmd
-
Size
43B
-
MD5
878cf5a567ce4120f1133c92490c7685
-
SHA1
22c22a3ad576cdc7a6c7c235079662ca67a8e971
-
SHA256
ca93be671df7cdf5b187e064e44f5420de6873bd6c86fb860a370ad72ec57237
-
SHA512
b047ecd035b17d145286dd84082bb83b11e6ac273389e7358a4d65d6d496e50edd01597530f250cada9fe418684d97bfd706ceb99a17f31ecc0a34aee4eab598
Score1/10 -
-
-
Target
Code/sfk.exe
-
Size
368KB
-
MD5
d29bf3d53fdbbaf9b7f2e5ad577bf865
-
SHA1
2a36cc858dbfac4936ef369fbd09acb195ef9d24
-
SHA256
fbe7ec72a2f926edcb0984959258cb473225fa414c7b5c7ae1bbf2c9744b6643
-
SHA512
d3c66d2e29b1923537940222a57d1d3e3eb3cc9d582484c5a2531423bb9f922c7491f899e1d7fa022e5537378d56a8fde147da77bd2d4491a48aceb8b4e2af12
-
SSDEEP
6144:8pX691EJoDJ+8mwWB6jgUYrfeWNkG+xP+g5KO1ocivybv6frGgf5oNnPp:8pX691EJoDJ+8tM6jgUYr2WQP+41livn
Score1/10 -
-
-
Target
Code/sgd.exe
-
Size
1.6MB
-
MD5
431c32bb0de9a6995504d1edb360d948
-
SHA1
930d837eb089724c871b907b9ae6db0fb3c7e889
-
SHA256
0f7172da16b31b0e2ee2703222229f12d09c32fcb6b4823758961abffedd2724
-
SHA512
4bbb5d25d24a05dabb358db056b759f8b2d0724b69a710339d13a93cbc7a6e0c15f9e44a7fffd391bd0cd822c26a54b6faebe1eac37a7c3cb06585e78b7a543c
-
SSDEEP
24576:/OPuzQ79f3dmw20zLnBefJwVA5jpggdi:/aFmXcn8Rwaxpggc
Score1/10 -
-
-
Target
Code/stop service.cmd
-
Size
23B
-
MD5
8feb837e422429ce2ed277ca4dd705a8
-
SHA1
2cb6677735aeaadc5ac21d5f8d1f74ba963301cb
-
SHA256
460b2dfb7969cf99c6ca1bb8763c4d9b9a21ad143e4c0e1b8d3d9d7c9f1368f8
-
SHA512
5814e7b4b725557dabcf804cf34fdf03269ac61dbf480ccf3728f2e312f2c958070f346665e4ee40c3efbfba208c7146a94d75b9be32486c046509d01c98279d
Score1/10 -
-
-
Target
Code/testpdf.cmd
-
Size
11B
-
MD5
5808f39c5a6d00031200f00f7ffe741a
-
SHA1
cec46987bc3a0fe3f823834fdf720061d8266c12
-
SHA256
dfcfaf1e35d3a90ec0638205f6a8c19838b6bd4f75206635bfeb1eb39c99f608
-
SHA512
8ff12b7a62a000eac9cc0fb0280e017b323c1438fe2d6112c4f90fdab126678777a9df771df93413e71edc9a36a37ee2d717a5e5fde88e31d6379726e2e03a20
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
-
-
Target
Code/testpdf.pdf
-
Size
10KB
-
MD5
f7d165d1258da3422f9b0d932d3c0ee1
-
SHA1
bf8c25e7fe9b30844046c4fa5cb8b15b3bdec149
-
SHA256
303c438272b4a9a84add915943aa309ab2ce46dc54c51a7f3984d7392dc59f00
-
SHA512
148085521ae5c4353fb17b6bf380c9777bf80b647b2bcd51fbc0372efb71e2a696da80367dad4ca339e89ee855e8329ae233e0f19107dd2993ec3597934cff65
-
SSDEEP
96:18QY9Z/sk0nFwODdfMbpEZkIns78xVcXJ4vtnZkIns78CEVD5g:nAZ/sk0yqubuklJuXka5g
Score1/10 -