Overview

overview

7

Static

static

3

425f8e3a07...18.exe

windows7-x64

7

425f8e3a07...18.exe

windows10-2004-x64

7

$PLUGINSDI...RL.dll

windows7-x64

3

$PLUGINSDI...RL.dll

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$SMPROGRAM...��.lnk

windows7-x64

3

$SMPROGRAM...��.lnk

windows10-2004-x64

3

Mythic_Marbles_CH.exe

windows7-x64

3

Mythic_Marbles_CH.exe

windows10-2004-x64

1

uninst.exe

windows7-x64

7

uninst.exe

windows10-2004-x64

7

�...��.lnk

windows7-x64

3

�...��.lnk

windows10-2004-x64

3

Analysis

  • max time kernel
    90s
  • max time network
    145s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240709-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
  • submitted
    13/07/2024, 15:59

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    425f8e3a074c3ccbcd5cdb2914ee5d39_JaffaCakes118.exe

  • Size

    19.7MB

  • MD5

    425f8e3a074c3ccbcd5cdb2914ee5d39

  • SHA1

    a0e9ffa272595a4343dc1a6bb693566ceef4cd89

  • SHA256

    12d8dedb484994e507b60fdbf55382c79e70ddb22e5893314a59430322065fc4

  • SHA512

    8dd9d3a7a2fb88fe008be8124914d131b393c7ed7cdca9684320ee96d4f64ba090c5842e54fdc557601ec31effc9700ec9fcf4c58f276c131b82d469dbf3efbe

  • SSDEEP

    393216:J7RoamfjyKvD4iiy1LtlRT//iSK+ompfj8/oYnbF1w4Z7QQ:t2ZfmwsiiItTrfKhAOJFVZv

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 3 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

Processes

  • C:\Users\Admin\AppData\Local\Temp\425f8e3a074c3ccbcd5cdb2914ee5d39_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\425f8e3a074c3ccbcd5cdb2914ee5d39_JaffaCakes118.exe"
    1⤵
    • Loads dropped DLL
    PID:468

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\nsjDB9D.tmp\BrandingURL.dll
          Filesize

          4KB

          MD5

          71c46b663baa92ad941388d082af97e7

          SHA1

          5a9fcce065366a526d75cc5ded9aade7cadd6421

          SHA256

          bb2b9c272b8b66bc1b414675c2acba7afad03fff66a63babee3ee57ed163d19e

          SHA512

          5965bd3f5369b9a1ed641c479f7b8a14af27700d0c27d482aa8eb62acc42f7b702b5947d82f9791b29bcba4d46e1409244f0a8ddce4ec75022b5e27f6d671bce

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\nsjDB9D.tmp\InstallOptions.dll
          Filesize

          14KB

          MD5

          325b008aec81e5aaa57096f05d4212b5

          SHA1

          27a2d89747a20305b6518438eff5b9f57f7df5c3

          SHA256

          c9cd5c9609e70005926ae5171726a4142ffbcccc771d307efcd195dafc1e6b4b

          SHA512

          18362b3aee529a27e85cc087627ecf6e2d21196d725f499c4a185cb3a380999f43ff1833a8ebec3f5ba1d3a113ef83185770e663854121f2d8b885790115afdf

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\nsjDB9D.tmp\ioSpecial.ini
          Filesize

          652B

          MD5

          e542cc351957dc0f0e72bf99ac8327f9

          SHA1

          5b153464abc2712a70351c3e4554a5fe33ae008b

          SHA256

          f814385819363bd910a75b9fb4bf1cf21a7e5e3ec4e901da037e30a4ad9f9745

          SHA512

          2afd17becdef054a044e73c88bdce454f034f12e6dcc916d0f2139e6600f31f0ec566be6b6e9eaee542373256888e1988647db06aa36aa3a7f8d89f3dd8cd71c

          Download Submit