79a45a49b0058527f026f50cf95a7ffa03f7fd896e80491df36b6baac436fd18 | Triage

Submit
Reports

Overview

overview

7

Static

static

3

28e9c9b769...18.exe

windows7-x64

7

28e9c9b769...18.exe

windows10-2004-x64

7

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...dl.dll

windows7-x64

3

$PLUGINSDI...dl.dll

windows10-2004-x64

3

$PLUGINSDIR/UAC.dll

windows7-x64

3

$PLUGINSDIR/UAC.dll

windows10-2004-x64

3

$TEMP/Toolbar.exe

windows7-x64

7

$TEMP/Toolbar.exe

windows10-2004-x64

7

content/aboutTabs.htm

windows7-x64

3

content/aboutTabs.htm

windows10-2004-x64

3

content/ctoolbar.js

windows7-x64

3

content/ctoolbar.js

windows10-2004-x64

3

components...rch.js

windows7-x64

3

components...rch.js

windows10-2004-x64

3

components...bar.js

windows7-x64

3

components...bar.js

windows10-2004-x64

3

components...rt.dll

windows7-x64

3

components...rt.dll

windows10-2004-x64

3

components...re.dll

windows7-x64

3

components...re.dll

windows10-2004-x64

3

defaults/fbAlert.html

windows7-x64

3

defaults/fbAlert.html

windows10-2004-x64

3

lib/xpcom.js

windows7-x64

3

lib/xpcom.js

windows10-2004-x64

3

Analysis

max time kernel
94s
max time network
96s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
09-10-2024 02:06

Sharing

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

28e9c9b769c2b8a7a2a1260b3d70d3ee_JaffaCakes118.exe

Resource

win7-20240903-en

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

28e9c9b769c2b8a7a2a1260b3d70d3ee_JaffaCakes118.exe

Resource

win10v2004-20241007-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral3

Sample

$PLUGINSDIR/FindProcDLL.dll

Resource

win7-20240903-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral4

Sample

$PLUGINSDIR/FindProcDLL.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral5

Sample

$PLUGINSDIR/InstallOptions.dll

Resource

win7-20240903-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral6

Sample

$PLUGINSDIR/InstallOptions.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral7

Sample

$PLUGINSDIR/LangDLL.dll

Resource

win7-20240903-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral8

Sample

$PLUGINSDIR/LangDLL.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral9

Sample

$PLUGINSDIR/NSISdl.dll

Resource

win7-20240903-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral10

Sample

$PLUGINSDIR/NSISdl.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral11

Sample

$PLUGINSDIR/UAC.dll

Resource

win7-20240903-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral12

Sample

$PLUGINSDIR/UAC.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral13

Sample

$TEMP/Toolbar.exe

Resource

win7-20240729-en

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral14

Sample

$TEMP/Toolbar.exe

Resource

win10v2004-20241007-en

windows10-2004-x64

5 signatures

150 seconds

Behavioral task

behavioral15

Sample

content/aboutTabs.htm

Resource

win7-20240903-en

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral16

Sample

content/aboutTabs.htm

Resource

win10v2004-20241007-en

windows10-2004-x64

7 signatures

150 seconds

Behavioral task

behavioral17

Sample

content/ctoolbar.js

Resource

win7-20240903-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral18

Sample

content/ctoolbar.js

Resource

win10v2004-20241007-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral19

Sample

components/ConduitAutoCompleteSearch.js

Resource

win7-20240903-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral20

Sample

components/ConduitAutoCompleteSearch.js

Resource

win10v2004-20241007-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral21

Sample

components/ConduitToolbar.js

Resource

win7-20240903-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral22

Sample

components/ConduitToolbar.js

Resource

win10v2004-20241007-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral23

Sample

components/FFExternalAlert.dll

Resource

win7-20240708-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral24

Sample

components/FFExternalAlert.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral25

Sample

components/RadioWMPCore.dll

Resource

win7-20240903-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral26

Sample

components/RadioWMPCore.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral27

Sample

defaults/fbAlert.html

Resource

win7-20240708-en

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral28

Sample

defaults/fbAlert.html

Resource

win10v2004-20241007-en

windows10-2004-x64

7 signatures

150 seconds

Behavioral task

behavioral29

Sample

lib/xpcom.js

Resource

win7-20240903-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral30

Sample

lib/xpcom.js

Resource

win10v2004-20241007-en

windows10-2004-x64

1 signatures

150 seconds

Report Analysis Logs

General

Target

content/ctoolbar.js
Size

1.7MB
MD5

10a2c2f6d17091b5f6c2ab93b8a0b254
SHA1

20570e22e00953dee74889950462560c6eaef550
SHA256

34c96b9d414fda04d67e18498a7c1dfd789570beaef7c978bc91e49a6eacc17e
SHA512

460d3388c457f7998d9c6d8ffa14c5d5bcff23ecae50eb02fc1f1834fbf4bc483eeb5021eef3b8f7dc4910c151feac170e12c270dcb6d21cff8cdec736ccfb9c
SSDEEP

24576:Q/oCv8BYtyR/J+wh07Rs3JqDWKNMIz2iekxRn:Q/oCUBYkR/J+j7Rs3JqDxNMIz2iekxF

Score

3^/10

execution

Malware Config

Signatures

Command and Scripting Interpreter: JavaScript 1 TTPs
execution

JavaScript
T1059.007

Processes

C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\content\ctoolbar.js
1⤵
PID:4048

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

© 2018-2025

Terms | Privacy