Overview
overview
8Static
static
707cdf0a12c...18.exe
windows7-x64
807cdf0a12c...18.exe
windows10-2004-x64
8$PLUGINSDI...fo.dll
windows7-x64
3$PLUGINSDI...fo.dll
windows10-2004-x64
3$SYSDIR/DirectCOM.dll
windows7-x64
3$SYSDIR/DirectCOM.dll
windows10-2004-x64
3$SYSDIR/MSINET.dll
windows7-x64
3$SYSDIR/MSINET.dll
windows10-2004-x64
3$SYSDIR/NTSVC.dll
windows7-x64
3$SYSDIR/NTSVC.dll
windows10-2004-x64
3$SYSDIR/RICHTX32.dll
windows7-x64
3$SYSDIR/RICHTX32.dll
windows10-2004-x64
3$SYSDIR/Re...LM.dll
windows7-x64
3$SYSDIR/Re...LM.dll
windows10-2004-x64
3$SYSDIR/SYSINFO.dll
windows7-x64
3$SYSDIR/SYSINFO.dll
windows10-2004-x64
3$SYSDIR/WSHOM.dll
windows7-x64
3$SYSDIR/WSHOM.dll
windows10-2004-x64
3$SYSDIR/dh...t3.dll
windows7-x64
5$SYSDIR/dh...t3.dll
windows10-2004-x64
5$SYSDIR/mscomct2.dll
windows7-x64
3$SYSDIR/mscomct2.dll
windows10-2004-x64
3$SYSDIR/mscomctl.dll
windows7-x64
3$SYSDIR/mscomctl.dll
windows10-2004-x64
3$SYSDIR/msflxgrd.dll
windows7-x64
3$SYSDIR/msflxgrd.dll
windows10-2004-x64
3$SYSDIR/scrrun.dll
windows7-x64
3$SYSDIR/scrrun.dll
windows10-2004-x64
3$SYSDIR/sq...ne.dll
windows7-x64
5$SYSDIR/sq...ne.dll
windows10-2004-x64
5AdvisorLetters.exe
windows7-x64
3AdvisorLetters.exe
windows10-2004-x64
3General
-
Target
07cdf0a12c12ca35d3569e1984c3b3ae_JaffaCakes118
-
Size
5.4MB
-
Sample
241001-25csfavgmr
-
MD5
07cdf0a12c12ca35d3569e1984c3b3ae
-
SHA1
047192f24ae1889f1f8dc13ef139b14f329ef31d
-
SHA256
6a82e8bb79e7881fd8ebbc82b194dbbf84b0d9d0c7d8f8b21822e942e3fac4a9
-
SHA512
eb8f1e084f59e0d46f9e3ccd14d732be98c2e423bcda4537d17bcbf143b9d0c6b182ba34638da05dce97a4b10b0986d813fa00bdaaaae36240ace63c89973c9d
-
SSDEEP
98304:V9CpXHOdkGObTWxiuj8iFLqe7uAho0AqCVTmT/HMOn3PF8XUT9HpZ94byp+4bABX:V90XHgkuYiFbaYyVST7FJT9JZqypO47G
Behavioral task
behavioral1
Sample
07cdf0a12c12ca35d3569e1984c3b3ae_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
07cdf0a12c12ca35d3569e1984c3b3ae_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Behavioral task
behavioral3
Sample
$PLUGINSDIR/UserInfo.dll
Resource
win7-20240729-en
Behavioral task
behavioral4
Sample
$PLUGINSDIR/UserInfo.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral5
Sample
$SYSDIR/DirectCOM.dll
Resource
win7-20240708-en
Behavioral task
behavioral6
Sample
$SYSDIR/DirectCOM.dll
Resource
win10v2004-20240910-en
Behavioral task
behavioral7
Sample
$SYSDIR/MSINET.dll
Resource
win7-20240903-en
Behavioral task
behavioral8
Sample
$SYSDIR/MSINET.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral9
Sample
$SYSDIR/NTSVC.dll
Resource
win7-20240729-en
Behavioral task
behavioral10
Sample
$SYSDIR/NTSVC.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral11
Sample
$SYSDIR/RICHTX32.dll
Resource
win7-20240903-en
Behavioral task
behavioral12
Sample
$SYSDIR/RICHTX32.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral13
Sample
$SYSDIR/RegistryHelperLM.dll
Resource
win7-20240903-en
Behavioral task
behavioral14
Sample
