Overview
overview
6Static
static
34fa776169a...18.exe
windows7-x64
34fa776169a...18.exe
windows10-2004-x64
3$PLUGINSDI...AC.dll
windows7-x64
3$PLUGINSDI...AC.dll
windows10-2004-x64
3$PLUGINSDI...VC.dll
windows7-x64
3$PLUGINSDI...VC.dll
windows10-2004-x64
3$PLUGINSDI...np.dll
windows7-x64
3$PLUGINSDI...np.dll
windows10-2004-x64
3$PLUGINSDI...el.dll
windows7-x64
3$PLUGINSDI...el.dll
windows10-2004-x64
3$PLUGINSDIR/Live.dll
windows7-x64
3$PLUGINSDIR/Live.dll
windows10-2004-x64
3$PLUGINSDI...le.dll
windows7-x64
3$PLUGINSDI...le.dll
windows10-2004-x64
3$PLUGINSDIR/PPAP.exe
windows7-x64
3$PLUGINSDIR/PPAP.exe
windows10-2004-x64
3$PLUGINSDI...ll.dll
windows7-x64
3$PLUGINSDI...ll.dll
windows10-2004-x64
3$PLUGINSDI...og.dll
windows7-x64
3$PLUGINSDI...og.dll
windows10-2004-x64
3$PLUGINSDI...le.dll
windows7-x64
3$PLUGINSDI...le.dll
windows10-2004-x64
3$PLUGINSDI...em.dll
windows7-x64
3$PLUGINSDI...em.dll
windows10-2004-x64
3$PLUGINSDI...nt.dll
windows7-x64
6$PLUGINSDI...nt.dll
windows10-2004-x64
3$PLUGINSDI...yD.dll
windows7-x64
3$PLUGINSDI...yD.dll
windows10-2004-x64
3$PLUGINSDI...le.dll
windows7-x64
3$PLUGINSDI...le.dll
windows10-2004-x64
3$PLUGINSDI...er.dll
windows7-x64
3$PLUGINSDI...er.dll
windows10-2004-x64
3General
-
Target
4fa776169a7d101e5da18227822d183e_JaffaCakes118
-
Size
3.1MB
-
Sample
241016-3n7f6azcqb
-
MD5
4fa776169a7d101e5da18227822d183e
-
SHA1
ed7915240d90835fd40acb09808009484a909728
-
SHA256
aca9dab58e24d2097883a87a12be28a0d4227bbd469773c175299d3a11d1f76a
-
SHA512
f59f8a81ff638e444ff0809203277f994c8ef1dff5a4fc5c5dd156c7f902b69a5318020c011aab99572c815c8bb233b1fa454448bde3620dc68c3aa4b511e5d2
-
SSDEEP
98304:DeOqb4ZE1sZbCtdL97oKQweye9pzJrjrRlpkV8PeYtyHv:DA4ZE1sZcMiDe7N/TpzPdmv
Static task
static1
Behavioral task
behavioral1
Sample
4fa776169a7d101e5da18227822d183e_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
4fa776169a7d101e5da18227822d183e_JaffaCakes118.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral3
Sample
$PLUGINSDIR/CoreAAC.dll
Resource
win7-20240903-en
Behavioral task
behavioral4
Sample
$PLUGINSDIR/CoreAAC.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral5
Sample
$PLUGINSDIR/CoreAVC.dll
Resource
win7-20241010-en
Behavioral task
behavioral6
Sample
$PLUGINSDIR/CoreAVC.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral7
Sample
$PLUGINSDIR/FWUpnp.dll
Resource
win7-20240903-en
Behavioral task
behavioral8
Sample
$PLUGINSDIR/FWUpnp.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral9
Sample
$PLUGINSDIR/Hookkernel.dll
Resource
win7-20240903-en
Behavioral task
behavioral10
Sample
$PLUGINSDIR/Hookkernel.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral11
Sample
$PLUGINSDIR/Live.dll
Resource
win7-20240708-en
Behavioral task
behavioral12
Sample
$PLUGINSDIR/Live.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral13
Sample
$PLUGINSDIR/MngModule.dll
Resource
win7-20240903-en
Behavioral task
behavioral14
Sample
$PLUGINSDIR/MngModule.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral15
