Overview

overview

7

Static

static

3

b1a93a43d8...18.exe

windows7-x64

7

b1a93a43d8...18.exe

windows10-2004-x64

7

$PLUGINSDI...er.dll

windows7-x64

3

$PLUGINSDI...er.dll

windows10-2004-x64

3

$PLUGINSDI...er.exe

windows7-x64

3

$PLUGINSDI...er.exe

windows10-2004-x64

3

$PLUGINSDI...ar.exe

windows7-x64

3

$PLUGINSDI...ar.exe

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...ec.dll

windows7-x64

3

$PLUGINSDI...ec.dll

windows10-2004-x64

3

$PLUGINSDI...ne.exe

windows7-x64

7

$PLUGINSDI...ne.exe

windows10-2004-x64

7

AdminWorker.exe

windows7-x64

3

AdminWorker.exe

windows10-2004-x64

3

Uninstall.exe

windows7-x64

7

Uninstall.exe

windows10-2004-x64

7

$PLUGINSDI...er.dll

windows7-x64

3

$PLUGINSDI...er.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

WebInstaller.exe

windows7-x64

6

WebInstaller.exe

windows10-2004-x64

6

WebUpdater.exe

windows7-x64

3

WebUpdater.exe

windows10-2004-x64

3

content/iwa-ovr.js

windows7-x64

3

content/iwa-ovr.js

windows10-2004-x64

3

content/iwinarcade.js

windows7-x64

3

content/iwinarcade.js

windows10-2004-x64

3

content/un...l.html

windows7-x64

3

content/un...l.html

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b1a93a43d827c25d075e016bf411d7f6_JaffaCakes118

  • Size

    3.6MB

  • Sample

    240821-b3al7axfjl

  • MD5

    b1a93a43d827c25d075e016bf411d7f6

  • SHA1

    6242d3e8e9e7be06a978e5264a68d68e9e11d2ac

  • SHA256

    74d1eff84e7c043b96e2694cd9c4aab19b377d858f281b54ace68e1a1a2e95de

  • SHA512

    873c80871f3602b7701004075608b059f87140749cab196c0d78ade6a80674d2cc740ddfce85836cae2de5c547996d6b417f0ab68ac05317920b06ff54f01d7d

  • SSDEEP

    49152:h0c24StiTTsdoNDjoJSFWWCycq1mFDbPd3Zm7BmKGMkO/VcmFJRUZYUxPIayLmEa:h36ivJDiSFdph1mPYAlO/hJ6ZYWGqn

Score
7/10
adwarediscoveryexecutionpersistencestealer

Malware Config

Targets

    • Target

      b1a93a43d827c25d075e016bf411d7f6_JaffaCakes118

    • Size

      3.6MB

    • MD5

      b1a93a43d827c25d075e016bf411d7f6

    • SHA1

      6242d3e8e9e7be06a978e5264a68d68e9e11d2ac

    • SHA256

      74d1eff84e7c043b96e2694cd9c4aab19b377d858f281b54ace68e1a1a2e95de

    • SHA512

      873c80871f3602b7701004075608b059f87140749cab196c0d78ade6a80674d2cc740ddfce85836cae2de5c547996d6b417f0ab68ac05317920b06ff54f01d7d

    • SSDEEP

      49152:h0c24StiTTsdoNDjoJSFWWCycq1mFDbPd3Zm7BmKGMkO/VcmFJRUZYUxPIayLmEa:h36ivJDiSFdph1mPYAlO/hJ6ZYWGqn

    Score
    7/10
    discovery

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

    • Target

      $PLUGINSDIR/GameuxInstallHelper.dll

    • Size

      94KB

    • MD5

      4d3ac88054df63fc810427bdaa96c458

    • SHA1

      e4d554e03ba91f6b53a2a80253b339f56e303c94

    • SHA256

      b07ffcd0af80f6b9fba09abe816ba2f0ff0d336639f1768fc317291bc635ece6

    • SHA512

      d4732ad89bbb19b316dff1b9c534acf98bb985c89d1295f08e24b21531123426500b3712979dda2f0e941a5969c0cbca15bbd52f6c167653f96a494a6677ca54

    • SSDEEP

      1536:B+cZE7LuH82vbVSEru0QrtLMNYxKoqbEnz8Gj1Nh5vIexy8Cy/3:YcE7LV2ULMZowGjJ5vIexy8Cy/3

