Overview

overview

3

Static

static

3

ed27af943d...18.exe

windows7-x64

3

ed27af943d...18.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    119s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    11/04/2024, 10:00

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    ed27af943d5b9ba9ad5f8f7742358cf9_JaffaCakes118.exe

  • Size

    576KB

  • MD5

    ed27af943d5b9ba9ad5f8f7742358cf9

  • SHA1

    ba64b3f9fc0e8c14d24851f33b9d6a82445fe13d

  • SHA256

    38ef5d6327f2fc0d594633f568b8dad682a6ed1a8e1d70b34772fa382c21445d

  • SHA512

    56d03f7f3ab97737249e7a053fd04ad851f53d5d60ed5ec4ce49226fcd0d782a5eec44c79cec4913f42673e092527aba25df577276e45d251b26e08b1f56ef42

  • SSDEEP

    6144:MJobSxSXjp1ZeXO6bFR7IAz7EYyLMbWZseO5uOXaqQs8pHF:MJZCreXO6Rtj6ueOallF

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 8 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\ed27af943d5b9ba9ad5f8f7742358cf9_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\ed27af943d5b9ba9ad5f8f7742358cf9_JaffaCakes118.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2064
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" http://www.52jfxb.com/
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2824
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2824 CREDAT:275457 /prefetch:2
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2060

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
          Filesize

          68KB

          MD5

          29f65ba8e88c063813cc50a4ea544e93

          SHA1

          05a7040d5c127e68c25d81cc51271ffb8bef3568

          SHA256

          1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

          SHA512

          e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          74cd96c32b9a2c27d64f594b11dd1985

          SHA1

          599b0abffbf3bf8bc6904a2a2200a67b887442b3

          SHA256

          7b255c56a496909ce572e03159ad564324be7091e5fa9debe749deef0932eb8e

          SHA512

          cdf70e2c3e3ce72fe4da9470ffaf301df42ba930b6d32ded02e465fb803c0a0e9c98bc3b4616137348903738203a5f1654c2bb9bec658bf6a830a2546c05ae5d

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          47e252970a4fd189a0fe9c907b8fb203

          SHA1

          efa71e712769e2f4865076d63de5e3b1f99dbd92

          SHA256

          8d113ec2d96b94a8f1f95b94dfb4ab8c877229ae8421f8401d462c909ea34242

          SHA512

          059c75e16b5523497a80d0557fbc5573213676826464724003e2140848ef0929a4b58a315930bb7a5f13088639c621c9eb16fbea310d302620318d6e68743855

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          d78be4533861bad41d2a94658f0c39a1

          SHA1

          3583353e01600322c0a2c48ec8d93a75808b35e1

          SHA256

          08b77937b10846b8f6d12e0d9f7b77ca4d38fc1d698dc4c2dfc6ee0d8a69101c

          SHA512

          3f83e5eda9e78a763d4865fdac50d0ee255813cd4ac45e20f59b1a1441f49eff68ec59d0a3eab4397b0848987d834de850e700754b15380925f310bd4b1be1b1

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          c96785b4a0d30c2281ca7e24729b31b2

          SHA1

          ffed27ddcc53e4a7001e3a3a041e6bc6d934a7e5

          SHA256

          82a900073c5971ddd3a2efc3b1d0d5c256b27554e3e4cf0a2b111562a42271da

          SHA512

          233a22f7406f9cb3e14245d9772451f01c13fea75f2d0a486864091b46d3fc2f7dc1d3fee4928cd0d4e476e13f99b09b12e48a1113d145da93f9ebc70b20ac4e

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          b3b0c08f25a21f9742338dce056fbeeb

          SHA1

          d1660ac67c534f3d8d5c8a36bd8c23f071f24559

          SHA256

          9b6316027cd47fad8f19a83f0698e36ec6b6b1c0ddd0ce29d0c86eb5ea975069

          SHA512

          1a96af79c6899020bb6ddc3f9fc613b18fc7adb13959ed4d3f41128aee9c97cd277973f018fdd3a0fb19e72a06347cc5878dd48b94f16065a6b4872ee933cd6d

