Overview

overview

10

Static

static

3

JaffaCakes...78.exe

windows7-x64

7

JaffaCakes...78.exe

windows10-2004-x64

7

$PLUGINSDI...lW.dll

windows7-x64

3

$PLUGINSDI...lW.dll

windows10-2004-x64

3

$PLUGINSDI...-1.exe

windows7-x64

3

$PLUGINSDI...-1.exe

windows10-2004-x64

3

$PLUGINSDI...on.dll

windows7-x64

3

$PLUGINSDI...on.dll

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...eg.dll

windows7-x64

3

$PLUGINSDI...eg.dll

windows10-2004-x64

3

$PLUGINSDI...pp.dll

windows7-x64

3

$PLUGINSDI...pp.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...ch.exe

windows7-x64

7

$PLUGINSDI...ch.exe

windows10-2004-x64

7

$PLUGINSDI...en.exe

windows7-x64

7

$PLUGINSDI...en.exe

windows10-2004-x64

7

$PLUGINSDI...86.exe

windows7-x64

7

$PLUGINSDI...86.exe

windows10-2004-x64

7

AV MP3 Pla...er.exe

windows7-x64

3

AV MP3 Pla...er.exe

windows10-2004-x64

10

AVDataPr.dll

windows7-x64

3

AVDataPr.dll

windows10-2004-x64

3

AVFunnySpaceCtrl.dll

windows7-x64

3

AVFunnySpaceCtrl.dll

windows10-2004-x64

3

AVOrganizerCtrl.dll

windows7-x64

3

AVOrganizerCtrl.dll

windows10-2004-x64

3

AVRegLib.dll

windows7-x64

3

AVRegLib.dll

windows10-2004-x64

3

Analysis

  • max time kernel
    93s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
  • submitted
    18-01-2025 08:18

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    JaffaCakes118_a4a4ad40a0647cd5660ac59795045678.exe

  • Size

    9.6MB

  • MD5

    a4a4ad40a0647cd5660ac59795045678

  • SHA1

    8b643d793b216a85656f620d7c2fdc2a55cd72db

  • SHA256

    177da7fd9ca1cd14410bad2c87ae228ce5f234e9c0cbc375c399a929eab49f52

  • SHA512

    d8a6a417969ce2870bef96e4fe190031617826789e9c6746e5674379a9c58f8afb88ad33869fb03486613b9de1e82b8e3da775a2ba610dd7a08282ee23453a32

  • SSDEEP

    196608:RE0866zpZkXdiEMNig49X83sSW46wh/OvvRUyMmcyrpSm4Iv34j8pOZhl2IwYCHd:RR87p84HL49XBt46IOv6yMmx193npOZQ

Score
7/10
discovery

Malware Config

Signatures

  • Loads dropped DLL 2 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery

Processes

  • C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_a4a4ad40a0647cd5660ac59795045678.exe
    "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_a4a4ad40a0647cd5660ac59795045678.exe"
    1⤵
    • Loads dropped DLL
    • System Location Discovery: System Language Discovery
    PID:3200

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\nsqBB24.tmp\GetVersion.dll
    Filesize

    13KB

    MD5

    ae85debc48eee67767735e22fbcabd4f

    SHA1

    7816874fb0ac1636ef405ac10d726835cdc9619b

    SHA256

    bb7e0835019c837df5bce018cafd29efd179ac92530c92f42bc55dca6848a203

    SHA512

    01f7108b63d0aef3ef49e851a1a6738d5a02e4e1505bebe81a96fc48304faaa79cc1e0b6c9479175d349461d3995a6d7ecf2fab49799e3521491f306bfeef07b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\nsqBB24.tmp\InstallOptions.dll
    Filesize

    15KB

    MD5

    67d8f4d5acdb722e9cb7a99570b3ded1

    SHA1

    f4a729ba77332325ea4dbdeea98b579f501fd26f

    SHA256

    fa8de036b1d9bb06be383a82041966c73473fc8382d041fb5c1758f991afeae7

    SHA512

    03999cc26a76b0de6f7e4e8a45137ee4d9c250366ac5a458110f00f7962158311eea5f22d3ee4f32f85aa6969eb143bdb8f03ca989568764ed2bc488c89b4b7f

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\nsqBB24.tmp\ioSpecial.ini
    Filesize

    1KB

    MD5

    5ef56af6f9fdd8d69b940de8d72f4ca8

    SHA1

    09babfa319118942495c916cabdcca4a78ea705b

    SHA256

    310b818d5407bb4abf03881121ddee5a535ac443d1823c792e54e45a1cb90611

    SHA512

    8990b176093010fe3b20e740d7af7114fb5c3454af92aa9f45b5e4a8c20cebf0e886430a276f946e9959fa442c833a9bba8fe6645bf48a06d0621dece27fd977

    Download Submit