Sample
$PLUGINSDIR/PPAP.exe
Resource
win7-20240708-en
Behavioral task
behavioral16
Sample
$PLUGINSDIR/PPAP.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral17
Sample
$PLUGINSDIR/PPHookShell.dll
Resource
win7-20241010-en
Behavioral task
behavioral18
Sample
$PLUGINSDIR/PPHookShell.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral19
Sample
$PLUGINSDIR/PPInstallLog.dll
Resource
win7-20240729-en
Behavioral task
behavioral20
Sample
$PLUGINSDIR/PPInstallLog.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral21
Sample
$PLUGINSDIR/Send_Log_Kernel_Module.dll
Resource
win7-20240903-en
Behavioral task
behavioral22
Sample
$PLUGINSDIR/Send_Log_Kernel_Module.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral23
Sample
$PLUGINSDIR/System.dll
Resource
win7-20240903-en
Behavioral task
behavioral24
Sample
$PLUGINSDIR/System.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral25
Sample
$PLUGINSDIR/TipsClient.dll
Resource
win7-20240903-en
Behavioral task
behavioral26
Sample
$PLUGINSDIR/TipsClient.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral27
Sample
$PLUGINSDIR/VAProxyD.dll
Resource
win7-20240708-en
Behavioral task
behavioral28
Sample
$PLUGINSDIR/VAProxyD.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral29
Sample
$PLUGINSDIR/admodule.dll
Resource
win7-20240903-en
Behavioral task
behavioral30
Sample
$PLUGINSDIR/admodule.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral31
Sample
$PLUGINSDIR/audioswitcher.dll
Resource
win7-20240903-en
Behavioral task
behavioral32
Sample
$PLUGINSDIR/audioswitcher.dll
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
4fa776169a7d101e5da18227822d183e_JaffaCakes118
-
Size
3.1MB
-
MD5
4fa776169a7d101e5da18227822d183e
-
SHA1
ed7915240d90835fd40acb09808009484a909728
-
SHA256
aca9dab58e24d2097883a87a12be28a0d4227bbd469773c175299d3a11d1f76a
-
SHA512
f59f8a81ff638e444ff0809203277f994c8ef1dff5a4fc5c5dd156c7f902b69a5318020c011aab99572c815c8bb233b1fa454448bde3620dc68c3aa4b511e5d2
-
SSDEEP
98304:DeOqb4ZE1sZbCtdL97oKQweye9pzJrjrRlpkV8PeYtyHv:DA4ZE1sZcMiDe7N/TpzPdmv
Score3/10 -
-
-
Target
$PLUGINSDIR/CoreAAC.ax
-
Size
312KB
-
MD5
b0ffac757be8d6cc41e1131eb2b0d959
-
SHA1
0e41733a050bc2ed53fda6337d6501b9942317c2
-
SHA256
04bf38bbd9cb8287582f9a2fb8b06e0ab30f06f676a93f4a56656b576f10e597
-
SHA512
356ecf4902f767f74670e5fcd57f26fb8a43710d0a2b3a995877e6f265119b2f091c6e5e3457dfa1767c6e4043afc470cc7090f43dd997b27c0e94c7e102bee3
-
SSDEEP
6144:+yTbEUUmDAh189YEqbBpkJzJTba96sZTiaJfOMBfcESToVk:bxUmDAn4C9GBJba96sZTf9Oy+Wk
Score3/10 -
-
-
Target
$PLUGINSDIR/CoreAVC.ax
-
Size
26KB
-
MD5
4b6451e30fd1835c0af3db68c6cfabd7
-
SHA1
264405ee0ae0f74b833ae8642645ceb2ce0ec1c7
-
SHA256
df307f34858014411fa15a99f59a2bdd80860f6fa491a966075da8bca4bc8f32
-
SHA512
7015f33299594545fdc4e0aa45bc5f9fd4fa451d1a6268c71831b4fda753387d5cc9bdd1edfebcc2c94c2cfd97d1e534e93c18f3a83886d709691d2d7908a7dd
-
SSDEEP
768:e9uWjQQOSRQgT0cukBYS2VXdTsrfZvm03cTX1Lt9gn27:e9TMSlT0cuCcdIjZvyTX1LtN7
