Overview
overview
10Static
static
10fa2f3ffb34...18.exe
windows7-x64
10fa2f3ffb34...18.exe
windows10-2004-x64
10$PLUGINSDI...in.dll
windows7-x64
3$PLUGINSDI...in.dll
windows10-2004-x64
3$PLUGINSDI...ns.dll
windows7-x64
3$PLUGINSDI...ns.dll
windows10-2004-x64
3$PLUGINSDI...in.dll
windows7-x64
3$PLUGINSDI...in.dll
windows10-2004-x64
3$PLUGINSDI...em.dll
windows7-x64
3$PLUGINSDI...em.dll
windows10-2004-x64
3$PLUGINSDI...ss.dll
windows7-x64
3$PLUGINSDI...ss.dll
windows10-2004-x64
3$PLUGINSDI...ry.dll
windows7-x64
3$PLUGINSDI...ry.dll
windows10-2004-x64
3$PLUGINSDI...on.dll
windows7-x64
5$PLUGINSDI...on.dll
windows10-2004-x64
5General
-
Target
fa2f3ffb34db747f9e0f71db54366828_JaffaCakes118
-
Size
8.8MB
-
Sample
240927-ltz6lawgkm
-
MD5
fa2f3ffb34db747f9e0f71db54366828
-
SHA1
bce3c4f26fe9620689bd789eb289bddb95b13c07
-
SHA256
7a9c0e726aa4db17aeec45f63425219a098756dc6a434c084853c98e3d4ec9eb
-
SHA512
44d22f63e5d8bea4411da3d3f224fc468b798032b967ac73ec38cdb14bd6f5bab7014b2e82aad442cba302b60b5f18e1df3d1f49c54c60dee44c5e4dee6d7dde
-
SSDEEP
196608:64wb69bPe3Fd+FPhQVjFA7t2RHfYlQZJgTamGcBiG:64AqL7h6AWHf3A
Behavioral task
behavioral1
Sample
fa2f3ffb34db747f9e0f71db54366828_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
fa2f3ffb34db747f9e0f71db54366828_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Behavioral task
behavioral3
Sample
$PLUGINSDIR/IceDragonPlugin.dll
Resource
win7-20240708-en
Behavioral task
behavioral4
Sample
$PLUGINSDIR/IceDragonPlugin.dll
Resource
win10v2004-20240910-en
Behavioral task
behavioral5
Sample
$PLUGINSDIR/InstallOptions.dll
Resource
win7-20240903-en
Behavioral task
behavioral6
Sample
$PLUGINSDIR/InstallOptions.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral7
Sample
$PLUGINSDIR/NSIS_SkinCrafter_Plugin.dll
Resource
win7-20240903-en
Behavioral task
behavioral8
Sample
$PLUGINSDIR/NSIS_SkinCrafter_Plugin.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral9
Sample
$PLUGINSDIR/System.dll
Resource
win7-20240903-en
Behavioral task
behavioral10
Sample
$PLUGINSDIR/System.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral11
Sample
$PLUGINSDIR/nsProcess.dll
Resource
win7-20240903-en
Behavioral task
behavioral12
Sample
$PLUGINSDIR/nsProcess.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral13
Sample
$PLUGINSDIR/registry.dll
Resource
win7-20240903-en
Behavioral task
behavioral14
Sample
$PLUGINSDIR/registry.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral15
Sample
$PLUGINSDIR/version.dll
Resource
win7-20240708-en
Malware Config
Targets
-
-
Target
fa2f3ffb34db747f9e0f71db54366828_JaffaCakes118
-
Size
8.8MB
-
MD5
fa2f3ffb34db747f9e0f71db54366828
-
SHA1
bce3c4f26fe9620689bd789eb289bddb95b13c07
-
SHA256
7a9c0e726aa4db17aeec45f63425219a098756dc6a434c084853c98e3d4ec9eb
-
SHA512
44d22f63e5d8bea4411da3d3f224fc468b798032b967ac73ec38cdb14bd6f5bab7014b2e82aad442cba302b60b5f18e1df3d1f49c54c60dee44c5e4dee6d7dde
-
SSDEEP
196608:64wb69bPe3Fd+FPhQVjFA7t2RHfYlQZJgTamGcBiG:64AqL7h6AWHf3A
-
Detects Strela Stealer payload
-
Drops file in System32 directory
