Overview
overview
6Static
static
34b5569fe25...18.exe
windows7-x64
34b5569fe25...18.exe
windows10-2004-x64
3$PLUGINSDI...AC.dll
windows7-x64
3$PLUGINSDI...AC.dll
windows10-2004-x64
3$PLUGINSDI....0.dll
windows7-x64
3$PLUGINSDI....0.dll
windows10-2004-x64
3$PLUGINSDI...VC.dll
windows7-x64
3$PLUGINSDI...VC.dll
windows10-2004-x64
3$PLUGINSDI...np.dll
windows7-x64
3$PLUGINSDI...np.dll
windows10-2004-x64
3$PLUGINSDI...CE.dll
windows7-x64
3$PLUGINSDI...CE.dll
windows10-2004-x64
3$PLUGINSDI...el.dll
windows7-x64
3$PLUGINSDI...el.dll
windows10-2004-x64
3$PLUGINSDIR/Live.dll
windows7-x64
3$PLUGINSDIR/Live.dll
windows10-2004-x64
3$PLUGINSDI...er.dll
windows7-x64
3$PLUGINSDI...er.dll
windows10-2004-x64
3$PLUGINSDI...le.dll
windows7-x64
3$PLUGINSDI...le.dll
windows10-2004-x64
3$PLUGINSDI...er.dll
windows7-x64
3$PLUGINSDI...er.dll
windows10-2004-x64
3$PLUGINSDIR/PPAP.exe
windows7-x64
3$PLUGINSDIR/PPAP.exe
windows10-2004-x64
3$PLUGINSDI...ll.dll
windows7-x64
3$PLUGINSDI...ll.dll
windows10-2004-x64
3$PLUGINSDI...le.dll
windows7-x64
3$PLUGINSDI...le.dll
windows10-2004-x64
3$PLUGINSDI...em.dll
windows7-x64
3$PLUGINSDI...em.dll
windows10-2004-x64
3$PLUGINSDI...nt.dll
windows7-x64
6$PLUGINSDI...nt.dll
windows10-2004-x64
3General
-
Target
4b5569fe25d928ad0cbcd893ad22aabd_JaffaCakes118
-
Size
3.9MB
-
Sample
241016-epvxrasalh
-
MD5
4b5569fe25d928ad0cbcd893ad22aabd
-
SHA1
28bae46d8742cb957576ad350aad41aa921c5b7a
-
SHA256
65d3b9fa54d57a108860a8149cac840fd10ab2d6143b1f4e346f3c9fd589043e
-
SHA512
768e8e2177c714fb3d27253cadb3d7e03dc0aa9a9d4842278178a38406c38f708d70bf10f5c299f00bbc4e1756ada421667e70a262566d9756579cb0851d3a72
-
SSDEEP
98304:zeOe6dLObiPg6gPHBl6Mk+89fwjzCXqFBhNAgRLn6CxxJePxCwBpva:zvOb966Bon+K6dSgBFjJANC
Static task
static1
Behavioral task
behavioral1
Sample
4b5569fe25d928ad0cbcd893ad22aabd_JaffaCakes118.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
4b5569fe25d928ad0cbcd893ad22aabd_JaffaCakes118.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral3
Sample
$PLUGINSDIR/CoreAAC.dll
Resource
win7-20240729-en
Behavioral task
behavioral4
Sample
$PLUGINSDIR/CoreAAC.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral5
Sample
$PLUGINSDIR/CoreAVC.2.0.0.0.dll
Resource
win7-20240903-en
Behavioral task
behavioral6
Sample
$PLUGINSDIR/CoreAVC.2.0.0.0.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral7
Sample
$PLUGINSDIR/CoreAVC.dll
Resource
win7-20240903-en
