Overview

overview

4

Static

static

3

bea28f087c...18.exe

windows7-x64

4

bea28f087c...18.exe

windows10-2004-x64

4

chrome/con...er.exe

windows7-x64

3

chrome/con...er.exe

windows10-2004-x64

3

chrome/con...enu.js

windows7-x64

3

chrome/con...enu.js

windows10-2004-x64

3

chrome/con...ure.js

windows7-x64

3

chrome/con...ure.js

windows10-2004-x64

3

chrome/con...eAs.js

windows7-x64

3

chrome/con...eAs.js

windows10-2004-x64

3

components...ice.js

windows7-x64

3

components...ice.js

windows10-2004-x64

3

defaults/p...enu.js

windows7-x64

3

defaults/p...enu.js

windows10-2004-x64

3

$PLUGINSDI...er.dll

windows7-x64

3

$PLUGINSDI...er.dll

windows10-2004-x64

3

$PLUGINSDI...XP.dll

windows7-x64

3

$PLUGINSDI...XP.dll

windows10-2004-x64

3

$PLUGINSDI...ts.exe

windows7-x64

3

$PLUGINSDI...ts.exe

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...Ex.dll

windows7-x64

3

$PLUGINSDI...Ex.dll

windows10-2004-x64

3

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

chrome/con...er.exe

windows7-x64

3

chrome/con...er.exe

windows10-2004-x64

3

chrome/con...enu.js

windows7-x64

3

chrome/con...enu.js

windows10-2004-x64

3

Analysis

  • max time kernel
    149s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    24-08-2024 12:56

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    bea28f087cc664cff82c775ecadbb34a_JaffaCakes118.exe

  • Size

    17.2MB

  • MD5

    bea28f087cc664cff82c775ecadbb34a

  • SHA1

    8ef50690e434ada6ae38b7d8a27ace46a920dc62

  • SHA256

    2b03dbc5b97d644bb498e6ad01ee65312705553c77f14ee32059111d28a0b36f

  • SHA512

    8479e1b9e92d9e645f0167e3b9fa2712ac3c50b3c82f67de9b4014524757b65c3c900d0148f38ef865f450f7ac22c3398dde2264dd7707a2745bfa5ffb54aa0d

  • SSDEEP

    393216:cH/LhoV4/LtFrm1E9sr3+ESCQpZ3mnbXtVS:y/H/Lttm1E9sasQpZybX/S

Score
4/10
discovery

Malware Config

Signatures

  • Loads dropped DLL 8 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery

Processes

  • C:\Users\Admin\AppData\Local\Temp\bea28f087cc664cff82c775ecadbb34a_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\bea28f087cc664cff82c775ecadbb34a_JaffaCakes118.exe"
    1⤵
    • Loads dropped DLL
    • System Location Discovery: System Language Discovery
    PID:1460

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\nsg94D0.tmp\BcNsisHelper.dll
    Filesize

    3.0MB

    MD5

    84e5590cc55ac1ab85619e658c6dcd35

    SHA1

    870ad683fa2c7c8b6b25803f733fdc3012b28bf7

    SHA256

    820b5151433517814beb3fa820238c92d4f776d14e9009c78bef745b855f91e1

    SHA512

    3595cbb38fbe28f6f173d28f9960b753dfe42f337338fab90027b1cf0305b4a5ba85ce725cd11c550dab2511b39551d2444c89e85a1a3a37a537bee83efc971f

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\nsg94D0.tmp\InstallOptions.dll
    Filesize

    15KB

    MD5

    67f2ef30bc54036cf3164e76219e5864

    SHA1

    bf0586855ac7427b35d08909dba6a6a8d2c22e92

    SHA256

    c55b1140b6e5b9ed5dec99d3b10458e2966f9701895931642a8fe0c260d7f880

    SHA512

    1a944462453435e88c7fb4ac8beaa8ea8febbbadd83faf8549f95a3046636b3543c4e8dbed14872a1d42793b6496b797fffc7300bbce62ab0d650017ef26e98a

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\nsg94D0.tmp\LangDLL.dll
    Filesize

    5KB

    MD5

    3dd80dff583544514eeb3a5ed851a519

    SHA1

    56f7324d9d4230c96d1963e7b3e02b05a6cf5c24

    SHA256

    86cff5eaca76c49f924cb123d242fdcfd45ab99c4b638d3b8f4a8cfb1970ab5b

    SHA512

    955f4df195b5d134449904e9020f80125cfb64d70d9482ff583451f3fcb10d15577ceac4180f71a96452d8478f6365160ab15731f9a79a494383087c9310fd1d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\nsg94D0.tmp\System.dll
    Filesize

    11KB

    MD5

    75ed96254fbf894e42058062b4b4f0d1

    SHA1

    996503f1383b49021eb3427bc28d13b5bbd11977

    SHA256

    a632d74332b3f08f834c732a103dafeb09a540823a2217ca7f49159755e8f1d7

    SHA512

    58174896db81d481947b8745dafe3a02c150f3938bb4543256e8cce1145154e016d481df9fe68dac6d48407c62cbe20753320ebd5fe5e84806d07ce78e0eb0c4

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\nsg94D0.tmp\ioSpecial.ini
    Filesize

    1KB

    MD5

    a7f75c2b19705b86ebaf4753a0f231e0

    SHA1

    1951c26f5300c3b55af4e016d909f495318e75d7

    SHA256

    527ff8e176ffa27f328e28768ff81b82eead0d49a79c98ef50a870fe575299e5

    SHA512

    335823ce2a850bab7417ed24d93f01236e700062991dd95dcf19f432736a40aa92bc56e7a4989d09f46eda7d761f787570f67d62c05848c1c235ea41b49babab

    Download Submit