-
-
-
Target
$PLUGINSDIR/IceDragonPlugin.dll
-
Size
2.1MB
-
MD5
0f5f24058e46a85d65f35d856e063ddb
-
SHA1
5dbefd4a5705c9edaa85c930b297929fd9abb2ba
-
SHA256
e01e1e6d73392a90973e60d384c88855de05f8024c76ab1a94229a87191f2029
-
SHA512
636653a1a98715d58b8b7a1be917dc470f9c660f75710908cb3caa9c03d2a9b5b3bc6fa0514a28d18873df39aa18151417bdb55e0e655ee21fb1595cf6a9830d
-
SSDEEP
49152:VgAKpuiJ74tbytjU08Amwb9bPeGDDu0rkFd+FKnTbTyLyy:t4uiJ7ib6LNm8bPeeDu04Fd+FK
Score3/10 -
-
-
Target
$PLUGINSDIR/InstallOptions.dll
-
Size
14KB
-
MD5
4cb36c62157fe5bf48aa7f20bc0a9eb0
-
SHA1
ca194fb9ab75fbf23a0eb0814fd44996b5959210
-
SHA256
a4774fa2602702951839d3d3a593f3b39e71e14c3fbab77bf6274935924d755b
-
SHA512
fd141c0b8ead070b2b266344ad6e804df24a2dd578f78285ece6e003de35b4dfdac1ebbcc0ce2ca6f0a4e5673fc0e26639dcc5073e4e474d4ddcca9c6f978cdd
-
SSDEEP
192:24n3T5aK+dHCMR1aQR9RuZl3WWmU7WYZsw1JpVGnrjJK72dwF7dBOne:Xn3T5KdHCMRD/R1cOnrjJ+BO
Score3/10 -
-
-
Target
$PLUGINSDIR/NSIS_SkinCrafter_Plugin.dll
-
Size
5.8MB
-
MD5
bad139a2d8491896ce10ee8e4e55a921
-
SHA1
4346289950aa9b547d96553ced684b6a05af0234
-
SHA256
363e9c63b62d61ff3dd5f3cb1de5d9c2320c95787ae0a30035c19f01adebb0c3
-
SHA512
7ba1908909237986c573244743f4632dde72da9f708c151879102633f7bd7cffbaf1f79b3bb3797952304248aae9dd984f6a07a9dbf6433cc5b2d7f72ee80e15
-
SSDEEP
98304:Oj0Kg9frmFcqlMZ4vpHfOVlQnzW4Aogn/oXFdAaTZ8GcB7d0:OjFA7t2RHfYlQZJgTamGcBi
Score3/10 -
-
-
Target
$PLUGINSDIR/System.dll
-
Size
11KB
-
MD5
4d3b19a81bd51f8ce44b93643a4e3a99
-
SHA1
35f8b00e85577b014080df98bd2c378351d9b3e9
-
SHA256
fda0018ab182ac6025d2fc9a2efcce3745d1da21ce5141859f8286cf319a52ce
-
SHA512
b2ba9c961c0e1617f802990587a9000979ab5cc493ae2f8ca852eb43eeaf24916b0b29057dbff7d41a1797dfb2dce3db41990e8639b8f205771dbec3fd80f622
-
SSDEEP
192:BPtkumJX7zB22kGwfy0mtVgkCPOse1un:u702k5qpdseQn
Score3/10 -
-
-
Target
$PLUGINSDIR/nsProcess.dll
-
Size
4KB
-
MD5
05450face243b3a7472407b999b03a72
-
SHA1
ffd88af2e338ae606c444390f7eaaf5f4aef2cd9
-
SHA256
95fe9d92512ff2318cc2520311ef9145b2cee01209ab0e1b6e45c7ce1d4d0e89
-
SHA512
f4cbe30166aff20a226a7150d93a876873ba699d80d7e9f46f32a9b4753fa7966c3113a3124340b39ca67a13205463a413e740e541e742903e3f89af5a53ad3b
Score3/10 -
-
-
Target
$PLUGINSDIR/registry.dll
-
Size
24KB
-
MD5
2b7007ed0262ca02ef69d8990815cbeb
-
SHA1
2eabe4f755213666dbbbde024a5235ddde02b47f
-
SHA256
0b25b20f26de5d5bd795f934c70447112b4981343fcb2dfab3374a4018d28c2d
-
SHA512
aa75ee59ca0b8530eb7298b74e5f334ae9d14129f603b285a3170b82103cfdcc175af8185317e6207142517769e69a24b34fcdf0f58ed50a4960cbe8c22a0aca
-
SSDEEP
384:W2mvyNjH3rPnAZ4wu2QbnC7qB7PnrvScaeYA4CIDEge/QqL2AQ:/75w/OfrzB4CUxuQfA
Score3/10 -
-
-
Target
$PLUGINSDIR/version.dll
-
Size
6KB
-
MD5
ebc5bb904cdac1c67ada3fa733229966
-
SHA1
3c6abfa0ddef7f3289f38326077a5041389b15d2
-
SHA256
3eba921ef649b71f98d9378dee8105b38d2464c9ccde37a694e4a0cd77d22a75
-
SHA512
fa71afcc166093fbd076a84f10d055f5a686618711d053ab60d8bd060e78cb2fdc15fa35f363822c9913413251c718d01ddd6432ab128816d98f9aabf5612c9f
-
SSDEEP
96:nPtMckE1e91BopVyXwUhn3f1I0vOKeoqO4d8QvS9:n1MMuOUhdI0c04yV9
-