Overview
overview
7Static
static
38d8e9d7e37...18.exe
windows7-x64
78d8e9d7e37...18.exe
windows10-2004-x64
7$PLUGINSDI...is.dll
windows7-x64
3$PLUGINSDI...is.dll
windows10-2004-x64
3ffRichMedi...ion.js
windows7-x64
3ffRichMedi...ion.js
windows10-2004-x64
3ff/chrome/...e75.js
windows7-x64
3ff/chrome/...e75.js
windows10-2004-x64
3ff/chrome/...ion.js
windows7-x64
3ff/chrome/...ion.js
windows10-2004-x64
3ie/RichMed...75.dll
windows7-x64
6ie/RichMed...75.dll
windows10-2004-x64
6uninstall.exe
windows7-x64
7uninstall.exe
windows10-2004-x64
7$PLUGINSDI...is.dll
windows7-x64
3$PLUGINSDI...is.dll
windows10-2004-x64
3General
-
Target
8d8e9d7e371bda8d8bd892e8fd115e29_JaffaCakes118
-
Size
657KB
-
Sample
241103-z6ra4svdme
-
MD5
8d8e9d7e371bda8d8bd892e8fd115e29
-
SHA1
486ac62244cfb0f51e3a962a2b611b2d381038ba
-
SHA256
79a72ba839f036c139262a1dd4766e6bc0033f10790794bf9f667ccc62e534d1
-
SHA512
fe7e4ede717d3746a6bb6fd68d2d74d04d7758339cc7768c48c5c768a875a977edf6e1185e4f60627876f2ae3e827dc14badbe7a0a91b94b611a441b3f7ebb2e
-
SSDEEP
12288:OQ09NFWG4GQTq4OaQQTYJ8eP4/L5uO7D3f5Brq4yaPQTMJ8ePB/x5uO7jU26X2m:OQmFWG4GQm4OaHYJ8eP4D5uOHBB+4yas
Static task
static1
Behavioral task
behavioral1
Sample
8d8e9d7e371bda8d8bd892e8fd115e29_JaffaCakes118.exe
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
8d8e9d7e371bda8d8bd892e8fd115e29_JaffaCakes118.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral3
Sample
$PLUGINSDIR/aminsis.dll
Resource
win7-20241010-en
Behavioral task
behavioral4
Sample
$PLUGINSDIR/aminsis.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral5
Sample
ffRichMediaViewV1release75chaction.js
Resource
win7-20240903-en
Behavioral task
behavioral6
Sample
ffRichMediaViewV1release75chaction.js
Resource
win10v2004-20241007-en
Behavioral task
behavioral7
Sample
ff/chrome/content/ffRichMediaViewV1release75.js
Resource
win7-20240903-en
Behavioral task
behavioral8
Sample
ff/chrome/content/ffRichMediaViewV1release75.js
Resource
win10v2004-20241007-en
Behavioral task
behavioral9
Sample
ff/chrome/content/ffRichMediaViewV1release75ffaction.js
Resource
win7-20241010-en
Behavioral task
behavioral10
Sample
ff/chrome/content/ffRichMediaViewV1release75ffaction.js
Resource
win10v2004-20241007-en
Behavioral task
behavioral11
Sample
ie/RichMediaViewV1release75.dll
Resource
win7-20240903-en
Behavioral task
behavioral12
Sample
ie/RichMediaViewV1release75.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral13
Sample
uninstall.exe
Resource
win7-20240903-en
Behavioral task
behavioral14
Sample
uninstall.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral15
Sample
$PLUGINSDIR/aminsis.dll
Resource
win7-20240903-en
Behavioral task
behavioral16
Sample
$PLUGINSDIR/aminsis.dll
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
8d8e9d7e371bda8d8bd892e8fd115e29_JaffaCakes118
-
Size
657KB
-
MD5
8d8e9d7e371bda8d8bd892e8fd115e29
-
SHA1
486ac62244cfb0f51e3a962a2b611b2d381038ba
-
SHA256
79a72ba839f036c139262a1dd4766e6bc0033f10790794bf9f667ccc62e534d1
-
SHA512
fe7e4ede717d3746a6bb6fd68d2d74d04d7758339cc7768c48c5c768a875a977edf6e1185e4f60627876f2ae3e827dc14badbe7a0a91b94b611a441b3f7ebb2e
-
SSDEEP
