Overview

overview

7

Static

static

3

3666667779...18.exe

windows7-x64

7

3666667779...18.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...dl.dll

windows7-x64

3

$PLUGINSDI...dl.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

GinoPlayer.exe

windows7-x64

6

GinoPlayer.exe

windows10-2004-x64

6

Interop.WMPLib.dll

windows7-x64

1

Interop.WMPLib.dll

windows10-2004-x64

1

launcher.exe

windows7-x64

1

launcher.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    117s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    10-07-2024 21:12

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    366666777929c66c4ad67b64e69f8b66_JaffaCakes118.exe

  • Size

    333KB

  • MD5

    366666777929c66c4ad67b64e69f8b66

  • SHA1

    324af49a8b25a4a2d24282a28aa4f6828fd16574

  • SHA256

    d09da955ca8392d839b0d6c6e93d35dda867fb5eb80725dd10e475fbd9d633ed

  • SHA512

    4435cb4368bc1f90095d0f2706d5fd9ed2dcc0468a15bf139b06e10541cd92165a5baa82f758d797189611ebb0e1b78945771c6db8b3b4f634f388ccaafd2a94

  • SSDEEP

    6144:Ge34DofpUhpdaRNzObYmmObsKla/URyzHB1H6tjm2/Wn9EzEpLu2UC:bGdaRAbYmmw8URsBJUb/W9EzoT

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\366666777929c66c4ad67b64e69f8b66_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\366666777929c66c4ad67b64e69f8b66_JaffaCakes118.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: GetForegroundWindowSpam
    PID:3068

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\nso824B.tmp\ioSpecial.ini
    Filesize

    688B

    MD5

    1573658e278cd8a1f03feffcbf056406

    SHA1

    c72f426b25823a4b387695496829137148e8da19

    SHA256

    6b28eb08d4016d48391150278d389e2666f25b8a3ab5b4b247256618f491484c

    SHA512

    f3e6efccdfbbf02f5e4e6fa9b05b6262ca7c1e16eee140bcfa508e2918737131bb48d166f594e9c16ac378e644a3f3ad1d375357475fdb92ca503bdd84eb858e

    Download Submit

  • \Users\Admin\AppData\Local\Temp\nso824B.tmp\InstallOptions.dll
    Filesize

    14KB

    MD5

    325b008aec81e5aaa57096f05d4212b5

    SHA1

    27a2d89747a20305b6518438eff5b9f57f7df5c3

    SHA256

    c9cd5c9609e70005926ae5171726a4142ffbcccc771d307efcd195dafc1e6b4b

    SHA512

    18362b3aee529a27e85cc087627ecf6e2d21196d725f499c4a185cb3a380999f43ff1833a8ebec3f5ba1d3a113ef83185770e663854121f2d8b885790115afdf

    Download Submit