c5517bc09544eab54352f4fb8bd14a6f7a45035225791aa63e78e69e5a91c4b0 | Triage

Submit
Reports

Overview

overview

7

Static

static

7

3710884685...18.exe

windows7-x64

7

3710884685...18.exe

windows10-2004-x64

7

$PLUGINSDI...er.dll

windows7-x64

3

$PLUGINSDI...er.dll

windows10-2004-x64

3

$PLUGINSDI...dl.dll

windows7-x64

3

$PLUGINSDI...dl.dll

windows10-2004-x64

3

$PLUGINSDI...es.dll

windows7-x64

3

$PLUGINSDI...es.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

$PLUGINSDI...og.dll

windows7-x64

3

$PLUGINSDI...og.dll

windows10-2004-x64

3

$PLUGINSDI...ex.dll

windows7-x64

3

$PLUGINSDI...ex.dll

windows10-2004-x64

3

$PLUGINSDI...on.dll

windows7-x64

5

$PLUGINSDI...on.dll

windows10-2004-x64

5

$_28_/updater.exe

windows7-x64

6

$_28_/updater.exe

windows10-2004-x64

6

$_29_/Chro...er.exe

windows7-x64

6

$_29_/Chro...er.exe

windows10-2004-x64

6

$_29_/Fire...er.exe

windows7-x64

6

$_29_/Fire...er.exe

windows10-2004-x64

6

$_29_/IeHe...er.exe

windows7-x64

6

$_29_/IeHe...er.exe

windows10-2004-x64

6

$_44_/chro...ain.js

windows7-x64

3

$_44_/chro...ain.js

windows10-2004-x64

3

announce.js

windows7-x64

3

announce.js

windows10-2004-x64

3

background.html

windows7-x64

3

background.html

windows10-2004-x64

3

Analysis

max time kernel
93s
max time network
95s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
11-10-2024 22:14

Sharing

Static task

static1

4 signatures

Behavioral task

behavioral1

Sample

3710884685acedbfb2791596649c03e3_JaffaCakes118.exe

Resource

win7-20240903-en

adware discovery persistence spyware stealer upx

windows7-x64

20 signatures

150 seconds

Behavioral task

behavioral2

Sample

3710884685acedbfb2791596649c03e3_JaffaCakes118.exe

Resource

win10v2004-20241007-en

adware discovery persistence spyware stealer upx

windows10-2004-x64

23 signatures

150 seconds

Behavioral task

behavioral3

Sample

$PLUGINSDIR/Helper.dll

Resource

win7-20240729-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral4

Sample

$PLUGINSDIR/Helper.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral5

Sample

$PLUGINSDIR/NSISdl.dll

Resource

win7-20240903-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral6

Sample

$PLUGINSDIR/NSISdl.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral7

Sample

$PLUGINSDIR/Processes.dll

Resource

win7-20240903-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral8

Sample

$PLUGINSDIR/Processes.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral9

Sample

$PLUGINSDIR/System.dll

Resource

win7-20241010-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral10

Sample

$PLUGINSDIR/System.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral11

Sample

$PLUGINSDIR/nsDialogs.dll

Resource

win7-20240903-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral12

Sample

$PLUGINSDIR/nsDialogs.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral13

Sample

$PLUGINSDIR/nsislog.dll

Resource

win7-20241010-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral14

Sample

$PLUGINSDIR/nsislog.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral15

Sample

$PLUGINSDIR/util_ex.dll

Resource

win7-20240903-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral16

Sample

$PLUGINSDIR/util_ex.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral17

Sample

$PLUGINSDIR/version.dll

Resource

win7-20240729-en

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral18

Sample

$PLUGINSDIR/version.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

4 signatures

150 seconds

Behavioral task

behavioral19

Sample

$_28_/updater.exe

Resource

win7-20240903-en

discovery persistence

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral20

Sample

$_28_/updater.exe

Resource

win10v2004-20241007-en

discovery persistence

windows10-2004-x64

5 signatures

150 seconds

Behavioral task

behavioral21

Sample

$_29_/ChromeHelper/ChromeHelper.exe

Resource

win7-20241010-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral22

Sample

$_29_/ChromeHelper/ChromeHelper.exe

Resource

win10v2004-20241007-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral23

Sample

$_29_/FirefoxHelper/FirefoxHelper.exe

Resource

win7-20240903-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral24

Sample

$_29_/FirefoxHelper/FirefoxHelper.exe

Resource

win10v2004-20241007-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral25

Sample

$_29_/IeHelper/IeHelper.exe

Resource

win7-20240903-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral26

Sample

$_29_/IeHelper/IeHelper.exe

Resource

win10v2004-20241007-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral27

Sample

$_44_/chrome/content/main.js

Resource

win7-20241010-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral28

Sample

$_44_/chrome/content/main.js

Resource

win10v2004-20241007-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral29

Sample

announce.js

Resource

win7-20240903-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral30

Sample

announce.js

Resource

win10v2004-20241007-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral31

Sample

background.html

Resource

win7-20240903-en

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral32

Sample

background.html

Resource

win10v2004-20241007-en

windows10-2004-x64

7 signatures

150 seconds

Report Analysis Logs

General

Target

$_44_/chrome/content/main.js
Size

17KB
MD5

f1507805993f4700efd58a2c70513a1e
SHA1

648eba15b2c74a62bd37d2f5dc25102b67eed3fc
SHA256

ec3e12d9a8ab16eb7b478700a379e4b1369e29f2c5a94c7de12c7490d29dbeaf
SHA512

99ae9cf788af2b801b6286ff7eee7c367d6b7cd791c30271d594ca540e3caff283fea8e7f738561aaae2a30ad342acbb2a7999e4b694ee84a98b0425b8b0482e
SSDEEP

384:g7WfQ/Gx554L5UgUPLOfjHpuyq2o/n3/Hi9T7ToMp+7Z40CSP5zFS5iSJ+0WAQjU:KM5eLmgMLIpuyq2in3/HGrxp+7Z40CS2

Score

3^/10

execution

Malware Config

Signatures

Command and Scripting Interpreter: JavaScript 1 TTPs
execution

JavaScript
T1059.007

Processes

C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\$_44_\chrome\content\main.js
1⤵
PID:3996

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

© 2018-2024

Terms | Privacy