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          1e10a818ba984622e01a2aeea91dd273

          SHA1

          abd9b52f4a2727fb4f95eb9b75511b657012e06f

          SHA256

          77befce2f46bbe7bc1c0886ec8d0d545aafdc1012b66805a54b760cc540a94b7

          SHA512

          858221402dd80483233bf960cf87d40e1127fc793759e2327202df64eb62f71e00fb0d67c74de3dad2a12cf870e93a88a3fbf03292ed39ebb420d3dc2649fec7

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          83254686e5a73e5e07db12bf2912738d

          SHA1

          af7c7969812ac56c4d1f840273645103cb76a4a7

          SHA256

          1f475c8ff246d059797829ef2269d64536620b6da26736078594f7d4e1f2fa2d

          SHA512

          dee360d00ba8d1f66660328ed80cf8bf48c18eb168e71d08573b041b11c5a17513b4afeabfd3e14216a01a74e9e2321d4718692ee1df16534ebf40b74987513b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          2cde0f9c29639f87e23fe22a9860a68d

          SHA1

          fd2dffe40bdaed4762db0e754152847cb54d71b2

          SHA256

          62d897e7daaa8ab2f97e2c1b0c27299fd21aa2b9ee769624423218104084292a

          SHA512

          a53f9fdcb8d0179ef595087ed1dc7db59e30f618f85662d88a56eedc0a83349daf2a4c414f748b0e7d9d52bc1d25e1e29774b23f904775e4f8ebee7bbe496ee0

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          4f4e912255d6a21d73f51cee69edff05

          SHA1

          f8f404b465ae488b0e8f9e0669142fe77852a13a

          SHA256

          ca9cdcd9392e7aadadb70dad01efb414fcb7394f3971984114599bf644f28d70

          SHA512

          94978bb8ef90f8a1f584ae740774009c70ed0dc725a800c707eb26838ce98746220395fd49e45e7f0fd4dd7b3f9a9b171c110bb4d89365b967d5eaad5a7b37fa

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          0fc747522fd072fdaf2373ef13b78b5f

          SHA1

          c7d1378f1317b29674b07b24aa98b4ef83a6f4e4

          SHA256

          bc032549a2a67cae4c15786668b40bfeb9bae720bb8e8847f4133dc69b5e05ad

          SHA512

          712c4b9ab7c28ea69a96954794d1d085b5b166687b326e0e116a730487859c06a13108c97207c7b477b2fb8bf3f15d240424e3dd9f24fd18389619c0a6317ac9

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          60e5995d93dcb4de7ca018ae6241345a

          SHA1

          0669e254044edad1efe251f631d491dd46fba318

          SHA256

          9f32e8d686ab1ee887ddea363459bac84f7e78d9bb174e04f0649550cae427fb

          SHA512

          b3254bc3325203f0ee37822cdf9ba0b18117a372c7ab3ce40762a3be8c5eccf9d52ea7c7e431510d680b3ea989dac28e676fe3b33762d65b82a32565254db5fe

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          3190a15c46ec49cf672939bf1426ec69

          SHA1

          53f055445b1b8731c862509569aab387edfd64e8

          SHA256

          c7d4d70ab8f9d6aef645a852238c856284d0581a6b41a13823b5caf351154f60

          SHA512

          0beba2f6d9197a0a25e57f72f22be3ceb75dda056709aab69db40bc21ca81c68fd045b05dc234de775b4b541b4d7581bdd18acdf446d0f7340186fe8e0f34991

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          585818c0a64d88583a644ce15cbb2302

          SHA1

          9c09f9a97b8d05a96d33751d8c0321810dff494e

          SHA256

          5cd5a2df8f65cb9a6e8c6dd0f7947ce486df33d4b86d50748fed48d8ed6e68fc

          SHA512

          3a29772fcda6b4ba366002beff1125e1f66bb1a46985e7d813783763d968e6fee1812d97789ea11d17d6bebb68635921f1fc967d67e9fef2c2efdb3addbadbf0

