Overview
overview
7Static
static
33666667779...18.exe
windows7-x64
73666667779...18.exe
windows10-2004-x64
7$PLUGINSDI...ns.dll
windows7-x64
3$PLUGINSDI...ns.dll
windows10-2004-x64
3$PLUGINSDI...dl.dll
windows7-x64
3$PLUGINSDI...dl.dll
windows10-2004-x64
3$PLUGINSDI...em.dll
windows7-x64
3$PLUGINSDI...em.dll
windows10-2004-x64
3$PLUGINSDI...gs.dll
windows7-x64
3$PLUGINSDI...gs.dll
windows10-2004-x64
3GinoPlayer.exe
windows7-x64
6GinoPlayer.exe
windows10-2004-x64
6Interop.WMPLib.dll
windows7-x64
1Interop.WMPLib.dll
windows10-2004-x64
1launcher.exe
windows7-x64
1launcher.exe
windows10-2004-x64
1Analysis
-
max time kernel
117s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240704-en -
resource tags
arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system -
submitted
10-07-2024 21:12
Static task
static1
Behavioral task
behavioral1
Sample
366666777929c66c4ad67b64e69f8b66_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
366666777929c66c4ad67b64e69f8b66_JaffaCakes118.exe
Resource
win10v2004-20240709-en
Behavioral task
behavioral3
Sample
$PLUGINSDIR/InstallOptions.dll
Resource
win7-20240705-en
Behavioral task
behavioral4
Sample
$PLUGINSDIR/InstallOptions.dll
Resource
win10v2004-20240709-en
Behavioral task
behavioral5
Sample
$PLUGINSDIR/NSISdl.dll
Resource
win7-20240708-en
Behavioral task
behavioral6
Sample
$PLUGINSDIR/NSISdl.dll
Resource
win10v2004-20240709-en
Behavioral task
behavioral7
Sample
$PLUGINSDIR/System.dll
Resource
win7-20240704-en
Behavioral task
behavioral8
Sample
$PLUGINSDIR/System.dll
Resource
win10v2004-20240709-en
Behavioral task
behavioral9
Sample
$PLUGINSDIR/nsDialogs.dll
Resource
win7-20240708-en
Behavioral task
behavioral10
Sample
$PLUGINSDIR/nsDialogs.dll
Resource
win10v2004-20240709-en
Behavioral task
behavioral11
Sample
GinoPlayer.exe
Resource
win7-20240708-en
Behavioral task
behavioral12
Sample
GinoPlayer.exe
Resource
win10v2004-20240709-en
Behavioral task
behavioral13
Sample
Interop.WMPLib.dll
Resource
win7-20240705-en
Behavioral task
behavioral14
Sample
Interop.WMPLib.dll
Resource
win10v2004-20240709-en
Behavioral task
behavioral15
Sample
launcher.exe
Resource
win7-20240705-en
Behavioral task
behavioral16
Sample
launcher.exe
Resource
win10v2004-20240709-en
General
-
Target
366666777929c66c4ad67b64e69f8b66_JaffaCakes118.exe
-
Size
333KB
-
MD5
366666777929c66c4ad67b64e69f8b66
-
SHA1
324af49a8b25a4a2d24282a28aa4f6828fd16574
-
SHA256
d09da955ca8392d839b0d6c6e93d35dda867fb5eb80725dd10e475fbd9d633ed
-
SHA512
4435cb4368bc1f90095d0f2706d5fd9ed2dcc0468a15bf139b06e10541cd92165a5baa82f758d797189611ebb0e1b78945771c6db8b3b4f634f388ccaafd2a94
-
SSDEEP
6144:Ge34DofpUhpdaRNzObYmmObsKla/URyzHB1H6tjm2/Wn9EzEpLu2UC:bGdaRAbYmmw8URsBJUb/W9EzoT
Malware Config
Signatures
-
Loads dropped DLL 1 IoCs
Processes:
366666777929c66c4ad67b64e69f8b66_JaffaCakes118.exepid process 3068 366666777929c66c4ad67b64e69f8b66_JaffaCakes118.exe -
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
366666777929c66c4ad67b64e69f8b66_JaffaCakes118.exepid process 3068 366666777929c66c4ad67b64e69f8b66_JaffaCakes118.exe
Processes
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
688B
MD51573658e278cd8a1f03feffcbf056406
SHA1c72f426b25823a4b387695496829137148e8da19
SHA2566b28eb08d4016d48391150278d389e2666f25b8a3ab5b4b247256618f491484c
SHA512f3e6efccdfbbf02f5e4e6fa9b05b6262ca7c1e16eee140bcfa508e2918737131bb48d166f594e9c16ac378e644a3f3ad1d375357475fdb92ca503bdd84eb858e
-
Filesize
14KB
MD5325b008aec81e5aaa57096f05d4212b5
SHA127a2d89747a20305b6518438eff5b9f57f7df5c3
SHA256c9cd5c9609e70005926ae5171726a4142ffbcccc771d307efcd195dafc1e6b4b
SHA51218362b3aee529a27e85cc087627ecf6e2d21196d725f499c4a185cb3a380999f43ff1833a8ebec3f5ba1d3a113ef83185770e663854121f2d8b885790115afdf