$SYSDIR/RegistryHelperLM.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral15
Sample
$SYSDIR/SYSINFO.dll
Resource
win7-20240903-en
Behavioral task
behavioral16
Sample
$SYSDIR/SYSINFO.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral17
Sample
$SYSDIR/WSHOM.dll
Resource
win7-20240903-en
Behavioral task
behavioral18
Sample
$SYSDIR/WSHOM.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral19
Sample
$SYSDIR/dhRichClient3.dll
Resource
win7-20240903-en
Behavioral task
behavioral20
Sample
$SYSDIR/dhRichClient3.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral21
Sample
$SYSDIR/mscomct2.dll
Resource
win7-20240903-en
Behavioral task
behavioral22
Sample
$SYSDIR/mscomct2.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral23
Sample
$SYSDIR/mscomctl.dll
Resource
win7-20240729-en
Behavioral task
behavioral24
Sample
$SYSDIR/mscomctl.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral25
Sample
$SYSDIR/msflxgrd.dll
Resource
win7-20240704-en
Behavioral task
behavioral26
Sample
$SYSDIR/msflxgrd.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral27
Sample
$SYSDIR/scrrun.dll
Resource
win7-20240708-en
Behavioral task
behavioral28
Sample
$SYSDIR/scrrun.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral29
Sample
$SYSDIR/sqlite36_engine.dll
Resource
win7-20240903-en
Behavioral task
behavioral30
Sample
$SYSDIR/sqlite36_engine.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral31
Sample
AdvisorLetters.exe
Resource
win7-20240708-en
Behavioral task
behavioral32
Sample
AdvisorLetters.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
07cdf0a12c12ca35d3569e1984c3b3ae_JaffaCakes118
-
Size
5.4MB
-
MD5
07cdf0a12c12ca35d3569e1984c3b3ae
-
SHA1
047192f24ae1889f1f8dc13ef139b14f329ef31d
-
SHA256
6a82e8bb79e7881fd8ebbc82b194dbbf84b0d9d0c7d8f8b21822e942e3fac4a9
-
SHA512
eb8f1e084f59e0d46f9e3ccd14d732be98c2e423bcda4537d17bcbf143b9d0c6b182ba34638da05dce97a4b10b0986d813fa00bdaaaae36240ace63c89973c9d
-
SSDEEP
98304:V9CpXHOdkGObTWxiuj8iFLqe7uAho0AqCVTmT/HMOn3PF8XUT9HpZ94byp+4bABX:V90XHgkuYiFbaYyVST7FJT9JZqypO47G
Score8/10-
Possible privilege escalation attempt
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies file permissions
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-
-
-
Target
$PLUGINSDIR/UserInfo.dll
-
Size
4KB
-
MD5
68d73a95c628836b67ea5a717d74b38c
-
SHA1
935372db4a66f9dfd6c938724197787688e141b0
-
SHA256
21a373c52aaecce52b41aebe6d0224f53760fc3e5c575e821175eee3a1f7f226
-
SHA512
0e804deab4e647213132add4173c1d2c554c628816f56e21e274a40e185d90254e29c8bfc6fbfdfea2a492d43d23c0bfa4b276252a3f5e1993ab80ff832c4914
Score3/10 -
-
-
Target
$SYSDIR/DirectCOM.dll
-
Size
23KB
-
MD5
67db686162f3a0860dba6bb0f1c69c0a
-
SHA1
70a8a8d1872f6a7f64ac9302cb1600a6d8419a35
-
SHA256
0a690f1e0cde5fa1908717e065f923051ce72cbeb9081a6a6484f86248092e55
-
SHA512
dad4503c1edcaa56b2730210a0c5cb73e74106673b11b2b9d27cfed97a3a73cd000b3fc8057d17b16a9fa47e460ba2450093f3a6d26e56d7545150562c2cdb50
-
SSDEEP