    Score
    3/10
    discovery
    behavioral3behavioral4

    • Target

      $PLUGINSDIR/InstGameInfoHelper.exe

    • Size

      99KB

    • MD5

      3d3d2bf9c42dbdf97247775c00f22190

    • SHA1

      7a046170aaeb5e1a29d8c8cd7c32225f49237aa1

    • SHA256

      59f09ba2c79a209008e76d0478bb691a9fdb2180d84318d9fc73b10401aa853a

    • SHA512

      6e66c4ff467e286cd5dc1d4ccd412fec32cfd01514db6c339fd275eaab5f3b549e223e9330bc61ff19048df70b81b66dfcc78ac351aa2c5ff45cf8d197140466

    • SSDEEP

      1536:3HzOAUoqkqff6SgsbBa8zl2P2Mv1LkZ0v/lAZMnLHI595a6QNt8kcTT:3CAUoqkPSjlsboGnLHo95a65FTT

    Score
    3/10
    discovery
    behavioral5behavioral6

    • Target

      $PLUGINSDIR/IwinToolbar.exe

    • Size

      524KB

    • MD5

      d79746389ef770201e022f971199d451

    • SHA1

      84789d7e4de78e946778719e80982b056001ed58

    • SHA256

      2a2c31ec612ded841ccf3306767e2f572acb89bee13744c2714c2d3af9324a78

    • SHA512

      d69947d1cd040d9c4301c1d27dfeff14446b696360d54b639bc00e2b5187eaf05df189fc0bb18660678747e0843923dec8545bad213c1193bbd979de548563d2

    • SSDEEP

      6144:tnPacwH/cnudOSoURoauCiE1s5qbk7kCeHhxZWZoZZnnqPEH:vncsMoauCnykCeHFRZZnn3H

    Score
    3/10
    discovery
    behavioral7behavioral8

    • Target

      $PLUGINSDIR/System.dll

    • Size

      11KB

    • MD5

      c17103ae9072a06da581dec998343fc1

    • SHA1

      b72148c6bdfaada8b8c3f950e610ee7cf1da1f8d

    • SHA256

      dc58d8ad81cacb0c1ed72e33bff8f23ea40b5252b5bb55d393a0903e6819ae2f

    • SHA512

      d32a71aaef18e993f28096d536e41c4d016850721b31171513ce28bbd805a54fd290b7c3e9d935f72e676a1acfb4f0dcc89d95040a0dd29f2b6975855c18986f

    • SSDEEP

      192:7DKnJZCv6VmbJQC+tFiUdK7ckD4gRXKQx+LQ2CSF:7ViJrtFRdbmXK8+PCw

    Score
    3/10
    discovery
    behavioral10behavioral9

    • Target

      $PLUGINSDIR/nsExec.dll

    • Size

      6KB

    • MD5

      acc2b699edfea5bf5aae45aba3a41e96

    • SHA1

      d2accf4d494e43ceb2cff69abe4dd17147d29cc2

    • SHA256

      168a974eaa3f588d759db3f47c1a9fdc3494ba1fa1a73a84e5e3b2a4d58abd7e

    • SHA512

      e29ea10ada98c71a18273b04f44f385b120d4e8473e441ce5748cfa44a23648814f2656f429b85440157988c88de776c6ac008dc38bf09cbb746c230a46c69fe

    • SSDEEP

      96:M7GUb+YNfwgcr8zyKwZ5S4JxN8BS0ef9/3VI9d0qqyVgNk32E:eKgfwgcr8zylsB49Ud0qJVgNX

    Score
    3/10
    discovery
    behavioral11behavioral12

    • Target

      $PLUGINSDIR/smartinstallAllinOne.exe

    • Size

      202KB

    • MD5

      082c78654828352b43e7818ae272c826

    • SHA1

      b1a6c498bc0ed6776e84345e30df83a7c0db425a

    • SHA256

      981c92d332c0c69c89b2c8d944f8a773823ec91228deb4447898773df7822bc5

    • SHA512

      eb6ef52b589d0b948992c23781516745d6417a96bfc85fab2654b3dca18d6a61e4083c04afd8bb887ce0f721f197cd1fc1738af7a65dd1ad77ddd86597f73ac1