Score3/10 -
-
-
Target
$PLUGINSDIR/FWUpnp.dll
-
Size
140KB
-
MD5
be2d4b56d5d40afca9c804d0776a25c6
-
SHA1
7ea48cf0e980fe999f14338f44ad4c57c9b714de
-
SHA256
e54031818e6449897e3a81f0637b0af7618f6aa9e1530c3bf4989d2fabe4a2d4
-
SHA512
f32b8e1d27acb7c9021dcc6cd426599374f61a78fd38a0f9d0bf5bf63c424ca816e3859387d98b3060592ea86d1743c5ff149099bcab4da9e31ff7abc81fd627
-
SSDEEP
3072:HE0D5eN3rsEkHJGYM+y/DV7u4hNesdd56PeAWK5:HRQ3rshhMn/DVj3dc2LK5
Score3/10 -
-
-
Target
$PLUGINSDIR/Hookkernel.dll
-
Size
275KB
-
MD5
65c2129a5c0cabd657022cf49a1a96a3
-
SHA1
03c529e0226eb5b41cd91708512dbd58edecd600
-
SHA256
0aa0271fc27552af57fd171c3288b00b600c912a60d8752bf70f90b997f5d67c
-
SHA512
b9900c3f6c93cf30c55cf718d96743728535bcb820ffaf4efa3c1ab874c684903a8fb30c2e88babdd468c2badc49306186df95f32d86bfb1a84d8d182bc8143c
-
SSDEEP
3072:VOGElO2Vtd2LW5ukXA8l7xLsx1BuAYzPWMYCWyRQzaniwlXs5Yo4qD1icgE:FEzrd2LWDXA8lVsNczPWtCW/zO3XtooE
Score3/10 -
-
-
Target
$PLUGINSDIR/Live.dll
-
Size
205KB
-
MD5
ec03fa69a025dc807314b9dcb5498986
-
SHA1
a0f5abfa07ce548f10b806922eff748d2652f0e9
-
SHA256
c3c5091dad0c0be701f6da2ae41a07f3614d6f567031dda823e5a320483c2243
-
SHA512
78c30b0616686454be4c2eff375c91445270effb8d7bcbca372692ed86ce9dc383f91512fc65a937cd7c478c0c5cbd840e301aceabbf7d3c58cb92a80671cabb
-
SSDEEP
6144:juVS50/4IMjqndIM7NpiLgqe4tQ+PAHWgaWSJKR82+gS45y69z6gm61xdO:jg82+gS4J9+gO
Score3/10 -
-
-
Target
$PLUGINSDIR/MngModule.dll
-
Size
862KB
-
MD5
992ef262f488bd71005d04644b128788
-
SHA1
6a35e4ba677cc9e03fac85983bd968ab8862b16c
-
SHA256
ca89fab589e51e74468860dec0a63eaf4bb9a80a8444fde7783f43ec7b96916b
-
SHA512
6e619c4a2b382b2f7e9a9aab5cc9578caced894092cec9abd96fa9958a0506042afc463e1a767eece3115ed5db62d207b84df6dc919a84330cecf9309cb59578
-
SSDEEP
12288:fQD1kl1ZVQQNaA13/NY9+pQwqDeIGvKb2yuYNemSIWGJjrirC6B5LgZku:o+l/Njp/bTyuYFWGJjrir3Fu
Score3/10 -
-
-
Target
$PLUGINSDIR/PPAP.exe
-
Size
181KB
-
MD5
ecf05fb40bb1eedda1ba50280ee91c74
-
SHA1
a9b160c78cdb26e2c7f8a8a172dfbca832281df7
-
SHA256
3c90f9e0159b911dd9559d86b80ebf9fc2a83908993c4cffacdc5d4ddcb9baf5
-
SHA512
8c630615ec1041f4e6f88fa744529a564e6a7442a3666015ae519d68cc61904500d932f621af4b8d231a32e81d32bb1754cc5947e61093a87ae92bd0008ae7a5
-
SSDEEP
3072:iktGuFdoU712zneJxEpiEIII1IIaVkbAGAdzB3Yt/nGbMQ:7roU52znAEgEIII1IIaVBGM3ZAQ
Score3/10 -
-
-
Target
$PLUGINSDIR/PPHookShell.dll
-
Size
252KB
-
MD5
a27a138723878a478c06e1f82adccfab
-
SHA1
79dffc70b9104cd9487d7e49a95f492faadd3133
-
SHA256
519277e0449b1eed8f75624ebbb9cb09a5d8dccd3815c6ef594fa4fec6318741
-
SHA512
24ec8474d7e3969772176045a0191f669c4bf6f05ca241dc0e2c0840027ed8daa9cfb7b50383f23497c192809732f2afc5f384cd4edaea4d47e3547fbdbea31f
-
SSDEEP
6144:daf31Wel39Id66npp6kZ0EYmf2yLtopxL:d61Idnnpp6RgmpxL
Score3/10 -
-
-
Target
$PLUGINSDIR/PPInstallLog.dll
-
Size
41KB
-
MD5
a04d44787b28d37b4334c184ea4faae8
-
SHA1
47a5038f2fc45841420a89f08eefd35191aa1fe7
-
SHA256
34f0eb6f3b7deda82929fba6993eb27cd26d0b791be8031ce0b4729a7dc9dd46
-
SHA512
