Overview

overview

7

Static

static

3

4103f3ac4d...18.exe

windows7-x64

7

4103f3ac4d...18.exe

windows10-2004-x64

7

$PLUGINSDI...er.dll

windows7-x64

3

$PLUGINSDI...er.dll

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...dl.dll

windows7-x64

3

$PLUGINSDI...dl.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$WINDIR/Sy...er.dll

windows7-x64

1

$WINDIR/Sy...er.dll

windows10-2004-x64

1

Cleaner.exe

windows7-x64

1

Cleaner.exe

windows10-2004-x64

1

Firewall.exe

windows7-x64

1

Firewall.exe

windows10-2004-x64

1

Resources/...op.htm

windows7-x64

1

Resources/...op.htm

windows10-2004-x64

1

Resources/...ty.htm

windows7-x64

1

Resources/...ty.htm

windows10-2004-x64

1

Sweeper.exe

windows7-x64

3

Sweeper.exe

windows10-2004-x64

3

Uninstaller.exe

windows7-x64

1

Uninstaller.exe

windows10-2004-x64

1

firewall.sys

windows7-x64

1

firewall.sys

windows10-2004-x64

1

foxiecoreu.dll

windows7-x64

6

foxiecoreu.dll

windows10-2004-x64

6

foxietoolbaru.dll

windows7-x64

6

foxietoolbaru.dll

windows10-2004-x64

6

uninst.exe

windows7-x64

7

uninst.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    100s
  • max time network
    17s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    13-07-2024 08:55

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    4103f3ac4d5bc3546475e3d681665a48_JaffaCakes118.exe

  • Size

    1.4MB

  • MD5

    4103f3ac4d5bc3546475e3d681665a48

  • SHA1

    1ca6c69a4437b7ac6d1528a627263ab94aaa538b

  • SHA256

    3c72f2851f20fee1e57a73226a2d4a54d88f55fbcaa817bac22eaf01cb79c8de

  • SHA512

    74ecac7b514cb8c85ce99a69d52ce6365ddfa9dc557b21742a2e4e621ecff02048ff67679b20a6915cb86e0b7d9475eb871ee9424636e9d377eca254a0566ed0

  • SSDEEP

    24576:Yk2nx/H2D3SrB0f1N93/FMEnh45Pr3HisdUXGN4r4ac13ehxqmQsTk01H4UTV+0O:YZBH2rKB6N9lePr33N4nhxqmQU464

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\4103f3ac4d5bc3546475e3d681665a48_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\4103f3ac4d5bc3546475e3d681665a48_JaffaCakes118.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: GetForegroundWindowSpam
    PID:2072

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\nsuDE02.tmp\ioSpecial.ini
    Filesize

    1KB

    MD5

    bc01a57fa127d9f887a9b8d618fb97f1

    SHA1

    1aef3a2f67e226538934d3967dc9e297ee020f32

    SHA256

    6a05414e60b0e85d4795acf79d583c0fd1f803dc9df10cfa55281261f1c7ed6b

    SHA512

    483d406be37c50df5abe0791e2811b3c2a1e793af511caa38ea35385900348d183664fd8ab16d6d0f0fb16449594b758c7be421efd15e3486038a2f60ccaae58

    Download Submit

  • \Users\Admin\AppData\Local\Temp\nsuDE02.tmp\InstallOptions.dll
    Filesize

    12KB

    MD5

    f407939127208a009b9a825cb77ed3c7

    SHA1

    051d7fccf3fb544acaa8ab6be590bb4bc79cef82

    SHA256

    191fab998e58b66a2416873b06062166b547eb3ba06b1326a4a785a566aaf76d

    SHA512

    d45d08823ac7667f071b21d238b7fda43115db3195a442cb17d880d147e8a930374403c970afc31f676f01a83fb9c63e3be047de7e16718a08a1fdbe4b690901

    Download Submit