3bd9900a0627f2272f3db752bfddceb1d0f94103fb49c2c3b7eee1f3397501ae

Analysis

max time kernel
118s
max time network
119s
platform
windows7_x64
resource
win7-20240215-en
resource tags

arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
submitted
17-04-2024 09:33

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

f57954605f62e9f608a5ffb41e17f0f2_JaffaCakes118.exe
Size

483KB
MD5

f57954605f62e9f608a5ffb41e17f0f2
SHA1

5e232b33d85e606199669cdb3b693b0f41c5bf5e
SHA256

3bd9900a0627f2272f3db752bfddceb1d0f94103fb49c2c3b7eee1f3397501ae
SHA512

2fb43e05cd4327c64ab313d7873ae099a4ea63f69ddd5ead7b28d383d48d23f0fc5cc0cd31cad5dc1e4a53bc4fba1c3adf1535345f3968820f49fb2085389957
SSDEEP

12288:++Iz16fjXaBix1c60yqPOV4uOeinggFQFg:C14APOzAgg2Fg

Score

6^/10

Malware Config

Signatures

Drops desktop.ini file(s) 6 IoCs

description	ioc	Process
File opened for modification	\??\c:\Program Files\desktop.ini	f57954605f62e9f608a5ffb41e17f0f2_JaffaCakes118.exe
File created	\??\c:\$Recycle.Bin\S-1-5-21-2248906074-2862704502-246302768-1000\desktop.ini	f57954605f62e9f608a5ffb41e17f0f2_JaffaCakes118.exe
File opened for modification	\??\c:\$Recycle.Bin\S-1-5-21-2248906074-2862704502-246302768-1000\desktop.ini	f57954605f62e9f608a5ffb41e17f0f2_JaffaCakes118.exe
File created	\??\c:\Program Files\Common Files\Microsoft Shared\Stationery\Desktop.ini	f57954605f62e9f608a5ffb41e17f0f2_JaffaCakes118.exe
File opened for modification	\??\c:\Program Files\Common Files\Microsoft Shared\Stationery\Desktop.ini	f57954605f62e9f608a5ffb41e17f0f2_JaffaCakes118.exe
File created	\??\c:\Program Files\desktop.ini	f57954605f62e9f608a5ffb41e17f0f2_JaffaCakes118.exe

