Overview

overview

7

Static

static

3

402bcb0863...18.exe

windows7-x64

7

402bcb0863...18.exe

windows10-2004-x64

7

$PLUGINSDI...RL.dll

windows7-x64

3

$PLUGINSDI...RL.dll

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

CornerChaos.exe

windows7-x64

1

CornerChaos.exe

windows10-2004-x64

1

DTDJ_1.exe

windows7-x64

1

DTDJ_1.exe

windows10-2004-x64

1

data/logo.ps1

windows7-x64

3

data/logo.ps1

windows10-2004-x64

3

uninst.exe

windows7-x64

7

uninst.exe

windows10-2004-x64

7

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

Analysis

  • max time kernel
    149s
  • max time network
    153s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240709-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
  • submitted
    13-07-2024 04:20

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    402bcb086370e6129a094f96d5d6338b_JaffaCakes118.exe

  • Size

    2.0MB

  • MD5

    402bcb086370e6129a094f96d5d6338b

  • SHA1

    7f916f7685470c4705e1fcbdf0ed49f9ffab3ff8

  • SHA256

    42bc54bd062674ab00b32e0af67aae68d98b86644aa8c95b6d2c0200a3dcf594

  • SHA512

    79c97fe12ef70f7cfb4c5302d6d45f2fbec99100d9a386cf6776bb6c870387246317f2f6cc505c074b5085abadcf39c2a5a6a166c4280baf27af27a931bf1ba3

  • SSDEEP

    49152:1VRByTTqLh34UpPc9HAwhNVV8XLfwt6CZg60kU2+GP:1ZUmhAHAwTufK6CZg60kz+GP

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 3 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

Processes

  • C:\Users\Admin\AppData\Local\Temp\402bcb086370e6129a094f96d5d6338b_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\402bcb086370e6129a094f96d5d6338b_JaffaCakes118.exe"
    1⤵
    • Loads dropped DLL
    PID:4424

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\nssC0FF.tmp\BrandingURL.dll
    Filesize

    3KB

    MD5

    9c3488b5e9655d1837c3963ecec33f70

    SHA1

    f0fa9b4c29e75c6e4419c4633d09f2797aee2ef3

    SHA256

    05ef4beb7fab9d04c1fb251874166fa2d73a34b4a7f2b145d37a2fd00c88979a

    SHA512

    6af9f88d65d2279a71620f2a656062b1737b3a9a1692ed4e5887bdee891ce08d21c5c0b25ab3acbe6da9fe255dcd7f8a517c2751e73dc56add216740c945e4a7

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\nssC0FF.tmp\InstallOptions.dll
    Filesize

    14KB

    MD5

    b18dfaded8f6d2380fdfd8f6b6969211

    SHA1

    969fa0e906240ab1123254feeb833c275626cf76

    SHA256

    747d0222b652dbfc85e0de4f8486473662d325a55e32c7eacb91e53e37ceba58

    SHA512

    25fb09b8657997d31e61c908f1cd08357c1a1b68bbb1ba377e87b6a3eb347a2ef96c1a771b6c4332853abb33728c55c83efa73df5da03f3dfc132f8a69a2886c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\nssC0FF.tmp\ioSpecial.ini
    Filesize

    596B

    MD5

    5db8d2807e6d45d90b2c65d2564c7a9d

    SHA1

    c64a365eeca72dbe6fe9d493e66297b950dee199

    SHA256

    e9cd49df6ad6e52801ea722b6510ca9219dde93b39ae93a8d230b10813f441ce

    SHA512

    4584112e78501a0a2fea5f90251f00f09f942508b97d006b4af0ad41775999b963c5de0634b44e906495962fbdfb2d22eea37f8765fec9b000aa17716a878802

    Download Submit