a529e5c412dce90f34e13a185e81b757adf140447167b310d056d2b380873683e5b6681f5810be7d1194cfdd64eda25b87a1a5aae70ed4e48be5aa64acbd5346
-
SSDEEP
768:oCIMnU6AUW1qDyaoKg6V86jJaJy+mW3jLWQbCo:lIMSHP6C6j4JqWTaECo
Score3/10 -
-
-
Target
$PLUGINSDIR/Send_Log_Kernel_Module.dll
-
Size
233KB
-
MD5
7d1dbe3c735d2a5d4951022c45547772
-
SHA1
e6fbebc3c185d6b150bc7b2a9d1685e107b03b3e
-
SHA256
8cc9bc4f9289ef37d344c88e4b53ce5ca58b11ec1e32d60fc9fd6456a80f1233
-
SHA512
648299ee0b0c2678d9da43ca039fcf8525e9921b46327577fa6c57f0de41f5ccecda70e219a0135fb8c05725a752e7e2cdf27bad845203eb5147d3056e588086
-
SSDEEP
6144:kQ4Xli0q/zL8eVC0RmtrC3mVe9IMv1cWzES179Tm:kQ4igrCWVe9zaWzD9Tm
Score3/10 -
-
-
Target
$PLUGINSDIR/System.dll
-
Size
11KB
-
MD5
c17103ae9072a06da581dec998343fc1
-
SHA1
b72148c6bdfaada8b8c3f950e610ee7cf1da1f8d
-
SHA256
dc58d8ad81cacb0c1ed72e33bff8f23ea40b5252b5bb55d393a0903e6819ae2f
-
SHA512
d32a71aaef18e993f28096d536e41c4d016850721b31171513ce28bbd805a54fd290b7c3e9d935f72e676a1acfb4f0dcc89d95040a0dd29f2b6975855c18986f
-
SSDEEP
192:7DKnJZCv6VmbJQC+tFiUdK7ckD4gRXKQx+LQ2CSF:7ViJrtFRdbmXK8+PCw
Score3/10 -
-
-
Target
$PLUGINSDIR/TipsClient.dll
-
Size
237KB
-
MD5
25853e8bd3e283e15024d1111535ede7
-
SHA1
5b56e1dea924520b6c61ec09113c33fa3db573a4
-
SHA256
ccbce22f01208cc8fc96de789ab9fedefc851f588cd4c1fbd6d9edc7ac2f4eb5
-
SHA512
5bfa0e6bed05f1ab79ee97d1bd9bf1d48ba3d263a44e538d005af820c41c659eb112a4f19152e0841301fbd8b9618e8f353fe672df88b66e45c4719784202144
-
SSDEEP
3072:G4CrgXFGPASJR81rXwRtTgvK8SvP4N6MPuFjpChe8WgoqILjWjpWyI9Se/tNWrLL:yg1TwsS8HUdjpChSpGje/tNyykwbC1
Score6/10-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
-
-
Target
$PLUGINSDIR/VAProxyD.dll
-
Size
97KB
-
MD5
c3a7c71bce4ec04d63b7ef8ec9958c39
-
SHA1
cbe84ecbae1eb37557426783b7fa89a804d4fc09
-
SHA256
02a78e77cb64d9fa1f90ed2be6d9ff7b94624b2a790ed8109bfe61e66ebd825f
-
SHA512
9a5579cd5c437158d8277b64e583d18cd0113c186d1013e3c57c92d39a16b412ce9f95aef09dbbd05a36cab62e5193532c41eea6850b0a77d8502e7d1fa23468
-
SSDEEP
1536:2ublP85a1u5pJfGdw13FpZxRCH4zwpmW7RZO7VccUCdPJL8QaECL:2mU81UGd8RCYemWDSKCJZAD
Score3/10 -
-
-
Target
$PLUGINSDIR/admodule.dll
-
Size
812KB
-
MD5
a256337aedd10bfe85aa8d0cc759c4b1
-
SHA1
292012487cd89842964712e1ad26e7dfb2c1fcb1
-
SHA256
e2c24c63ac4da0e34a253c3cf8d6ec31da39740376fe2e87e52ba0f32c450640
-
SHA512
250666689c156809dae72648e99d0a9abdb105375044c956d6c50e4107dce236d95a7925611566f8963b7bb0e956631aff9cce65695f1b7e493cfd4c849dab72
-
SSDEEP
12288:01uRtBrct5O/dyANBseR1+bQE5NyH8/uUIid7vV+4KCaEovvV:3gturIGjUIid7rKvvXV
Score3/10 -
-
-
Target
$PLUGINSDIR/audioswitcher.ax
-
Size
304KB
-
MD5
9ab21c1c96fcb113ff93cd641b88112e
-
SHA1
d5ffe5945ebbeaf73a0e1d7470d0a2f72b08f6ff
-
SHA256
bff1bf09ff63a3fd600cbf36684aa01da6a08b63498ae549b15f0964572c3ea6
-
SHA512
44cf7f6d8e51aa6c8d98f1c5456c391fe812d6df4c6b68450d0ba4ee920e86a22433f22ee3f367a8f1183c0276fbe0eaeb2de7987ac9acf51f542a0a84451293
-
SSDEEP
3072:9VKpjxoDyxTJwkUY6WJ12sodlHiO9OHXXg1207yOh/qEMIZX2Wwr73U048j02MQN:HKpnYsgssHZ9OHHgRhweTioIcr7
Score3/10 -