    • SSDEEP

      6144:h40JDvFeKBw8v92A7BBNC0kz/ifYxUxBE1T3N:71Bv/NwbWTC3N

    Score
    7/10
    discovery

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral13behavioral14

    • Target

      AdminWorker.exe

    • Size

      211KB

    • MD5

      f9fd93fd84a004097ca606fbe0a27665

    • SHA1

      82455d34481ca07539a8fc4faffbcc38fd519ff7

    • SHA256

      71a6e9b27cd77a36bb80be4cbd237ece76df807f4bd0664f4d3d590f46614fc4

    • SHA512

      b778dced2953d96d7b79a23b8d3774147d6acb9527dc4c1354e5c67b99820df4d673d7c2281a1943c80dc4789e7c3cf957521a7cfa5b8b7f4521cc3df3246134

    • SSDEEP

      6144:qBS8NAQIuza+OnL/ZgrF2BD6J2Qvd5jyne:qBS8NAQIuza+ODZ+YW31

    Score
    3/10
    discovery
    behavioral15behavioral16

    • Target

      Uninstall.exe

    • Size

      129KB

    • MD5

      49c9d6cadd02bfff54851d0b0cafd557

    • SHA1

      9bb1dbff1ff7fcf171610133354ffeab1f522d82

    • SHA256

      c7550a63d4547fb15d9eb84b10bd7ed68e71e860604da1b7fd3c375ce58f0cbe

    • SHA512

      c982f388f605bbdb784b04078a2e2cce7794867b45cc89359425efa7ab3101ba9410b3867554da0f2ebc62895e8ed0ff6211fb1e0408860962907a49942f76eb

    • SSDEEP

      3072:w+8uyHOQXJoHS4Z5t2Zip6dmDHgG2ojdotyVnwz:w8+/4fQsp6dAT2ojdoIBwz

    Score
    7/10
    discoverypersistence

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral17behavioral18

    • Target

      $PLUGINSDIR/GameuxInstallHelper.dll

    • Size

      94KB

    • MD5

      4d3ac88054df63fc810427bdaa96c458

    • SHA1

      e4d554e03ba91f6b53a2a80253b339f56e303c94

    • SHA256

      b07ffcd0af80f6b9fba09abe816ba2f0ff0d336639f1768fc317291bc635ece6

    • SHA512

      d4732ad89bbb19b316dff1b9c534acf98bb985c89d1295f08e24b21531123426500b3712979dda2f0e941a5969c0cbca15bbd52f6c167653f96a494a6677ca54

    • SSDEEP

      1536:B+cZE7LuH82vbVSEru0QrtLMNYxKoqbEnz8Gj1Nh5vIexy8Cy/3:YcE7LV2ULMZowGjJ5vIexy8Cy/3

    Score
    3/10
    discovery
    behavioral19behavioral20

    • Target

      $PLUGINSDIR/System.dll

    • Size

      11KB

    • MD5

      c17103ae9072a06da581dec998343fc1

    • SHA1

      b72148c6bdfaada8b8c3f950e610ee7cf1da1f8d

    • SHA256

      dc58d8ad81cacb0c1ed72e33bff8f23ea40b5252b5bb55d393a0903e6819ae2f

    • SHA512

      d32a71aaef18e993f28096d536e41c4d016850721b31171513ce28bbd805a54fd290b7c3e9d935f72e676a1acfb4f0dcc89d95040a0dd29f2b6975855c18986f

    • SSDEEP

      192:7DKnJZCv6VmbJQC+tFiUdK7ckD4gRXKQx+LQ2CSF:7ViJrtFRdbmXK8+PCw

    Score
    3/10
    discovery
    behavioral21behavioral22

    • Target

      WebInstaller.exe

    • Size

      120KB

    • MD5

      0fa913aeea4cb78fa9129db050dd70e1

    • SHA1

      84ce5ccca3ac382c34f28800cff149ab0f7c36e6

    • SHA256

      eda8c2e18d760d04cf9f5c7d88078d45fa4eb34b43a9bb39ac3c0ca45afd463c

    • SHA512

      4901fadd10ad6a01d9f4d99609723a0d172e1529572610aaa1490ea11f0fc393e857b00ba669b30dae8695e0312e2341176571a3fd57d722818c959da4fb3d90

