Overview

overview

7

Static

static

1

e84a02f4ea...18.vbs

windows7-x64

3

e84a02f4ea...18.vbs

windows10-2004-x64

7

Analysis

  • max time kernel
    136s
  • max time network
    135s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    08/04/2024, 19:58

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    e84a02f4ea77641cb666e08fd5351260_JaffaCakes118.vbs

  • Size

    674B

  • MD5

    e84a02f4ea77641cb666e08fd5351260

  • SHA1

    302b2c77d6305a992fb47792f00daa649ab4cfa1

  • SHA256

    4d5f926aa8496bfcaf1bb2413b049d55990cf243a3d2dc6bfd3e0849a5af827e

  • SHA512

    80254198d873979249e60a4e4804dca05567bbdddcc52120ec4401b60f4e5c4d1e147609bb38506270ee86f3f9d02126b8ef679995dbcc11aa51f485cb8b5479

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 10 IoCs

Processes

  • C:\Windows\System32\WScript.exe
    "C:\Windows\System32\WScript.exe" "C:\Users\Admin\AppData\Local\Temp\e84a02f4ea77641cb666e08fd5351260_JaffaCakes118.vbs"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2732
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" http://www.xsp5.info/index1.htm
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:3032
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3032 CREDAT:275457 /prefetch:2
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2888
    • C:\Windows\System32\WScript.exe
      "C:\Windows\System32\WScript.exe" "C:\Users\Admin\AppData\Local\Temp\smss2.vbs"
      2⤵
        PID:2608

    Network

          MITRE ATT&CK Enterprise v15

          Replay Monitor

          Loading Replay Monitor...

          Downloads

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
            Filesize

            68KB

            MD5

            29f65ba8e88c063813cc50a4ea544e93

            SHA1

            05a7040d5c127e68c25d81cc51271ffb8bef3568

            SHA256

            1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

            SHA512

            e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

            Download Submit

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
            Filesize

            344B

            MD5

            9d50d876553dcb37e584cd8a92be30c1

            SHA1

            2df942d7638bda565b77812ca6b7973fcd0663de

            SHA256

            0ef463b1afdca74c31bf09a90cdf78a173b0ceb3c1b1adedc801b4b45bbc539f

            SHA512

            3c25dd107f6f3881f83f3961bc9be40bebe69d9023057c047ed74ed961fe1986f9b7ee121aaba8ac06166d8ad83ee9a0af53312d395155f1eabafad7abb64557

            Download Submit

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
            Filesize

            344B

            MD5

            6580f59949b3e3ca3334a47f920ceb96

            SHA1

            3216dfa82876323568e8e12ce73b3cb7e2c67634

            SHA256

            1ddd36552b913dcfa419adeb93e61ec956cd05e255f015bedca88f61f9e8699f

            SHA512

            94b09d2e1b1fff8a33bb7a0f8b70a4f6675c14bf70edd0349ae3dec4db7948146359d2cf4e9f259793a7ef27865fd423f052d6a88568a9ae5cbb80b168440637

            Download Submit

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
            Filesize

            344B

            MD5

            549d66c1a07542d3aabe9b6f52fe407e

            SHA1

            2e619ef80f83ff048945d35c8d429180d9ca7a58

            SHA256

            dec4508ab28af05e5e6cf9ac3f347b53928882341650f12556b19c84b71b727d

            SHA512

            9f19667f34dd52edd7c9a256241dafe5422f70fd71fd3b0a542a5c3d7c7627c42aef9725d4c3819d578c20e22b7434ba03f366fa8f75bb8b624c2be327f85869

            Download Submit

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
            Filesize

            344B

            MD5

            6fc306d7a4d527386c6e273265bc94c8

            SHA1

            605f2ee428c0044954cf5e1f0a3ffca57459e33a

            SHA256

            687e80fe5465bdf95bb6aae85d365f8407388e8de17bd956d10174701da710bf

            SHA512

            d6a0610810ef13c2d7c2590ac46521eb5f36f1dbbee50792ca974121fcc4b28046a5fc86f1f24458e88b436f2411a240a47ac45f319dee3fecb71473580136ae