Behavioral task
behavioral8
Sample
$PLUGINSDIR/CoreAVC.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral9
Sample
$PLUGINSDIR/FWUpnp.dll
Resource
win7-20240729-en
Behavioral task
behavioral10
Sample
$PLUGINSDIR/FWUpnp.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral11
Sample
$PLUGINSDIR/HTTP_ASF_SOURCE.dll
Resource
win7-20241010-en
Behavioral task
behavioral12
Sample
$PLUGINSDIR/HTTP_ASF_SOURCE.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral13
Sample
$PLUGINSDIR/Hookkernel.dll
Resource
win7-20240903-en
Behavioral task
behavioral14
Sample
$PLUGINSDIR/Hookkernel.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral15
Sample
$PLUGINSDIR/Live.dll
Resource
win7-20240903-en
Behavioral task
behavioral16
Sample
$PLUGINSDIR/Live.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral17
Sample
$PLUGINSDIR/MP4Splitter.dll
Resource
win7-20240903-en
Behavioral task
behavioral18
Sample
$PLUGINSDIR/MP4Splitter.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral19
Sample
$PLUGINSDIR/MngModule.dll
Resource
win7-20240903-en
Behavioral task
behavioral20
Sample
$PLUGINSDIR/MngModule.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral21
Sample
$PLUGINSDIR/OPlayer.dll
Resource
win7-20240903-en
Behavioral task
behavioral22
Sample
$PLUGINSDIR/OPlayer.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral23
Sample
$PLUGINSDIR/PPAP.exe
Resource
win7-20240903-en
Behavioral task
behavioral24
Sample
$PLUGINSDIR/PPAP.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral25
Sample
$PLUGINSDIR/PPHookShell.dll
Resource
win7-20240903-en
Behavioral task
behavioral26
Sample
$PLUGINSDIR/PPHookShell.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral27
Sample
$PLUGINSDIR/Send_Log_Kernel_Module.dll
Resource
win7-20240903-en
Behavioral task
behavioral28
Sample
$PLUGINSDIR/Send_Log_Kernel_Module.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral29
Sample
$PLUGINSDIR/System.dll
Resource
win7-20240729-en
Behavioral task
behavioral30
Sample
$PLUGINSDIR/System.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral31
Sample
$PLUGINSDIR/TipsClient.dll
Resource
win7-20240903-en
Behavioral task
behavioral32
Sample
$PLUGINSDIR/TipsClient.dll
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
4b5569fe25d928ad0cbcd893ad22aabd_JaffaCakes118
-
Size
3.9MB
-
MD5
4b5569fe25d928ad0cbcd893ad22aabd
-
SHA1
28bae46d8742cb957576ad350aad41aa921c5b7a