384:Kyn0rDjnaxiOxIL/5BUGvwVfOBbAi3Mukgns3AS1fXjpa1AhlNVzsR4D:Ky0GMOmfoqQx7pCAjX
Score3/10 -
-
-
Target
$SYSDIR/MSINET.OCX
-
Size
129KB
-
MD5
90a39346e9b67f132ef133725c487ff6
-
SHA1
9cd22933f628465c863bed7895d99395acaa5d2a
-
SHA256
e55627932120be87c7950383a75a5712b0ff2c00b8d18169195ad35bc2502fc2
-
SHA512
0337817b9194a10b946d7381a84a2aeefd21445986afef1b9ae5a52921e598cdb0d1a576bdf8391f1ebf8be74950883a6f50ad1f61ff08678782c6b05a18adbf
-
SSDEEP
3072:R5JTZQu4epojdkYv55RCezn/T81B+ySRdL:RLTbP85RCezbwm
Score3/10 -
-
-
Target
$SYSDIR/NTSVC.ocx
-
Size
33KB
-
MD5
fae8aafc5af74e012343ab1d6c5abef9
-
SHA1
fc2608d156fc738d4ef2aab92b6547416e08a8e6
-
SHA256
0fd183406280b99a292eb78f4a6cbc70f704dd7094ec2c32f30f1769781d6221
-
SHA512
775a2b3bd47e930bab5615d9633df5e81945405ae778b88da077c971928a568cd3269b9f00138f42be6e6b3a41f8dc34dd31f203924acee06085c10e64a0b6d6
-
SSDEEP
384:zDYEKIE5M7eSzzKC5JLELfD4bC03PlocplocJl2guK/AWje1CX7sOeBS3OklxRNr:fYta9zRlyM203yPGhV/NNsGllxc5ZH
Score3/10 -
-
-
Target
$SYSDIR/RICHTX32.OCX
-
Size
207KB
-
MD5
045a16822822426c305ea7280270a3d6
-
SHA1
43075b6696bb2d2f298f263971d4d3e48aa4f561
-
SHA256
318cc48cbcfaba9592956e4298886823cc5f37626c770d6dadbcd224849680c5
-
SHA512
5a042ff0a05421fb01e0a95a8b62f3ce81f90330daed78f09c7d5d2abcb822a2fe99d00494c3ddd96226287fae51367e264b48b2831a8c080916ce18c0a675fa
-
SSDEEP
6144:hTr80hTueZXFOTSqP0xqRBTdtmFdCJErRj6/uE:NhzZVOTSqcxqRBKFdF6/uE
Score3/10 -
-
-
Target
$SYSDIR/RegistryHelperLM.ocx
-
Size
380KB
-
MD5
42020dbf2b8b9619da866435a5579ca3
-
SHA1
3c7f9f14377e13183d5a7a08b0d4f397d71d5eea
-
SHA256
c552b4756823d3b9eb285e998a30955e52c1280eebb9423b90745904faefec5f
-
SHA512
d0a9c12535d4983ca84ce4273455b41d00d402187ed4d8b399864a995b5e32dac6a1930cee1049a9c1fa941c38285809c10100347687971569fefd63088e0185
-
SSDEEP
6144:EsIYEbj7mfxqagt8mMbb/gF0FGdMFPwObCp3N/KdLRgNh:EDZj7mfxqagt8mMbb/gF0FGdMFPwObCv
Score3/10 -
-
-
Target
$SYSDIR/SYSINFO.OCX
-
Size
65KB
-
MD5
0db04d84b06f760be7a852a8cfc20df2
-
SHA1
fc5cd0599a43faebf9e7e9179defb79999215286
-
SHA256
6bd71e7d01b763380809ddd74a78c83e490d71779269ce78bcac19929803bfc2
-
SHA512
4278974188035c0610255d09dfa99f34ccf49f5172b027238525357b16c91450245125c375fd41715579ca2b39e2c67da14adeea8d8e13fe523f9cdabca36c3f
-
SSDEEP
768:cY8A1SfHWfFRFndKnT8D04I6kOpWYyfR1qh+tYwn/0CP2wjU5ip+IDr0hGparYf/:c5tHW8Is6kOl6R1qhAYC/fO/hKkYfr7
Score3/10 -
-
-
Target
$SYSDIR/WSHOM.OCX
-
Size
100KB
-
MD5
8648a9dbd62ef5f97ed2e4f97e6e430b
-
SHA1
d88e68e7377d0541fce2c8776ff7c65d8192ba22
-
SHA256
045ce5e282d90bb199ab4fa472b91f245e4c1591c4cefd10e5e89ee7f4e671aa
-
SHA512
1896851ca9c9fa33d6f998e3b40994e569867c1b050741a03cf4e5bfd3056e3ca2e47a13500df8a0c147c7f450ccef0f116f753640e866524be8e264ba81be8e
-
SSDEEP
1536:B8Ub/FQQuDUYyjMJdoJyMgQk3xcbn91U5byrRlftDJi0KUgJ:qUbCSYyAJdsgxw91U5byrRBtDuXJ
Score3/10 -
-
-
Target
$SYSDIR/dhRichClient3.dll
-
Size
484KB
-
MD5
6462e7ca07ab27bfe4b48b1f7c8bc91d
-
SHA1
8600853c3c5effd0325cccc02fe8d2da0c0fc959
-
SHA256
c369b2740b2b5fa8b94a6863eb1df6c1174dab6303f7b87a79055da00613df90
