Overview

overview

7

Static

static

3

62717138d8...18.exe

windows7-x64

7

62717138d8...18.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

COMDLG32.dll

windows7-x64

1

COMDLG32.dll

windows10-2004-x64

1

MSIMG32.dll

windows7-x64

1

MSIMG32.dll

windows10-2004-x64

1

VERSION.dll

windows7-x64

1

VERSION.dll

windows10-2004-x64

3

WININET.dll

windows7-x64

1

WININET.dll

windows10-2004-x64

1

easypdfreader.exe

windows7-x64

1

easypdfreader.exe

windows10-2004-x64

1

uninst.exe

windows7-x64

7

uninst.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    138s
  • max time network
    152s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240709-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
  • submitted
    22/07/2024, 08:11

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    62717138d82ad55cf292e149a8ef6ef3_JaffaCakes118.exe

  • Size

    3.5MB

  • MD5

    62717138d82ad55cf292e149a8ef6ef3

  • SHA1

    72473618df6668a1384b404b9d4505a10160b941

  • SHA256

    a9d4d53f59dc494e7936c00dd9668da73fba8a6ee4c06518a91da1d45c230826

  • SHA512

    6e26a187071250b72ff34e7f069e1d4c9ab7ca1f539e81a7d588f4b9f4a8cd7728e652de41de9fa1ea7d347338cc8706f489223dc5588b65f50924607fd9afcf

  • SSDEEP

    98304:3aEmN2kQduYraqWupV6SXHC80bY+sO5ywqajX5VAhK9Jec7:qEmN2ddaqWuHXZ02Oywqi4K9Jey

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

Processes

  • C:\Users\Admin\AppData\Local\Temp\62717138d82ad55cf292e149a8ef6ef3_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\62717138d82ad55cf292e149a8ef6ef3_JaffaCakes118.exe"
    1⤵
    • Loads dropped DLL
    PID:2364

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\nsiB363.tmp\InstallOptions.dll
    Filesize

    14KB

    MD5

    325b008aec81e5aaa57096f05d4212b5

    SHA1

    27a2d89747a20305b6518438eff5b9f57f7df5c3

    SHA256

    c9cd5c9609e70005926ae5171726a4142ffbcccc771d307efcd195dafc1e6b4b

    SHA512

    18362b3aee529a27e85cc087627ecf6e2d21196d725f499c4a185cb3a380999f43ff1833a8ebec3f5ba1d3a113ef83185770e663854121f2d8b885790115afdf

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\nsiB363.tmp\ioSpecial.ini
    Filesize

    746B

    MD5

    6cf502e663c2bbb5377111b0d31ce04d

    SHA1

    1b5e67d1fdb1882aa4be9ebf773b585e6ec39533

    SHA256

    6c47109cb9e16a89f95b41578b267fe083cf144e1d62d4678e46dd27eacc796c

    SHA512

    acd953c56ce1c1ad4e9c69b71431ad15e7e94285d7b30d91231625665f7fffc1f1627e914d6caf750ad7cafcc856399a6d44e726e699381bf5bdd7574011987b

    Download Submit