-
SHA256
65d3b9fa54d57a108860a8149cac840fd10ab2d6143b1f4e346f3c9fd589043e
-
SHA512
768e8e2177c714fb3d27253cadb3d7e03dc0aa9a9d4842278178a38406c38f708d70bf10f5c299f00bbc4e1756ada421667e70a262566d9756579cb0851d3a72
-
SSDEEP
98304:zeOe6dLObiPg6gPHBl6Mk+89fwjzCXqFBhNAgRLn6CxxJePxCwBpva:zvOb966Bon+K6dSgBFjJANC
Score3/10 -
-
-
Target
$PLUGINSDIR/CoreAAC.ax
-
Size
312KB
-
MD5
b0ffac757be8d6cc41e1131eb2b0d959
-
SHA1
0e41733a050bc2ed53fda6337d6501b9942317c2
-
SHA256
04bf38bbd9cb8287582f9a2fb8b06e0ab30f06f676a93f4a56656b576f10e597
-
SHA512
356ecf4902f767f74670e5fcd57f26fb8a43710d0a2b3a995877e6f265119b2f091c6e5e3457dfa1767c6e4043afc470cc7090f43dd997b27c0e94c7e102bee3
-
SSDEEP
6144:+yTbEUUmDAh189YEqbBpkJzJTba96sZTiaJfOMBfcESToVk:bxUmDAn4C9GBJba96sZTf9Oy+Wk
Score3/10 -
-
-
Target
$PLUGINSDIR/CoreAVC.2.0.0.0.ax
-
Size
265KB
-
MD5
a45cfb1f058297ae981f8afeef056b8d
-
SHA1
e454ed585a0f19d3119cef725958ea19c93cd7cf
-
SHA256
779768aa0bf2270422e1686547ae622238e7b7cf37ce212a1d75caf8628c1508
-
SHA512
efa87c97e4f76d5fbd73d2e0c5c580c719518d4e3e7e16efdb1355b659c9584956bc7df944f0d637f069f359a046fe65bfd178e4cbaf97fbb5921ebd29e09aa0
-
SSDEEP
6144:/+x+B++xX1f3uZINBKD5wlA9amB38sDFe9E23XbFDZ:Wi+A1fJ2wlhmKsg22nbNZ
Score3/10 -
-
-
Target
$PLUGINSDIR/CoreAVC.ax
-
Size
181KB
-
MD5
c264fed121afd44bda8bf0ff8f4e4269
-
SHA1
7480a3b26b81045a1504e68e15225682bcc6f440
-
SHA256
cb8d9d80dcd48d9a9e3d87c847c47125f7201a98fb5abb4bd6c443322071b951
-
SHA512
99ed4b723b2b7a90fce8e9bf9ee8d5a1440c4d569638ff6a1aa59354c8bca91618a13c440f754fad3ae22c306709da35b4c53b8a00a09753027eaed0d238052b
-
SSDEEP
3072:eFX0fCcmjZvyTdndzMryzKdvYQ/5c0q3ARsK/l74obxK7Dtp0XRHSOg9lX9cWR82:GEKpZY2r3VYQ/c0d7Hbw7pp0X8hlX6WB
Score3/10 -
-
-
Target
$PLUGINSDIR/FWUpnp.dll
-
Size
140KB
-
MD5
be2d4b56d5d40afca9c804d0776a25c6
-
SHA1
7ea48cf0e980fe999f14338f44ad4c57c9b714de
-
SHA256
e54031818e6449897e3a81f0637b0af7618f6aa9e1530c3bf4989d2fabe4a2d4
-
SHA512
f32b8e1d27acb7c9021dcc6cd426599374f61a78fd38a0f9d0bf5bf63c424ca816e3859387d98b3060592ea86d1743c5ff149099bcab4da9e31ff7abc81fd627
-
SSDEEP
3072:HE0D5eN3rsEkHJGYM+y/DV7u4hNesdd56PeAWK5:HRQ3rshhMn/DVj3dc2LK5
Score3/10 -
-
-
Target
$PLUGINSDIR/HTTP_ASF_SOURCE.ax
-
Size
506KB
-
MD5
d8dea47ee79837f435193fb9b6972cc1
-
SHA1
d8ce8e1bd0fcad2d50bc83846f7b16c52987d083
-
SHA256
8986849443fd14ed19ce0e87b01fd2cba4dca42e978417344732741f2fc29c5e
-
SHA512