12288:OQ09NFWG4GQTq4OaQQTYJ8eP4/L5uO7D3f5Brq4yaPQTMJ8ePB/x5uO7jU26X2m:OQmFWG4GQm4OaHYJ8eP4D5uOHBB+4yas
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-
-
-
Target
$PLUGINSDIR/aminsis.dll
-
Size
567KB
-
MD5
450753ad96785a240a39deccab3af0d0
-
SHA1
21c544064d2ffa6444508268ce258a330d459fc5
-
SHA256
1c371dcc6c3428ea98fb0d2dcb612b4ebc731f3ed72e683c8e33058cd2a952d3
-
SHA512
c41b834f4228b7668316095569c836b4e0d55c5fbf310c65b0e0453ef0e74a3ce8f9357cea90b80f6590f85dd7708eeb4eec27518811ea4aab20c0e7f5643dab
-
SSDEEP
12288:i/x6GnSkidh7NfMc4G1ppgH81vrKiuu+PUHOGcl5Sbl9B9GUdL:9GnSkWh4G1ppgH81vrBu3MHOGUKfGU
Score3/10 -
-
-
Target
ffRichMediaViewV1release75chaction.js
-
Size
854B
-
MD5
0ee51428a27aab651aef16655eeac657
-
SHA1
c6cf425f6aa2dcf6bea5b2fd5cc4431f67e1ebc6
-
SHA256
cee7738f076240f09f15df9bf9f4dcf8dc7eec14856b308c3eea76b8c1cb1abc
-
SHA512
98c52f632c3bdcb3e6835e4e6cfe7ba27814945a47a97690dfff5f569fc0d7f548a6b4b96a66f197a307ef28e456e669a61c8b16438104baba910cc414d1cffc
Score3/10 -
-
-
Target
ff/chrome/content/ffRichMediaViewV1release75.js
-
Size
759B
-
MD5
d61ce4a95675eff09d07de30a194ec5e
-
SHA1
d2316a9d26cb17fc4a747e1bb17b1903d1bb7b59
-
SHA256
b3786683d1125f2e4c513eddea0925a4aaf212fc01e494a6560683703e9be34c
-
SHA512
c6a2599bb836a599b21a4310ad0e1bacd130bb593bdc8b93091379cb07a7e0d9255737ebd985aa39f3f3ba8f6547da88c2b849252bcfdd6f60fd0059b0ed8236
Score3/10 -
-
-
Target
ff/chrome/content/ffRichMediaViewV1release75ffaction.js
-
Size
694B
-
MD5
b968c7ed9de093ea60290bda154f295e
-
SHA1
bd0a06b8b68259811f9d6f20abbf5e8286c17456
-
SHA256
97c8102d93906df439c2ffbb38d842313caaa3203db5df1f2fee358f648558b1
-
SHA512
342324d30595afb05bd7bd0591150dbc85ee813e00155062ac9349ef4688b37fec07c81d548766c1964073c8ff8f44c6e41f793df465a3a6696f4812869945ad
Score3/10 -
-
-
Target
ie/RichMediaViewV1release75.dll
-
Size
85KB
-
MD5
d813e7a8920ea19ca202348d7f4b60ee
-
SHA1
4d6d0af8de81118c1ca2ddc69fd141c7897d8daa
-
SHA256
214dca2d8d9edbf495a0887fdce50658be772e58589133c0280d03b8e8246172
-
SHA512
ef3c37250aa965d5fb06fd3e7b52bcdacc8c7983520850895c691f00a2720f8fa60c215f7418bb3cc12cd612923ff8dfc9958549b257c2d5accc088629e0991b
-
SSDEEP
1536:ipc/9Cs8ekkcEDtqJ6Zk8Dkx4xnLlQkrZEpY:h9eekkcEJqJ6ZQ4xLakrZX
-
-
-
Target
uninstall.exe
-
Size
289KB
-
MD5
7ed07bb7bb4271a4704c76a4ed8d3149
-
SHA1
2efc0f9d078ea835b295813a2f8406658e11ba2c
-
SHA256
19e60f29c7f1176d1dbbd66f927bdc1b05cb30cd6b2d097eb21fa85f82f20125
-
SHA512
a916cadcde598ee0b9cf1e1e33558932d8a494e8be101e0b53427850263d8a5952b808e57ee105d4b59e5b9cfb1db4bb9eb1721d8aa745c6a6d40363ded707c2
-
SSDEEP
6144:Ue34drRg4l8ai5PQtTZ763J8eWW43YLYjn5uO7D32fuCa7Bmh:Arq4OaQQTYJ8eP4/L5uO7D3f5BA
-
Executes dropped EXE
-
Loads dropped DLL
-
-
-
Target
$PLUGINSDIR/aminsis.dll
-
Size
567KB
-
MD5
450753ad96785a240a39deccab3af0d0
-
SHA1
21c544064d2ffa6444508268ce258a330d459fc5
-
SHA256
1c371dcc6c3428ea98fb0d2dcb612b4ebc731f3ed72e683c8e33058cd2a952d3
-
SHA512
c41b834f4228b7668316095569c836b4e0d55c5fbf310c65b0e0453ef0e74a3ce8f9357cea90b80f6590f85dd7708eeb4eec27518811ea4aab20c0e7f5643dab
-
SSDEEP
12288:i/x6GnSkidh7NfMc4G1ppgH81vrKiuu+PUHOGcl5Sbl9B9GUdL:9GnSkWh4G1ppgH81vrBu3MHOGUKfGU
Score3/10 -