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File opened for modification	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Scene_loop.wmv	f57954605f62e9f608a5ffb41e17f0f2_JaffaCakes118.exe
File created	\??\c:\Program Files\Internet Explorer\en-US\F12Resources.dll.mui	f57954605f62e9f608a5ffb41e17f0f2_JaffaCakes118.exe
File opened for modification	\??\c:\Program Files\Java\jdk1.7.0_80\bin\javadoc.exe	f57954605f62e9f608a5ffb41e17f0f2_JaffaCakes118.exe
File opened for modification	\??\c:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Guayaquil	f57954605f62e9f608a5ffb41e17f0f2_JaffaCakes118.exe
File opened for modification	\??\c:\Program Files\Common Files\Microsoft Shared\ink\es-ES\tabskb.dll.mui	f57954605f62e9f608a5ffb41e17f0f2_JaffaCakes118.exe
File opened for modification	\??\c:\Program Files\Common Files\Microsoft Shared\ink\he-IL\tipresx.dll.mui	f57954605f62e9f608a5ffb41e17f0f2_JaffaCakes118.exe
File created	\??\c:\Program Files\Common Files\Microsoft Shared\ink\hwrfrash.dat	f57954605f62e9f608a5ffb41e17f0f2_JaffaCakes118.exe
File created	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_babypink_Thumbnail.bmp	f57954605f62e9f608a5ffb41e17f0f2_JaffaCakes118.exe
File created	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\blackbars80.png	f57954605f62e9f608a5ffb41e17f0f2_JaffaCakes118.exe
File opened for modification	\??\c:\Program Files\Java\jdk1.7.0_80\lib\javafx-doclet.jar	f57954605f62e9f608a5ffb41e17f0f2_JaffaCakes118.exe
File opened for modification	\??\c:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\META-INF\MANIFEST.MF	f57954605f62e9f608a5ffb41e17f0f2_JaffaCakes118.exe
File opened for modification	\??\c:\Program Files\Common Files\Microsoft Shared\ink\hwrcatlm.dat	f57954605f62e9f608a5ffb41e17f0f2_JaffaCakes118.exe
File opened for modification	\??\c:\Program Files\Common Files\System\msadc\de-DE\msadcor.dll.mui	f57954605f62e9f608a5ffb41e17f0f2_JaffaCakes118.exe
File created	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\4to3Squareframe_Buttongraphic.png	f57954605f62e9f608a5ffb41e17f0f2_JaffaCakes118.exe
File opened for modification	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\content-foreground.png	f57954605f62e9f608a5ffb41e17f0f2_JaffaCakes118.exe
File opened for modification	\??\c:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Ho_Chi_Minh	f57954605f62e9f608a5ffb41e17f0f2_JaffaCakes118.exe
File created	\??\c:\Program Files\Common Files\Microsoft Shared\MSInfo\de-DE\msinfo32.exe.mui	f57954605f62e9f608a5ffb41e17f0f2_JaffaCakes118.exe
File opened for modification	\??\c:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\sr.pak	f57954605f62e9f608a5ffb41e17f0f2_JaffaCakes118.exe
File opened for modification	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\Memories\Notes_content-background.png	f57954605f62e9f608a5ffb41e17f0f2_JaffaCakes118.exe
File opened for modification	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\1047x576_91n92.png	f57954605f62e9f608a5ffb41e17f0f2_JaffaCakes118.exe
File opened for modification	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsScenesBackground.wmv	f57954605f62e9f608a5ffb41e17f0f2_JaffaCakes118.exe
File opened for modification	\??\c:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Winnipeg	f57954605f62e9f608a5ffb41e17f0f2_JaffaCakes118.exe
File opened for modification	\??\c:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.core_5.5.0.165303\feature.xml	f57954605f62e9f608a5ffb41e17f0f2_JaffaCakes118.exe
File created	\??\c:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\tipresx.dll.mui	f57954605f62e9f608a5ffb41e17f0f2_JaffaCakes118.exe
File created	\??\c:\Program Files\Common Files\System\ado\es-ES\msader15.dll.mui	f57954605f62e9f608a5ffb41e17f0f2_JaffaCakes118.exe
File opened for modification	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyMainBackground.wmv	f57954605f62e9f608a5ffb41e17f0f2_JaffaCakes118.exe
File created	\??\c:\Program Files\Common Files\System\msadc\de-DE\msaddsr.dll.mui	f57954605f62e9f608a5ffb41e17f0f2_JaffaCakes118.exe
File created	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\Push\NavigationUp_SelectionSubpicture.png	f57954605f62e9f608a5ffb41e17f0f2_JaffaCakes118.exe
File opened for modification	\??\c:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Kuala_Lumpur	f57954605f62e9f608a5ffb41e17f0f2_JaffaCakes118.exe
File created	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\content-background.png	f57954605f62e9f608a5ffb41e17f0f2_JaffaCakes118.exe
File opened for modification	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\Performance\title_trans_scene.wmv	f57954605f62e9f608a5ffb41e17f0f2_JaffaCakes118.exe
File opened for modification	\??\c:\Program Files\Google\Chrome\Application\106.0.5249.119\chrome.exe.sig	f57954605f62e9f608a5ffb41e17f0f2_JaffaCakes118.exe
File created	\??\c:\Program Files\Internet Explorer\en-US\eula.rtf	f57954605f62e9f608a5ffb41e17f0f2_JaffaCakes118.exe
File opened for modification	\??\c:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\CET	f57954605f62e9f608a5ffb41e17f0f2_JaffaCakes118.exe
File opened for modification	\??\c:\Program Files\7-Zip\Lang\en.ttt	f57954605f62e9f608a5ffb41e17f0f2_JaffaCakes118.exe
File created	\??\c:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\base_altgr.xml	f57954605f62e9f608a5ffb41e17f0f2_JaffaCakes118.exe
File opened for modification	\??\c:\Program Files\Common Files\System\msadc\en-US\msadcor.dll.mui	f57954605f62e9f608a5ffb41e17f0f2_JaffaCakes118.exe
File opened for modification	\??\c:\Program Files\Common Files\Microsoft Shared\Stationery\Month_Calendar.emf	f57954605f62e9f608a5ffb41e17f0f2_JaffaCakes118.exe
File opened for modification	\??\c:\Program Files\Common Files\Microsoft Shared\Stationery\Notebook.jpg	f57954605f62e9f608a5ffb41e17f0f2_JaffaCakes118.exe
File opened for modification	\??\c:\Program Files\7-Zip\Lang\af.txt	f57954605f62e9f608a5ffb41e17f0f2_JaffaCakes118.exe
File created	\??\c:\Program Files\Common Files\Microsoft Shared\ink\en-US\mshwLatin.dll.mui	f57954605f62e9f608a5ffb41e17f0f2_JaffaCakes118.exe
File created	\??\c:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\keypad\ea.xml	f57954605f62e9f608a5ffb41e17f0f2_JaffaCakes118.exe
File opened for modification	\??\c:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Araguaina	f57954605f62e9f608a5ffb41e17f0f2_JaffaCakes118.exe
File opened for modification	\??\c:\Program Files\Common Files\Microsoft Shared\ink\lv-LV\tipresx.dll.mui	f57954605f62e9f608a5ffb41e17f0f2_JaffaCakes118.exe
File opened for modification	\??\c:\Program Files\Common Files\System\Ole DB\de-DE\sqlxmlx.rll.mui	f57954605f62e9f608a5ffb41e17f0f2_JaffaCakes118.exe
File opened for modification	\??\c:\Program Files\Google\Chrome\Application\106.0.5249.119\mojo_core.dll	f57954605f62e9f608a5ffb41e17f0f2_JaffaCakes118.exe
File created	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\NavigationLeft_ButtonGraphic.png	f57954605f62e9f608a5ffb41e17f0f2_JaffaCakes118.exe
File created	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\1047x576black.png	f57954605f62e9f608a5ffb41e17f0f2_JaffaCakes118.exe
File created	\??\c:\Program Files\Internet Explorer\iexplore.exe	f57954605f62e9f608a5ffb41e17f0f2_JaffaCakes118.exe
File opened for modification	\??\c:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Antarctica\Vostok	f57954605f62e9f608a5ffb41e17f0f2_JaffaCakes118.exe
File opened for modification	\??\c:\Program Files\Common Files\Microsoft Shared\ink\Content.xml	f57954605f62e9f608a5ffb41e17f0f2_JaffaCakes118.exe
File opened for modification	\??\c:\Program Files\Common Files\System\msadc\ja-JP\msdaremr.dll.mui	f57954605f62e9f608a5ffb41e17f0f2_JaffaCakes118.exe
File opened for modification	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\16to9Squareframe_SelectionSubpicture.png	f57954605f62e9f608a5ffb41e17f0f2_JaffaCakes118.exe
File created	\??\c:\Program Files\Common Files\System\msadc\ja-JP\msaddsr.dll.mui	f57954605f62e9f608a5ffb41e17f0f2_JaffaCakes118.exe
File opened for modification	\??\c:\Program Files\Java\jdk1.7.0_80\jre\bin\jp2iexp.dll	f57954605f62e9f608a5ffb41e17f0f2_JaffaCakes118.exe
File created	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyMainBackground_PAL.wmv	f57954605f62e9f608a5ffb41e17f0f2_JaffaCakes118.exe
File created	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyScenesBackground.wmv	f57954605f62e9f608a5ffb41e17f0f2_JaffaCakes118.exe
File opened for modification	\??\c:\Program Files\Java\jdk1.7.0_80\bin\servertool.exe	f57954605f62e9f608a5ffb41e17f0f2_JaffaCakes118.exe
File created	\??\c:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\auxpad\auxbase.xml	f57954605f62e9f608a5ffb41e17f0f2_JaffaCakes118.exe
File opened for modification	\??\c:\Program Files\Common Files\Microsoft Shared\ink\hwrusash.dat	f57954605f62e9f608a5ffb41e17f0f2_JaffaCakes118.exe
File opened for modification	\??\c:\Program Files\DVD Maker\Shared\DissolveAnother.png	f57954605f62e9f608a5ffb41e17f0f2_JaffaCakes118.exe
File created	\??\c:\Program Files\Common Files\System\Ole DB\oledb32r.dll	f57954605f62e9f608a5ffb41e17f0f2_JaffaCakes118.exe
File created	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_postage_Thumbnail.bmp	f57954605f62e9f608a5ffb41e17f0f2_JaffaCakes118.exe
File created	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\NavigationRight_SelectionSubpicture.png	f57954605f62e9f608a5ffb41e17f0f2_JaffaCakes118.exe