-
SHA512
e5c1f535cd71ebe45e9fee12c84c60a9cc2b4ef29eb65d0dafd06d37e2279e1ffcf997e881cd167942166e5f19f089cdf015a50a393a53193cd64c368fbc29da
-
SSDEEP
6144:BSuJDzCkGkLcTrw9MuWLGoNkAURWormOO8VnP0GTT8UZWLTUw4/beP:BSuJPC2Is0GoYmz8Rc8zELz+
-
-
-
Target
$SYSDIR/mscomct2.ocx
-
Size
632KB
-
MD5
c1b4af41a0370e4081d59ac99bcc929d
-
SHA1
c0c55de97f41a24bf50b2d08eb428371bb4a3cce
-
SHA256
2b7a1f905486736eda8b51add1bc2590c2a6d9d5a9ab7565335d989f39c0eb8e
-
SHA512
0bb987af80ab3b598f2d3008a6005484d2d4d082958e757aed3fd1cd5cca543f02d7b475e2c030e28e320d327dce4b4009894f51b7ab8f03acf54314d86d38b4
-
SSDEEP
12288:qxxeCsfuxdH8ZOlK/kV99RWiVwyzgAQk9yjWy6OcjKN7jsUseUbQ/D5v:qxUCwwd7T9fWQgAQkEjyOcjKJsUseuQF
Score3/10 -
-
-
Target
$SYSDIR/mscomctl.ocx
-
Size
1.0MB
-
MD5
ecc7d7f0d3446de36045d1d9e964fafe
-
SHA1
da6b0ec081d628c33b150327f3bd16d3b7fa4729
-
SHA256
bc58d624ceea02ab086f1cce809c992bf5a7105e88931853317a2f5aa5afd6e4
-
SHA512
443de697be9886cd97235e6468f3a7f6bf11612711e54dba31431b0d9418672e1434e839ed50cacf28107f692f0c9d9d2f57d90e3a843d81015d459c180db632
-
SSDEEP
24576:s0LiK1d6dxOehwsj5dC33M/jYVRDSfaF0gg1CVGO7oVtNKG:n6dAehwaY19G1u7+Ln
Score3/10 -
-
-
Target
$SYSDIR/msflxgrd.ocx
-
Size
238KB
-
MD5
06ee7bb3c681b9fa8af4280a154ee133
-
SHA1
479eda4aaa877cdb0e27583c43209eda9a474acb
-
SHA256
f2a67eb2888d8889c45576c037197c310fbbb00bb79089760508fdb132c690d2
-
SHA512
c3909b35ca4cdae2e1f947a30874109d44c8b3493ada46a2f05a4d7c3bb420c74e70bfb0ee42a0bbc000f674f94f7efedf20f5c80aec9311210d7b64c7499940
-
SSDEEP
6144:JMV3LOqB4GvoBOCzYRpHGbBFYe0SwX6ktCfh13cBO:JMzaGKOCzYRANKX6kQB6O
Score3/10 -
-
-
Target
$SYSDIR/scrrun.dll
-
Size
148KB
-
MD5
214577b79cf59e2fc9addd9598c0aeb8
-
SHA1
93156dac6b13223df08c8aba43aec72d25fc54a0
-
SHA256
ff668b448a1e8c52ea37749f41e883c30d79fcdb5af6bdb571a91c9d2ad69ad6
-
SHA512
a98aff08a053351168c025a4a01203ef39ba38e099d7642a63fe921928b8009e296c22997f2c8a6fa9edef866e402a26928b6d585e53b7c4d1fb53290d66fef9
-
SSDEEP
3072:QkVdc6GfdibvjRHd/ObPL9WllFK2xV/guRM8KA8qWCuKJyIEmnBNKV8PmO:nyXsvRd/ObPL9WllFK234u2ZqWCu6XK2
Score3/10 -
-
-
Target
$SYSDIR/sqlite36_engine.dll
-
Size
302KB
-
MD5
936f7475b19ae949a73a43c9814b2493
-
SHA1
2c5392185e2f1c13ee57313827daca06e85dbd5a
-
SHA256
e558799f6480c2e0b9199cc36006ec23a33b79f84c647279d3a0928aefcf3ae4
-
SHA512
9b2ece46e3d350f906185e4bc359625e404888d1b78ddfcfc007670b4042a20a18e22b9ed5e99d7764d3d2d160ec658253a8a434189a4f03ffdde67af167604d
-
SSDEEP
6144:tTh0DxG49GEbRl9lZW3JAWkZp9llDZrU4c0utIL4xp8We24:tT2DI49nl9lZWZABBD1cH8B
-
-
-
Target
AdvisorLetters.exe
-
Size
57KB
-
MD5
3fb26c3c25cb7797431dc09f49658ad1
-
SHA1
503500dafc05c472fdf44ce197fd02a0862b155a
-
SHA256
932bea834aed08bbea58f83712608341c86f1482c9174ffb78f72f7727200338
-
SHA512
9245e8880fddef00893220ce4d1be187a1a028eca863ea8ddd456f5d2e0e1ea5057e235d04efad4ba854007870cb87c946de5f615727a40b37780e80b6ab3245
-
SSDEEP
768:CCQodpIu4n92ifuB2YXqCDGQGvuKpZmmJu2dSLWbCh8045a:LdiCzG/BZBQ2o6CW045a
Score3/10 -