            Download Submit

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
            Filesize

            344B

            MD5

            a713f40c222045c9527508bc02230620

            SHA1

            70fe11e38171bd478e8459d0946a7914195375e4

            SHA256

            965ed3e7190cfa8877f3215ba54aa079dab8f2f9af09428b3b94fda019c11860

            SHA512

            45488cf9c66a22ef6aa1b66a0fb058f7dfeb4c2830e072064d340384e7ae8ed4af3438a53aa707e2b11cadeead5c40c7d06da429a55a9493e42d7a025db69843

            Download Submit

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
            Filesize

            344B

            MD5

            6066c243e7e33a3a9ffbb5ebfa1a98a7

            SHA1

            02b42006086fbf554d1ef860898883d9b928ed09

            SHA256

            c77d791d6d5f4205b6d12fb07777db1304d6a7d9d7094dd5e0e66e179aee52e3

            SHA512

            64eb8f33a5a973ec571cfc50eb4c583da69be3254647e535833bc69d1c4e2f81f4f28e8b6038c5d41a3b60d095e9a26a06c2f1c945e63e8d9c5d750aefde6738

            Download Submit

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
            Filesize

            344B

            MD5

            60e1658c01813129f65ba6d3036e5240

            SHA1

            75a8a87135b8c096ade5e84891358effec789b90

            SHA256

            8159862297643b348cf0457b03410f1f85948fe80e6baba03d82f793044dd818

            SHA512

            2f4c979a6671fbbe6d0f33c4df407928efe60cebf367370a82564089c094e2f9eb7391007e128186df8c406e83c05516f98c4796d38d338d0cdb656a045162b8

            Download Submit

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
            Filesize

            344B

            MD5

            f63c8347ea4c2056c97286db3f04667a

            SHA1

            197ac1265070914f63f5fdaebe89fcf4b95a4cb7

            SHA256

            a3f2a33626f23da1ffba7aa5214efa71e903f88e4cd4473f034c1667540ea702

            SHA512

            88a75bd27a19e24aedebd2d95a72a2cdb3c637060d696086ab6fe632ae0e3d307bce3f0a0ceef8267f56400c846942a4094753b6133a32330966b2d68f508f80

            Download Submit

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
            Filesize

            344B

            MD5

            17beace14d4b06e108fc8bafb8f1a864

            SHA1

            610cc2fbd34ab96fc4723b467afed3d98cffae8a

            SHA256

            60ec07887343b12809d7b9d5519f356c6d26e730ead849f1f0c99a7d8e6c2583

            SHA512

            c8ae034945cde3db1b0fb1c3eb913212dca38ff0ea72032a4ebf061f35d22007a0d8548d4737a2f3ee16d2983036a04c5892991ab4ec3a50a4eb94d7a307d3f1

            Download Submit

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
            Filesize

            344B

            MD5

            d0f1ba879368087aa38cb818474c1ac2

            SHA1

            c615affc9c062f6941c6cffdef6691ae9c8ceac6

            SHA256

            ea3bd6599a23e803955b10b371fe9023c151a77f4b985e58bd248c02453f387d

            SHA512

            95e3ff524975ea5b0dccf1c2906e597e011c29f5d71c7a691ac4540f48e72826e3a81593618539ec078eb249552f5e69f86dd41f8df869a88fec470478a55acc

            Download Submit

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
            Filesize

            344B

            MD5

            e33b9c67a49c2ab134d2ef32422046ed

            SHA1

            2d4cd777c08900a1c7218b9837a0a30ec65d6be6

            SHA256

            e5476663b07806da042bfc995750543e63421d44038e5d1d8e258c0f75d4603c

            SHA512

            0416f62f1610dcdee9b55ee6dc80e55a4d503157a970c6d5c11c2ea7a00d5da6d3a791ff093fec29a038dfc32510f3db6ede7220a6c635f731e5ed52fcd356f8

            Download Submit

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
            Filesize

            344B

            MD5

            1df03731d1fa0df60e961eb1f60988aa

            SHA1

            0d3e113caabe3fa6751c6dfce9ca8dc3721e88f6

            SHA256

            7139e108361e5ccf05caa7fc072304b0b363cd0c95353285dcdaddbf3f109220

            SHA512

            537e7d52a7bcd684f75ff56344e9f51bf389d6978889e0125c26a8fd3a8772dbf3591f2861bfe96870afaf79e0d34482574ce5327192b312016a54c0d7518dfb

