Overview
overview
7Static
static
3507f4ba534...18.exe
windows7-x64
7507f4ba534...18.exe
windows10-2004-x64
7$PLUGINSDI...ns.dll
windows7-x64
3$PLUGINSDI...ns.dll
windows10-2004-x64
3$PLUGINSDI...em.dll
windows7-x64
3$PLUGINSDI...em.dll
windows10-2004-x64
3Updater.exe
windows7-x64
3Updater.exe
windows10-2004-x64
3WebGame.exe
windows7-x64
6WebGame.exe
windows10-2004-x64
6fancygame.dll
windows7-x64
3fancygame.dll
windows10-2004-x64
3General
-
Target
507f4ba534211bfcdbfd78e373a0b66f_JaffaCakes118
-
Size
720KB
-
Sample
241017-dr114stalm
-
MD5
507f4ba534211bfcdbfd78e373a0b66f
-
SHA1
b3332f0fe60048ffaea1cbaed663cd3124823c8a
-
SHA256
6362bb842fba77ebbaa67b5243902f2aab99e0135d3b4b83ea1f3a97591882d1
-
SHA512
1fd4a3f285acb5ea12ecb2cbe03065ca0b6c6bc68af468a81ca1435ed5a45700b62885971f8625b600bac7f96be6d529b7c4afac2747b4d7ccbee72d6798b72c
-
SSDEEP
12288:A8hG/JUPRVyS7oiIOLjQ/iy1AdW/Cccv2vfKODuNDQmzI5gwOaOfudsQIi1dR:A8hmJ0RVyS7oiIaQ/V4Zfv2XKNUbOaOe
Static task
static1
Behavioral task
behavioral1
Sample
507f4ba534211bfcdbfd78e373a0b66f_JaffaCakes118.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
507f4ba534211bfcdbfd78e373a0b66f_JaffaCakes118.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral3
Sample
$PLUGINSDIR/InstallOptions.dll
Resource
win7-20240903-en
Behavioral task
behavioral4
Sample
$PLUGINSDIR/InstallOptions.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral5
Sample
$PLUGINSDIR/System.dll
Resource
win7-20241010-en
Behavioral task
behavioral6
Sample
$PLUGINSDIR/System.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral7
Sample
Updater.exe
Resource
win7-20240903-en
Behavioral task
behavioral8
Sample
Updater.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral9
Sample
WebGame.exe
Resource
win7-20240903-en
Behavioral task
behavioral10
Sample
WebGame.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral11
Sample
fancygame.dll
Resource
win7-20240903-en
Behavioral task
behavioral12
Sample
fancygame.dll
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
507f4ba534211bfcdbfd78e373a0b66f_JaffaCakes118
-
Size
720KB
-
MD5
507f4ba534211bfcdbfd78e373a0b66f
-
SHA1
b3332f0fe60048ffaea1cbaed663cd3124823c8a
-
SHA256
6362bb842fba77ebbaa67b5243902f2aab99e0135d3b4b83ea1f3a97591882d1
-
SHA512
1fd4a3f285acb5ea12ecb2cbe03065ca0b6c6bc68af468a81ca1435ed5a45700b62885971f8625b600bac7f96be6d529b7c4afac2747b4d7ccbee72d6798b72c
-
SSDEEP
12288:A8hG/JUPRVyS7oiIOLjQ/iy1AdW/Cccv2vfKODuNDQmzI5gwOaOfudsQIi1dR:A8hmJ0RVyS7oiIaQ/V4Zfv2XKNUbOaOe
Score7/10-
Drops startup file
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
-
-
Target
$PLUGINSDIR/InstallOptions.dll
-
Size
14KB
-
MD5
325b008aec81e5aaa57096f05d4212b5
-
SHA1
27a2d89747a20305b6518438eff5b9f57f7df5c3
-
SHA256
c9cd5c9609e70005926ae5171726a4142ffbcccc771d307efcd195dafc1e6b4b
-
SHA512
18362b3aee529a27e85cc087627ecf6e2d21196d725f499c4a185cb3a380999f43ff1833a8ebec3f5ba1d3a113ef83185770e663854121f2d8b885790115afdf
-
SSDEEP
192:86d+dHXLHQOPiY53uiUdigyU+WsPdc/A1A+2jwK72dwF7dBEnbok:86UdHXcIiY535zBt2jw+BEnbo
Score3/10 -
-
-
Target
$PLUGINSDIR/System.dll
-
Size
11KB
-
MD5
c17103ae9072a06da581dec998343fc1
-
SHA1
b72148c6bdfaada8b8c3f950e610ee7cf1da1f8d
-
SHA256
dc58d8ad81cacb0c1ed72e33bff8f23ea40b5252b5bb55d393a0903e6819ae2f
-
SHA512
d32a71aaef18e993f28096d536e41c4d016850721b31171513ce28bbd805a54fd290b7c3e9d935f72e676a1acfb4f0dcc89d95040a0dd29f2b6975855c18986f
-
SSDEEP
192:7DKnJZCv6VmbJQC+tFiUdK7ckD4gRXKQx+LQ2CSF:7ViJrtFRdbmXK8+PCw
Score3/10 -
-
-
Target
Updater.exe
-
Size
322KB
-
MD5
343e2efaa3367f6dfdd87732caae8aad
-
SHA1
85a3b8ff5f9cae9ee18f79ec9f182ef43d20089e
-
SHA256
f20c6fb45417fe5682bcf33998390181d7d41aa0070f9e0aeca0cd36cf6cea3c
-
SHA512
b61d278c8310063e90cd60fe4f702e7674de5a985a34adf4d78541fd6eae0343ea6df703516bd45e96c005e630ef598bba3eb918415a734bd0106cef1540c216
-
SSDEEP
6144:+c3vAYmSuN5iUzlhPn3piPJLZtwlbjJr9Qj7UF3m://OTTZM1wlnVuj+m
Score3/10 -
-
-
Target
WebGame.exe
-
Size
698KB
-
MD5
b7a602794dbabfecb2266c650fed26be
-
SHA1
fb9f3b5426a312a58f4f862900ccb9a880fc0ede
-
SHA256
8a5eca9bbfccbc619f97646047692d83517dd2ee3f21d1e64f25d5cb05713423
-
SHA512
2a99bb6b93bfc0cd8e49fb5b97b42ad1a53b0b33f15cc455b2e0aeea73e57cf600b8d1b6980baec297e57bd379b96f71496a1aa458bce8084f5cefe2c7ec06ed
-
SSDEEP
12288:pn9uTY4GCQAEt4qrrRzTe+I/HjgKdB2M4snimUjEB:R9GSPS0hqvPjyM4sZBB
Score6/10-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
-
-
Target
fancygame.ocx
-
Size
487KB
-
MD5
876f94a1155b04c6a77fe6903cfec8fe
-
SHA1
a6aa226ab0eed3e8115740e511b727ea73670f71
-
SHA256
272bc9ccaa602425aa5f9781e52dfb6d205bd07c336f5972f15788f434ecb993
-
SHA512
e11979389e16ba3c721e98235a20bb90c22011a116237cc66181ab2725a7011d124bb05e89cebd016fd05eb0f56bf237f1ad6c433f6616e3122822a1ed85165d
-
SSDEEP
12288:dwNrrlUrW22vTJ0nt8pjt74aGu5uoT3o9UTB2f4:dwNFUrW2wpjt74aGu3TYHf4
Score3/10 -