da999774608935ca769f25e6699275033ec92a935d3081f700ea890a3cac6ac59da6f3f8be33488d07386d103eaa808734a7c8a3c5f11b38a6ec84c5ddae8b5f
-
SSDEEP
6144:IEBjCmsazwA6exhQWHb7Do9b2GRPKT1E9o5H4G/VmKEYTzKKAmKCetHRajaubxl:D+m3P6exhQW77TiSECrYKfTmSiajN
Score3/10 -
-
-
Target
$PLUGINSDIR/Hookkernel.dll
-
Size
249KB
-
MD5
9e5ec82ae6eaf73c21b344af16fc6e37
-
SHA1
bfc552d9ec37858b7b197b089e05bae9733cc42f
-
SHA256
9b89df0d08de3583210271f583d1ea4eb73c40d0a611dcb7512452987285bcc7
-
SHA512
21ff67c6907a4d0dd4049285770d84942b19196649d384408c2404dc922141ee6a80d1f31e673f59de12d3f587c1c3e4d1c8db56eea73989f30bcb53fb3a06e0
-
SSDEEP
3072:6u6T0e0OOzOpNahx4X7seraCgb9GWAMRnUc6ZkdTkel1+EluZBQywr73sB68yhtW:QuUNahx4rxr3nqRnU5HevaZBQuyvceI
Score3/10 -
-
-
Target
$PLUGINSDIR/Live.dll
-
Size
221KB
-
MD5
3dc6cdde8c48bfcb2baee14dde26940f
-
SHA1
aab6d9a5f9d75703b080e0676a6b9da91e8e19d6
-
SHA256
769d997cb76fbfe8bd4c716286c99b0321f1cd8c1a4e419b57a842082e2a2e29
-
SHA512
87cdc07f6c74d624ad78f16e6516abd0d979faf65c9f82b8a8ef0c058816a253b6002efd16f9a4e14380a0d6cab1f3fd1107e728be775ae7e5c7737f906c6ce8
-
SSDEEP
6144:9G5ieoyu2aj0Kx/EICDCEj6PWfk/K2n3/1F91k1sBJEWl7vHy69ZAquia:9G4JEWl7vz9W9ia
Score3/10 -
-
-
Target
$PLUGINSDIR/MP4Splitter.ax
-
Size
509KB
-
MD5
bb01bfdc1bfe48cf9c18180bf6539917
-
SHA1
25d0a11d31857fef74e9b98dcabd96f24d89c774
-
SHA256
050649bb8dc43e68753de7567e17972cbcec1a2dacf243befeb12dc51517f7cc
-
SHA512
f4fa00923ee61f0fcb53c8ebfd65b27db54a7663e5d60d8a56f7d08f33e2e1c467aa0b58899fbd62ac2261b185655cc94bac9ce85e2ed3b0c32336daa5346ba5
-
SSDEEP
12288:TwQ9eDwtt/jTdrBGg93e19FJdQXajEEWq7uTj6T9:0Q9eDwtZTdr47QXFJ9Tjc9
Score3/10 -
-
-
Target
$PLUGINSDIR/MngModule.dll
-
Size
814KB
-
MD5
52d48f039b1271fe91c4a7275603c7bf
-
SHA1
e488ef8a8e5cb0fa37a4f706b66e63aa30fe725d
-
SHA256
4514c9cd5c1b8fbafaddaf74aae25c253bffb1a1de77f1191b5873e0cbb1bb3e
-
SHA512
0daa62cb92a887f1e5266fe25d18f291f87979c715a9f4b86de705ecfcefd1c08bc1e15b1e9df43d2d5dfec2bfebfd1964d0fde7f2121280b8a5f98693c3b127
-
SSDEEP
12288:vMMUbyO6atIvZrW4e0W2r8cEfycBnkmfF4qjsyOgn9tu6AwhFt:VvZyV2fstrsyOI9tu6AwhFt
Score3/10 -
-
-
Target
$PLUGINSDIR/OPlayer.ocx
-
Size
1.1MB
-
MD5
025a1f05dea5771611e075857598a769
-
SHA1
4798950c473ff8fd3ff5d546395f41b9588faca9
-
SHA256
ca328d40be9933e28b7f51230f5e19611ea2d4c438a152fa9190641e0c01a5f2
-
SHA512
be807ebd552fb3040f1328bcb47d0eed784aee13611599c9ff0e413d656297b292d44af158645fba4d5507f4bdb03e1247ccd0824cbb5e21c9e3b2487dc7e31a
-
SSDEEP
24576:r4cV+fZ3m5zOrPk/mn9FDIr9Ht6r6BrR/fFI+Mjc++6rZHr7o:rnTOn9xA9NamrR/fvMjyYZL7o
Score3/10 -
-
-
Target
$PLUGINSDIR/PPAP.exe
-
Size
181KB
-
MD5
71d558d35fccffa53e6d6414bbf91de3
-
SHA1
4f484219296fdb004168f8b875dc878f3ff6d392
-
SHA256
631ff4824532ef5fe018eeb95303f9207c55a1c744823a79ee5904c5683ba2c2
-
SHA512
2cfa44c0d354d4ba311a7a9fb7fd4c866c0a8f44632f9a0ead22e286f603c89dcb5b6c389f542c18848a256378229014b7cfdcc9206c78f2cb6dda17b9de211a
-
SSDEEP
3072:5OByJF8UBy2zneJDQpiEIII1IIaVkbAGAdzB3Yt/nGxn8:jn8Uo2znaQgEIII1IIaVBGM3Zx8
Score3/10 -
-
-
Target
$PLUGINSDIR/PPHookShell.dll
-
Size
241KB
-
MD5
f9b346bcfec4605755d4435e8eac34a1
-
SHA1
f694ece30381ca9dc37e18030454a56a737ce4a4
-
SHA256
e0596457bec914a3281ad614a23c1c3c11bd9c95ddabf090d68d3bca4854c92a
-
SHA512
60a17bd0b971690818b26e45ee8ca335e3b1820ac73d229f54b55b2e23acb051a45c00275a5ea1b35ac1caf2d1626fed34f0296fc8d7a41b0139b0aa0e226e7b
-
SSDEEP
3072:LZFvombK4A6NvgJvcYwUuSaEwTG4SJK7hqmYLzhJR7CIgNldwr73GPAG3StoIZTx:rKI5UcdUuSaEwa4S0qmATpHgNTljIBF
Score3/10 -
-
-
Target
$PLUGINSDIR/Send_Log_Kernel_Module.dll
-
Size
233KB
-
MD5
7d1dbe3c735d2a5d4951022c45547772
-
SHA1
e6fbebc3c185d6b150bc7b2a9d1685e107b03b3e
-
SHA256
8cc9bc4f9289ef37d344c88e4b53ce5ca58b11ec1e32d60fc9fd6456a80f1233
-
SHA512
648299ee0b0c2678d9da43ca039fcf8525e9921b46327577fa6c57f0de41f5ccecda70e219a0135fb8c05725a752e7e2cdf27bad845203eb5147d3056e588086
-
SSDEEP
6144:kQ4Xli0q/zL8eVC0RmtrC3mVe9IMv1cWzES179Tm:kQ4igrCWVe9zaWzD9Tm
Score3/10 -
-
-
Target
$PLUGINSDIR/System.dll
-
Size
11KB
-
MD5
c17103ae9072a06da581dec998343fc1
-
SHA1
b72148c6bdfaada8b8c3f950e610ee7cf1da1f8d
-
SHA256
dc58d8ad81cacb0c1ed72e33bff8f23ea40b5252b5bb55d393a0903e6819ae2f
-
SHA512
d32a71aaef18e993f28096d536e41c4d016850721b31171513ce28bbd805a54fd290b7c3e9d935f72e676a1acfb4f0dcc89d95040a0dd29f2b6975855c18986f
-
SSDEEP
192:7DKnJZCv6VmbJQC+tFiUdK7ckD4gRXKQx+LQ2CSF:7ViJrtFRdbmXK8+PCw
Score3/10 -
-
-
Target
$PLUGINSDIR/TipsClient.dll
-
Size
209KB
-
MD5
cb8db32a0dd94c29baf95f5abfb5b12d
-
SHA1
e2e0ae5d46c8ec6a0bb82771efbdf3ec56913ae6
-
SHA256
03f74518c3d95f51d7551cd0c39eeba2121a39ebf5ae441ba7200530f7e5b14d
-
SHA512
34f962c40d9978c0b2ef759d0c6cf752a610379f04a8f4219bac36e4b9c7f8ad767b76ce4d17842a02b30d3026767bf1c8e65722e17aea4b5f1b551dd0a334bb
-
SSDEEP
3072:3uZPTECke/IWFgjpm4pzPyeTbIHX6kjPq5nR/RQQ/0yowydL/:C4xmIu6E4pzKibIHXT9Q/0yhydL/
Score6/10-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-