            Download Submit

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
            Filesize

            344B

            MD5

            eaba1bff4825a02bf737e7ee3c8d2c60

            SHA1

            0bcba846f277b90757a450c81082f74172097172

            SHA256

            4bd6226d82533aec0a65d46b2790c2dc11fcc228eb97855093cc101fb8407eb6

            SHA512

            97d9d116984b7e50a418c7075b4776c263fb659825c4f4aaa5dac4fc494f3789421450c7175898202fd086ab8ae2dd341daaed6ab9ef51a972d9d77950edb56b

            Download Submit

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
            Filesize

            344B

            MD5

            c17ae1cd7b9ac5ae14330fbd44cc9800

            SHA1

            645f695b453b00264eeafbfa40c1e1e44db52d77

            SHA256

            8cb3f043c3c04761d04578e7b07b8bde1b62271024081ab845270d96b494ac81

            SHA512

            6e8fc68608ee2a6bac55a909353dd871608ab3f558cd8034fb05c48b5ad5c0bca62757c0a9fcefa626fe2de875acd1ee6beca6c123a60e509d386a5f2da2c7b5

            Download Submit

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
            Filesize

            344B

            MD5

            03e5d157b40f33a7cfcb528211221978

            SHA1

            28d722cc845ee58b555cb68755d3a22ad6524e16

            SHA256

            2160887c6858af461571835a9efa660576cbd02afa115993651105f658077a3d

            SHA512

            090b606551ffdb89b42281f24228f0f68cd1b38283ae97b1164e0ab0b73a5266ef6ff141c9cd18faf6e766607c71d70a50a8ffbb908473778c4fb51d3d105c9f

            Download Submit

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
            Filesize

            344B

            MD5

            4320cefea5b3c8e391f5e9da40a8685e

            SHA1

            1a18deb85424715d2524f6a8fff17c090280d17d

            SHA256

            2fb8972eb0819ea5dbc5edec7bde890d41c28ce5609eefc23e6569b27f3a308b

            SHA512

            05281d3a12ddf3757e8038933e4849368e619221974fa616d7f827e90e210d795b1374278b2544a9dd0b857fbf2dd84dd89fe671979bb4e13dd537dfc7c56c5e

            Download Submit

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
            Filesize

            344B

            MD5

            818bd8007d08ffd5d9f94e38f72908c6

            SHA1

            915566ec56e0d69ab11632b83821e210370aade5

            SHA256

            f0ab9879ea3c4a5aaf2f40c5c51188c81a6b2e00bf9eed3e3121354686d9b9d9

            SHA512

            1400459c788994d8719bf206835179009b454c4cb9efb27cdbea4fb282686fe36ebfcc44561d43f0e620c250fa59e916398fa7f78ccce0e0041114ac4cc5cd4d

            Download Submit

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
            Filesize

            344B

            MD5

            995e21ee9517ed0068601d4b56cc3dd7

            SHA1

            9a9071fbe690be2b01c85600d53ca45fa7d69107

            SHA256

            de575da23a7489571849b91bb06af4a6739125c0630fb4b82ca95489888c240d

            SHA512

            606cbc1f83d55d8147d98fcedb3eb80f8aab69eae22657252b66a0b2f8c5624d76669ab3e8745fb69eb1c67f3c367b1630c04ea32a863d7c16fc5eafc1da8a5d

            Download Submit

          • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
            Filesize

            344B

            MD5

            5df7f7ac8a2fe32908b09962759c84ae

            SHA1

            323d1fefdf4957087d65c85a8df612083c184717

            SHA256

            d9f7cecc984334e7e757158559ea12f1bba3b15f9027d02d1fccc26d16f3b3d6

            SHA512

            3d24d5bb29deb0548b5f10b1b2c5f070bb71a5cf74bf80f103bfa16fbdf82c769c2e70d745724c8cc29098132e8fcda0acf57b443767dfdefb5ecd19816dca66

            Download Submit

          • C:\Users\Admin\AppData\Local\Temp\Cab9B18.tmp
            Filesize

            65KB

            MD5

            ac05d27423a85adc1622c714f2cb6184

            SHA1

            b0fe2b1abddb97837ea0195be70ab2ff14d43198

            SHA256

            c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

            SHA512

            6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

            Download Submit

          • C:\Users\Admin\AppData\Local\Temp\Tar9C59.tmp
            Filesize

            177KB

            MD5

            435a9ac180383f9fa094131b173a2f7b

            SHA1

            76944ea657a9db94f9a4bef38f88c46ed4166983

            SHA256

            67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

            SHA512

            1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

            Download Submit