    • SSDEEP

      3072:YZ54bhCRXXACKWzPKq8XvvenK+mXhAB4Lu:854bhEXZrKFXenSu4u

    Score
    6/10
    adwarediscoverystealer

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

      stealeradware
    behavioral23behavioral24

    • Target

      WebUpdater.exe

    • Size

      181KB

    • MD5

      7b6972e9ca922d233c579806d2ff14dd

    • SHA1

      8c100d8b02ef942e9798ad3ae22ae88e5e6936b6

    • SHA256

      69deff53dff5912cf382c5dda338d8172c6d9a4e726e93217414b1ae058e4f33

    • SHA512

      8e4b20e21a61c43b169b32a731688f99b566294877147547df5d049e71f2143d746cd4ca6450ed763951ec3a37e29cec4dfb64e13fce52bb30aeb97e59a4d368

    • SSDEEP

      3072:FUjqLbLz/uWcxjLInqvqQeUvfnR22jc+9vhqKlx5imu:Fyu372lLIniZP4kqKjER

    Score
    3/10
    discovery
    behavioral25behavioral26

    • Target

      content/iwa-ovr.js

    • Size

      5KB

    • MD5

      8aeb23a43bad2fc8de5f7e4aececac2a

    • SHA1

      db9404e8bce25a3e19ebbae6410e8f635f3dbe85

    • SHA256

      0cdec0385c4f087fc4520ea5b8bdf45275166592100866dd1dba8851fd83ff38

    • SHA512

      e6133e88c6ee6b3075e3bbfc197bc142222e6b14d102f8057e3edb00048216ee63bc083ce15ac770452e807105790ed69c479e245c95278e0ecdd65b25258eaf

    • SSDEEP

      96:FEyzI+6/5S0WQJqLg4MEv/wzeNywJnLdHbON4rUvVwX3kiOoauxmQQXdH5p:FYg0pqM3KwMHb4skL

    Score
    3/10
    execution
    behavioral27behavioral28

    • Target

      content/iwinarcade.js

    • Size

      100B

    • MD5

      28494ad572103e06973dedc5fe9a0666

    • SHA1

      4ba036fc7689f6892476d6bf8d18cbbfef3871ff

    • SHA256

      bdfcc77706582ebf878ccc6158f52ad2e17111baeb0ac4a42c8fa8e7ebfa6c9d

    • SHA512

      1db6dcd0fa8222fe6767433408bfbed4b196b4a0bc52ac42e1bd1756013654b3c5c68a3c69f2c42b0d472a368fd98ed693a846cc076629b35433b8e5bb1d47d6

    Score
    3/10
    execution
    behavioral29behavioral30

    • Target

      content/uninstall.html

    • Size

      517B

    • MD5

      129d0a4e13b0bbe1b7d09577dd6bc8d9

    • SHA1

      c72554923635e134de27efb5280108e6b09281b5

    • SHA256

      6cbe1d3f09a8f60f3ed8d44188aec925e597de153b3fdfd3d643be451d7c013a

    • SHA512

      e00537367c27aa0af9625c04990466218a599152122bc7d9af7b766749f6affec127ba190ef025bd8db296ce42a077e99179d2f267cedf0697cb787902a6e306

    Score
    3/10
    discovery
    behavioral31behavioral32

MITRE ATT&CK Enterprise v15

Tasks

static1

Score
3/10

behavioral1

discovery
Score
7/10

behavioral2

discovery
Score
7/10

behavioral3

discovery
Score
3/10

behavioral4

discovery
Score
3/10

behavioral5

discovery
Score
3/10

behavioral6

discovery
Score
3/10

behavioral7

discovery
Score
3/10

behavioral8

discovery
Score
3/10

behavioral9

discovery
Score
3/10

behavioral10

discovery
Score
3/10

behavioral11

discovery
Score
3/10

behavioral12

discovery
Score
3/10

behavioral13

discovery
Score
7/10

behavioral14

discovery
Score
7/10

behavioral15

discovery
Score
3/10

behavioral16

discovery
Score
3/10

behavioral17

discoverypersistence
Score
7/10

behavioral18

discoverypersistence
Score
7/10

behavioral19

discovery
Score
3/10

behavioral20

discovery
Score
3/10

behavioral21

discovery
Score
3/10

behavioral22

discovery
Score
3/10

behavioral23

adwarediscoverystealer
Score
6/10

behavioral24

adwarediscoverystealer
Score
6/10

behavioral25

discovery
Score
3/10

behavioral26

discovery
Score
3/10

behavioral27

execution
Score
3/10

behavioral28

execution
Score
3/10

behavioral29

execution
Score
3/10

behavioral30

execution
Score
3/10

behavioral31

discovery
Score
3/10

behavioral32

discovery
Score
3/10

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.