C:\Users\Admin\AppData\Local\Temp\f57954605f62e9f608a5ffb41e17f0f2_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\f57954605f62e9f608a5ffb41e17f0f2_JaffaCakes118.exe"
1⤵
- Drops desktop.ini file(s)
- Drops file in Program Files directory
PID:2364

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\osetup.dll

Filesize
6.0MB

MD5
4afca9252f31bea2b9a455eb6c21c2a7

SHA1
b582d1c374858edb477251c355b845dd9d3aee45

SHA256
dfe2cfe09a621b97679792338ae46e25e044521c1e64d237ec8a3eb66cf694e3

SHA512
ee3a7f6aa84f4c6c9050e9f1d2a82cc890638d30da05eab337cfb14785a881c06a1f6489c71e99a5e82939280cb363765aeeb71e892238c6ce913efbc9aca82b

Download Submit
C:\Program Files\Java\jdk1.7.0_80\jre\lib\fonts\LucidaSansRegular.ttf

Filesize
5B

MD5
b5b682b742431a52ea8b17c72ad9c572

SHA1
326320f469235708c59f678c9a7357dca552d306

SHA256
30d9045a9f172208b13161d1f5204e5787e5e07bfbb4f490d0041b03b7f44f76

SHA512
4e1bd7cc616b3115baf6be7ebd29fe2d1123bc0f25464865a0cf9207b0344fba70747a5ce6f00e8d9c696881f6db1e12f81736bc748b6f2b60bf84c681a49163

Download Submit
C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\META-INF\eclipse.inf

Filesize
62B

MD5
f6dbc4b34179e10f9b6c0e2d5d24c2c6

SHA1
1c53d71700022886c41b568a9514924fd3c1c62b

SHA256
05df06e24037881941804db6ca15f7a25dd10a536b0f642e7a3d09de07256206

SHA512
25a2bc555f2e49610a0490377bf687188f7e13931cbd8e29482584e552b65a2e51fe84fa5153825517a011d7b65df831911c302ae482b23fa0b118524e8af24b

Download Submit
memory/2364-0-0x0000000000400000-0x000000000040B000-memory.dmp

Filesize
44KB

Download
memory/2364-1152-0x0000000000400000-0x000000000040B000-memory.dmp

Filesize
44KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads