Overview

overview

7

Static

static

3

fa37c09237...18.exe

windows7-x64

7

fa37c09237...18.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    134s
  • max time network
    132s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    19-04-2024 11:40

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    fa37c092379b143321d4cccd60dff897_JaffaCakes118.exe

  • Size

    32KB

  • MD5

    fa37c092379b143321d4cccd60dff897

  • SHA1

    e4e055346ac72e5f937fb8a73248636a4f6f859d

  • SHA256

    13b6f0e2ec7c0e2b33c2f8392ec326c2009d1fbbccf3c4e07dc598092024e7b5

  • SHA512

    41f3c1281924f1bdfcc23d3870fe8431a08dffdcaf555d2b08c42a7df413c2088f26710f93a380929d1cef21406ea424bc1037e167800bea70a216b847f0f852

  • SSDEEP

    384:zwLLDtK1SWPU3ftBSwI3HwdfNfnCcAVndVnyuHeTqJZlJP+/+H1WEPP:8rtK1FPU31wwI3wdxCccdVyeZZlgWHj3

Score
7/10

Malware Config

Signatures

  • Checks computer location settings 2 TTPs 1 IoCs

    Looks up country code configured in the registry, likely geofence.

  • Drops file in Windows directory 1 IoCs
  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\fa37c092379b143321d4cccd60dff897_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\fa37c092379b143321d4cccd60dff897_JaffaCakes118.exe"
    1⤵
    • Checks computer location settings
    • Drops file in Windows directory
    • Suspicious use of WriteProcessMemory
    PID:1632
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" NOTFOUND
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:3028
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3028 CREDAT:275457 /prefetch:2
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2580

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d67f55abb8bc2e2d34a3b2eedf83f3b3

    SHA1

    4ea793fcfd3889012a9e6ee3a133826b69cc1e15

    SHA256

    d9215e8495cf85bfa8f5927fcdd72a5fc0aa844bb4374654e990aa93cb370f92

    SHA512

    d5ff08e603a9e29f83a8cec4beafd2626b6e19144045090e7b97c0548a7d89a4fbbd66ef5eb1d3512648e8c4742c8b5b43eae6da20d690593a8bddd4e55a72ba

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6f2e14cf852708d2a4552b78fc0e1d25

    SHA1

    e62b67ac6a2c67540d3af38e6e1d79ccbcfb0564

    SHA256

    5a499409fb57783c3c688918900da26e37782767b7094e8f9391526a2c80fc49

    SHA512

    b2960ebb61d7cbbb611b6aa8443b317bd01bc2470931e36d996e5a30fc966ab0d34427914ade1102defe3719ba39203e75c6571b6f1c6f15e968ace40409de8f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    378afc1c87d4249a5f2a6f67f1ad4d28

    SHA1

    d4efefde4105f9c73f3866f7b06ca47304ac2308

    SHA256

    ce75e2126b0bcc5a56d4dee465e8ad7c4531a8e45a6fc94677cce000f23a1c25

    SHA512

    01f121cfeabbbed820f7d5527b0430d1f40a70a86272d4948f2e44437c91cf3a9e094931646bcff2c47e94d1b6cf035ece74a948f504c6050b5c4b3a28bb3aa8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    affdb4acd9392b987d61c31d464767c4

    SHA1

    7acf2aa5f2d46e1669608897bf1e2403d43abc4b

    SHA256

    066e51f35a6ff17e14a9429a06f02d0aae03b81b91bac288540671b5a5f2b814

    SHA512

    f03ddbd751d0543d785f5d1bb7f0811116d5325d15ddcd33d7c40579117d2d08b191e05e37af611778dfe368a39432206df88470646e9773e4cb1ede1b9cd5ff

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4183bb228c896fbdf98023a1cde82490

    SHA1

    d4fa7d783bd3443bdf2018a358ee419c3fc57e4c

    SHA256

    773dc35cee7e40ff91b9bc900f2daf2e5b3a63d0db70d3cf785ccf80d180e50b

    SHA512

    e87377500b1a629d9409d2f3f9cc7729f69844d63d840699df91578918aca107e3fba158459821de79ab415dcf066b77d7536d0dbde980af3660567bf525b29d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ccc53b5285fbc10e9ebe877572d2727a

    SHA1

    a4dbc73ae358228793edb27012240af18fc63caf

    SHA256

    b84bf34c910bacdd92ba70a98d87f18c71aae1723c416a3ea08b427b14ffc8bb

    SHA512

    76c19f3f5a55c66bc9991aaf803213c83f3a38ca85deec4ea1cb0830779817ef7923d72dc2d82014632a8fb3bcd47acb45586dec09aacb61bf04b5cabee10c04

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b6132e9fd3f1e8fe88bb34b8baa60bb1

    SHA1

    6b7dff8d0a6574e7126793b4415d955a8237f04d

    SHA256

    2a0a0c4aca43e1a1e6fd636a943df6bf0638db5551b3888d22d601468ce27ad7

    SHA512

    99a9c96cf267f0b666fd8c8825ed293bab7f4c8376c186f1162f97e55cdcd9f6f94394ceee20467dfe9e6e8ed61762f1ef756143aa0a3c2acba9fe05c1b048c6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c43b533cbd6bfc047e1fca5bcabad38e

    SHA1

    773b8b57b0e73535dfa5d893c2d8fd66e44a8e58

    SHA256

    268411216ce799147e96b51e4c3ad2b3ae34df7a0bfba8565576c80565636106

    SHA512

    526c9be08341f9e42da783815c4797897308ff1b0bc00c6d5ad8335dced60c625dfc7e65a4a066c98614efb880225b491f3ad599dbb63d60dd685ac64eea282c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    43b4aa74b224df8e70e83c1a89f7ea06

    SHA1

    3017abb539846b951cf764261691b93f86683857

    SHA256

    2379d7d96b7c9a810f98f3ac774d92424cdc8d5ea28eeaeecfb1e1dca7fc1aa9

    SHA512

    cd85238774c2a9814b3954578d8dc1b25ed17806a4ab1fb1f6aaa51f3a189eaf91ba51708cb9af4d6325c3d3da3ad19fe0a77231d1dca14aacb5c1226ff48298

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9eed0f09d35e1ff0e8a6b508e14db0f9

    SHA1

    d64490347a6c286ea550b198c4d0bd012e6e43f8

    SHA256

    40dd4c0feb5ea202f2e9b43a06ca0b92c1ef98274b4bf2e94522e07d6a6535c5

    SHA512

    3018aa81d9cd6777fcfc9d77cb8a5b9aa401f8549837024b30cc4961d27b6de5b5e8e3f64e983b95a8a0ac16ef9ee4c96d2d1ad3f347016a5cd0e8e55ab9173e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6a82b271115af834c6cab00df4054ed2

    SHA1

    8a8a743ca331cd1209f00ab7b76d8a897f1a2168

    SHA256

    e1594a2910383d83bfa0c506e5de3426eb927693e147d1d89eda02f53b2d9acf

    SHA512

    11af111068433fe7dc7dee4b5e7f95983e6427ed7996b86d73c1ce0b85e646072e707f66ced1974480cda3fe6d9bbb7594d14276e1e09c0d2c6e286539922e6c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2019aa674a48cb67e59e50e6d59a1c37

    SHA1

    a1631152b91cf0e13eb2dfa6481153d87b6bcce0

    SHA256

    b4e16da558e7ea3dac4f10f7eb35592442a7146d26b36b412ac5584fcf3ec9ac

    SHA512

    46e039ebfae5bb7a3d4efc84c9fb22475a4b92143539cb12f1a583460ac64bc27f66bdea593086cebf62879497adfed04a0427148d7bc8b0777856db4806d60e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    11825f60c7b578d311dc730460dab904

    SHA1

    6439bb3a4d8b4fdf87c103ae9f3897ace614f7e5

    SHA256

    4e98c710d855b29aa5a33fde6780fa831c9750bb8b443ced040de85f337ae03e

    SHA512

    9007d0e76218fbc6405ce07658beea1d198c3160381b304f2657cc857d67590f9ddeb9334048352c14f68882b33c9f98f186a500df684671e4ec02daee0f62f6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    00aa0e18f4e54eb687293cb69218d27b

    SHA1

    2459ea1e4b20733c25f2ca16c85e3c4b3b48a423

    SHA256

    2752f68a2f7652c5ac82c97c2627cc7346eec24f3f625526a6ea9851db15b8ed

    SHA512

    cff0c125403eca2a005e40d2d2b340238fd80634cfef3c30d213aef78e835df39514b054a74fd4b1a781f02b5c6ecd4d696caac7e0e8d38388d09a1492028b05

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d70bd12b864b54d0207e38d52fdccf1e

    SHA1

    6916cb2a08bbc7214c66ee8b0e034e899967dc13

    SHA256

    95811f26e6f8c26a155fcc5846d1b1867aac8491d3eb0aae1042fefb34c615bb

    SHA512

    d1e1d9ce5d5b0af8f6533e21e7175c31cd78b9ee18347a92a79cd88935ddf9eafb7b782933c832a7135170b91055293b6de06035aecbb2629bf75118a0d19130

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1295c0b7efcf7ebc77b400d6b7e50ced

    SHA1

    c10406c48a5e9bc90e8337767cbe44c2aef48189

    SHA256

    96f792eaca3918741b89052813ae7442f75a1eba6405bd0f47d2153728a672cd

    SHA512

    7595f5f606a6af85e9d60a0681d1aea8013cc3308f01fc7fc4414547695ef11bd1291a611c0a279cbb65560c4409ff8ddc5bb94d03d17e87780ca83a2be8a9a4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3f545124277350898bc820a091e66776

    SHA1

    e053a1b28d159a506b551560fb70c8564f63313e

    SHA256

    0dd70f7410c0e348febafb885dbf4fda7549b37956f3dcdb6f59db454063bf1b

    SHA512

    0005a0df0ceba109ad5417b372044b895e979e61847fe31d5cfaa85ce6bb51b381aa0f319a66b4cd260dcb568e8361602e0f724c30407f45e5612d1be8dc82c9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5fcf7caad5ada4b532b6feffc51add5f

    SHA1

    574da99a98bb9767bba6615f73966aea0b12943c

    SHA256

    d8078ce207408bdbf1bb4989ebc74ff9644c6b0d90e1630959956d9a69f38f9a

    SHA512

    ee212e00c8a464c9b6ba1ae3d88343f698e2a5832919a008041b014dec6dd59a039aa7744331d22cdca29cfb0523eb0ac3390ac077d57bcd83e5b731ae4028c2

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab896D.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar8A4F.tmp
    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

    Download Submit