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          febbdb14dfff7f125af938bb786558d6

          SHA1

          e613025cdf5eff222f7f4498c38b420444b775ab

          SHA256

          6bdf0e6deb609ef5567bd1d15ff34de76b84f436d394c8219449215b707eddc3

          SHA512

          da2d91b96f5a21c12719f8c3b5248a2518ae602871c5dff313586a15cd5f4f4f93b47eb907604f3853d595f2280bc521135fa3520a9991116856ba51459e2202

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          601fef3d87a925d34e93c47ad0618e6f

          SHA1

          b346c31f0a745daf2bac0aeca9dea12acea5a712

          SHA256

          12945972c54e74ed86793ecdb247ced014bf138004958dd5d70b2c45c9f7fbe6

          SHA512

          063964308713f419c81f3286d11ec06361219acdeb09ad251db10db0e7a84ecb89be6267fc13c4ebfa42514f8bcc68b5f40a9075cb12fb209113277cdd470969

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          5ba2047c393eec3d98df0c6bee19d18c

          SHA1

          297e4e09d86c542cd25ead86217fa0aeb48afd00

          SHA256

          0e4a98db7241b23b14e31e4d08895bb9ac4f4a1497e0bd56bd4a15526fb02156

          SHA512

          4acfc74a678d9c1d6dda7a2aaace0223c8cf2fd62a9569742c9027bc7549f913c0b4c08b993801a8afe354358e97a325b7915866fec31ff1c65143931303f516

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          1e29b8916dd558ef9642baa87248d26c

          SHA1

          fa7de3093e2e5e23f62310741c88c6e937fc925c

          SHA256

          c68000c6830b4892437c7906b075c37a4b4985ae0562bac42ea9c737d9e63a05

          SHA512

          435a2ec0909f4ed45c1a2a10c68670469a90fc53da1eb3c2cc0e67afdbf7073e284081c47be040b6df66868487bfb19f03c9d5744f67eeabdba1e94f8bba4cd8

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          54ba4164c2cf3f749d652f5558e4bde9

          SHA1

          046e6d36ae2854cc7819815ee8196c106a75819f

          SHA256

          8d25b704993a948f1a1f287235c05082b56d0eb85794bcf3079beb45876f711d

          SHA512

          79d609f6512bb5b9ba000865093b03ba6c17794082ff56899c11cc7e54e615bebc3380a13092d67e5d7ad8897e9cee3b64f2c5f16ff4bb03ae62ff33029582b7

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          ffed06bb7fd81f846e671a465c8325cf

          SHA1

          ae871aa1919a7d3e57d39a6e9465305ab5917b44

          SHA256

          8f49ad601d0aa79e36dffcf7a683913ae6a420946b06ece2d28b7598181158e2

          SHA512

          9b4d66cd5b0cabab2011df4600daeac215d9fddf57ed574fe85a91eaf536e21439137701a8c3c6ff3feb70da513f573c98e7439147010b91bbb2d86660f29007

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          646d4ec2e8fc06a4baf2bdce8eb219dc

          SHA1

          5bcf5d1bee13a4e7ef42305f055c234dcb36594b

          SHA256

          aee4c4c1f162eafda512832b7abc0fe84daf36f6c438c3c06467dddd8d2999b0

          SHA512

          7b7132c4d4912e6204d553873e2ff4fca81a66f93043ce1b87849e8eaf2f773ab2879f6dac6ccb8c2a779e62c21e6c1d1ffe114612fe7fe25082368df62855d1

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Cab4FE7.tmp
          Filesize

          65KB

          MD5

          ac05d27423a85adc1622c714f2cb6184

          SHA1

          b0fe2b1abddb97837ea0195be70ab2ff14d43198

          SHA256

          c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

          SHA512

          6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Tar50F8.tmp
          Filesize

          177KB

          MD5

          435a9ac180383f9fa094131b173a2f7b

          SHA1

          76944ea657a9db94f9a4bef38f88c46ed4166983

          SHA256

          67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

          SHA512

          1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

          Download Submit