Overview

overview

9

Static

static

9

cfd01b8d44...18.exe

windows7-x64

7

cfd01b8d44...18.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...nu.dll

windows7-x64

3

$PLUGINSDI...nu.dll

windows10-2004-x64

3

smsniff.chm

windows7-x64

1

smsniff.chm

windows10-2004-x64

1

smsniff.exe

windows7-x64

9

smsniff.exe

windows10-2004-x64

9

uninst.exe

windows7-x64

7

uninst.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    148s
  • max time network
    149s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    06/09/2024, 15:09

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    cfd01b8d442ffa4ce981ee246fdc99ab_JaffaCakes118.exe

  • Size

    151KB

  • MD5

    cfd01b8d442ffa4ce981ee246fdc99ab

  • SHA1

    48df4ac24df3fd0d6fa5b2f745fb00a1d30e7735

  • SHA256

    267bdfcd1012dd782dc67d24841b02c793efb43aa7cafb65f17c85fd63c70a1e

  • SHA512

    68361616805a94ff038bd0204e6188403b41735251151d57b6e2692daa7a34cd19df99d80af74cf4a055023627443af677a890e0a963213b227e5e7ec5db9d29

  • SSDEEP

    3072:Qd/vyWmJe45UX9rJx1klW5qzEmu0qtHmMH2Q4+GBlyDLR:QXptXlYzEmu0qtHmVQ4+dR

Score
7/10
discovery

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery

Processes

  • C:\Users\Admin\AppData\Local\Temp\cfd01b8d442ffa4ce981ee246fdc99ab_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\cfd01b8d442ffa4ce981ee246fdc99ab_JaffaCakes118.exe"
    1⤵
    • Loads dropped DLL
    • System Location Discovery: System Language Discovery
    PID:4376

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\nshB2C7.tmp\InstallOptions.dll
          Filesize

          14KB

          MD5

          3809b1424d53ccb427c88cabab8b5f94

          SHA1

          bc74d911216f32a9ca05c0d9b61a2aecfc0d1c0e

          SHA256

          426efd56da4014f12ec8ee2e268f86b848bbca776333d55482cb3eb71c744088

          SHA512

          626a1c5edd86a71579e42bac8df479184515e6796fa21cb4fad6731bb775641d25f8eb8e86b939b9db9099453e85c572c9ea7897339a3879a1b672bc9226fcee

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\nshB2C7.tmp\ioSpecial.ini
          Filesize

          744B

          MD5

          4a5194826aac752131d4d6270e6da334

          SHA1

          bade6a8795998dbe2dc08236f77a54253ffc01a1

          SHA256

          c4cc3de0b974d8e128fcfe3fe8dec87de1469986778128ee827f31283602bca0

          SHA512

          885bdc99d66c2ff7a1c401d0389cece5fc0891617e592b41f4f7988cca92af85d11e82c4a3d06545cbd12fbe1f67cde110e689f5f315f5e25ee6ed94dd36a14f

          Download Submit