Overview

overview

7

Static

static

7

46ceba22d9...18.exe

windows7-x64

7

46ceba22d9...18.exe

windows10-2004-x64

7

$PLUGINSDI...RL.dll

windows7-x64

3

$PLUGINSDI...RL.dll

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$SYSDIR/Comdlg32.dll

windows7-x64

1

$SYSDIR/Comdlg32.dll

windows10-2004-x64

1

$SYSDIR/MSCOMCTL.dll

windows7-x64

1

$SYSDIR/MSCOMCTL.dll

windows10-2004-x64

1

$SYSDIR/MSINET.dll

windows7-x64

1

$SYSDIR/MSINET.dll

windows10-2004-x64

1

$SYSDIR/MSWINSCK.dll

windows7-x64

1

$SYSDIR/MSWINSCK.dll

windows10-2004-x64

1

$SYSDIR/Richtx32.dll

windows7-x64

1

$SYSDIR/Richtx32.dll

windows10-2004-x64

1

AdaCSWin.exe

windows7-x64

1

AdaCSWin.exe

windows10-2004-x64

1

ChartDllTwo.dll

windows7-x64

1

ChartDllTwo.dll

windows10-2004-x64

1

DTDJ_1.exe

windows7-x64

1

DTDJ_1.exe

windows10-2004-x64

1

FileDownload.exe

windows7-x64

1

FileDownload.exe

windows10-2004-x64

1

FlashPlayer.exe

windows7-x64

1

FlashPlayer.exe

windows10-2004-x64

1

StageEdit.exe

windows7-x64

1

StageEdit.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    93s
  • max time network
    101s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240709-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
  • submitted
    14/07/2024, 17:28

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    46ceba22d98bc40c10a342478677048c_JaffaCakes118.exe

  • Size

    13.6MB

  • MD5

    46ceba22d98bc40c10a342478677048c

  • SHA1

    952fe4c86c54af15df797497ba8a210c88bb7301

  • SHA256

    3a10dd7017daa4195a61e0b675b7fe88b620814e3763a7ded9e312c768224762

  • SHA512

    f0d452a1b0e2205cadeca7468884726eba1827982c1365c95ec8d173042f4416bde0346eafc56e680a00804c072aeffac169a4c077b1c147824340744ff08916

  • SSDEEP

    393216:JvC/DsO+s3oyM1/Oa/Xx9u8itp2x53QIQjgJZfOQ:JvC/DYSoN9FZ9iy3JRR

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 3 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

Processes

  • C:\Users\Admin\AppData\Local\Temp\46ceba22d98bc40c10a342478677048c_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\46ceba22d98bc40c10a342478677048c_JaffaCakes118.exe"
    1⤵
    • Loads dropped DLL
    PID:2000

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\nswA2C9.tmp\BrandingURL.dll
    Filesize

    3KB

    MD5

    9c3488b5e9655d1837c3963ecec33f70

    SHA1

    f0fa9b4c29e75c6e4419c4633d09f2797aee2ef3

    SHA256

    05ef4beb7fab9d04c1fb251874166fa2d73a34b4a7f2b145d37a2fd00c88979a

    SHA512

    6af9f88d65d2279a71620f2a656062b1737b3a9a1692ed4e5887bdee891ce08d21c5c0b25ab3acbe6da9fe255dcd7f8a517c2751e73dc56add216740c945e4a7

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\nswA2C9.tmp\InstallOptions.dll
    Filesize

    14KB

    MD5

    b18dfaded8f6d2380fdfd8f6b6969211

    SHA1

    969fa0e906240ab1123254feeb833c275626cf76

    SHA256

    747d0222b652dbfc85e0de4f8486473662d325a55e32c7eacb91e53e37ceba58

    SHA512

    25fb09b8657997d31e61c908f1cd08357c1a1b68bbb1ba377e87b6a3eb347a2ef96c1a771b6c4332853abb33728c55c83efa73df5da03f3dfc132f8a69a2886c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\nswA2C9.tmp\ioSpecial.ini
    Filesize

    616B

    MD5

    ce661d56cde5afe0d62408e450b4e7b9

    SHA1

    0d4d8259d956aa6ae6fcea1e70b0a3c021d04f25

    SHA256

    3fece2d20d253a97d8c06526cd813819534caf18d7a5aedd0cf52da3c307c90f

    SHA512

    e9948d38d5cd8461b2c6cdc1a78bc192246bc3ae6226bd4a65109827f5ee17c7b664c4318d1235eae8d874d88f19a23688b5edf447d246f4916faf85bcbc5684

    Download Submit